Se connecter / S'enregistrer
Votre question

virus iexplore.exe aidez moi please

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
7 Décembre 2008 19:22:15

salut voila j'ai un antivirus kasperski 7 sur windows vista qui me donne une alert il detecte une application dangereuse c:/program files/internet explorer/iexplore.exe

jai essayer de le supprimé mais il ne veut pas ce supprimer en plus jai deux autre fichier dans le meme dossier: hmmapi.dll et iedw de la meme date et qui ne ce suprime pas

ce que jai essayer c'est de les supprimé en etant en mode sans echec ca na pas marcher

voila j'aimerai bien que qu'elqun m'aide mais juste une remarque pour ce qui auront la gentillesse de m'aider je suis un amateur question programmation est tout donc merci de bien vouloir etre le plus simple possible

merci

Autres pages sur : virus iexplore exe aidez please

8 Décembre 2008 16:21:07

:hello:  Bonjour,

Je vais t'aider à résoudre ton problème. Merci de suivre à la lettre mes instructions et de ne pas prendre d'initiatives personnelles. Si tu as la moindre question, je suis à ton écoute.

Merci de prendre en compte que je suis bénévole et que j'ai une vie privée : je passe au moins une fois par jour.

Si tu penses avoir été oublié, envoie-moi un MP pour me le signaler.

1) Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.

  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de Toolbar-S&D.
  • Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le rapport généré. (C:\TB.txt)

    2) Télécharge Gmer.

  • Dézippe-le dans un dossier dédié ou sur ton Bureau.
  • Déconnecte toi d'Internet puis ferme tous les programmes.
  • Double-clique sur Gmer.exe.
    Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.
  • Clique sur l'onglet Rootkit.
  • A droite, coche tout.
  • Clique maintenant sur Scan.
  • Lorsque le scan est terminé, clique sur Copy.
  • Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
  • Le rapport doit alors apparaître.
  • Enregistre le fichier sur ton Bureau et upload-le sur mediafire.

    Uploader un fichier sur mediafire :

  • Rends-toi sur ce lien : http://www.mediafire.com/
  • Clique en haut sur "Upload files To Media fire". Choisis ensuite "I want to upload without an account"
  • Une fenêtre de ton explorateur windows va s'ouvrir. Navigue jusqu'au rapport que je te demande d'uploader, sélectionne-le puis clique sur "ouvrir".
  • Clique ensuite sur "Upload".
  • A droite de l'écran, choisis : "upload to a new folder". Laisse le nom par défaut ( = la date )
  • Valide et laisse l'upload se faire.
  • Clique sur "Vieuw uploaded file" et copie-moi l'url ( = le lien ) du nouvel onglet ou de la nouvelle fenêtre qui va s'ouvrir dans ton prochain message. Ainsi, je pourrais télécharger le rapport demandé.

    3) Télécharge DDS de sUBs et sauvegarde-le sur ton bureau.
  • Désactive tout script bloquant, tel q'un antivirus, un logiciel comme ad-block, noscript etc.
  • Double-clique sur dds.scr pour lancer l'outil. Ne double clique qu'une seule fois dessus, sois patient !
  • Une fois le scan fini, un document texte, DDS.txt, va s'ouvrir .
  • Clique Oui à la prochaine invite Optional Scan.
  • Sauvegarde les deux rapports sur ton bureau et poste-moi uniquement le DDS.txt, garde l'autre sous la main si jamais je te le demande. Copie/colle le rapport sur le forum. N'uploade des fichiers sur mediafire que si j'en fais la demande explicite.

    ;) 
    8 Décembre 2008 19:42:12

    SALUT J'ai bien recu le message je vais essayer de faire ca
    encore merci
    Contenus similaires
    8 Décembre 2008 19:50:27

    VOILA LE RAPPORT DU TOOLBARSD

    -----------\\ ToolBar S&D 1.2.6 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU T2330 @ 1.60GHz )
    BIOS : Default System BIOS
    USER : User ( Administrator )
    BOOT : Normal boot
    Antivirus : Kaspersky Internet Security 7.0.0.125 (Activated)
    Firewall : Kaspersky Internet Security 7.0.0.125 (Activated)
    C:\ (Local Disk) - NTFS - Total:100 Go (Free:55 Go)
    D:\ (Local Disk) - NTFS - Total:11 Go (Free:2 Go)
    E:\ (CD or DVD)

    "C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )
    Option : [1] ( 08/12/2008|19:46 )

    [ UAC => 1 ]

    -----------\\ Recherche de Fichiers / Dossiers ...


