Se connecter / S'enregistrer
Votre question

[Résolu] Ouverture de fenêtres intempestives

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
28 Février 2009 18:58:54

Bonjour !

j'ai un problème des fenêtres qui s'ouvre de façon infini.

Est-que quelqu'un peut m'aider? Par où dois-je commencer pour résoudre le problème?

Merci beaucoup!

Autres pages sur : resolu ouverture fenetres intempestives

a c 295 8 Sécurité
28 Février 2009 19:01:38

Salut,

Nous allons déjà regarder où se trouve le soucis.

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit\.
    28 Février 2009 19:22:56

    Bonjour !


    voici le contenu du log :

    Logfile of random's system information tool 1.05 (written by random/random)
    Run by Admin at 2009-02-28 13:19:04
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 231 MB (2%) free of 11 GB
    Total RAM: 511 MB (28% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:19:38, on 2009-02-28
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZONELABS\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\fxssvc.exe
    C:\WINDOWS\system32\TCAUDIAG.exe
    C:\WINDOWS\system32\sstray.exe
    G:\Programmes\WinFast\WFTVFM\WFWIZ.exe
    G:\Programmes\logitech\iTouch\iTouch.exe
    G:\PROGRA~1\logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    G:\Programmes\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    G:\Programmes\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
    C:\Program Files\E-Color\True Internet Color\TICIcon.exe
    G:\Programmes\Nikon\PictureProject\NkbMonitor.exe
    G:\Programmes\PhotoWise\quicklnk.exe
    G:\Programmes\WLAN\802.11 Wireless LAN\WlanMonitor.exe
    G:\Programmes\iPod\bin\iPodService.exe
    G:\Programmes\HP\Digital Imaging\bin\hpqgalry.exe
    C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
    C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Documents and Settings\Admin\Bureau\RSIT (1).exe
    C:\Program Files\trend micro\Admin.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer,SearchAssistant = http://www.google.ca
    R1 - HKCU\Software\Microsoft\Internet Explorer,CustomizeSearch = http://www.google.ca
    R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.ca
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.ca
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://www.google.ca
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    R3 - URLSearchHook: FCToolbarURLSearchHook Class - {85c1dd6e-1181-41f2-9ab2-79d5f46f491b} - C:\Program Files\La barre d'outils AIR MILES\Helper.dll
    R3 - URLSearchHook: (no name) - - (no file)
    O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - G:\Programmes\eBay\eBay Toolbar2\eBayTB.dll (file missing)
    O2 - BHO: {1a5d21dd-1a33-79f8-1904-bde51aaa5d95} - {59d5aaa1-5edb-4091-8f97-33a1dd12d5a1} - C:\WINDOWS\system32\sqtmiv.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: FCTBPos00Pos - {76A20DB7-AAD4-4EFD-AE21-57811E5E49E4} - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O2 - BHO: (no name) - {b7f1a9bf-e277-4b95-9e21-89cd4f87fd03} - C:\WINDOWS\system32\gopikobi.dll (file missing)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - G:\Programmes\eBay\eBay Toolbar2\eBayTB.dll (file missing)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: La barre d'outils AIR MILES - {DC7A75BF-581D-4675-BDCB-D1B35116EB49} - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll
    O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on
    O4 - HKLM\..\Run: [nForce Tray Options] "sstray.exe" /r
    O4 - HKLM\..\Run: [WinFast2KLoadDefault] "rundll32.exe" wf2kcpl.dll,DllLoadDefaultSettings
    O4 - HKLM\..\Run: [WinFast Schedule] G:\Programmes\WinFast\WFTVFM\WFWIZ.exe
    O4 - HKLM\..\Run: [zBrowser Launcher] G:\Programmes\logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [EM_EXEC] G:\PROGRA~1\logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [HP Software Update] "G:\Programmes\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [UVS10 Preload] G:\Programmes\Ulead Systems\Ulead VideoStudio 10\uvPL.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "G:\Programmes\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [hagunipego] Rundll32.exe "C:\WINDOWS\system32\jotogeni.dll",s
    O4 - HKLM\..\Run: [2c29155d] rundll32.exe "C:\WINDOWS\system32\zulagovi.dll",b
    O4 - HKLM\..\Run: [CPM2f1a26c1] Rundll32.exe "c:\windows\system32\wesokaru.dll",a
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [hagunipego] Rundll32.exe "C:\WINDOWS\system32\jotogeni.dll",s (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - Startup: PhotoWise QuickLink.lnk = G:\Programmes\PhotoWise\quicklnk.exe
    O4 - Startup: PowerReg Scheduler.exe
    O4 - Startup: Configuration & Monitor Utility.lnk = ?
    O4 - Global Startup: SATARaid.lnk = ?
    O4 - Global Startup: True Internet Color Icon.lnk = C:\Program Files\E-Color\True Internet Color\TICIcon.exe
    O4 - Global Startup: NkbMonitor.exe.lnk = G:\Programmes\Nikon\PictureProject\NkbMonitor.exe
    O4 - Global Startup: HP Image Zone Fast Start.lnk = G:\Programmes\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = G:\Programmes\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: &eBay Search - res://G:\Programmes\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: *.antimalwareguard.com
    O15 - Trusted Zone: *.gomyhit.com
    O15 - Trusted Zone: *.antimalwareguard.com (HKLM)
    O15 - Trusted Zone: *.gomyhit.com (HKLM)
    O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) - http://www.miniclip.com/igloader/igloader.CAB
    O18 - Protocol: intu-ir2007 - {52BAEC6B-9405-46F9-A131-6D50720A3CC4} - G:\Programmes\ImpotRapide 2007\ic2007pp.dll
    O20 - AppInit_DLLs: sqtmiv.dll c:\windows\system32\wesokaru.dll,C:\WINDOWS\system32\ranolobi.dll
    O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\wesokaru.dll
    O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\wesokaru.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - G:\Programmes\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe

    --
    End of file - 9787 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1417001333-839522115-1010.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22D8E815-4A5E-4DFB-845E-AAB64207F5BD}]
    eBay Toolbar Helper - G:\Programmes\eBay\eBay Toolbar2\eBayTB.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59d5aaa1-5edb-4091-8f97-33a1dd12d5a1}]
    C:\WINDOWS\system32\sqtmiv.dll [2009-02-24 129024]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{76A20DB7-AAD4-4EFD-AE21-57811E5E49E4}]
    FCTBPos00Pos Class - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll [2009-02-15 1256960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-08-14 2403392]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-10-04 737776]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b7f1a9bf-e277-4b95-9e21-89cd4f87fd03}]
    C:\WINDOWS\system32\gopikobi.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-10 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - eBay Toolbar - G:\Programmes\eBay\eBay Toolbar2\eBayTB.dll []
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-08-14 2403392]
    {DC7A75BF-581D-4675-BDCB-D1B35116EB49} - La barre d'outils AIR MILES - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll [2009-02-15 1256960]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "TCASUTIEXE"=TCAUDIAG.exe -on []
    "nForce Tray Options"=sstray.exe /r []
    "WinFast2KLoadDefault"=C:\WINDOWS\system32\wf2kcpl.dll [2003-02-13 626176]
    "WinFast Schedule"=G:\Programmes\WinFast\WFTVFM\WFWIZ.exe [2003-03-27 159744]
    "zBrowser Launcher"=G:\Programmes\logitech\iTouch\iTouch.exe [2004-03-18 892928]
    "EM_EXEC"=G:\PROGRA~1\logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE [2002-07-09 28672]
    "HP Software Update"=G:\Programmes\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]
    "HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
    "UVS10 Preload"=G:\Programmes\Ulead Systems\Ulead VideoStudio 10\uvPL.exe [2006-03-07 36864]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
    "iTunesHelper"=G:\Programmes\iTunes\iTunesHelper.exe [2008-10-01 289576]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600]
    "hagunipego"=C:\WINDOWS\system32\jotogeni.dll []
    "2c29155d"=C:\WINDOWS\system32\zulagovi.dll [2009-02-24 79872]
    "CPM2f1a26c1"=c:\windows\system32\wesokaru.dll [2009-02-24 84992]
    "ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-15 68856]
    "Google Update"=C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-24 133104]
    "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2008-12-19 342848]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]

    C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage
    SATARaid.lnk - C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
    True Internet Color Icon.lnk - C:\Program Files\E-Color\True Internet Color\TICIcon.exe
    NkbMonitor.exe.lnk - G:\Programmes\Nikon\PictureProject\NkbMonitor.exe
    HP Image Zone Fast Start.lnk - G:\Programmes\HP\Digital Imaging\bin\hpqthb08.exe
    HP Digital Imaging Monitor.lnk - G:\Programmes\HP\Digital Imaging\bin\hpqtra08.exe

    C:\Documents and Settings\Admin\Menu Démarrer\Programmes\Démarrage
    PhotoWise QuickLink.lnk - G:\Programmes\PhotoWise\quicklnk.exe
    PowerReg Scheduler.exe
    Configuration & Monitor Utility.lnk - G:\Programmes\WLAN\802.11 Wireless LAN\WlanMonitor.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="sqtmiv.dll c:\windows\system32\wesokaru.dll,C:\WINDOWS\system32\ranolobi.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
    SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\wesokaru.dll [2009-02-24 84992]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
    STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\wesokaru.dll [2009-02-24 84992]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "notification packages"=scecli
    C:\WINDOWS\system32\ranolobi.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=32

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:D NA"
    "G:\Programmes\BitTorrent\bittorrent.exe"="G:\Programmes\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "G:\Programmes\iTunes\iTunes.exe"="G:\Programmes\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\WINDOWS\Explorer.EXE"="C:\WINDOWS\Explorer.EXE:*:Enabled:Explorer"
    "C:\WINDOWS\System32\logonui.exe"="C:\WINDOWS\System32\logonui.exe:*:Enabled:logonui"
    "C:\WINDOWS\System32\winlogon.exe"="C:\WINDOWS\System32\winlogon.exe:*:Enabled:winlogon"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\O]
    shell\AutoRun\command - O:\setupSNK.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b26a2c5-0555-11db-af6d-0012c9310d21}]
    shell\AutoRun\command - O:\setupSNK.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3cd8438c-d142-11dc-8ac4-0012c9310d21}]
    shell\AutoRun\command - F:\Autorun.exe /s


    ======List of files/folders created in the last 1 months======

    2009-02-28 13:17:39 ----D---- C:\rsit
    2009-02-28 12:46:44 ----A---- C:\WINDOWS\IE4 Error Log.txt
    2009-02-26 11:04:09 ----A---- C:\rollback.ini
    2009-02-26 10:52:35 ----D---- C:\Documents and Settings\Admin\Application Data\MailFrontier
    2009-02-25 10:31:18 ----N---- C:\WINDOWS\SchedLgU.Txt
    2009-02-25 07:39:29 ----D---- C:\WINDOWS\CSC
    2009-02-24 23:28:20 ----SH---- C:\WINDOWS\system32\ivogaluz.ini
    2009-02-24 23:28:16 ----ASH---- C:\WINDOWS\system32\wesokaru.dll
    2009-02-24 23:28:16 ----ASH---- C:\WINDOWS\system32\sqtmiv.dll
    2009-02-24 23:28:15 ----ASH---- C:\WINDOWS\system32\zulagovi.dll
    2009-02-24 23:28:15 ----ASH---- C:\WINDOWS\system32\rogahefa.dll
    2009-02-24 11:28:25 ----SH---- C:\WINDOWS\system32\edefenoj.ini
    2009-02-24 11:28:22 ----ASH---- C:\WINDOWS\system32\bulawasi.dll
    2009-02-24 11:28:12 ----ASH---- C:\WINDOWS\system32\lysimm.dll
    2009-02-24 11:28:10 ----ASH---- C:\WINDOWS\system32\siruguhu.dll
    2009-02-24 11:28:09 ----N---- C:\WINDOWS\system32\jonefede.dll
    2009-02-23 23:08:29 ----SH---- C:\WINDOWS\system32\umedetun.ini
    2009-02-23 23:08:15 ----ASH---- C:\WINDOWS\system32\ynizqm.dll
    2009-02-23 23:08:14 ----ASH---- C:\WINDOWS\system32\bubufibo.dll
    2009-02-23 23:08:13 ----ASH---- C:\WINDOWS\system32\nutedemu.dll
    2009-02-23 23:08:13 ----ASH---- C:\WINDOWS\system32\fugajezu.dll
    2009-02-23 11:08:28 ----SH---- C:\WINDOWS\system32\ebaweraw.ini
    2009-02-23 11:08:11 ----ASH---- C:\WINDOWS\system32\yzyyxq.dll
    2009-02-23 11:08:11 ----ASH---- C:\WINDOWS\system32\loyayono.dll
    2009-02-23 11:08:09 ----ASH---- C:\WINDOWS\system32\fusigoka.dll
    2009-02-22 23:07:19 ----SH---- C:\WINDOWS\system32\uwidipig.ini
    2009-02-22 23:07:13 ----ASH---- C:\WINDOWS\system32\buelct.dll
    2009-02-22 23:07:12 ----ASH---- C:\WINDOWS\system32\dajifuji.dll
    2009-02-22 23:07:11 ----ASH---- C:\WINDOWS\system32\kenahapu.dll
    2009-02-22 11:07:07 ----SH---- C:\WINDOWS\system32\epalobat.ini
    2009-02-22 11:07:04 ----ASH---- C:\WINDOWS\system32\yubihimo.dll
    2009-02-22 11:07:04 ----ASH---- C:\WINDOWS\system32\eberry.dll
    2009-02-22 11:07:03 ----ASH---- C:\WINDOWS\system32\vikikeme.dll
    2009-02-21 23:08:14 ----SH---- C:\WINDOWS\system32\imozemuz.ini
    2009-02-21 23:07:44 ----ASH---- C:\WINDOWS\system32\nukinihe.dll
    2009-02-21 23:07:44 ----ASH---- C:\WINDOWS\system32\nbrfvu.dll
    2009-02-21 23:07:43 ----ASH---- C:\WINDOWS\system32\yibamaka.dll
    2009-02-21 11:06:42 ----ASH---- C:\WINDOWS\system32\xirvsm.dll
    2009-02-21 11:06:42 ----ASH---- C:\WINDOWS\system32\sujigewi.dll
    2009-02-21 11:06:41 ----ASH---- C:\WINDOWS\system32\kakinahu.dll
    2009-02-15 00:07:11 ----D---- C:\Program Files\La barre d'outils AIR MILES
    2009-02-04 11:14:25 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-02-04 11:14:24 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-02-04 11:14:24 ----A---- C:\WINDOWS\system32\java.exe
    2009-01-31 12:39:57 ----A---- C:\WINDOWS\KA.INI
    2009-01-31 12:39:56 ----D---- C:\KA

    ======List of files/folders modified in the last 1 months======

    2009-02-28 11:09:56 ----A---- C:\errlgr.txt
    2009-02-27 23:11:16 ----N---- C:\WINDOWS\ModemLog_U.S. Robotics 56K Voice Host Int.txt
    2009-02-20 19:13:16 ----A---- C:\WINDOWS\win.ini
    2009-02-19 17:06:58 ----A---- C:\WINDOWS\u3dedit3.INI
    2009-02-19 17:05:52 ----A---- C:\WINDOWS\ULead32.ini