    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://www.google.com/"
    "Local Page"="C:\\Windows\\system32\\blank.htm"
    "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Url"="http://go.microsoft.com/fwlink/?LinkId=75720"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca..."
    "Default_Page_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca..."
    "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"


    --------------------\\ Recherche d'autres infections


    Aucune autre infection trouvée !

    [ UAC => 1 ]


    1 - "C:\ToolBar SD\TB_1.txt" - 08/12/2008|19:47 - Option : [1]

    -----------\\ Fin du rapport a 19:47:56,60

    8 Décembre 2008 19:54:49

    J'attends la suite :) 
    8 Décembre 2008 21:04:22

    rapport dds

    DDS (Version 1.0) - NTFSx86
    Run by User at 20:59:11,30 on 08/12/2008
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.33.1036.18.1013.195 [GMT 1:00]

    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\WLANExt.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\System32\igfxtray.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Hp\QuickPlay\QPService.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
    C:\Windows\ehome\ehtray.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Users\User\AppData\Local\Temp\~tmpb.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\DRIVERS\xaudio.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
    C:\Program Files\Apoint2K\ApMsgFwd.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Windows\system32\conime.exe
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Users\User\Desktop\gmer.exe
    c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    C:\Windows\system32\wuauclt.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Users\User\Desktop\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.com/
    mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=81&bd=HP&pf=laptop
    mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=81&bd=HP&pf=laptop
    BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_02\bin\ssv.dll
    BHO: {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
    TB: {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
    TB: {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
    uRun: [HPAdvisor] c:\program files\hewlett-packard\hp advisor\HPAdvisor.exe autoRun
    uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
    uRun: [Cognac] c:\users\user\appdata\local\temp\~tmpb.exe
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
    mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
    mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
    mRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" update "software\cyberlink\youcam\1.0"
    mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
    mRun: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
    mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_02\bin\jusched.exe"
    mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
    mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 7.0\avp.exe"
    IE: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 5.0\resources\fr-fr\local\search.html
    IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_02\bin\ssv.dll
    IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - c:\program files\kaspersky lab\kaspersky internet security 7.0\SCIEPlgn.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
    IE: {3369AF0D-62E9-4bda-8103-B4C75499B578} - {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
    Notify: igfxcui - igfxdev.dll
    Notify: klogon - c:\windows\system32\klogon.dll
    AppInit_DLLs: c:\progra~1\kasper~1\kasper~1.0\r3hook.dll,c:\progra~1\kasper~1\kasper~1.0\adialhk.dll

    ============= SERVICES / DRIVERS ===============

    R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2007-4-4 20760]

    =============== Created Last 30 ================

    2008-12-08 19:54 250 a------- c:\windows\gmer.ini
    2008-12-08 19:45 <DIR> --d----- C:\ToolBar SD
    2008-12-07 19:42 <DIR> a-d----- c:\programdata\TEMP
    2008-12-07 19:39 77,312 a------- c:\windows\system32\ztvunace26.dll
    2008-12-07 19:39 162,304 a------- c:\windows\system32\ztvunrar36.dll
    2008-12-07 19:39 153,088 a------- c:\windows\system32\UNRAR3.dll
    2008-12-07 19:39 75,264 a------- c:\windows\system32\unacev2.dll
    2008-12-07 19:39 69,632 a------- c:\windows\system32\ztvcabinet.dll
    2008-12-07 17:54 1,524,736 a------- c:\windows\system32\wucltux.dll
    2008-12-07 17:53 83,456 a------- c:\windows\system32\wudriver.dll
    2008-12-07 17:53 162,064 a------- c:\windows\system32\wuwebv.dll
    2008-12-07 17:53 31,232 a------- c:\windows\system32\wuapp.exe
    2008-12-06 19:40 <DIR> --d----- c:\program files\LimeWire
    2008-11-26 18:28 712,192 a------- c:\windows\system32\WindowsCodecs.dll
    2008-11-26 18:28 425,472 a------- c:\windows\system32\PhotoMetadataHandler.dll
    2008-11-26 18:28 347,136 a------- c:\windows\system32\WindowsCodecsExt.dll
    2008-11-26 18:28 241,152 a------- c:\windows\system32\PortableDeviceApi.dll
    2008-11-26 18:27 160,768 a------- c:\windows\system32\PortableDeviceTypes.dll
    2008-11-26 18:27 95,232 a------- c:\windows\system32\PortableDeviceClassExtension.dll
    2008-11-26 18:27 1,645,568 a------- c:\windows\system32\connect.dll
    2008-11-11 20:42 1,194,496 a------- c:\windows\system32\msxml3.dll
    2008-11-11 20:42 2,048 a------- c:\windows\system32\msxml3r.dll
    2008-11-11 20:42 211,456 a------- c:\windows\system32\drivers\mrxsmb10.sys
    2008-11-11 20:39 1,341,440 a------- c:\windows\system32\msxml6.dll
    2008-11-11 20:39 2,048 a------- c:\windows\system32\msxml6r.dll