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-19 41600]
    R1 incdrm;InCD EasyWrite Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2002-10-08 7582]
    R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768]
    R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
    R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2006-08-16 225664]
    R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952]
    R2 aslm75;aslm75; \??\C:\WINDOWS\system32\drivers\aslm75.sys []
    R2 Fallback;Fallback; C:\WINDOWS\System32\DRIVERS\HSF_FALL.sys [2001-08-17 289887]
    R2 Fsks;Fsks; C:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys [2001-08-17 115807]
    R2 K56;K56; C:\WINDOWS\System32\DRIVERS\HSF_K56K.sys [2001-08-17 391199]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2004-08-04 11868]
    R2 nvcap;nVidia WDM Video Capture (universal); C:\WINDOWS\System32\DRIVERS\nvcap.sys [2003-04-03 118220]
    R2 nvTUNEP;nVidia WDM TVTuner; C:\WINDOWS\System32\DRIVERS\nvtunep.sys [2003-04-03 15968]
    R2 nvtvSND;nVidia WDM TVAudio Crossbar; C:\WINDOWS\System32\DRIVERS\nvtvsnd.sys [2003-04-03 45216]
    R2 NVXBAR;nVidia WDM A/V Crossbar; C:\WINDOWS\System32\DRIVERS\NVxbar.sys [2003-04-03 10942]
    R2 SoftFax;SoftFax; C:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys [2001-08-17 199711]
    R2 SpeakerPhone;SpeakerPhone; C:\WINDOWS\System32\DRIVERS\HSF_SPKP.sys [2001-08-17 73279]
    R2 tcaicchg;tcaicchg; \??\C:\WINDOWS\System32\tcaicchg.sys []
    R2 TCAITDI;TCAITDI Protocol; C:\WINDOWS\System32\DRIVERS\TCAITDI.sys [2001-09-03 19534]
    R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
    R2 Tones;Tones; C:\WINDOWS\System32\DRIVERS\HSF_TONE.sys [2001-08-17 50751]
    R2 V124;V124; C:\WINDOWS\System32\DRIVERS\HSF_V124.sys [2001-08-17 488383]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-04 60800]
    R3 EL90Xbc;3Com 3C90X-BC Family PCI EtherLink Adapter; C:\WINDOWS\System32\DRIVERS\el90Xbc5.SYS [2002-08-13 74338]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSFDPSP2.sys [2004-08-04 1041536]
    R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFBS2S2.sys [2004-08-04 220032]
    R3 itchfltr;iTouch Keyboard Filter; C:\WINDOWS\system32\DRIVERS\itchfltr.sys [2004-03-10 12953]
    R3 l8042pr2;Logitech PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042Pr2.sys [2002-07-09 50862]
    R3 LKbdFlt2;Logitech Keyboard Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LKbdFlt2.sys [2002-07-09 6030]
    R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFlt2.sys [2002-07-09 70382]
    R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
    R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-04 61824]
    R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
    R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2002-12-05 13056]
    R3 NVENET;NVIDIA nForce MCP Networking Adapter Driver; C:\WINDOWS\System32\DRIVERS\NVENET.sys [2002-09-22 80896]
    R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2002-12-05 241664]
    R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368]
    R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-04 12416]
    R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-04 26624]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-04 57600]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2004-08-04 17024]
    R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 15104]
    R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSFCXTS2.sys [2004-08-04 685056]
    R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2005-04-12 10144]
    R3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2005-04-12 22240]
    R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2005-04-12 45504]
    R4 WINFOXIO;WINFOXIO; \??\C:\WINDOWS\system32\Drivers\WINFOXIO.SYS []
    S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
    S3 61883;Pilote d'unité 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [2004-08-04 48128]
    S3 Avc;Périphérique AVC; C:\WINDOWS\System32\DRIVERS\avc.sys [2004-08-04 38912]
    S3 basic2;basic2; C:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys [2001-08-17 67167]
    S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
    S3 hsf_msft;hsf_msft; C:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys [2001-08-17 542879]
    S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\System32\DRIVERS\msdv.sys [2004-08-04 51328]
    S3 msgame;Activateur de port HID vers manette de jeu Sidewinder; C:\WINDOWS\system32\DRIVERS\msgame.sys [2001-08-17 35200]
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
    S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
    S3 ndiscm;Motorola SurfBoard USB Cable Modem Windows Driver; C:\WINDOWS\system32\DRIVERS\NetMotCM.sys [2002-02-25 15400]
    S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-08-04 10880]
    S3 Rksample;Rksample; C:\WINDOWS\System32\DRIVERS\HSF_SAMP.sys [2001-08-17 57471]
    S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-08-04 11136]
    S3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912]
    S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-08-04 15360]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
    S3 WBHWDOCT;Winbond GPIO Driver1; C:\WINDOWS\System32\drivers\WBHWDOCT.sys [2002-09-09 7312]
    S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2005-04-12 5600]
    S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    R2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-19 268800]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-10 152984]
    R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
    R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZONELABS\vsmon.exe [2008-07-09 75304]
    R3 iPod Service;Service de l’iPod; G:\Programmes\iPod\bin\iPodService.exe [2008-10-01 536872]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-25 138168]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]

    -----------------EOF-----------------


    et le contenu de info :

    info.txt logfile of random's system information tool 1.05 2009-02-28 13:18:31

    ======Uninstall list======

    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    3Com NIC Diagnostics-->un3cdiag.exe /remove
    802.11 Wireless LAN-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /M{8F3F7032-E5FB-42B4-8443-A569F381726C} /l1033
    Adobe Download Manager 2.0 (Supprimer uniquement)-->"C:\Program Files\Fichiers communs\Adobe\ESD\uninst.exe"
    Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Reader 7.0.5 Language Support-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-7050000000A7}
    Adobe Reader 7.0.8 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70000000000}
    Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
    Ahead InCD EasyWrite Reader-->C:\WINDOWS\UNMrw.exe /UNINSTALL
    Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    ArcSoft Software Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE7C3A14-1D20-49F6-B903-491561076F0F}\SETUP.EXE" -l0x9
    ASUS Probe V2.19.07-->C:\WINDOWS\uninst.exe -f"C:\Program Files\ASUS\Probe\DeIsL1.isu" -c"C:\Program Files\ASUS\Probe\probunis.dll"
    Audio-Video Software -->C:\Program Files\Video Add-on\uninst.exe
    Battleship SURFACE THUNDER-->C:\WINDOWS\IsUninst.exe -f"o:\jeux\Hasbro Interactive\Battleship SURFACE THUNDER\Uninst.isu"
    Big Mutha Truckers-->MsiExec.exe /I{7AD106E2-A9B2-4BD8-A8D5-331DC0957A3E}
    Blade Runner-->g:\programmes\WESTWOOD\BLADE\UNINSTBR.EXE C:\WINDOWS\UNIN040C.EXE -fg:\PROGRA~1\WESTWOOD\BLADE\DeIsL1.isu
    Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
    CCleaner (remove only)-->"G:\Programmes\CCleaner\uninst.exe"
    Correctif Windows XP - KB834707-->C:\WINDOWS\$NtUninstallKB834707$\spuninst\spuninst.exe
    Correctif Windows XP - KB867282-->C:\WINDOWS\$NtUninstallKB867282$\spuninst\spuninst.exe
    Correctif Windows XP - KB873333-->C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
    Correctif Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
    Correctif Windows XP - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
    Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
    Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
    Correctif Windows XP - KB885884-->C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
    Correctif Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
    Correctif Windows XP - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
    Correctif Windows XP - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
    Correctif Windows XP - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
    Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
    Correctif Windows XP - KB890047-->C:\WINDOWS\$NtUninstallKB890047$\spuninst\spuninst.exe
    Correctif Windows XP - KB890175-->C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
    Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
    Correctif Windows XP - KB890923-->"C:\WINDOWS\$NtUninstallKB890923$\spuninst\spuninst.exe"
    Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
    Correctif Windows XP - KB893066-->"C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
    Correctif Windows XP - KB893086-->"C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe"
    Coup de Pouce CE 1 v1.0-->C:\WINDOWS\unin040c.exe -fC:\KA\CPCE1\DeIsL1.isu
    DivX Player-->G:\Programmes\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX-->G:\Programmes\DivX\DivXCodecUninstall.exe /CODEC
    eMule-->"G:\Programmes\eMule\Uninstall.exe"
    Fête & Maths-->C:\WINDOWS\edmkuni2.exe "g:\Programmes\Edmark\FETE & MATHS "
    Google Earth-->MsiExec.exe /I{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}
    Google SketchUp 6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x40c -removeonly
    Google SketchUp 6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x40c -removeonly
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
    Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
    HijackThis 2.0.0-->"C:\Documents and Settings\Admin\Bureau\HijackThis.exe" /uninstall
    Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
    hp deskjet 5550 series-->rundll32 hpzcon05.dll,VendorJettison hp deskjet 5550 series
    HP Image Zone 4.0-->G:\Programmes\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
    HP Scanjet 4070-->G:\Programmes\HP\Digital Imaging\{7DB9BF65-46AC-4803-82AA-14EFCA927789}\setup\hpzscr01.exe -datfile hpgscr01.dat
    HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
    HP Software Update-->MsiExec.exe /X{457791C5-D702-4143-A7B2-2744BE9573F2}
    ImpôtRapide 2005-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{740DC926-B248-41DF-A38A-0675749E4361}\isetup.ex_" -l0xc0c -uninst
    ImpôtRapide 2006-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{287E1968-462A-40EB-BA11-A557C5D64F12}\isetup.ex_" -l0xc0c -uninst
    ImpôtRapide 2007-->MsiExec.exe /X{3156B2FD-5C1D-4649-9FE3-EB6E77320266}
    iPod for Windows 2005-11-17-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{8338BA06-E527-491B-9400-F51708FEE695} /l1036
    iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
    Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
    La barre d'outils AIR MILES 1.438-->C:\Program Files\La barre d'outils AIR MILES\Uninst.exe
    Leadtek WinFastDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C1939820-A945-11D4-86F6-0001031E5712}\setup.exe" REMOVEALL
    LEGO Star Wars II-->C:\Program Files\InstallShield Installation Information\{578FA426-47C0-4A3F-98A4-01ACD26B7556}\setup.exe -runfromtemp -l0x040c
    LEGO® Indiana Jones™-->C:\Program Files\InstallShield Installation Information\{A14C40E7-F7E5-498D-B8BD-A3EAE942EED0}\setup.exe -runfromtemp -l0x040c
    Lic Client-->C:\WINDOWS\unvise32.exe g:\programmes\LIC\uninstal.log
    Logiciel iTouch de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{036AA4D4-6D32-11D4-9875-00105ACE7734}\Setup.exe" -l0x40c UNINSTALL
    Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\setup.exe" -l0x40c UNINSTALL
    Logitech Gaming Software-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C1DA723-24FC-48AD-93BA-925695C3EF26}\setup.exe" -l0x40c -removeonly
    Logitech MouseWare 9.71 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\setup.exe" -l0x40c -l040c UNINSTALL
    LucasArts' The Infernal Machine-->C:\WINDOWS\uninst.exe -f"g:\programmes\LucasArts\The Infernal Machine\Install\DeIsL1.isu" -c"g:\programmes\LucasArts\The Infernal Machine\Install\LecSetup.dll"
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Data Access Components KB870669-->C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
    Microsoft Flight Simulator 98-->O:\Microsoft Games\Flight Simulator\Uninstal.exe /uninstall
    Microsoft Motocross Madness-->"M:\Microsoft Games\Motocross Madness\Uninstal.exe" /runtemp
    Microsoft Office XP Media Content-->MsiExec.exe /I{9030040C-6000-11D3-8CFE-0050048383C9}
    Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
    Mise à jour de sécurité pour Lecteur Windows Media (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB883939)-->"C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896688)-->"C:\WINDOWS\$NtUninstallKB896688$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB899588)-->"C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB899589)-->"C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB903235)-->"C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB905915)-->"C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB912812)-->"C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB913446)-->"C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB916281)-->"C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB917159)-->"C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB918899)-->"C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920214)-->"C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB921398)-->"C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB921883)-->"C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB922616)-->"C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB925486)-->"C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB896727)-->"C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
    MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
    Nero - Burning Rom-->MsiExec.exe /X{A4D7B764-4140-11D4-88EB-0050DA3579C0}
    NetObjects Fusion 8-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1C59303F-FCC1-484C-A40E-52C2AD4B17F8}\setup.exe" -l0x9 anything -uninst
    Nikon Message Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}\Setup.exe" -l0x9 UNINSTALL
    NVIDIA nForce Utilities-->C:\WINDOWS\System32\rundll32.exe setupapi,InstallHinfSection Remove_SSUtilsNT 132 C:\WINDOWS\INF\nvautlml.inf
    NVIDIA WDM Drivers-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B023185F-F1EF-4F97-B0BD-AE6D802226D1}\SETUP.EXE"
    overland-->MsiExec.exe /I{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}
    Photosynth 2.0.1519.16-->MsiExec.exe /X{366E24C6-9097-4F63-BF42-3F3EF356A960}
    PhotoWise-->C:\WINDOWS\unin040c.exe -fg:\programmes\PhotoWise\DeIsL1.isu
    Picasa 2-->"G:\Programmes\Picasa2\Uninstall.exe"
    PictureProject-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF3999BE-1A7B-4738-88AA-97BF14094A4A}\Setup.exe" -l0x9 UNINSTALL
    Pilotes NVIDIA nForce pour Windows 2000/XP-->rundll32.exe C:\WINDOWS\System32\NVNFINST.DLL,NvUninstallCrush
    PowerQuest PartitionMagic 8.0-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}
    QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
    SATARaid-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{91649626-E343-11D5-BCEF-005004748D87}\Setup.exe" -l0x9
    Shockwave-->C:\WINDOWS\system32\MACROMED\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\MACROMED\SHOCKW~1\Install.log
    Star Wars Galactic Battlegrounds: Saga-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{10133CDD-50B9-4783-B336-8B48F3653715}\Setup.exe" -l0x9
    Tom Clancy's Splinter Cell-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A174402A-2EE6-4B86-A930-7BC85A9933BD}\setup.exe" -l0x40c
    True Internet Color-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\E-Color\True Internet Color\Uninst.isu" -c"C:\Program Files\E-Color\True Internet Color\TICUninstall.dll"
    Turbo Lister 2-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{69640730-B830-4C24-BB5C-222DA1260548}
    Tux Paint 0.9.16-->"G:\Programmes\TuxPaint\unins001.exe"
    Tux Paint Stamps 2006-10-21-->"G:\Programmes\TuxPaint\unins000.exe"
    Ulead COOL 3D 3.0-->C:\WINDOWS\Ulead.dat\uninstall\setup.exe
    Ulead VideoStudio 10-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E188D820-1218-4E28-8BCA-91134C3664C2}\Setup.exe" -l0x40c
    Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803$\spuninst\spuninst.exe"
    Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
    Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
    Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Format 9 Series SDK-->MsiExec.exe /X{EEE0F0A7-6B7D-4D1E-9498-43D9D012DDF7}
    Windows XP Service Pack 2-->C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe
    WinFast(R) Display Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44BAC2DD-0574-4047-B736-A7687401C1CD}\setup.exe"
    WinFast(R) PVR (Application)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D7273CE1-F0B8-4B3C-B41E-F289E0835B43}\setup.exe"
    WinFox Setup-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Leadtek Research Inc.\WinFox Setup\Uninst.isu" -c"C:\WINDOWS\System32\WinFox\WinFoxUT.dll"
    ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

    =====HijackThis Backups=====

    O18 - Protocol: bwl0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O4 - Global Startup: HP Image Zone Fast Start.lnk = G:\Programmes\HP\Digital Imaging\bin\hpqthb08.exe
    O18 - Protocol: bw50s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_P...
    O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredete...
    O16 - DPF: {CA8A9780-280D-11CF-A24D-444553540000} (Adobe PDF Reader) - http://activex.microsoft.com/objects/ocget.dll
    O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/ActiveLauncher/ActiveLau...
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = G:\Programmes\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = G:\Programmes\logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Microsoft Office.lnk = G:\Programmes\msoffice\Office10\OSA.EXE
    O4 - HKCU\..\Run: [LDM] \Program\
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8
    O4 - HKLM\..\Run: [QuickTime Task] "G:\programmes\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [vsbylqxi.exe] C:\Documents and Settings\All Users.WINDOWS\Application Data\vsbylqxi.exe
    O2 - BHO: (no name) - {2B8D11C6-9417-B296-AA79-09C2093684ED} - C:\WINDOWS\system32\nwfiqjk.dll (file missing)
    O2 - BHO: (no name) - {5baaa4ba-1dd2-11b2-ada1-a63effca8258} - C:\WINDOWS\system32\5F5cKO5H.dll (file missing)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [HP Software Update] "G:\Programmes\HP\HP Software Update\HPWuSchd2.exe"
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

    ======Hosts File======

    127.0.0.1 localhost

    ======Security center information======

    AV: ZoneAlarm Security Suite Antivirus
    FW: ZoneAlarm Security Suite Firewall

    System event log

    Computer Name: DANIEL
    Event Code: 7036
    Message: Le service Carte de performance WMI est entré dans l'état : arrêté.

    Record
    Contenus similaires
    28 Février 2009 19:26:47

    Bonjour !

    désolé, le fichier info est incomplet le voici de nouveau :

    info.txt logfile of random's system information tool 1.05 2009-02-28 13:18:31

    ======Uninstall list======

    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    3Com NIC Diagnostics-->un3cdiag.exe /remove
    802.11 Wireless LAN-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /M{8F3F7032-E5FB-42B4-8443-A569F381726C} /l1033
    Adobe Download Manager 2.0 (Supprimer uniquement)-->"C:\Program Files\Fichiers communs\Adobe\ESD\uninst.exe"
    Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Reader 7.0.5 Language Support-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-7050000000A7}
    Adobe Reader 7.0.8 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70000000000}
    Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
    Ahead InCD EasyWrite Reader-->C:\WINDOWS\UNMrw.exe /UNINSTALL
    Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    ArcSoft Software Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE7C3A14-1D20-49F6-B903-491561076F0F}\SETUP.EXE" -l0x9
    ASUS Probe V2.19.07-->C:\WINDOWS\uninst.exe -f"C:\Program Files\ASUS\Probe\DeIsL1.isu" -c"C:\Program Files\ASUS\Probe\probunis.dll"
    Audio-Video Software -->C:\Program Files\Video Add-on\uninst.exe
    Battleship SURFACE THUNDER-->C:\WINDOWS\IsUninst.exe -f"o:\jeux\Hasbro Interactive\Battleship SURFACE THUNDER\Uninst.isu"
    Big Mutha Truckers-->MsiExec.exe /I{7AD106E2-A9B2-4BD8-A8D5-331DC0957A3E}
    Blade Runner-->g:\programmes\WESTWOOD\BLADE\UNINSTBR.EXE C:\WINDOWS\UNIN040C.EXE -fg:\PROGRA~1\WESTWOOD\BLADE\DeIsL1.isu
    Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
    CCleaner (remove only)-->"G:\Programmes\CCleaner\uninst.exe"
    Correctif Windows XP - KB834707-->C:\WINDOWS\$NtUninstallKB834707$\spuninst\spuninst.exe
    Correctif Windows XP - KB867282-->C:\WINDOWS\$NtUninstallKB867282$\spuninst\spuninst.exe
    Correctif Windows XP - KB873333-->C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
    Correctif Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
    Correctif Windows XP - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
    Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
    Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
    Correctif Windows XP - KB885884-->C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
    Correctif Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
    Correctif Windows XP - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
    Correctif Windows XP - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
    Correctif Windows XP - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
    Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
    Correctif Windows XP - KB890047-->C:\WINDOWS\$NtUninstallKB890047$\spuninst\spuninst.exe
    Correctif Windows XP - KB890175-->C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
    Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
    Correctif Windows XP - KB890923-->"C:\WINDOWS\$NtUninstallKB890923$\spuninst\spuninst.exe"
    Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
    Correctif Windows XP - KB893066-->"C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
    Correctif Windows XP - KB893086-->"C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe"
    Coup de Pouce CE 1 v1.0-->C:\WINDOWS\unin040c.exe -fC:\KA\CPCE1\DeIsL1.isu
    DivX Player-->G:\Programmes\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX-->G:\Programmes\DivX\DivXCodecUninstall.exe /CODEC
    eMule-->"G:\Programmes\eMule\Uninstall.exe"
    Fête & Maths-->C:\WINDOWS\edmkuni2.exe "g:\Programmes\Edmark\FETE & MATHS "
    Google Earth-->MsiExec.exe /I{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}
    Google SketchUp 6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x40c -removeonly
    Google SketchUp 6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x40c -removeonly
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
    Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
    HijackThis 2.0.0-->"C:\Documents and Settings\Admin\Bureau\HijackThis.exe" /uninstall
    Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
    hp deskjet 5550 series-->rundll32 hpzcon05.dll,VendorJettison hp deskjet 5550 series
    HP Image Zone 4.0-->G:\Programmes\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
    HP Scanjet 4070-->G:\Programmes\HP\Digital Imaging\{7DB9BF65-46AC-4803-82AA-14EFCA927789}\setup\hpzscr01.exe -datfile hpgscr01.dat
    HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
    HP Software Update-->MsiExec.exe /X{457791C5-D702-4143-A7B2-2744BE9573F2}
    ImpôtRapide 2005-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{740DC926-B248-41DF-A38A-0675749E4361}\isetup.ex_" -l0xc0c -uninst
    ImpôtRapide 2006-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{287E1968-462A-40EB-BA11-A557C5D64F12}\isetup.ex_" -l0xc0c -uninst
    ImpôtRapide 2007-->MsiExec.exe /X{3156B2FD-5C1D-4649-9FE3-EB6E77320266}
    iPod for Windows 2005-11-17-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{8338BA06-E527-491B-9400-F51708FEE695} /l1036
    iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
    Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
    La barre d'outils AIR MILES 1.438-->C:\Program Files\La barre d'outils AIR MILES\Uninst.exe
    Leadtek WinFastDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C1939820-A945-11D4-86F6-0001031E5712}\setup.exe" REMOVEALL
    LEGO Star Wars II-->C:\Program Files\InstallShield Installation Information\{578FA426-47C0-4A3F-98A4-01ACD26B7556}\setup.exe -runfromtemp -l0x040c
    LEGO® Indiana Jones™-->C:\Program Files\InstallShield Installation Information\{A14C40E7-F7E5-498D-B8BD-A3EAE942EED0}\setup.exe -runfromtemp -l0x040c
    Lic Client-->C:\WINDOWS\unvise32.exe g:\programmes\LIC\uninstal.log
    Logiciel iTouch de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{036AA4D4-6D32-11D4-9875-00105ACE7734}\Setup.exe" -l0x40c UNINSTALL
    Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\setup.exe" -l0x40c UNINSTALL
    Logitech Gaming Software-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C1DA723-24FC-48AD-93BA-925695C3EF26}\setup.exe" -l0x40c -removeonly
    Logitech MouseWare 9.71 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\setup.exe" -l0x40c -l040c UNINSTALL
    LucasArts' The Infernal Machine-->C:\WINDOWS\uninst.exe -f"g:\programmes\LucasArts\The Infernal Machine\Install\DeIsL1.isu" -c"g:\programmes\LucasArts\The Infernal Machine\Install\LecSetup.dll"
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Data Access Components KB870669-->C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
    Microsoft Flight Simulator 98-->O:\Microsoft Games\Flight Simulator\Uninstal.exe /uninstall
    Microsoft Motocross Madness-->"M:\Microsoft Games\Motocross Madness\Uninstal.exe" /runtemp
    Microsoft Office XP Media Content-->MsiExec.exe /I{9030040C-6000-11D3-8CFE-0050048383C9}
    Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
    Mise à jour de sécurité pour Lecteur Windows Media (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB883939)-->"C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896688)-->"C:\WINDOWS\$NtUninstallKB896688$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB899588)-->"C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB899589)-->"C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB903235)-->"C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB905915)-->"C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB912812)-->"C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB913446)-->"C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB916281)-->"C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB917159)-->"C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB918899)-->"C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920214)-->"C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB921398)-->"C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB921883)-->"C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB922616)-->"C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB925486)-->"C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB896727)-->"C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
    MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
    Nero - Burning Rom-->MsiExec.exe /X{A4D7B764-4140-11D4-88EB-0050DA3579C0}
    NetObjects Fusion 8-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1C59303F-FCC1-484C-A40E-52C2AD4B17F8}\setup.exe" -l0x9 anything -uninst
    Nikon Message Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}\Setup.exe" -l0x9 UNINSTALL
    NVIDIA nForce Utilities-->C:\WINDOWS\System32\rundll32.exe setupapi,InstallHinfSection Remove_SSUtilsNT 132 C:\WINDOWS\INF\nvautlml.inf
    NVIDIA WDM Drivers-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B023185F-F1EF-4F97-B0BD-AE6D802226D1}\SETUP.EXE"
    overland-->MsiExec.exe /I{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}
    Photosynth 2.0.1519.16-->MsiExec.exe /X{366E24C6-9097-4F63-BF42-3F3EF356A960}
    PhotoWise-->C:\WINDOWS\unin040c.exe -fg:\programmes\PhotoWise\DeIsL1.isu
    Picasa 2-->"G:\Programmes\Picasa2\Uninstall.exe"
    PictureProject-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF3999BE-1A7B-4738-88AA-97BF14094A4A}\Setup.exe" -l0x9 UNINSTALL
    Pilotes NVIDIA nForce pour Windows 2000/XP-->rundll32.exe C:\WINDOWS\System32\NVNFINST.DLL,NvUninstallCrush
    PowerQuest PartitionMagic 8.0-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}
    QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
    SATARaid-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{91649626-E343-11D5-BCEF-005004748D87}\Setup.exe" -l0x9
    Shockwave-->C:\WINDOWS\system32\MACROMED\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\MACROMED\SHOCKW~1\Install.log
    Star Wars Galactic Battlegrounds: Saga-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{10133CDD-50B9-4783-B336-8B48F3653715}\Setup.exe" -l0x9
    Tom Clancy's Splinter Cell-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A174402A-2EE6-4B86-A930-7BC85A9933BD}\setup.exe" -l0x40c
    True Internet Color-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\E-Color\True Internet Color\Uninst.isu" -c"C:\Program Files\E-Color\True Internet Color\TICUninstall.dll"
    Turbo Lister 2-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{69640730-B830-4C24-BB5C-222DA1260548}
    Tux Paint 0.9.16-->"G:\Programmes\TuxPaint\unins001.exe"
    Tux Paint Stamps 2006-10-21-->"G:\Programmes\TuxPaint\unins000.exe"
    Ulead COOL 3D 3.0-->C:\WINDOWS\Ulead.dat\uninstall\setup.exe
    Ulead VideoStudio 10-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E188D820-1218-4E28-8BCA-91134C3664C2}\Setup.exe" -l0x40c
    Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803$\spuninst\spuninst.exe"
    Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
    Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
    Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Format 9 Series SDK-->MsiExec.exe /X{EEE0F0A7-6B7D-4D1E-9498-43D9D012DDF7}
    Windows XP Service Pack 2-->C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe
    WinFast(R) Display Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44BAC2DD-0574-4047-B736-A7687401C1CD}\setup.exe"
    WinFast(R) PVR (Application)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D7273CE1-F0B8-4B3C-B41E-F289E0835B43}\setup.exe"
    WinFox Setup-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Leadtek Research Inc.\WinFox Setup\Uninst.isu" -c"C:\WINDOWS\System32\WinFox\WinFoxUT.dll"
    ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

    =====HijackThis Backups=====

    O18 - Protocol: bwl0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O4 - Global Startup: HP Image Zone Fast Start.lnk = G:\Programmes\HP\Digital Imaging\bin\hpqthb08.exe
    O18 - Protocol: bw50s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_P...
    O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredete...
    O16 - DPF: {CA8A9780-280D-11CF-A24D-444553540000} (Adobe PDF Reader) - http://activex.microsoft.com/objects/ocget.dll
    O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/ActiveLauncher/ActiveLau...
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = G:\Programmes\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = G:\Programmes\logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Microsoft Office.lnk = G:\Programmes\msoffice\Office10\OSA.EXE
    O4 - HKCU\..\Run: [LDM] \Program\
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8
    O4 - HKLM\..\Run: [QuickTime Task] "G:\programmes\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [vsbylqxi.exe] C:\Documents and Settings\All Users.WINDOWS\Application Data\vsbylqxi.exe
    O2 - BHO: (no name) - {2B8D11C6-9417-B296-AA79-09C2093684ED} - C:\WINDOWS\system32\nwfiqjk.dll (file missing)
    O2 - BHO: (no name) - {5baaa4ba-1dd2-11b2-ada1-a63effca8258} - C:\WINDOWS\system32\5F5cKO5H.dll (file missing)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [HP Software Update] "G:\Programmes\HP\HP Software Update\HPWuSchd2.exe"
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

    ======Hosts File======

    127.0.0.1 localhost

    ======Security center information======

    AV: ZoneAlarm Security Suite Antivirus
    FW: ZoneAlarm Security Suite Firewall

    System event log

    Computer Name: DANIEL
    Event Code: 7036
    Message: Le service Carte de performance WMI est entré dans l'état : arrêté.

    Record Number: 134041
    Source Name: Service Control Manager
    Time Written: 20090201094226.000000-300
    Event Type: information
    User:

    Computer Name: DANIEL
    Event Code: 7036
    Message: Le service Carte de performance WMI est entré dans l'état : en cours d'exécution.

    Record Number: 134040
    Source Name: Service Control Manager
    Time Written: 20090201094225.000000-300
    Event Type: information
    User:

    Computer Name: DANIEL
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Carte de performance WMI.

    Record Number: 134039
    Source Name: Service Control Manager
    Time Written: 20090201094225.000000-300
    Event Type: information
    User: AUTORITE NT\SYSTEM

    Computer Name: DANIEL
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service aswRdr.

    Record Number: 134038
    Source Name: Service Control Manager
    Time Written: 20090201094225.000000-300
    Event Type: information
    User: AUTORITE NT\SYSTEM

    Computer Name: DANIEL
    Event Code: 7036
    Message: Le service avast! Web Scanner est entré dans l'état : en cours d'exécution.

    Record Number: 134037
    Source Name: Service Control Manager
    Time Written: 20090201094224.000000-300
    Event Type: information
    User:

    Application event log

    Computer Name: DANIEL
    Event Code: 1800
    Message: Le service Centre de sécurité Windows a démarré.

    Record Number: 5587
    Source Name: SecurityCenter
    Time Written: 20080805054918.000000-300
    Event Type: information
    User:

    Computer Name: DANIEL
    Event Code: 1517
    Message: Windows a sauvegardé le Registre utilisateur DANIEL\Admin alors qu'une application ou un service utilisait toujours le Registre pendant la fermeture de la session. La mémoire utilisée par le Registre de l'utilisateur n'a pas été libérée. le Registre sera déchargé lorsqu'il ne sera plus utilisé.


    Cela est souvent causé par des services s'exécutant en tant que compte d'utilisateur, essayez de configurer les services pour s'exécuter dans le compte service réseau ou service local.

    Record Number: 5586
    Source Name: Userenv
    Time Written: 20080804230617.000000-300
    Event Type: warning
    User: AUTORITE NT\SYSTEM

    Computer Name: DANIEL
    Event Code: 1002
    Message: Application bloquée iexplore.exe, version 6.0.2900.2180, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

    Record Number: 5585
    Source Name: Application Hang
    Time Written: 20080804135907.000000-300
    Event Type: error
    User:

    Computer Name: DANIEL
    Event Code: 0
    Message:
    Record Number: 5584
    Source Name: iPod Service
    Time Written: 20080804064143.000000-300
    Event Type: information
    User:

    Computer Name: DANIEL
    Event Code: 1800
    Message: Le service Centre de sécurité Windows a démarré.

    Record Number: 5583
    Source Name: SecurityCenter
    Time Written: 20080804064138.000000-300
    Event Type: information
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\Ulead Systems\MPEG;;"C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier";C:\Program Files\QuickTime\QTSystem\
    "windir"=%SystemRoot%
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
    "PROCESSOR_REVISION"=0a00
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "FP_NO_HOST_CHECK"=NO
    "CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
    "QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
    "tvdumpflags"=8

    -----------------EOF-----------------



    a c 295 8 Sécurité
    28 Février 2009 19:32:32

    Infection Vundo.

    [#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Il va te demander d'installer la console de récupération : accepte.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

    Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
    28 Février 2009 20:22:33

    Bonjour !

    voici le rapport Combofix :

    ComboFix 09-02-28.01 - Admin 2009-02-28 14:07:33.1 - FAT32x86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.511.289 [GMT -5:00]
    Running from: c:\documents and settings\Admin\Bureau\ComboFix.exe
    AV: ZoneAlarm Security Suite Antivirus *On-access scanning disabled* (Updated)
    FW: ZoneAlarm Security Suite Firewall *disabled*

    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
    .
    The following files were disabled during the run:
    c:\windows\system32\sqtmiv.dll
    c:\windows\system32\wesokaru.dll


    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Online Security Guide.url
    c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Security Troubleshooting.url
    c:\windows\IE4 Error Log.txt
    c:\windows\system32\bubufibo.dll
    c:\windows\system32\buelct.dll
    c:\windows\system32\bulawasi.dll
    c:\windows\system32\dajifuji.dll
    c:\windows\system32\ebaweraw.ini
    c:\windows\system32\eberry.dll
    c:\windows\system32\edefenoj.ini
    c:\windows\system32\epalobat.ini
    c:\windows\system32\fugajezu.dll
    c:\windows\system32\fusigoka.dll
    c:\windows\system32\imozemuz.ini
    c:\windows\system32\ivogaluz.ini
    c:\windows\system32\jonefede.dll
    c:\windows\system32\kakinahu.dll
    c:\windows\system32\kenahapu.dll
    c:\windows\system32\loyayono.dll
    c:\windows\system32\lysimm.dll
    c:\windows\system32\nbrfvu.dll
    c:\windows\system32\nukinihe.dll
    c:\windows\system32\nutedemu.dll
    c:\windows\system32\rogahefa.dll
    c:\windows\system32\siruguhu.dll
    c:\windows\system32\sqtmiv.dll.vir
    c:\windows\system32\sujigewi.dll
    c:\windows\system32\tmp.reg
    c:\windows\system32\umedetun.ini
    c:\windows\system32\uwidipig.ini
    c:\windows\system32\vikikeme.dll
    c:\windows\system32\xirvsm.dll
    c:\windows\system32\yibamaka.dll
    c:\windows\system32\ynizqm.dll
    c:\windows\system32\yubihimo.dll
    c:\windows\system32\yzyyxq.dll
    O:\Autorun.inf

    .
    ((((((((((((((((((((((((( Files Created from 2009-01-28 to 2009-02-28 )))))))))))))))))))))))))))))))
    .