    ==================== Find3M ====================

    2008-12-08 19:58 6,603,552 a--sh--- c:\windows\system32\drivers\fidbox.dat
    2008-12-08 15:41 89,672 a--sh--- c:\windows\system32\drivers\fidbox.idx
    2008-10-31 13:04 112,144 a------- c:\windows\system32\drivers\kl1.sys
    2008-10-31 13:03 96,976 a------- c:\windows\system32\drivers\klin.dat
    2008-10-31 13:03 87,855 a------- c:\windows\system32\drivers\klick.dat
    2008-10-30 21:06 86,016 a------- c:\windows\inf\infstrng.dat
    2008-10-30 21:06 86,016 a------- c:\windows\inf\infstor.dat
    2008-10-30 21:06 51,200 a------- c:\windows\inf\infpub.dat
    2008-10-30 20:39 690,832 a------- c:\windows\system32\perfh00C.dat
    2008-10-30 20:39 117,572 a------- c:\windows\system32\perfc00C.dat
    2008-10-11 01:24 268,800 a------- c:\windows\system32\es.dll
    2008-10-11 01:22 4,493,312 a------- c:\windows\system32\NlsData0414.dll
    2008-10-11 01:22 1,963,520 a------- c:\windows\system32\NlsData000f.dll
    2008-10-11 01:22 4,493,312 a------- c:\windows\system32\NlsData0416.dll
    2008-10-11 01:22 797,696 a------- c:\windows\system32\NaturalLanguage6.dll
    2008-10-11 01:22 4,493,312 a------- c:\windows\system32\NlsData0816.dll
    2008-10-11 01:22 1,963,520 a------- c:\windows\system32\NlsData081a.dll
    2008-10-11 01:22 6,917,120 a------- c:\windows\system32\NlsLexicons0c1a.dll
    2008-10-11 01:22 1,963,520 a------- c:\windows\system32\NlsData0c1a.dll
    2008-10-08 15:20 665,600 a------- c:\windows\inf\drvindex.dat
    2008-10-08 15:12 174 a--sh--- c:\program files\desktop.ini
    2008-10-05 22:19 61,440 a------- c:\windows\system32\winipsec.dll
    2008-10-05 22:19 28,672 a------- c:\windows\system32\FwRemoteSvr.dll
    2008-10-05 22:19 361,984 a------- c:\windows\system32\IPSECSVC.DLL
    2008-10-05 22:19 272,896 a------- c:\windows\system32\polstore.dll
    2008-10-05 22:18 28,160 a------- c:\windows\system32\Apphlpdm.dll
    2008-10-05 22:18 2,560 a------- c:\windows\apppatch\AcRes.dll
    2008-10-05 22:18 2,144,256 a------- c:\windows\apppatch\AcGenral.dll
    2008-10-05 22:18 537,600 a------- c:\windows\apppatch\AcLayers.dll
    2008-10-05 22:18 449,536 a------- c:\windows\apppatch\AcSpecfc.dll
    2008-10-05 22:18 4,247,552 a------- c:\windows\system32\GameUXLegacyGDFs.dll
    2008-10-05 22:18 173,056 a------- c:\windows\apppatch\AcXtrnal.dll
    2008-10-05 22:18 1,686,528 a------- c:\windows\system32\gameux.dll
    2008-10-05 22:17 704,000 a------- c:\windows\system32\PhotoScreensaver.scr
    2008-10-05 22:17 24,064 a------- c:\windows\system32\wtsapi32.dll
    2008-10-05 22:17 2,923,520 a------- c:\windows\explorer.exe
    2008-10-05 22:17 542,720 a------- c:\windows\system32\sysmain.dll
    2008-10-05 22:17 47,104 a------- c:\windows\system32\wlanapi.dll
    2008-10-05 22:17 502,784 a------- c:\windows\system32\wlansvc.dll
    2008-10-05 22:17 299,008 a------- c:\windows\system32\wlansec.dll
    2008-10-05 22:17 289,280 a------- c:\windows\system32\wlanmsm.dll
    2008-10-05 22:17 67,584 a------- c:\windows\system32\wlanhlp.dll
    2008-10-05 22:16 194,560 a------- c:\windows\system32\WebClnt.dll
    2008-10-05 22:12 2,048 a------- c:\windows\system32\tzres.dll
    2008-10-05 22:11 303,616 a------- c:\windows\system32\wmpeffects.dll
    2008-10-05 22:10 8,147,968 a------- c:\windows\system32\wmploc.DLL
    2008-10-05 22:10 7,680 a------- c:\windows\system32\spwmp.dll
    2008-10-05 22:10 4,096 a------- c:\windows\system32\dxmasf.dll
    2008-10-05 22:10 356,864 a------- c:\windows\system32\MediaMetadataHandler.dll
    2008-10-05 22:08 167,424 a------- c:\windows\system32\tcpipcfg.dll
    2008-10-05 22:08 24,064 a------- c:\windows\system32\netcfg.exe
    2008-10-05 22:08 22,016 a------- c:\windows\system32\netiougc.exe
    2008-10-05 22:03 1,585,664 a------- c:\windows\system32\setupapi.dll
    2008-10-05 22:03 371,712 a------- c:\windows\system32\srcore.dll
    2008-10-05 22:03 313,856 a------- c:\windows\system32\rstrui.exe
    2008-10-05 22:03 40,960 a------- c:\windows\system32\srclient.dll
    2008-10-05 22:03 613,888 a------- c:\windows\system32\wpd_ci.dll
    2008-10-05 22:03 16,384 a------- c:\windows\system32\srdelayed.exe
    2008-10-05 22:01 9,728 a------- c:\windows\system32\LAPRXY.DLL
    2008-10-05 22:01 223,232 a------- c:\windows\system32\WMASF.DLL
    2008-10-05 22:01 2,048 a------- c:\windows\system32\asferror.dll
    2008-10-05 22:00 296,448 a------- c:\windows\system32\gdi32.dll
    2008-10-05 22:00 14,848 a------- c:\windows\system32\wshrm.dll
    2008-10-05 21:59 11,776 a------- c:\windows\system32\sbunattend.exe
    2008-10-05 21:59 83,968 a------- c:\windows\system32\dnsrslvr.dll
    2008-10-05 21:59 24,576 a------- c:\windows\system32\dnscacheugc.exe
    2008-10-05 21:58 788,992 a------- c:\windows\system32\rpcrt4.dll
    2008-10-05 21:58 737,792 a------- c:\windows\system32\inetcomm.dll
    2008-10-05 21:58 84,480 a------- c:\windows\system32\INETRES.dll
    2008-10-02 04:49 826,368 a------- c:\windows\system32\wininet.dll
    2008-10-02 04:49 56,320 a------- c:\windows\system32\iesetup.dll
    2008-10-02 04:49 52,736 a------- c:\windows\apppatch\iebrshim.dll
    2008-10-02 04:48 26,624 a------- c:\windows\system32\ieUnatt.exe
    2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll
    2008-09-18 05:35 3,470,904 a------- c:\windows\system32\ntoskrnl.exe
    2008-09-18 05:35 3,505,208 a------- c:\windows\system32\ntkrnlpa.exe
    2008-09-18 03:03 2,027,520 a------- c:\windows\system32\win32k.sys
    2007-11-21 13:29 340,236 a------- c:\windows\inf\perflib\040c\perfi.dat
    2007-11-21 13:29 340,236 a------- c:\windows\inf\perflib\040c\perfh.dat
    2007-11-21 13:29 37,390 a------- c:\windows\inf\perflib\040c\perfd.dat
    2007-11-21 13:29 37,390 a------- c:\windows\inf\perflib\040c\perfc.dat
    2006-11-02 10:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
    2006-11-02 10:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
    2006-11-02 10:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
    2006-11-02 10:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
    2008-08-16 15:01 22 a--sh--- c:\windows\sminst\HPCD.sys