    2009-02-28 13:17 . 2009-02-28 13:17 <REP> d-------- C:\rsit
    2009-02-26 11:04 . 2009-02-27 08:46 2,399 --a------ C:\rollback.ini
    2009-02-26 10:52 . 2009-02-26 10:52 <REP> d-------- c:\documents and settings\Admin\Application Data\MailFrontier
    2009-02-24 23:28 . 2009-02-24 23:28 84,992 --a------ c:\windows\system32\wesokaru.dll
    2009-02-24 23:28 . 2009-02-24 23:28 79,872 --ahs---- c:\windows\system32\zulagovi.dll
    2009-02-21 11:01 . 2009-02-25 07:43 6,456 --ah----- c:\windows\system32\yerovuza
    2009-02-15 00:07 . 2009-02-15 00:07 <REP> d-------- c:\program files\La barre d'outils AIR MILES
    2009-02-07 19:02 . 2004-08-23 17:51 109,472 --a------ c:\windows\system32\Sebran3_.ttf
    2009-02-07 19:02 . 2003-11-12 23:38 31,732 --a------ c:\windows\system32\SEBRS___.TTF
    2009-02-06 13:58 . 2009-02-06 13:58 <REP> d--h----- c:\documents and settings\Admin\igLoader Files
    2009-01-31 12:39 . 2009-01-31 12:39 <REP> d-------- C:\KA
    2009-01-31 12:39 . 2009-01-31 12:40 196 --a------ c:\windows\KA.INI

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-02-28 19:12 18,849,446 ------w c:\windows\Internet Logs\tvDebug.zip
    2009-02-28 04:11 71,012 --sha-w c:\windows\system32\drivers\fidbox.idx
    2009-02-28 04:11 4,135,968 --sha-w c:\windows\system32\drivers\fidbox.dat
    2009-02-20 22:29 43,736 ----a-w c:\documents and settings\Admin\Application Data\GDIPFONTCACHEV1.DAT
    2009-01-27 22:44 --------- d-----w c:\documents and settings\William\Application Data\Apple Computer
    2009-01-15 12:56 --------- d-----w c:\program files\Overland
    2009-01-11 01:36 --------- d-----w c:\documents and settings\Admin\Application Data\RipIt4Me
    2009-01-03 22:24 107,888 ----a-w c:\windows\system32\CmdLineExt.dll
    2007-08-14 07:55 9,175,040 ----a-w c:\documents and settings\Admin\Copie de ntuser.dat
    2005-01-08 20:43 154 ----a-w c:\documents and settings\Daniel G\hpothb07.dat
    2005-01-08 20:43 154 ----a-w c:\documents and settings\Admin\hpothb07.dat
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{85c1dd6e-1181-41f2-9ab2-79d5f46f491b}"= "c:\program files\La barre d'outils AIR MILES\Helper.dll" [2009-02-15 219136]

    [HKEY_CLASSES_ROOT\clsid\{85c1dd6e-1181-41f2-9ab2-79d5f46f491b}]
    [HKEY_CLASSES_ROOT\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1]
    [HKEY_CLASSES_ROOT\TypeLib\{CAFC26B8-CDE3-4BD8-A1B8-C3FD28BD3A57}]
    [HKEY_CLASSES_ROOT\FreeCauseURLSearchHook.FCToolbarURLSearchHook]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{76A20DB7-AAD4-4EFD-AE21-57811E5E49E4}]
    2009-02-15 00:07 1256960 --a------ c:\program files\La barre d'outils AIR MILES\Toolbar.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{DC7A75BF-581D-4675-BDCB-D1B35116EB49}"= "c:\program files\La barre d'outils AIR MILES\Toolbar.dll" [2009-02-15 1256960]

    [HKEY_CLASSES_ROOT\clsid\{dc7a75bf-581d-4675-bdcb-d1b35116eb49}]
    [HKEY_CLASSES_ROOT\FCTB000058373.IEToolbar.3]
    [HKEY_CLASSES_ROOT\TypeLib\{8518B5E9-EDF5-4BDA-B5D3-4AA044EC072D}]
    [HKEY_CLASSES_ROOT\FCTB000058373.IEToolbar]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{DC7A75BF-581D-4675-BDCB-D1B35116EB49}"= "c:\program files\La barre d'outils AIR MILES\Toolbar.dll" [2009-02-15 1256960]

    [HKEY_CLASSES_ROOT\clsid\{dc7a75bf-581d-4675-bdcb-d1b35116eb49}]
    [HKEY_CLASSES_ROOT\FCTB000058373.IEToolbar.3]
    [HKEY_CLASSES_ROOT\TypeLib\{8518B5E9-EDF5-4BDA-B5D3-4AA044EC072D}]
    [HKEY_CLASSES_ROOT\FCTB000058373.IEToolbar]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-15 68856]
    "Google Update"="c:\documents and settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-24 133104]
    "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2008-12-19 342848]
    "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-19 15360]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "WinFast Schedule"="g:\programmes\WinFast\WFTVFM\WFWIZ.exe" [2003-03-27 159744]
    "zBrowser Launcher"="g:\programmes\logitech\iTouch\iTouch.exe" [2004-03-18 892928]
    "EM_EXEC"="g:\progra~1\logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE" [2002-07-09 28672]
    "HP Software Update"="g:\programmes\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 49152]
    "HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
    "UVS10 Preload"="g:\programmes\Ulead Systems\Ulead VideoStudio 10\uvPL.exe" [2006-03-07 36864]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
    "iTunesHelper"="g:\programmes\iTunes\iTunesHelper.exe" [2008-10-01 289576]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-10 136600]
    "2c29155d"="c:\windows\system32\zulagovi.dll" [2009-02-24 79872]
    "CPM2f1a26c1"="c:\windows\system32\wesokaru.dll" [2009-02-24 84992]
    "ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
    "TCASUTIEXE"="TCAUDIAG.exe" [2002-07-02 c:\windows\system32\TCAUDIAG.EXE]
    "nForce Tray Options"="sstray.exe" [2002-11-13 c:\windows\system32\sstray.exe]
    "WinFast2KLoadDefault"="wf2kcpl.dll" [2003-02-13 c:\windows\system32\WF2KCPL.dll]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-19 15360]
    "Picasa Media Detector"="g:\programmes\Picasa2\PicasaMediaDetector.exe" [2007-10-23 443968]

    c:\documents and settings\Daniel G\Menu D‚marrer\Programmes\D‚marrage\
    PhotoWise QuickLink.lnk - g:\programmes\PhotoWise\quicklnk.exe [2003-11-07 42496]
    PowerReg Scheduler.exe [2004-05-13 256000]
    News Interceptor 3.lnk - g:\programmes\News Interceptor 3\NewsInterceptor3.exe [2007-08-08 962560]

    c:\documents and settings\Admin\Menu D‚marrer\Programmes\D‚marrage\
    PhotoWise QuickLink.lnk - g:\programmes\PhotoWise\quicklnk.exe [2003-11-07 42496]
    PowerReg Scheduler.exe [2008-10-13 256000]
    Configuration & Monitor Utility.lnk - g:\programmes\WLAN\802.11 Wireless LAN\WlanMonitor.exe [2003-03-14 458752]

    c:\documents and settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\
    SATARaid.lnk - c:\program files\Silicon Image\SiISATARaid\SATARaid.exe [2003-10-14 598069]
    True Internet Color Icon.lnk - c:\program files\E-Color\True Internet Color\TICIcon.exe [2003-10-14 221184]
    NkbMonitor.exe.lnk - g:\programmes\Nikon\PictureProject\NkbMonitor.exe [2005-03-24 118784]
    HP Image Zone Fast Start.lnk - g:\programmes\HP\Digital Imaging\bin\hpqthb08.exe [2004-03-15 53248]
    HP Digital Imaging Monitor.lnk - g:\programmes\HP\Digital Imaging\bin\hpqtra08.exe [2004-03-15 241664]

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
    "{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}"= "c:\windows\system32\wesokaru.dll" [2009-02-24 84992]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    "SSODL"= {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\wesokaru.dll [2009-02-24 84992]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\windows\system32\wesokaru.dll
    "LoadAppInit_DLLs"=1 (0x1)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "VIDC.IV41"= IR41_32.DLL
    "msacm.MPEGacm"= c:\progra~1\FICHIE~1\ULEADS~1\MPEG\MPEGacm.acm
    "msacm.ulmp3acm"= c:\progra~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "UpdatesDisableNotify"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\DNA\\btdna.exe"=
    "g:\\Programmes\\BitTorrent\\bittorrent.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "g:\\Programmes\\iTunes\\iTunes.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
    "AllowInboundEchoRequest"= 1 (0x1)

    R0 si3112r;Silicon Image SiI 3112 SATARaid Controller;c:\windows\system32\drivers\Si3112r.sys [2003-10-11 84529]
    R2 nvTUNEP;nVidia WDM TVTuner;c:\windows\system32\drivers\NVTUNEP.SYS [2004-04-19 15968]
    R2 nvtvSND;nVidia WDM TVAudio Crossbar;c:\windows\system32\drivers\NVTVSND.SYS [2004-04-19 45216]
    R2 tcaicchg;tcaicchg;c:\windows\system32\TCAICCHG.SYS [2000-06-05 21233]
    R2 TCAITDI;TCAITDI Protocol;c:\windows\system32\drivers\TCAITDI.SYS [2001-09-03 19534]
    R4 WINFOXIO;WINFOXIO;c:\windows\system32\drivers\WINFOXIO.sys [2003-10-15 8845]
    S0 NVDual;NVDual;c:\windows\system32\DRIVERS\nvDual.sys --> c:\windows\system32\DRIVERS\nvDual.sys [?]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\O]
    \Shell\AutoRun\command - O:\setupSNK.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3cd8438c-d142-11dc-8ac4-0012c9310d21}]
    \Shell\AutoRun\command - F:\Autorun.exe /s
    .
    Contents of the 'Scheduled Tasks' folder

    2009-02-11 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

    2009-02-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1417001333-839522115-1010.job
    - c:\documents and settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-24 20:44]
    .
    - - - - ORPHANS REMOVED - - - -

    BHO-{59d5aaa1-5edb-4091-8f97-33a1dd12d5a1} - c:\windows\system32\sqtmiv.dll
    BHO-{b7f1a9bf-e277-4b95-9e21-89cd4f87fd03} - c:\windows\system32\gopikobi.dll
    HKLM-Run-hagunipego - c:\windows\system32\jotogeni.dll


    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.google.ca/
    uSearch Page = hxxp://www.google.com
    uSearch Bar = hxxp://www.google.com/ie
    mStart Page = about:blank
    uInternet Connection Wizard,ShellNext = iexplore
    uInternet Settings,ProxyOverride = localhost;*.local
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: &eBay Search - g:\programmes\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
    Trusted Zone: antimalwareguard.com
    Trusted Zone: gomyhit.com
    Trusted Zone: antimalwareguard.com
    Trusted Zone: gomyhit.com
    DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
    DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-02-28 14:13:32
    Windows 5.1.2600 Service Pack 2 FAT NTAPI

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\program files\Java\jre6\bin\jqs.exe
    c:\program files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    c:\windows\system32\fxssvc.exe
    c:\windows\system32\rundll32.exe
    g:\programmes\iPod\bin\iPodService.exe
    g:\programmes\HP\Digital Imaging\bin\hpqgalry.exe
    c:\windows\system32\wscntfy.exe
    .
    **************************************************************************
    .
    Completion time: 2009-02-28 14:16:16 - machine was rebooted [Admin]
    ComboFix-quarantined-files.txt 2009-02-28 19:16:14

    Pre-Run: 95 711 232 octets libres
    Post-Run: 342,454,272 octets libres

    236

    28 Février 2009 20:28:17

    Re-bonjour !

    de plus, au départ de Combofix :


    j'avais le message suivant :

    The following files were trying to attach to Combofix. They sahll be disabled.

    c:windows/system32/sqtmiv.dll

    c:windows/system32/wesokaru.dll

    Pour votre info, des fenêtres ont continué de s'ouvrir.


    Merci encore!
    a c 295 8 Sécurité
    28 Février 2009 20:28:41

    C'est déjà mieux.

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher.
  • L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    28 Février 2009 21:17:42

    Bonjour !

    voici le rapport MBAM avant de rebooter j'avais le message suivant :

    Impossible de supprimer certains éléments. Les premiers sont affichés ci-dessous. Tous les éléments qui n'ont pas pu être supprimés ont été ajoutés à la liste des suppressions au démarrage.

    soit :

    C:\WINDOWS\system32\zulagovi.dll
    c:\WINDOWS\system32\wesokaru.dll

    le rapport :


    Malwarebytes' Anti-Malware 1.34
    Version de la base de données: 1813
    Windows 5.1.2600 Service Pack 2

    2009-02-28 14:58:12
    mbam-log-2009-02-28 (14-58-12).txt

    Type de recherche: Examen rapide
    Eléments examinés: 127933
    Temps écoulé: 8 minute(s), 9 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 2
    Clé(s) du Registre infectée(s): 4
    Valeur(s) du Registre infectée(s): 4
    Elément(s) de données du Registre infecté(s): 2
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 3

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    C:\WINDOWS\system32\zulagovi.dll (Trojan.Vundo.H) -> Delete on reboot.
    c:\WINDOWS\system32\wesokaru.dll (Trojan.Vundo.H) -> Delete on reboot.

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Audio-Video Software (Trojan.Zlob) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\2c29155d (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpm2f1a26c1 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.Vundo.H) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\wesokaru.dll -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\wesokaru.dll -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\WINDOWS\system32\zulagovi.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\ivogaluz.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    c:\WINDOWS\system32\wesokaru.dll (Trojan.Vundo.H) -> Delete on reboot.
    a c 295 8 Sécurité
    28 Février 2009 21:20:15

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Refais un scan RSIT et poste le rapport log.
    28 Février 2009 21:52:33

    Bonjour !

    voici le rapport RSIT :

    Logfile of random's system information tool 1.05 (written by random/random)
    Run by Admin at 2009-02-28 15:50:20
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 465 MB (4%) free of 11 GB
    Total RAM: 511 MB (48% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:50:28, on 2009-02-28
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZONELABS\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\TCAUDIAG.exe
    C:\WINDOWS\system32\sstray.exe
    G:\Programmes\WinFast\WFTVFM\WFWIZ.exe
    G:\Programmes\logitech\iTouch\iTouch.exe
    G:\PROGRA~1\logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    G:\Programmes\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    G:\Programmes\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\E-Color\True Internet Color\TICIcon.exe
    G:\Programmes\Nikon\PictureProject\NkbMonitor.exe
    C:\WINDOWS\System32\svchost.exe
    G:\Programmes\PhotoWise\quicklnk.exe
    G:\Programmes\WLAN\802.11 Wireless LAN\WlanMonitor.exe
    C:\WINDOWS\system32\fxssvc.exe
    G:\Programmes\HP\Digital Imaging\bin\hpqgalry.exe
    G:\Programmes\iPod\bin\iPodService.exe
    C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
    C:\Documents and Settings\Admin\Bureau\RSIT (1).exe
    C:\Program Files\trend micro\Admin.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer,SearchAssistant = http://www.google.ca
    R1 - HKCU\Software\Microsoft\Internet Explorer,CustomizeSearch = http://www.google.ca
    R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.ca
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://www.google.ca
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    R3 - URLSearchHook: FCToolbarURLSearchHook Class - {85c1dd6e-1181-41f2-9ab2-79d5f46f491b} - C:\Program Files\La barre d'outils AIR MILES\Helper.dll
    R3 - URLSearchHook: (no name) - - (no file)
    O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - G:\Programmes\eBay\eBay Toolbar2\eBayTB.dll (file missing)
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: FCTBPos00Pos - {76A20DB7-AAD4-4EFD-AE21-57811E5E49E4} - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - G:\Programmes\eBay\eBay Toolbar2\eBayTB.dll (file missing)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: La barre d'outils AIR MILES - {DC7A75BF-581D-4675-BDCB-D1B35116EB49} - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll
    O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on
    O4 - HKLM\..\Run: [nForce Tray Options] "sstray.exe" /r
    O4 - HKLM\..\Run: [WinFast2KLoadDefault] "rundll32.exe" wf2kcpl.dll,DllLoadDefaultSettings
    O4 - HKLM\..\Run: [WinFast Schedule] G:\Programmes\WinFast\WFTVFM\WFWIZ.exe
    O4 - HKLM\..\Run: [zBrowser Launcher] G:\Programmes\logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [EM_EXEC] G:\PROGRA~1\logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [HP Software Update] "G:\Programmes\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [UVS10 Preload] G:\Programmes\Ulead Systems\Ulead VideoStudio 10\uvPL.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "G:\Programmes\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] G:\Programmes\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - Startup: PhotoWise QuickLink.lnk = G:\Programmes\PhotoWise\quicklnk.exe
    O4 - Startup: PowerReg Scheduler.exe
    O4 - Startup: Configuration & Monitor Utility.lnk = ?
    O4 - Global Startup: SATARaid.lnk = ?
    O4 - Global Startup: True Internet Color Icon.lnk = C:\Program Files\E-Color\True Internet Color\TICIcon.exe
    O4 - Global Startup: NkbMonitor.exe.lnk = G:\Programmes\Nikon\PictureProject\NkbMonitor.exe
    O4 - Global Startup: HP Image Zone Fast Start.lnk = G:\Programmes\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = G:\Programmes\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: &eBay Search - res://G:\Programmes\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: *.antimalwareguard.com
    O15 - Trusted Zone: *.gomyhit.com
    O15 - Trusted Zone: *.antimalwareguard.com (HKLM)
    O15 - Trusted Zone: *.gomyhit.com (HKLM)
    O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) - http://www.miniclip.com/igloader/igloader.CAB
    O18 - Protocol: intu-ir2007 - {52BAEC6B-9405-46F9-A131-6D50720A3CC4} - G:\Programmes\ImpotRapide 2007\ic2007pp.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - G:\Programmes\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe

    --
    End of file - 8615 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1417001333-839522115-1010.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22D8E815-4A5E-4DFB-845E-AAB64207F5BD}]
    eBay Toolbar Helper - G:\Programmes\eBay\eBay Toolbar2\eBayTB.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{76A20DB7-AAD4-4EFD-AE21-57811E5E49E4}]
    FCTBPos00Pos Class - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll [2009-02-15 1256960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-08-14 2403392]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-10-04 737776]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-10 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - eBay Toolbar - G:\Programmes\eBay\eBay Toolbar2\eBayTB.dll []
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-08-14 2403392]
    {DC7A75BF-581D-4675-BDCB-D1B35116EB49} - La barre d'outils AIR MILES - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll [2009-02-15 1256960]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "TCASUTIEXE"=TCAUDIAG.exe -on []
    "nForce Tray Options"=sstray.exe /r []
    "WinFast2KLoadDefault"=C:\WINDOWS\system32\wf2kcpl.dll [2003-02-13 626176]
    "WinFast Schedule"=G:\Programmes\WinFast\WFTVFM\WFWIZ.exe [2003-03-27 159744]
    "zBrowser Launcher"=G:\Programmes\logitech\iTouch\iTouch.exe [2004-03-18 892928]
    "EM_EXEC"=G:\PROGRA~1\logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE [2002-07-09 28672]
    "HP Software Update"=G:\Programmes\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]
    "HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
    "UVS10 Preload"=G:\Programmes\Ulead Systems\Ulead VideoStudio 10\uvPL.exe [2006-03-07 36864]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
    "iTunesHelper"=G:\Programmes\iTunes\iTunesHelper.exe [2008-10-01 289576]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600]
    "ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-15 68856]
    "Google Update"=C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-24 133104]
    "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2008-12-19 342848]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]

    C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage
    SATARaid.lnk - C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
    True Internet Color Icon.lnk - C:\Program Files\E-Color\True Internet Color\TICIcon.exe
    NkbMonitor.exe.lnk - G:\Programmes\Nikon\PictureProject\NkbMonitor.exe
    HP Image Zone Fast Start.lnk - G:\Programmes\HP\Digital Imaging\bin\hpqthb08.exe
    HP Digital Imaging Monitor.lnk - G:\Programmes\HP\Digital Imaging\bin\hpqtra08.exe

    C:\Documents and Settings\Admin\Menu Démarrer\Programmes\Démarrage
    PhotoWise QuickLink.lnk - G:\Programmes\PhotoWise\quicklnk.exe
    PowerReg Scheduler.exe
    Configuration & Monitor Utility.lnk - G:\Programmes\WLAN\802.11 Wireless LAN\WlanMonitor.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=323
    "NoDriveAutoRun"=67108863
    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=
    "NoDrives"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:D NA"
    "G:\Programmes\BitTorrent\bittorrent.exe"="G:\Programmes\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "G:\Programmes\iTunes\iTunes.exe"="G:\Programmes\iTunes\iTunes.exe:*:Enabled:iTunes"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3cd8438c-d142-11dc-8ac4-0012c9310d21}]
    shell\AutoRun\command - F:\Autorun.exe /s


    ======List of files/folders created in the last 1 months======

    2009-02-28 14:43:44 ----D---- C:\Documents and Settings\Admin\Application Data\Malwarebytes
    2009-02-28 14:43:30 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
    2009-02-28 14:43:29 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-02-28 14:16:19 ----A---- C:\ComboFix.txt
    2009-02-28 14:06:07 ----A---- C:\WINDOWS\zip.exe
    2009-02-28 14:06:07 ----A---- C:\WINDOWS\VFIND.exe
    2009-02-28 14:06:07 ----A---- C:\WINDOWS\SWXCACLS.exe
    2009-02-28 14:06:07 ----A---- C:\WINDOWS\SWSC.exe
    2009-02-28 14:06:07 ----A---- C:\WINDOWS\SWREG.exe
    2009-02-28 14:06:07 ----A---- C:\WINDOWS\sed.exe
    2009-02-28 14:06:07 ----A---- C:\WINDOWS\NIRCMD.exe
    2009-02-28 14:06:07 ----A---- C:\WINDOWS\grep.exe
    2009-02-28 14:06:07 ----A---- C:\WINDOWS\fdsv.exe
    2009-02-28 14:03:50 ----D---- C:\WINDOWS\ERDNT
    2009-02-28 14:03:50 ----D---- C:\Qoobox
    2009-02-28 13:17:39 ----D---- C:\rsit
    2009-02-26 11:04:09 ----A---- C:\rollback.ini
    2009-02-26 10:52:35 ----D---- C:\Documents and Settings\Admin\Application Data\MailFrontier
    2009-02-25 10:31:18 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-02-25 07:39:29 ----D---- C:\WINDOWS\CSC
    2009-02-15 00:07:11 ----D---- C:\Program Files\La barre d'outils AIR MILES
    2009-02-04 11:14:25 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-02-04 11:14:24 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-02-04 11:14:24 ----A---- C:\WINDOWS\system32\java.exe
    2009-01-31 12:39:57 ----A---- C:\WINDOWS\KA.INI
    2009-01-31 12:39:56 ----D---- C:\KA

    ======List of files/folders modified in the last 1 months======

    2009-02-28 15:05:00 ----A---- C:\errlgr.txt
    2009-02-28 15:03:02 ----N---- C:\WINDOWS\ModemLog_U.S. Robotics 56K Voice Host Int.txt
    2009-02-28 14:13:58 ----A---- C:\WINDOWS\system.ini
    2009-02-20 19:13:16 ----A---- C:\WINDOWS\win.ini
    2009-02-19 17:06:58 ----A---- C:\WINDOWS\u3dedit3.INI
    2009-02-19 17:05:52 ----A---- C:\WINDOWS\ULead32.ini

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-19 41600]
    R1 incdrm;InCD EasyWrite Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2002-10-08 7582]
    R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768]
    R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
    R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2006-08-16 225664]
    R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952]
    R2 aslm75;aslm75; \??\C:\WINDOWS\system32\drivers\aslm75.sys []
    R2 Fallback;Fallback; C:\WINDOWS\System32\DRIVERS\HSF_FALL.sys [2001-08-17 289887]
    R2 Fsks;Fsks; C:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys [2001-08-17 115807]
    R2 K56;K56; C:\WINDOWS\System32\DRIVERS\HSF_K56K.sys [2001-08-17 391199]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2004-08-04 11868]
    R2 nvcap;nVidia WDM Video Capture (universal); C:\WINDOWS\System32\DRIVERS\nvcap.sys [2003-04-03 118220]
    R2 nvTUNEP;nVidia WDM TVTuner; C:\WINDOWS\System32\DRIVERS\nvtunep.sys [2003-04-03 15968]
    R2 nvtvSND;nVidia WDM TVAudio Crossbar; C:\WINDOWS\System32\DRIVERS\nvtvsnd.sys [2003-04-03 45216]
    R2 NVXBAR;nVidia WDM A/V Crossbar; C:\WINDOWS\System32\DRIVERS\NVxbar.sys [2003-04-03 10942]
    R2 SoftFax;SoftFax; C:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys [2001-08-17 199711]
    R2 SpeakerPhone;SpeakerPhone; C:\WINDOWS\System32\DRIVERS\HSF_SPKP.sys [2001-08-17 73279]
    R2 tcaicchg;tcaicchg; \??\C:\WINDOWS\System32\tcaicchg.sys []
    R2 TCAITDI;TCAITDI Protocol; C:\WINDOWS\System32\DRIVERS\TCAITDI.sys [2001-09-03 19534]
    R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
    R2 Tones;Tones; C:\WINDOWS\System32\DRIVERS\HSF_TONE.sys [2001-08-17 50751]
    R2 V124;V124; C:\WINDOWS\System32\DRIVERS\HSF_V124.sys [2001-08-17 488383]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-04 60800]
    R3 EL90Xbc;3Com 3C90X-BC Family PCI EtherLink Adapter; C:\WINDOWS\System32\DRIVERS\el90Xbc5.SYS [2002-08-13 74338]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSFDPSP2.sys [2004-08-04 1041536]
    R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFBS2S2.sys [2004-08-04 220032]
    R3 itchfltr;iTouch Keyboard Filter; C:\WINDOWS\system32\DRIVERS\itchfltr.sys [2004-03-10 12953]
    R3 l8042pr2;Logitech PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042Pr2.sys [2002-07-09 50862]
    R3 LKbdFlt2;Logitech Keyboard Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LKbdFlt2.sys [2002-07-09 6030]
    R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFlt2.sys [2002-07-09 70382]
    R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
    R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-04 61824]
    R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
    R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2002-12-05 13056]
    R3 NVENET;NVIDIA nForce MCP Networking Adapter Driver; C:\WINDOWS\System32\DRIVERS\NVENET.sys [2002-09-22 80896]
    R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2002-12-05 241664]
    R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368]
    R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-04 12416]
    R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-04 26624]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-04 57600]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2004-08-04 17024]
    R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 15104]
    R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSFCXTS2.sys [2004-08-04 685056]
    R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2005-04-12 10144]
    R3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2005-04-12 22240]
    R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2005-04-12 45504]
    R4 WINFOXIO;WINFOXIO; \??\C:\WINDOWS\system32\Drivers\WINFOXIO.SYS []
    S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
    S3 61883;Pilote d'unité 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [2004-08-04 48128]
    S3 Avc;Périphérique AVC; C:\WINDOWS\System32\DRIVERS\avc.sys [2004-08-04 38912]
    S3 basic2;basic2; C:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys [2001-08-17 67167]
    S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
    S3 hsf_msft;hsf_msft; C:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys [2001-08-17 542879]
    S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\System32\DRIVERS\msdv.sys [2004-08-04 51328]
    S3 msgame;Activateur de port HID vers manette de jeu Sidewinder; C:\WINDOWS\system32\DRIVERS\msgame.sys [2001-08-17 35200]
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
    S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
    S3 ndiscm;Motorola SurfBoard USB Cable Modem Windows Driver; C:\WINDOWS\system32\DRIVERS\NetMotCM.sys [2002-02-25 15400]
    S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-08-04 10880]
    S3 Rksample;Rksample; C:\WINDOWS\System32\DRIVERS\HSF_SAMP.sys [2001-08-17 57471]
    S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-08-04 11136]
    S3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912]
    S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-08-04 15360]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
    S3 WBHWDOCT;Winbond GPIO Driver1; C:\WINDOWS\System32\drivers\WBHWDOCT.sys [2002-09-09 7312]
    S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2005-04-12 5600]
    S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    R2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-19 268800]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-10 152984]
    R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
    R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZONELABS\vsmon.exe [2008-07-09 75304]
    R3 iPod Service;Service de l’iPod; G:\Programmes\iPod\bin\iPodService.exe [2008-10-01 536872]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-25 138168]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]

    -----------------EOF-----------------

    a c 295 8 Sécurité
    28 Février 2009 22:14:34

    1/

  • Désinstalle les programmes suivants :
    - Audio-Video Software
    - Java 6 Update 11

  • Mets à jour Java.

  • Mets à jour Adobe Reader.

  • Mets à jour Internet Explorer.


    2/

  • Installe Antivir et mets-le à jour.
  • Double-clique sur l'icône d'Antivir (Parapluie) dans la barre des tâches.
  • Dans Antivir, choisis Outils puis Configuration.
  • Coche Mode Expert et coche Rech. Rootkit au dém. de la recherche à droite dans Autres réglages.
  • Fais un scan complet et poste le rapport.
    28 Février 2009 22:49:02

    Bonjour !

    1)

    je n'arrive pas localiser dans la section Ajouter ou supprimer des programmes :

    Audio-Video Software

    pour le Java 6, il est dans la liste. Je pourrai le supprimer.

    Où pourrais-je le retrouver?

    Merci!

    a c 295 8 Sécurité
    28 Février 2009 22:55:25

    Ce n'est pas grave pour Audio-Video Software, tu peux faire le reste.
    5 Mars 2009 02:29:28

    Bonjour !

    je n'ai pu mettre à jour Internet Explorer.

    Le scan s'est arrêté au lecteur F: et rien ne fonctionnait par la suite

    voici le rapport :

    Avira AntiVir Personal
    Report file date: 1 mars 2009 20:04

    Scanning for 1272232 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Boot mode: Normally booted
    Username: SYSTEM
    Computer name: DANIEL

    Version information:
    BUILD.DAT : 8.2.0.337 16934 Bytes 2008-11-18 13:05:00
    AVSCAN.EXE : 8.1.4.10 315649 Bytes 2008-11-18 14:21:28
    AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 13:56:42
    LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 18:44:20
    LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 13:58:54
    ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 2008-10-27 17:30:38
    ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 2009-02-11 01:01:10
    ANTIVIR2.VDF : 7.1.2.55 248832 Bytes 2009-02-20 01:01:12
    ANTIVIR3.VDF : 7.1.2.98 201216 Bytes 2009-03-01 01:01:14
    Engineversion : 8.2.0.98
    AEVDF.DLL : 8.1.1.0 106868 Bytes 2009-03-02 01:01:30
    AESCRIPT.DLL : 8.1.1.56 352634 Bytes 2009-03-02 01:01:26
    AESCN.DLL : 8.1.1.7 127347 Bytes 2009-03-02 01:01:24
    AERDL.DLL : 8.1.1.3 438645 Bytes 2008-11-04 19:58:40
    AEPACK.DLL : 8.1.3.8 397684 Bytes 2009-03-02 01:01:24
    AEOFFICE.DLL : 8.1.0.36 196987 Bytes 2009-03-02 01:01:22
    AEHEUR.DLL : 8.1.0.100 1618295 Bytes 2009-03-02 01:01:20
    AEHELP.DLL : 8.1.2.2 119158 Bytes 2009-03-02 01:01:18
    AEGEN.DLL : 8.1.1.22 336245 Bytes 2009-03-02 01:01:16
    AEEMU.DLL : 8.1.0.9 393588 Bytes 2008-10-14 16:05:58
    AECORE.DLL : 8.1.6.6 176501 Bytes 2009-03-02 01:01:16
    AEBB.DLL : 8.1.0.3 53618 Bytes 2008-10-14 16:05:58
    AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 14:40:06
    AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 15:28:02
    AVREP.DLL : 8.0.0.2 98344 Bytes 2008-07-31 18:02:16
    AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 17:26:42
    AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 14:29:24
    AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 18:27:50
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 23:28:04
    SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 18:49:42
    NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 18:05:12
    RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 19:48:08
    RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 19:34:38

    Configuration settings for the scan:
    Jobname..........................: Complete system scan
    Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: on
    Scan boot sector.................: on
    Boot sectors.....................: C:, F:, G:, H:, I:, J:, K:, L:, M:, N:, O:,
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: on
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: 1 mars 2009 20:04

    Starting search for hidden objects.
    Error in ARK lib

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'mantispm.exe' - '1' Module(s) have been scanned
    Scan process 'hpqgalry.exe' - '1' Module(s) have been scanned
    Scan process 'WlanMonitor.exe' - '1' Module(s) have been scanned
    Scan process 'quicklnk.exe' - '1' Module(s) have been scanned
    Scan process 'iPodService.exe' - '1' Module(s) have been scanned
    Scan process 'NkbMonitor.exe' - '1' Module(s) have been scanned
    Scan process 'TICIcon.exe' - '1' Module(s) have been scanned
    Scan process 'SATARaid.exe' - '1' Module(s) have been scanned
    Scan process 'btdna.exe' - '1' Module(s) have been scanned
    Scan process 'GoogleUpdate.exe' - '1' Module(s) have been scanned
    Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
    Scan process 'jusched.exe' - '1' Module(s) have been scanned
    Scan process 'zlclient.exe' - '0' Module(s) have been scanned
    Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
    Scan process 'hpcmpmgr.exe' - '1' Module(s) have been scanned
    Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
    Scan process 'EM_EXEC.EXE' - '1' Module(s) have been scanned
    Scan process 'iTouch.exe' - '1' Module(s) have been scanned
    Scan process 'WFWIZ.exe' - '1' Module(s) have been scanned
    Scan process 'sstray.exe' - '1' Module(s) have been scanned
    Scan process 'TCAUDIAG.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'fxssvc.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'mdm.exe' - '1' Module(s) have been scanned
    Scan process 'jqs.exe' - '1' Module(s) have been scanned
    Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
    Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
    Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
    Scan process 'vsmon.exe' - '0' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    45 processes with 45 modules were scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!
    Master boot sector HD1
    [INFO] No virus was found!

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!
    Boot sector 'F:\'
    [INFO] No virus was found!
    Boot sector 'G:\'
    [INFO] No virus was found!
    Boot sector 'H:\'
    [INFO] No virus was found!
    Boot sector 'I:\'
    [INFO] No virus was found!
    Boot sector 'J:\'
    [INFO] No virus was found!
    Boot sector 'K:\'
    [INFO] No virus was found!
    Boot sector 'L:\'
    [INFO] No virus was found!
    Boot sector 'M:\'
    [INFO] No virus was found!
    Boot sector 'N:\'
    [INFO] No virus was found!
    Boot sector 'O:\'
    [INFO] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '68' files ).


    Starting the file scan:

    Begin scan in 'C:\' <SYSTEM>
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\drivers\sptd.sys
    [WARNING] The file could not be opened!
    C:\Documents and Settings\Admin\igLoader Files\supergerball\supergerball.dll
    [DETECTION] Is the TR/Banker.FTI Trojan
    [NOTE] The file was moved to '4a1b344f.qua'!
    C:\System Volume Information\_restore{3CFE6652-47C3-474E-AC6D-29A293473512}\RP1879\A0319121.dll
    [DETECTION] Is the TR/Banker.FTI Trojan
    [NOTE] The file was moved to '49de34d2.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\bubufibo.dll.vir
    [DETECTION] Is the TR/Vundo.Gen Trojan
    [NOTE] The file was moved to '4a0d363a.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\buelct.dll.vir
    [DETECTION] Is the TR/Vundo.Gen Trojan
    [NOTE] The file was moved to '4a10363f.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\bulawasi.dll.vir
    [DETECTION] Is the TR/Vundo.Gen Trojan
    [NOTE] The file was moved to '4a173644.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\dajifuji.dll.vir
    [DETECTION] Is the TR/Vundo.Gen Trojan
    [NOTE] The file was moved to '4a153638.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\eberry.dll.vir
    [DETECTION] Is the TR/Vundo.Gen Trojan
    [NOTE] The file was moved to '4b93ec40.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\fugajezu.dll.vir
    [DETECTION] Is the TR/Vundo.Gen Trojan
    [NOTE] The file was moved to '4a123653.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\fusigoka.dll.vir
    [DETECTION] Is the TR/Vundo.Gen Trojan
    [NOTE] The file was moved to '4a1e3653.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\jonefede.dll.vir
    [DETECTION] Is the TR/Vundo.Gen Trojan
    [NOTE] The file was moved to '4a19364d.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\kakinahu.dll.vir
    [DETECTION] Is the TR/Vundo.Gen Trojan
    [NOTE] The file was moved to '4a16363f.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\kenahapu.dll.vir
    [DETECTION] Is the TR/Vundo.Gen Trojan
    [NOTE] The file was moved to '4a193644.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\loyayono.dll.vir
    [DETECTION] Is the TR/Vundo.Gen Trojan
    [NOTE] The file was moved to '4a24364e.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\lysimm.dll.vir
    [DETECTION] Is the TR/Vundo.Gen Trojan
    [NOTE] The file was moved to '4a1e3658.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\nbrfvu.dll.vir
    [DETECTION] Is the TR/Vundo.Gen Trojan
    [NOTE] The file was moved to '4a1d3641.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\nukinihe.dll.vir
    [DETECTION] Is the TR/Vundo.Gen Trojan
    [NOTE] The file was moved to '4a163655.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\nutedemu.dll.vir
    [DETECTION] Is the TR/Vundo.Gen Trojan
    [NOTE] The file was moved to '4a1f3655.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\rogahefa.dll.vir
    [DETECTION] Is the TR/Vundo.Gen Trojan
    [NOTE] The file was moved to '4a12364f.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\siruguhu.dll.vir
    [DETECTION] Is the TR/Vundo.Gen Trojan
    [NOTE] The file was moved to '4a1d3649.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\sqtmiv.dll.vir.vir
    [DETECTION] Is the TR/Vundo.Gen Trojan
    [NOTE] The file was moved to '4a1f3652.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\sujigewi.dll.vir
    [DETECTION] Is the TR/Vundo.Gen Trojan
    [NOTE] The file was moved to '4a153656.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\vikikeme.dll.vir
    [DETECTION] Is the TR/Vundo.Gen Trojan
    [NOTE] The file was moved to '4a16364a.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\xirvsm.dll.vir
    [DETECTION] Is the TR/Vundo.Gen Trojan
    [NOTE] The file was moved to '4a1d364b.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\yibamaka.dll.vir
    [DETECTION] Is the TR/Vundo.Gen Trojan
    [NOTE] The file was moved to '4a0d364b.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\ynizqm.dll.vir
    [DETECTION] Is the TR/Vundo.Gen Trojan
    [NOTE] The file was moved to '4a143650.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\yubihimo.dll.vir
    [DETECTION] Is the TR/Vundo.Gen Trojan
    [NOTE] The file was moved to '4a0d3657.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\yzyyxq.dll.vir
    [DETECTION] Is the TR/Vundo.Gen Trojan
    [NOTE] The file was moved to '4a24365d.qua'!
    Begin scan in 'F:\'


    End of the scan: 1 mars 2009 20:39
    Used time: 35:00 Minute(s)

    The scan has been canceled!

    7249 Scanning directories
    198427 Files were scanned
    27 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    27 files were moved to quarantine
    0 files were renamed
    2 Files cannot be scanned
    198398 Files not concerned
    2780 Archives were scanned
    2 Warnings
    27 Notes
    40752 Objects were scanned with rootkit scan
    1 Hidden objects were found

    a c 295 8 Sécurité
    5 Mars 2009 15:06:42

    Citation :
    je n'ai pu mettre à jour Internet Explorer.

    ---> Pour quelle raison ?

  • Menu Démarrer > Exécuter > Tape combofix /u et valide.

  • Refais un scan RSIT et poste le rapport log.
    12 Mars 2009 01:52:53

    Bonjour !

    Internet Explorer : l'installation s'arrête à moitié et je ne comprends pas pourquoi.

    voici le rapport RSIT :

    Logfile of random's system information tool 1.05 (written by random/random)
    Run by Admin at 2009-03-11 19:43:11
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 2 GB (16%) free of 11 GB
    Total RAM: 511 MB (41% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:43:30, on 2009-03-11
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\fxssvc.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\TCAUDIAG.exe
    C:\WINDOWS\system32\sstray.exe
    G:\Programmes\WinFast\WFTVFM\WFWIZ.exe
    G:\Programmes\logitech\iTouch\iTouch.exe
    G:\PROGRA~1\logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    G:\Programmes\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    G:\Programmes\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
    C:\Program Files\E-Color\True Internet Color\TICIcon.exe
    G:\Programmes\iPod\bin\iPodService.exe
    G:\Programmes\PhotoWise\quicklnk.exe
    G:\Programmes\WLAN\802.11 Wireless LAN\WlanMonitor.exe
    G:\Programmes\HP\Digital Imaging\bin\hpqgalry.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\WINDOWS\system32\ZONELABS\vsmon.exe
    C:\Documents and Settings\Admin\Bureau\RSIT (1).exe
    C:\Program Files\trend micro\Admin.exe
    C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer,SearchAssistant = http://www.google.ca
    R1 - HKCU\Software\Microsoft\Internet Explorer,CustomizeSearch = http://www.google.ca
    R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.ca
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://www.google.ca
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    R3 - URLSearchHook: FCToolbarURLSearchHook Class - {85c1dd6e-1181-41f2-9ab2-79d5f46f491b} - C:\Program Files\La barre d'outils AIR MILES\Helper.dll
    R3 - URLSearchHook: (no name) - - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - G:\Programmes\eBay\eBay Toolbar2\eBayTB.dll (file missing)
    O2 - BHO: FCTBPos00Pos - {76A20DB7-AAD4-4EFD-AE21-57811E5E49E4} - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - G:\Programmes\eBay\eBay Toolbar2\eBayTB.dll (file missing)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: La barre d'outils AIR MILES - {DC7A75BF-581D-4675-BDCB-D1B35116EB49} - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll
    O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on
    O4 - HKLM\..\Run: [nForce Tray Options] "sstray.exe" /r
    O4 - HKLM\..\Run: [WinFast2KLoadDefault] "rundll32.exe" wf2kcpl.dll,DllLoadDefaultSettings
    O4 - HKLM\..\Run: [WinFast Schedule] G:\Programmes\WinFast\WFTVFM\WFWIZ.exe
    O4 - HKLM\..\Run: [zBrowser Launcher] G:\Programmes\logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [EM_EXEC] G:\PROGRA~1\logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [HP Software Update] "G:\Programmes\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [UVS10 Preload] G:\Programmes\Ulead Systems\Ulead VideoStudio 10\uvPL.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "G:\Programmes\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-21-725345543-1417001333-839522115-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
    O4 - HKUS\S-1-5-21-725345543-1417001333-839522115-1003.bak\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User '?')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - S-1-5-21-725345543-1417001333-839522115-1003.bak Startup: PhotoWise QuickLink.lnk = G:\Programmes\PhotoWise\quicklnk.exe (User '?')
    O4 - S-1-5-21-725345543-1417001333-839522115-1003.bak Startup: PowerReg Scheduler.exe (User '?')
    O4 - S-1-5-21-725345543-1417001333-839522115-1003.bak Startup: News Interceptor 3.lnk = G:\Programmes\News Interceptor 3\NewsInterceptor3.exe (User '?')
    O4 - Startup: PhotoWise QuickLink.lnk = G:\Programmes\PhotoWise\quicklnk.exe
    O4 - Startup: PowerReg Scheduler.exe
    O4 - Startup: Configuration & Monitor Utility.lnk = ?
    O4 - Global Startup: SATARaid.lnk = ?
    O4 - Global Startup: True Internet Color Icon.lnk = C:\Program Files\E-Color\True Internet Color\TICIcon.exe
    O4 - Global Startup: NkbMonitor.exe.lnk = G:\Programmes\Nikon\PictureProject\NkbMonitor.exe
    O4 - Global Startup: HP Image Zone Fast Start.lnk = G:\Programmes\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = G:\Programmes\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: &eBay Search - res://G:\Programmes\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: *.antimalwareguard.com
    O15 - Trusted Zone: *.gomyhit.com
    O15 - Trusted Zone: *.antimalwareguard.com (HKLM)
    O15 - Trusted Zone: *.gomyhit.com (HKLM)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=...
    O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) - http://www.miniclip.com/igloader/igloader.CAB
    O18 - Protocol: intu-ir2007 - {52BAEC6B-9405-46F9-A131-6D50720A3CC4} - G:\Programmes\ImpotRapide 2007\ic2007pp.dll
    O18 - Protocol: intu-ir2008 - {729D3592-92E7-4CBC-8E44-3C22B3F457B3} - G:\Programmes\ImpotRapide 2008\ic2008pp.dll
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - G:\Programmes\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe

    --
    End of file - 10455 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1417001333-839522115-1010.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22D8E815-4A5E-4DFB-845E-AAB64207F5BD}]
    eBay Toolbar Helper - G:\Programmes\eBay\eBay Toolbar2\eBayTB.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{76A20DB7-AAD4-4EFD-AE21-57811E5E49E4}]
    FCTBPos00Pos Class - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll [2009-02-15 1256960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-08-14 2403392]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-10-04 737776]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-28 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-28 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - eBay Toolbar - G:\Programmes\eBay\eBay Toolbar2\eBayTB.dll []
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-08-14 2403392]
    {DC7A75BF-581D-4675-BDCB-D1B35116EB49} - La barre d'outils AIR MILES - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll [2009-02-15 1256960]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "TCASUTIEXE"=TCAUDIAG.exe -on []
    "nForce Tray Options"=sstray.exe /r []
    "WinFast2KLoadDefault"=C:\WINDOWS\system32\wf2kcpl.dll [2003-02-13 626176]
    "WinFast Schedule"=G:\Programmes\WinFast\WFTVFM\WFWIZ.exe [2003-03-27 159744]
    "zBrowser Launcher"=G:\Programmes\logitech\iTouch\iTouch.exe [2004-03-18 892928]
    "EM_EXEC"=G:\PROGRA~1\logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE [2002-07-09 28672]
    "HP Software Update"=G:\Programmes\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]
    "HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
    "UVS10 Preload"=G:\Programmes\Ulead Systems\Ulead VideoStudio 10\uvPL.exe [2006-03-07 36864]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
    "iTunesHelper"=G:\Programmes\iTunes\iTunesHelper.exe [2008-10-01 289576]
    "ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-02-28 148888]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
    "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-15 68856]
    "Google Update"=C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-24 133104]
    "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2008-12-19 342848]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]

    C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage
    SATARaid.lnk - C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
    True Internet Color Icon.lnk - C:\Program Files\E-Color\True Internet Color\TICIcon.exe
    NkbMonitor.exe.lnk - G:\Programmes\Nikon\PictureProject\NkbMonitor.exe
    HP Image Zone Fast Start.lnk - G:\Programmes\HP\Digital Imaging\bin\hpqthb08.exe
    HP Digital Imaging Monitor.lnk - G:\Programmes\HP\Digital Imaging\bin\hpqtra08.exe

    C:\Documents and Settings\Admin\Menu Démarrer\Programmes\Démarrage
    PhotoWise QuickLink.lnk - G:\Programmes\PhotoWise\quicklnk.exe
    PowerReg Scheduler.exe
    Configuration & Monitor Utility.lnk - G:\Programmes\WLAN\802.11 Wireless LAN\WlanMonitor.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=323
    "NoDriveAutoRun"=67108863
    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=
    "NoDrives"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:D NA"
    "G:\Programmes\BitTorrent\bittorrent.exe"="G:\Programmes\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "G:\Programmes\iTunes\iTunes.exe"="G:\Programmes\iTunes\iTunes.exe:*:Enabled:iTunes"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3cd8438c-d142-11dc-8ac4-0012c9310d21}]
    shell\AutoRun\command - F:\Autorun.exe /s

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dc01a0b8-7116-11db-80d1-0012c9310d21}]
    shell\AutoRun\command - P:\setupSNK.exe


    ======List of files/folders created in the last 1 months======

    2009-03-11 19:39:49 ----A---- C:\ComboFix.txt
    2009-03-11 19:30:34 ----A---- C:\Boot.bak
    2009-03-11 19:30:31 ----RASHD---- C:\cmdcons
    2009-03-01 19:54:27 ----D---- C:\Program Files\Avira
    2009-03-01 19:54:27 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
    2009-03-01 18:19:25 ----D---- C:\WINDOWS\system32\CatRoot_bak
    2009-03-01 16:56:30 ----HD---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
    2009-03-01 16:56:03 ----HD---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
    2009-03-01 16:55:11 ----HD---- C:\WINDOWS\$NtUninstallKB915865$
    2009-03-01 16:55:08 ----N---- C:\WINDOWS\system32\xmllite.dll
    2009-03-01 16:52:20 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-03-01 16:52:15 ----D---- C:\WINDOWS\network diagnostic
    2009-03-01 16:52:14 ----HD---- C:\WINDOWS\$NtUninstallKB914440$
    2009-03-01 16:52:05 ----HD---- C:\WINDOWS\$NtUninstallKB904942$
    2009-03-01 16:50:57 ----HD---- C:\WINDOWS\$hf_mig$
    2009-02-28 19:58:59 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\NOS
    2009-02-28 19:58:58 ----D---- C:\Program Files\NOS
    2009-02-28 19:55:57 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-02-28 19:55:57 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-02-28 19:55:56 ----A---- C:\WINDOWS\system32\java.exe
    2009-02-28 19:55:29 ----D---- C:\Program Files\Java
    2009-02-28 14:43:44 ----D---- C:\Documents and Settings\Admin\Application Data\Malwarebytes
    2009-02-28 14:43:30 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
    2009-02-28 14:43:29 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-02-28 14:03:50 ----D---- C:\WINDOWS\ERDNT
    2009-02-28 13:17:39 ----D---- C:\rsit
    2009-02-26 11:04:09 ----A---- C:\rollback.ini
    2009-02-26 10:52:35 ----D---- C:\Documents and Settings\Admin\Application Data\MailFrontier
    2009-02-25 10:31:18 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-02-25 07:39:29 ----D---- C:\WINDOWS\CSC
    2009-02-15 00:07:11 ----D---- C:\Program Files\La barre d'outils AIR MILES