    ============= FINISH: 21:00:13,39 ===============
    8 Décembre 2008 21:05:10

    voila c'est tout
    8 Décembre 2008 23:26:02

    Re,

    1) Télécharge OTMoveIt3 (OldTimer). Sauvegarde-le sur ton Bureau.
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    :processes
    explorer.exe
    ~tmpb.exe

    :files
    C:\Users\User\AppData\Local\Temp\~tmpb.exe

    :commands
    [purity]
    [emptytemp]
    [start explorer]
    [reboot]


    Double clique sur OTMoveIt3.exe afin de le lancer.
    Colle (ou Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
    Clique maintenant sur le bouton MoveIt![/#f] puis ferme OTMoveIt3.

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log

    2) Télécharge [#f0000e]random's system information tool (RSIT)
    par random/random et sauvegarde-le sur le Bureau.
  • Double-clique sur RSIT.exe afin de lancer RSIT.
  • Clique Continue à l'écran Disclaimer.
  • Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
    ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
  • NB : Les rapports sont sauvegardés dans le dossier C:\rsit
  • Veille bien à me poster l'intégralité des rapports, vérifie qu'ils soient complets une fois que tu les as postés.

    ;) 
    10 Décembre 2008 19:41:10

    salut
    voila quand je clik sur otmove mon antivirus me le siganle comme un objet malicieux donc je n'est pas autorisé la telechargement
    je voulais te demandé est ce que cé vraiment sur sinon questceque je fait
    je l'autorise
    merci
    10 Décembre 2008 23:24:50

    Re,

    Bah si je te demande de le télécharger, c'est qu'il est sûr...

    Désactive ton antivirus avant de le télécharger et pendant son utilisation.

    ;) 
    11 Décembre 2008 12:48:45

    voila le rapport otmove

    ========== PROCESSES ==========
    Process explorer.exe killed successfully.
    Unable to kill process: ~tmpb.exe
    ========== FILES ==========
    C:\Users\User\AppData\Local\Temp\~tmpb.exe moved successfully.
    ========== COMMANDS ==========
    File delete failed. C:\Users\User\AppData\Local\Temp\ehmsas.txt scheduled to be deleted on reboot.
    File delete failed. C:\Users\User\AppData\Local\Temp\etilqs_Kjce3EdjIMWZw5tbsytt scheduled to be deleted on reboot.
    User's Temp folder emptied.
    User's Temporary Internet Files folder emptied.
    User's Internet Explorer cache folder emptied.
    Local Service Temp folder emptied.
    Local Service Temporary Internet Files folder emptied.
    File delete failed. C:\Windows\temp\{4d36e96d-e325-11ce-bfc1-08002be10318}0000\INWPS2.ini scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\{4d36e96d-e325-11ce-bfc1-08002be10318}0000\IPathViS.INI scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\{4d36e96c-e325-11ce-bfc1-08002be10318}0001\IPathViS.INI scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\{4d36e96c-e325-11ce-bfc1-08002be10318}0001\IPVENHER.INI scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\{4d36e96c-e325-11ce-bfc1-08002be10318}0001\ISACS.INI scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\{4d36e96c-e325-11ce-bfc1-08002be10318}0001\LEOHERA.INI scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\SETUP47B74C22261\InstApp.ini scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\SETUP47B74C1516C\InstApp.ini scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\SETUP47B74B582D1\InstApp.ini scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\MYDEFAULT\SMAUDIO.INI scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\IntelIMSM\IMSMins.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\cch~8d3c2d988.htp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\cch~8d3c3047e.htp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\cch~8f3381a46.htp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\cch~8f3386c5e.htp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\cch~8f9a8d1ec.htp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\cch~8f9a8f69e.htp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\cch~dacc8a3e.htp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\cch~daccc320.htp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\cch~de5a41ba.htp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\cch~de5a68d1.htp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\cch~e3e4799c.htp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\cch~e3e4a508.htp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\coinlog.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\conexant.cer scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\DIFXAPI.DLL scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\DMIEA8C.tmp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\ehprivjob.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\ehprivjob1.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\IDSinst.LOG scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\IntelTVWizard.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\JET6F26.tmp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\JET70EA.tmp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\JET8094.tmp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\JET8D50.tmp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\JET904D.tmp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\JETB8C3.tmp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080718-123202-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080718-123213-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080720-200017-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080720-200029-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080721-202900-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080721-202914-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080722-120916-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080722-120927-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080816-141125-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080816-142008-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080929-161713-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20080929-161723-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081002-192204-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081002-192222-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081011-024334-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081011-024409-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081013-172815-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081013-172917-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081014-231842-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081014-231908-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081017-230101-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081017-230116-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081019-130002-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081019-130020-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081019-170927-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081019-170944-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081019-181308-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081019-181326-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081019-203918-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081019-203943-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081027-092739-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081027-092755-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081028-201158-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081028-201839-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081030-204705-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081030-205145-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081031-211635-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081031-211749-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081101-033130-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081101-033147-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081105-160516-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081105-160547-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081107-140214-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081107-140234-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081107-210406-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081107-210426-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081111-203137-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081111-203444-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081112-194455-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081112-194527-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081114-200235-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081114-200256-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081115-122505-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081115-122522-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081116-113825-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081116-113932-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081116-191949-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081116-192008-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081116-213404-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081116-213422-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081122-170449-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081122-170523-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081126-182945-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081126-183026-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081206-192453-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081206-192537-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081207-180421-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081207-181142-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081207-185138-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081207-185216-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081207-194026-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081207-194048-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081208-183422-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081208-183455-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081208-202041-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081208-202744-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081210-194343-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\lpksetup-20081210-194513-0.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\MpSigStub.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\NerD1B1.tmp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\Norton_SPALOG_10_13_2008_304014.txt scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\Norton_SPALOG_10_5_2008_1502305.txt scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\RTWaveTempINI.ini scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\SETUP.LOG scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\SNDSetup8.0.2.6.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\SNDunin.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\SND_MSI_I_8.0.2.6.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\SND_MSI_U_8.0.2.6_8.0.0.129.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\SRTSP_MSI_I_10.2.2.6.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\SRTSP_MSI_U_(1)10.2.0.57.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\SRTSP_Setup_10.2.2.6.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\srtUnin.log scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\SYMEVENT.LOG scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\TempINI.ini scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\TMP0000000104872B34254BB20A scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\TMP00000002EDF58F7FBB6FA233 scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\TMP00000046B4634C2F80AD55F8 scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\TMP00000049EC1ACB7675E36982 scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\TMP0000005280944FE3194E3696 scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\WER38EC.tmp.version.txt scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\WER3AC1.tmp.appcompat.txt scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\WER4FD7.tmp.hdmp scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\WinSAT_DX.etl scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\WinSAT_KernelLog.etl scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\WinSAT_StorageAsmt.etl scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\wlumsp.log scheduled to be deleted on reboot.
    Windows Temp folder emptied.
    File delete failed. C:\Users\User\AppData\Local\Mozilla\Firefox\Profiles\edxas9va.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
    File delete failed. C:\Users\User\AppData\Local\Mozilla\Firefox\Profiles\edxas9va.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
    File delete failed. C:\Users\User\AppData\Local\Mozilla\Firefox\Profiles\edxas9va.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
    File delete failed. C:\Users\User\AppData\Local\Mozilla\Firefox\Profiles\edxas9va.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
    File delete failed. C:\Users\User\AppData\Local\Mozilla\Firefox\Profiles\edxas9va.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
    FireFox cache emptied.
    Temp folders emptied.
    Explorer started successfully

    OTMoveIt3 by OldTimer - Version 1.0.7.2 log created on 12112008_123952
    11 Décembre 2008 12:52:18

    rapport log.txt
    Logfile of random's system information tool 1.04 (written by random/random)
    Run by User at 2008-12-11 12:49:53
    Microsoft® Windows Vista™ Édition Familiale Premium
    System drive C: has 57 GB (56%) free of 103 GB
    Total RAM: 1013 MB (20% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:50:26, on 11/12/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16764)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Hp\QuickPlay\QPService.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
    C:\Windows\ehome\ehtray.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Program Files\Apoint2K\ApMsgFwd.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Windows\system32\wuauclt.exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\User\Desktop\RSIT.exe
    C:\Program Files\trend micro\User.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
    O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [Cognac] C:\Users\User\AppData\Local\Temp\~tmpb.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 5.0\resources\fr-fr\local\search.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
    O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
    O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

    --
    End of file - 7613 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [2007-07-12 501136]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
    AOL Toolbar Launcher - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2007-07-30 1086816]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
    {DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2007-07-30 1086816]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "IgfxTray"=C:\Windows\system32\igfxtray.exe [2007-08-28 141848]
    "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2007-08-28 154136]
    "Persistence"=C:\Windows\system32\igfxpers.exe [2007-08-28 137752]
    "Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2007-10-10 212992]
    "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-10-03 178712]
    "QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2007-09-30 181544]
    "QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-09-27 202032]
    "UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-09-13 222504]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-11-21 1006264]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]
    "HP Health Check Scheduler"=[ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe []
    "HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
    "hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-10-03 480560]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe [2007-07-12 132496]
    "NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
    "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe [2007-06-28 218376]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "HPAdvisor"=C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2007-10-01 1783136]
    "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440]
    "Cognac"=C:\Users\User\AppData\Local\Temp\~tmpb.exe []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    C:\Windows\system32\igfxdev.dll [2007-08-20 200704]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    C:\Windows\system32\klogon.dll [2007-06-28 206088]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6610dbfa-56f7-11dd-99d1-001b38f5ba29}]
    shell\AutoRun\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe
    shell\open\command - RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe


    ======List of files/folders created in the last 1 months======

    2008-12-11 12:49:54 ----D---- C:\Program Files\trend micro
    2008-12-11 12:49:53 ----D---- C:\rsit
    2008-12-11 12:39:52 ----D---- C:\_OTMoveIt
    2008-12-11 12:18:21 ----A---- C:\Windows\system32\tzres.dll
    2008-12-10 19:48:12 ----A---- C:\Windows\system32\gdi32.dll
    2008-12-10 19:44:43 ----A---- C:\Windows\system32\WMVCORE.DLL
    2008-12-10 19:44:43 ----A---- C:\Windows\system32\mf.dll
    2008-12-10 19:44:42 ----A---- C:\Windows\system32\WMNetMgr.dll
    2008-12-10 19:44:41 ----A---- C:\Windows\system32\rrinstaller.exe
    2008-12-10 19:44:41 ----A---- C:\Windows\system32\logagent.exe
    2008-12-10 19:44:40 ----A---- C:\Windows\system32\mfps.dll
    2008-12-10 19:44:40 ----A---- C:\Windows\system32\mfpmp.exe
    2008-12-10 19:44:40 ----A---- C:\Windows\system32\mferror.dll
    2008-12-10 19:44:25 ----A---- C:\Windows\system32\shell32.dll
    2008-12-10 19:43:47 ----A---- C:\Windows\explorer.exe
    2008-12-10 19:43:33 ----A---- C:\Windows\system32\mshtml.dll
    2008-12-10 19:43:28 ----A---- C:\Windows\system32\urlmon.dll
    2008-12-10 19:43:27 ----A---- C:\Windows\system32\ieframe.dll
    2008-12-10 19:43:21 ----A---- C:\Windows\system32\wininet.dll
    2008-12-10 19:43:20 ----A---- C:\Windows\system32\mstime.dll
    2008-12-10 19:43:20 ----A---- C:\Windows\system32\mshtmled.dll
    2008-12-10 19:43:19 ----A---- C:\Windows\system32\ieui.dll
    2008-12-10 19:43:19 ----A---- C:\Windows\system32\iernonce.dll
    2008-12-10 19:43:19 ----A---- C:\Windows\system32\ieapfltr.dll
    2008-12-10 19:43:19 ----A---- C:\Windows\system32\ie4uinit.exe
    2008-12-10 19:43:19 ----A---- C:\Windows\system32\dxtrans.dll
    2008-12-10 19:43:19 ----A---- C:\Windows\system32\advpack.dll
    2008-12-10 19:43:18 ----A---- C:\Windows\system32\iesetup.dll
    2008-12-10 19:43:18 ----A---- C:\Windows\system32\iertutil.dll
    2008-12-10 19:43:16 ----A---- C:\Windows\system32\ieUnatt.exe
    2008-12-10 19:43:16 ----A---- C:\Windows\system32\icardie.dll
    2008-12-10 19:43:16 ----A---- C:\Windows\system32\dxtmsft.dll
    2008-12-10 19:43:15 ----A---- C:\Windows\system32\pngfilt.dll
    2008-12-10 19:43:15 ----A---- C:\Windows\system32\jsproxy.dll
    2008-12-08 19:54:11 ----A---- C:\Windows\gmer.ini
    2008-12-08 19:54:00 ----A---- C:\Windows\gmer_uninstall.cmd
    2008-12-08 19:54:00 ----A---- C:\Windows\gmer.dll
    2008-12-08 19:53:59 ----A---- C:\Windows\gmer.exe
    2008-12-08 19:46:36 ----A---- C:\TB.txt
    2008-12-08 19:45:29 ----D---- C:\ToolBar SD
    2008-12-07 19:42:00 ----AD---- C:\ProgramData\TEMP
    2008-12-07 19:39:59 ----A---- C:\Windows\system32\ztvunace26.dll
    2008-12-07 19:39:58 ----A---- C:\Windows\system32\ztvunrar36.dll
    2008-12-07 19:39:58 ----A---- C:\Windows\system32\ztvcabinet.dll
    2008-12-07 19:39:58 ----A---- C:\Windows\system32\UNRAR3.dll
    2008-12-07 19:39:58 ----A---- C:\Windows\system32\unacev2.dll
    2008-12-07 19:35:30 ----D---- C:\Users\User\AppData\Roaming\Mozilla
    2008-12-07 19:35:11 ----D---- C:\Program Files\Mozilla Firefox
    2008-12-07 17:54:32 ----A---- C:\Windows\system32\wups2.dll
    2008-12-07 17:54:32 ----A---- C:\Windows\system32\wuauclt.exe
    2008-12-07 17:54:31 ----A---- C:\Windows\system32\wucltux.dll
    2008-12-07 17:54:30 ----A---- C:\Windows\system32\wuaueng.dll
    2008-12-07 17:53:59 ----A---- C:\Windows\system32\wups.dll
    2008-12-07 17:53:59 ----A---- C:\Windows\system32\wudriver.dll
    2008-12-07 17:53:59 ----A---- C:\Windows\system32\wuapi.dll
    2008-12-07 17:53:44 ----A---- C:\Windows\system32\wuwebv.dll
    2008-12-07 17:53:44 ----A---- C:\Windows\system32\wuapp.exe
    2008-12-06 19:40:01 ----D---- C:\Program Files\LimeWire
    2008-11-26 18:28:42 ----A---- C:\Windows\system32\WindowsCodecs.dll
    2008-11-26 18:28:42 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
    2008-11-26 18:28:41 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
    2008-11-26 18:28:00 ----A---- C:\Windows\system32\PortableDeviceApi.dll
    2008-11-26 18:27:59 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
    2008-11-26 18:27:59 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
    2008-11-26 18:27:02 ----A---- C:\Windows\system32\connect.dll

    ======List of files/folders modified in the last 1 months======

    2008-12-11 12:49:57 ----D---- C:\Windows\Temp
    2008-12-11 12:49:54 ----RD---- C:\Program Files
    2008-12-11 12:45:08 ----D---- C:\ProgramData\Kaspersky Lab
    2008-12-11 12:43:47 ----D---- C:\Windows\winsxs
    2008-12-11 12:43:41 ----D---- C:\Windows\system32\catroot
    2008-12-11 12:43:39 ----D---- C:\Windows\system32\catroot2
    2008-12-11 12:43:34 ----ASH---- C:\Program Files\desktop.ini
    2008-12-11 12:41:09 ----D---- C:\Windows\system32\fr-FR
    2008-12-11 12:41:09 ----D---- C:\Windows\System32
    2008-12-11 12:41:09 ----D---- C:\Program Files\Windows Mail
    2008-12-11 12:41:08 ----D---- C:\Windows\system32\migration
    2008-12-11 12:41:08 ----D---- C:\Windows
    2008-12-11 12:41:08 ----D---- C:\Program Files\Internet Explorer
    2008-12-11 12:41:07 ----D---- C