    ======List of files/folders modified in the last 1 months======

    2009-03-11 19:38:22 ----A---- C:\WINDOWS\system.ini
    2009-03-11 19:30:36 ----RASH---- C:\boot.ini
    2009-03-11 06:53:00 ----A---- C:\errlgr.txt
    2009-03-10 21:09:14 ----N---- C:\WINDOWS\ModemLog_U.S. Robotics 56K Voice Host Int.txt
    2009-03-10 16:09:40 ----A---- C:\WINDOWS\hpqgrcpy.INI
    2009-03-08 16:55:56 ----A---- C:\WINDOWS\win.ini
    2009-03-02 21:04:12 ----A---- C:\WINDOWS\system32\ssnvfx.ini
    2009-02-28 19:55:36 ----A---- C:\WINDOWS\system32\deploytk.dll
    2009-02-19 17:06:58 ----A---- C:\WINDOWS\u3dedit3.INI
    2009-02-19 17:05:52 ----A---- C:\WINDOWS\ULead32.ini

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-19 41600]
    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
    R1 incdrm;InCD EasyWrite Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2002-10-08 7582]
    R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768]
    R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
    R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2006-08-16 225664]
    R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952]
    R2 aslm75;aslm75; \??\C:\WINDOWS\system32\drivers\aslm75.sys []
    R2 Fallback;Fallback; C:\WINDOWS\System32\DRIVERS\HSF_FALL.sys [2001-08-17 289887]
    R2 Fsks;Fsks; C:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys [2001-08-17 115807]
    R2 K56;K56; C:\WINDOWS\System32\DRIVERS\HSF_K56K.sys [2001-08-17 391199]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2004-08-04 11868]
    R2 nvcap;nVidia WDM Video Capture (universal); C:\WINDOWS\System32\DRIVERS\nvcap.sys [2003-04-03 118220]
    R2 nvTUNEP;nVidia WDM TVTuner; C:\WINDOWS\System32\DRIVERS\nvtunep.sys [2003-04-03 15968]
    R2 nvtvSND;nVidia WDM TVAudio Crossbar; C:\WINDOWS\System32\DRIVERS\nvtvsnd.sys [2003-04-03 45216]
    R2 NVXBAR;nVidia WDM A/V Crossbar; C:\WINDOWS\System32\DRIVERS\NVxbar.sys [2003-04-03 10942]
    R2 SoftFax;SoftFax; C:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys [2001-08-17 199711]
    R2 SpeakerPhone;SpeakerPhone; C:\WINDOWS\System32\DRIVERS\HSF_SPKP.sys [2001-08-17 73279]
    R2 tcaicchg;tcaicchg; \??\C:\WINDOWS\System32\tcaicchg.sys []
    R2 TCAITDI;TCAITDI Protocol; C:\WINDOWS\System32\DRIVERS\TCAITDI.sys [2001-09-03 19534]
    R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
    R2 Tones;Tones; C:\WINDOWS\System32\DRIVERS\HSF_TONE.sys [2001-08-17 50751]
    R2 V124;V124; C:\WINDOWS\System32\DRIVERS\HSF_V124.sys [2001-08-17 488383]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-04 60800]
    R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
    R3 EL90Xbc;3Com 3C90X-BC Family PCI EtherLink Adapter; C:\WINDOWS\System32\DRIVERS\el90Xbc5.SYS [2002-08-13 74338]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSFDPSP2.sys [2004-08-04 1041536]
    R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFBS2S2.sys [2004-08-04 220032]
    R3 itchfltr;iTouch Keyboard Filter; C:\WINDOWS\system32\DRIVERS\itchfltr.sys [2004-03-10 12953]
    R3 l8042pr2;Logitech PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042Pr2.sys [2002-07-09 50862]
    R3 LKbdFlt2;Logitech Keyboard Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LKbdFlt2.sys [2002-07-09 6030]
    R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFlt2.sys [2002-07-09 70382]
    R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
    R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-04 61824]
    R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
    R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2002-12-05 13056]
    R3 NVENET;NVIDIA nForce MCP Networking Adapter Driver; C:\WINDOWS\System32\DRIVERS\NVENET.sys [2002-09-22 80896]
    R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2002-12-05 241664]
    R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368]
    R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-04 12416]
    R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-04 26624]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-04 57600]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2004-08-04 17024]
    R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 15104]
    R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSFCXTS2.sys [2004-08-04 685056]
    R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2005-04-12 10144]
    R3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2005-04-12 22240]
    R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2005-04-12 45504]
    R4 WINFOXIO;WINFOXIO; \??\C:\WINDOWS\system32\Drivers\WINFOXIO.SYS []
    S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
    S3 61883;Pilote d'unité 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [2004-08-04 48128]
    S3 Avc;Périphérique AVC; C:\WINDOWS\System32\DRIVERS\avc.sys [2004-08-04 38912]
    S3 basic2;basic2; C:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys [2001-08-17 67167]
    S3 catchme;catchme; \??\C:\DOCUME~1\Admin\LOCALS~1\Temp\catchme.sys []
    S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
    S3 hsf_msft;hsf_msft; C:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys [2001-08-17 542879]
    S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\System32\DRIVERS\msdv.sys [2004-08-04 51328]
    S3 msgame;Activateur de port HID vers manette de jeu Sidewinder; C:\WINDOWS\system32\DRIVERS\msgame.sys [2001-08-17 35200]
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
    S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
    S3 ndiscm;Motorola SurfBoard USB Cable Modem Windows Driver; C:\WINDOWS\system32\DRIVERS\NetMotCM.sys [2002-02-25 15400]
    S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-08-04 10880]
    S3 Rksample;Rksample; C:\WINDOWS\System32\DRIVERS\HSF_SAMP.sys [2001-08-17 57471]
    S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-08-04 11136]
    S3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912]
    S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-08-04 15360]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
    S3 WBHWDOCT;Winbond GPIO Driver1; C:\WINDOWS\System32\drivers\WBHWDOCT.sys [2002-09-09 7312]
    S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2005-04-12 5600]
    S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
    R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
    R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    R2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-19 268800]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-28 152984]
    R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
    R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZONELABS\vsmon.exe [2008-07-09 75304]
    R3 iPod Service;Service de l’iPod; G:\Programmes\iPod\bin\iPodService.exe [2008-10-01 536872]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-25 138168]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]

    -----------------EOF-----------------
    22 Mars 2009 02:38:24

    Bonjour !

    j'ai posté le rapport RSIT dans mon message précédent.

    j'attends de vos nouvelles.

    Merci


    Destrio5 a dit :
    Citation :
    je n'ai pu mettre à jour Internet Explorer.

    ---> Pour quelle raison ?

  • Menu Démarrer > Exécuter > Tape combofix /u et valide.

  • Refais un scan RSIT et poste le rapport log.

    a c 295 8 Sécurité
    22 Mars 2009 13:53:51

    Ton PC va bien ?


  • Installe Internet Explorer 8.
  • Cherche ce fichier : C:\Program Files\trend micro\Admin.exe
  • Double-clique sur ce fichier.
  • Choisis Do a system scan only.
  • Coche les cases qui sont devant les lignes suivantes :

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

    R3 - URLSearchHook: (no name) - - (no file)

    O15 - Trusted Zone: *.antimalwareguard.com

    O15 - Trusted Zone: *.gomyhit.com

    O15 - Trusted Zone: *.antimalwareguard.com (HKLM)

    O15 - Trusted Zone: *.gomyhit.com (HKLM)


  • Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.
  • Ferme HijackThis.
    24 Mars 2009 01:05:45

    Bonjour !

    Mon PC roule très bien.

    Internet Explorer 8 a bien été installé avec succès. Enfin.

    je n'ai pu cocher cette ligne car elle n'était pas présente :

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

    j'ai suivi les instructions et le tout s'est bien déroulé.

    Dois-je posté un rapport?

    Super !

    Destrio5 a dit :
    Ton PC va bien ?


  • Installe Internet Explorer 8.
  • Cherche ce fichier : C:\Program Files\trend micro\Admin.exe
  • Double-clique sur ce fichier.
  • Choisis Do a system scan only.
  • Coche les cases qui sont devant les lignes suivantes :

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

    R3 - URLSearchHook: (no name) - - (no file)

    O15 - Trusted Zone: *.antimalwareguard.com

    O15 - Trusted Zone: *.gomyhit.com

    O15 - Trusted Zone: *.antimalwareguard.com (HKLM)

    O15 - Trusted Zone: *.gomyhit.com (HKLM)


  • Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.
  • Ferme HijackThis.

    a c 295 8 Sécurité
    24 Mars 2009 01:17:45

  • Refais un scan RSIT et poste le rapport log.
    24 Mars 2009 03:21:34

    Bonjour !

    voici le rapport:

    Logfile of random's system information tool 1.05 (written by random/random)
    Run by Admin at 2009-03-23 22:19:27
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 1 GB (9%) free of 11 GB
    Total RAM: 511 MB (46% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:19:32, on 2009-03-23
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZONELABS\vsmon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\fxssvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\TCAUDIAG.exe
    C:\WINDOWS\system32\sstray.exe
    G:\Programmes\WinFast\WFTVFM\WFWIZ.exe
    G:\Programmes\logitech\iTouch\iTouch.exe
    G:\PROGRA~1\logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    G:\Programmes\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    G:\Programmes\iTunes\iTunesHelper.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
    C:\Program Files\E-Color\True Internet Color\TICIcon.exe
    G:\Programmes\Nikon\PictureProject\NkbMonitor.exe
    G:\Programmes\iPod\bin\iPodService.exe
    G:\Programmes\PhotoWise\quicklnk.exe
    G:\Programmes\WLAN\802.11 Wireless LAN\WlanMonitor.exe
    G:\Programmes\HP\Digital Imaging\bin\hpqgalry.exe
    C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
    G:\PROGRA~1\msoffice\Office10\OUTLOOK.EXE
    C:\Program Files\Messenger\msmsgs.exe
    C:\Documents and Settings\Admin\Bureau\RSIT (1).exe
    C:\Program Files\Trend Micro\Admin.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer,SearchAssistant = http://www.google.ca
    R1 - HKCU\Software\Microsoft\Internet Explorer,CustomizeSearch = http://www.google.ca
    R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.ca
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://www.google.ca
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: FCToolbarURLSearchHook Class - {85c1dd6e-1181-41f2-9ab2-79d5f46f491b} - C:\Program Files\La barre d'outils AIR MILES\Helper.dll
    R3 - URLSearchHook: (no name) - - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - G:\Programmes\eBay\eBay Toolbar2\eBayTB.dll (file missing)
    O2 - BHO: FCTBPos00Pos - {76A20DB7-AAD4-4EFD-AE21-57811E5E49E4} - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - G:\Programmes\eBay\eBay Toolbar2\eBayTB.dll (file missing)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: La barre d'outils AIR MILES - {DC7A75BF-581D-4675-BDCB-D1B35116EB49} - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll
    O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on
    O4 - HKLM\..\Run: [nForce Tray Options] "sstray.exe" /r
    O4 - HKLM\..\Run: [WinFast2KLoadDefault] "rundll32.exe" wf2kcpl.dll,DllLoadDefaultSettings
    O4 - HKLM\..\Run: [WinFast Schedule] G:\Programmes\WinFast\WFTVFM\WFWIZ.exe
    O4 - HKLM\..\Run: [zBrowser Launcher] G:\Programmes\logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [EM_EXEC] G:\PROGRA~1\logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [HP Software Update] "G:\Programmes\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [UVS10 Preload] G:\Programmes\Ulead Systems\Ulead VideoStudio 10\uvPL.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "G:\Programmes\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-21-725345543-1417001333-839522115-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
    O4 - HKUS\S-1-5-21-725345543-1417001333-839522115-1003.bak\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User '?')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - S-1-5-21-725345543-1417001333-839522115-1003.bak Startup: PhotoWise QuickLink.lnk = G:\Programmes\PhotoWise\quicklnk.exe (User '?')
    O4 - S-1-5-21-725345543-1417001333-839522115-1003.bak Startup: PowerReg Scheduler.exe (User '?')
    O4 - S-1-5-21-725345543-1417001333-839522115-1003.bak Startup: News Interceptor 3.lnk = G:\Programmes\News Interceptor 3\NewsInterceptor3.exe (User '?')
    O4 - Startup: PhotoWise QuickLink.lnk = G:\Programmes\PhotoWise\quicklnk.exe
    O4 - Startup: PowerReg Scheduler.exe
    O4 - Startup: Configuration & Monitor Utility.lnk = ?
    O4 - Global Startup: SATARaid.lnk = ?
    O4 - Global Startup: True Internet Color Icon.lnk = C:\Program Files\E-Color\True Internet Color\TICIcon.exe
    O4 - Global Startup: NkbMonitor.exe.lnk = G:\Programmes\Nikon\PictureProject\NkbMonitor.exe
    O4 - Global Startup: HP Image Zone Fast Start.lnk = G:\Programmes\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = G:\Programmes\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: &eBay Search - res://G:\Programmes\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=...
    O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) - http://www.miniclip.com/igloader/igloader.CAB
    O18 - Protocol: intu-ir2007 - {52BAEC6B-9405-46F9-A131-6D50720A3CC4} - G:\Programmes\ImpotRapide 2007\ic2007pp.dll
    O18 - Protocol: intu-ir2008 - {729D3592-92E7-4CBC-8E44-3C22B3F457B3} - G:\Programmes\ImpotRapide 2008\ic2008pp.dll
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - G:\Programmes\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe

    --
    End of file - 10324 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1417001333-839522115-1010.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22D8E815-4A5E-4DFB-845E-AAB64207F5BD}]
    eBay Toolbar Helper - G:\Programmes\eBay\eBay Toolbar2\eBayTB.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{76A20DB7-AAD4-4EFD-AE21-57811E5E49E4}]
    FCTBPos00Pos Class - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll [2009-03-14 1256960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-08-14 2403392]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-10-04 737776]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-28 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-28 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - eBay Toolbar - G:\Programmes\eBay\eBay Toolbar2\eBayTB.dll []
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-08-14 2403392]
    {DC7A75BF-581D-4675-BDCB-D1B35116EB49} - La barre d'outils AIR MILES - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll [2009-03-14 1256960]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "TCASUTIEXE"=TCAUDIAG.exe -on []
    "nForce Tray Options"=sstray.exe /r []
    "WinFast2KLoadDefault"=C:\WINDOWS\system32\wf2kcpl.dll [2003-02-13 626176]
    "WinFast Schedule"=G:\Programmes\WinFast\WFTVFM\WFWIZ.exe [2003-03-27 159744]
    "zBrowser Launcher"=G:\Programmes\logitech\iTouch\iTouch.exe [2004-03-18 892928]
    "EM_EXEC"=G:\PROGRA~1\logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE [2002-07-09 28672]
    "HP Software Update"=G:\Programmes\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]
    "HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
    "UVS10 Preload"=G:\Programmes\Ulead Systems\Ulead VideoStudio 10\uvPL.exe [2006-03-07 36864]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
    "iTunesHelper"=G:\Programmes\iTunes\iTunesHelper.exe [2008-10-01 289576]
    "ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-02-28 148888]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
    "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-15 68856]
    "Google Update"=C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-24 133104]
    "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2008-12-19 342848]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]

    C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage
    SATARaid.lnk - C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
    True Internet Color Icon.lnk - C:\Program Files\E-Color\True Internet Color\TICIcon.exe
    NkbMonitor.exe.lnk - G:\Programmes\Nikon\PictureProject\NkbMonitor.exe
    HP Image Zone Fast Start.lnk - G:\Programmes\HP\Digital Imaging\bin\hpqthb08.exe
    HP Digital Imaging Monitor.lnk - G:\Programmes\HP\Digital Imaging\bin\hpqtra08.exe

    C:\Documents and Settings\Admin\Menu Démarrer\Programmes\Démarrage
    PhotoWise QuickLink.lnk - G:\Programmes\PhotoWise\quicklnk.exe
    PowerReg Scheduler.exe
    Configuration & Monitor Utility.lnk - G:\Programmes\WLAN\802.11 Wireless LAN\WlanMonitor.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=323
    "NoDriveAutoRun"=67108863
    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=
    "NoDrives"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:D NA"
    "G:\Programmes\BitTorrent\bittorrent.exe"="G:\Programmes\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "G:\Programmes\iTunes\iTunes.exe"="G:\Programmes\iTunes\iTunes.exe:*:Enabled:iTunes"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3cd8438c-d142-11dc-8ac4-0012c9310d21}]
    shell\AutoRun\command - F:\Autorun.exe /s

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dc01a0b8-7116-11db-80d1-0012c9310d21}]
    shell\AutoRun\command - P:\setupSNK.exe


    ======List of files/folders created in the last 1 months======

    2009-03-23 11:34:47 ----D---- C:\WINDOWS\ie8updates
    2009-03-23 11:33:53 ----D---- C:\WINDOWS\WBEM
    2009-03-23 11:33:07 ----HD---- C:\WINDOWS\ie8
    2009-03-23 11:33:07 ----D---- C:\WINDOWS\system32\fr-FR
    2009-03-14 18:06:28 ----D---- C:\Program Files\La barre d'outils AIR MILES
    2009-03-11 19:39:49 ----A---- C:\ComboFix.txt
    2009-03-11 19:30:34 ----A---- C:\Boot.bak
    2009-03-11 19:30:31 ----RASHD---- C:\cmdcons
    2009-03-08 14:18:02 ----N---- C:\WINDOWS\system32\ieframe.dll.mui
    2009-03-08 14:17:46 ----N---- C:\WINDOWS\system32\msrating.dll.mui
    2009-03-08 14:17:30 ----N---- C:\WINDOWS\system32\mshta.exe.mui
    2009-03-08 14:16:06 ----N---- C:\WINDOWS\system32\ie4uinit.exe.mui
    2009-03-08 14:16:06 ----N---- C:\WINDOWS\system32\advpack.dll.mui
    2009-03-08 14:15:48 ----N---- C:\WINDOWS\system32\iedkcs32.dll.mui
    2009-03-08 04:39:48 ----N---- C:\WINDOWS\system32\ieframe.dll
    2009-03-08 04:34:48 ----N---- C:\WINDOWS\system32\WinFXDocObj.exe
    2009-03-08 04:32:52 ----A---- C:\WINDOWS\system32\ieudinit.exe
    2009-03-08 04:32:26 ----N---- C:\WINDOWS\system32\msfeeds.dll
    2009-03-08 04:32:22 ----N---- C:\WINDOWS\system32\iertutil.dll
    2009-03-08 04:31:54 ----N---- C:\WINDOWS\system32\msfeedssync.exe
    2009-03-08 04:31:52 ----N---- C:\WINDOWS\system32\msfeedsbs.dll
    2009-03-08 04:31:52 ----N---- C:\WINDOWS\system32\icardie.dll
    2009-03-08 04:22:46 ----N---- C:\WINDOWS\system32\ieui.dll
    2009-03-08 04:11:12 ----N---- C:\WINDOWS\system32\ieapfltr.dll
    2009-03-01 19:54:27 ----D---- C:\Program Files\Avira
    2009-03-01 19:54:27 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
    2009-03-01 18:19:25 ----D---- C:\WINDOWS\system32\CatRoot_bak
    2009-03-01 16:56:30 ----HD---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
    2009-03-01 16:56:03 ----HD---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
    2009-03-01 16:55:11 ----HD---- C:\WINDOWS\$NtUninstallKB915865$
    2009-03-01 16:55:08 ----A---- C:\WINDOWS\system32\xmllite.dll
    2009-03-01 16:52:20 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-03-01 16:52:15 ----D---- C:\WINDOWS\network diagnostic
    2009-03-01 16:52:14 ----HD---- C:\WINDOWS\$NtUninstallKB914440$
    2009-03-01 16:52:05 ----HD---- C:\WINDOWS\$NtUninstallKB904942$
    2009-03-01 16:50:57 ----HD---- C:\WINDOWS\$hf_mig$
    2009-02-28 19:58:59 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\NOS
    2009-02-28 19:58:58 ----D---- C:\Program Files\NOS
    2009-02-28 19:55:57 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-02-28 19:55:57 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-02-28 19:55:56 ----A---- C:\WINDOWS\system32\java.exe
    2009-02-28 19:55:29 ----D---- C:\Program Files\Java
    2009-02-28 14:43:44 ----D---- C:\Documents and Settings\Admin\Application Data\Malwarebytes
    2009-02-28 14:43:30 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
    2009-02-28 14:43:29 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-02-28 14:03:50 ----D---- C:\WINDOWS\ERDNT
    2009-02-28 13:17:39 ----D---- C:\rsit
    2009-02-26 11:04:09 ----A---- C:\rollback.ini
    2009-02-26 10:52:35 ----D---- C:\Documents and Settings\Admin\Application Data\MailFrontier
    2009-02-25 10:31:18 ----N---- C:\WINDOWS\SchedLgU.Txt
    2009-02-25 07:39:29 ----D---- C:\WINDOWS\CSC

    ======List of files/folders modified in the last 1 months======

    2009-03-23 11:59:46 ----A---- C:\errlgr.txt
    2009-03-23 11:57:52 ----N---- C:\WINDOWS\ModemLog_U.S. Robotics 56K Voice Host Int.txt
    2009-03-22 12:22:24 ----A---- C:\WINDOWS\win.ini
    2009-03-11 19:38:22 ----A---- C:\WINDOWS\system.ini
    2009-03-11 19:30:36 ----RASH---- C:\boot.ini
    2009-03-10 16:09:40 ----A---- C:\WINDOWS\hpqgrcpy.INI
    2009-03-08 14:09:26 ----A---- C:\WINDOWS\system32\iedkcs32.dll
    2009-03-08 04:41:16 ----A---- C:\WINDOWS\system32\mshtml.dll
    2009-03-08 04:34:58 ----A---- C:\WINDOWS\system32\wininet.dll
    2009-03-08 04:34:56 ----A---- C:\WINDOWS\system32\urlmon.dll
    2009-03-08 04:34:48 ----A---- C:\WINDOWS\system32\webcheck.dll
    2009-03-08 04:34:30 ----A---- C:\WINDOWS\system32\licmgr10.dll
    2009-03-08 04:34:28 ----A---- C:\WINDOWS\system32\url.dll
    2009-03-08 04:34:18 ----A---- C:\WINDOWS\system32\occache.dll
    2009-03-08 04:34:18 ----A---- C:\WINDOWS\system32\msrating.dll
    2009-03-08 04:33:40 ----A---- C:\WINDOWS\system32\corpol.dll
    2009-03-08 04:33:26 ----A---- C:\WINDOWS\system32\jsproxy.dll
    2009-03-08 04:33:16 ----A---- C:\WINDOWS\system32\jscript.dll
    2009-03-08 04:33:08 ----A---- C:\WINDOWS\system32\ieaksie.dll
    2009-03-08 04:33:06 ----A---- C:\WINDOWS\system32\vbscript.dll
    2009-03-08 04:33:02 ----A---- C:\WINDOWS\system32\ieakeng.dll
    2009-03-08 04:32:56 ----A---- C:\WINDOWS\system32\admparse.dll
    2009-03-08 04:32:54 ----A---- C:\WINDOWS\system32\ie4uinit.exe
    2009-03-08 04:32:52 ----A---- C:\WINDOWS\system32\ieakui.dll
    2009-03-08 04:32:50 ----A---- C:\WINDOWS\system32\iesetup.dll
    2009-03-08 04:32:50 ----A---- C:\WINDOWS\system32\iernonce.dll
    2009-03-08 04:32:48 ----A---- C:\WINDOWS\system32\advpack.dll
    2009-03-08 04:32:46 ----A---- C:\WINDOWS\system32\inseng.dll
    2009-03-08 04:32:04 ----A---- C:\WINDOWS\system32\mstime.dll
    2009-03-08 04:31:56 ----A---- C:\WINDOWS\system32\iepeers.dll
    2009-03-08 04:31:44 ----A---- C:\WINDOWS\system32\dxtmsft.dll
    2009-03-08 04:31:38 ----A---- C:\WINDOWS\system32\imgutil.dll
    2009-03-08 04:31:38 ----A---- C:\WINDOWS\system32\dxtrans.dll
    2009-03-08 04:31:36 ----A---- C:\WINDOWS\system32\pngfilt.dll
    2009-03-08 04:31:26 ----A---- C:\WINDOWS\system32\mshtmled.dll
    2009-03-08 04:31:18 ----A---- C:\WINDOWS\system32\mshtmler.dll
    2009-03-08 04:31:02 ----A---- C:\WINDOWS\system32\mshta.exe
    2009-03-08 04:22:38 ----A---- C:\WINDOWS\system32\msls31.dll
    2009-03-02 21:04:12 ----A---- C:\WINDOWS\system32\ssnvfx.ini
    2009-02-28 19:55:36 ----A---- C:\WINDOWS\system32\deploytk.dll

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-19 41600]
    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
    R1 incdrm;InCD EasyWrite Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2002-10-08 7582]
    R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768]
    R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
    R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2006-08-16 225664]
    R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952]
    R2 aslm75;aslm75; \??\C:\WINDOWS\system32\drivers\aslm75.sys []
    R2 Fallback;Fallback; C:\WINDOWS\System32\DRIVERS\HSF_FALL.sys [2001-08-17 289887]
    R2 Fsks;Fsks; C:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys [2001-08-17 115807]
    R2 K56;K56; C:\WINDOWS\System32\DRIVERS\HSF_K56K.sys [2001-08-17 391199]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2004-08-04 11868]
    R2 nvcap;nVidia WDM Video Capture (universal); C:\WINDOWS\System32\DRIVERS\nvcap.sys [2003-04-03 118220]
    R2 nvTUNEP;nVidia WDM TVTuner; C:\WINDOWS\System32\DRIVERS\nvtunep.sys [2003-04-03 15968]
    R2 nvtvSND;nVidia WDM TVAudio Crossbar; C:\WINDOWS\System32\DRIVERS\nvtvsnd.sys [2003-04-03 45216]
    R2 NVXBAR;nVidia WDM A/V Crossbar; C:\WINDOWS\System32\DRIVERS\NVxbar.sys [2003-04-03 10942]
    R2 SoftFax;SoftFax; C:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys [2001-08-17 199711]
    R2 SpeakerPhone;SpeakerPhone; C:\WINDOWS\System32\DRIVERS\HSF_SPKP.sys [2001-08-17 73279]
    R2 tcaicchg;tcaicchg; \??\C:\WINDOWS\System32\tcaicchg.sys []
    R2 TCAITDI;TCAITDI Protocol; C:\WINDOWS\System32\DRIVERS\TCAITDI.sys [2001-09-03 19534]
    R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
    R2 Tones;Tones; C:\WINDOWS\System32\DRIVERS\HSF_TONE.sys [2001-08-17 50751]
    R2 V124;V124; C:\WINDOWS\System32\DRIVERS\HSF_V124.sys [2001-08-17 488383]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-04 60800]
    R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
    R3 EL90Xbc;3Com 3C90X-BC Family PCI EtherLink Adapter; C:\WINDOWS\System32\DRIVERS\el90Xbc5.SYS [2002-08-13 74338]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSFDPSP2.sys [2004-08-04 1041536]
    R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFBS2S2.sys [2004-08-04 220032]
    R3 itchfltr;iTouch Keyboard Filter; C:\WINDOWS\system32\DRIVERS\itchfltr.sys [2004-03-10 12953]
    R3 l8042pr2;Logitech PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042Pr2.sys [2002-07-09 50862]
    R3 LKbdFlt2;Logitech Keyboard Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LKbdFlt2.sys [2002-07-09 6030]
    R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFlt2.sys [2002-07-09 70382]
    R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
    R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
    R3 msgame;Activateur de port HID vers manette de jeu Sidewinder; C:\WINDOWS\system32\DRIVERS\msgame.sys [2001-08-17 35200]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-04 61824]
    R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
    R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2002-12-05 13056]
    R3 NVENET;NVIDIA nForce MCP Networking Adapter Driver; C:\WINDOWS\System32\DRIVERS\NVENET.sys [2002-09-22 80896]
    R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2002-12-05 241664]
    R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368]
    R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-04 12416]
    R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-04 26624]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-04 57600]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2004-08-04 17024]
    R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 15104]
    R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSFCXTS2.sys [2004-08-04 685056]
    R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2005-04-12 10144]
    R3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2005-04-12 22240]
    R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2005-04-12 45504]
    R4 WINFOXIO;WINFOXIO; \??\C:\WINDOWS\system32\Drivers\WINFOXIO.SYS []
    S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
    S3 61883;Pilote d'unité 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [2004-08-04 48128]
    S3 Avc;Périphérique AVC; C:\WINDOWS\System32\DRIVERS\avc.sys [2004-08-04 38912]
    S3 basic2;basic2; C:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys [2001-08-17 67167]
    S3 catchme;catchme; \??\C:\DOCUME~1\Admin\LOCALS~1\Temp\catchme.sys []
    S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
    S3 hsf_msft;hsf_msft; C:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys [2001-08-17 542879]
    S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\System32\DRIVERS\msdv.sys [2004-08-04 51328]
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
    S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
    S3 ndiscm;Motorola SurfBoard USB Cable Modem Windows Driver; C:\WINDOWS\system32\DRIVERS\NetMotCM.sys [2002-02-25 15400]
    S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-08-04 10880]
    S3 Rksample;Rksample; C:\WINDOWS\System32\DRIVERS\HSF_SAMP.sys [2001-08-17 57471]
    S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-08-04 11136]
    S3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912]
    S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-08-04 15360]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
    S3 WBHWDOCT;Winbond GPIO Driver1; C:\WINDOWS\System32\drivers\WBHWDOCT.sys [2002-09-09 7312]
    S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2005-04-12 5600]
    S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
    R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
    R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    R2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-19 268800]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-28 152984]
    R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
    R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZONELABS\vsmon.exe [2008-07-09 75304]
    R3 iPod Service;Service de l’iPod; G:\Programmes\iPod\bin\iPodService.exe [2008-10-01 536872]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-25 138168]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]

    -----------------EOF-----------------
    a c 295 8 Sécurité
    24 Mars 2009 12:42:10

    1/

  • Désinstalle HijackThis.
  • Menu Démarrer > Exécuter > Tape combofix /u et valide.

  • Télécharge ToolsCleaner2 sur ton Bureau.
  • Double-clique sur ToolsCleaner2.exe pour le lancer.
  • Clique sur Recherche et laisse le scan agir.
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options Facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


    2/

  • Télécharge et installe CCleaner Slim.
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
  • Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs (Sauvegarde la base de registre).


    3/

  • Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.

  • Je te conseille de créer un point de restauration que tu pourras utiliser plus tard si tu as un problème.


    ==Prévention==

    Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

    Comme navigateur, utilise plutôt Mozilla Firefox qu'Internet Explorer. Tu peux utiliser l'extension NoScript pour plus de sécurité.

    Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, onglet Mises à jour automatiques).

    Tu peux aussi modifier le fichier Hosts pour améliorer la sécurité de ton PC : Lien

    Par rapport au P2P : Lien

    Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    Si tu estimes que ton problème est résolu :

    ---> Ajoute maintenant [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Rajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    Sois plus vigilant(e) sur Internet ;) 
    24 Mars 2009 15:13:06

    Bonjour!

    dois-je désinstaller RSIT?

    Je vais installer Firefox, dois-je tout de même laisser IE8 sur ma machine si je vais vers Firefox?

    Est-ce que Google Chrome est une bonne option aussi?

    voici le rapport

    [ Rapport ToolsCleaner version 2.3.2 (par A.Rothstein & dj QUIOU) ]

    -->- Recherche:

    C:\Combofix.txt: trouvé !
    C:\rapport_clean.txt: trouvé !
    C:\Combofix: trouvé !
    C:\Rsit: trouvé !
    C:\Documents and Settings\Daniel G\Bureau\SmitFraudfix: trouvé !
    C:\Documents and Settings\Admin\Recent\HijackThis.lnk: trouvé !
    C:\Documents and Settings\Admin\Bureau\hijackthis.log: trouvé !
    C:\Documents and Settings\Admin\Bureau\SmitFraudfix: trouvé !
    C:\Documents and Settings\Admin\Bureau\SmitfraudFix\SmitFraudfix: trouvé !
    C:\Program Files\Trend Micro\HijackThis.exe: trouvé !
    C:\Program Files\Trend Micro\hijackthis.log: trouvé !

    ---------------------------------
    -->- Suppression:

    C:\Documents and Settings\Admin\Recent\HijackThis.lnk: supprimé !
    C:\Program Files\Trend Micro\HijackThis.exe: supprimé !
    C:\Combofix.txt: supprimé !
    C:\rapport_clean.txt: supprimé !
    C:\Documents and Settings\Admin\Bureau\hijackthis.log: supprimé !
    C:\Program Files\Trend Micro\hijackthis.log: supprimé !
    C:\Combofix: supprimé !
    C:\Rsit: supprimé !
    C:\Documents and Settings\Daniel G\Bureau\SmitFraudfix: supprimé !
    C:\Documents and Settings\Admin\Bureau\SmitFraudfix: supprimé !

    Fichiers temporaires nettoyés !
    Corbeille vidée!

    Merci beaucoup pour ton aide Destrio5. Je vais suivre tes précieux conseils.
    :) 
    a c 295 8 Sécurité
    24 Mars 2009 17:06:03

    Tu peux supprimer ToolsCleaner.

    Citation :

    Je vais installer Firefox, dois-je tout de même laisser IE8 sur ma machine si je vais vers Firefox?

    ---> Oui.

    Citation :
    Est-ce que Google Chrome est une bonne option aussi?

    ---> Je ne sais pas.

    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS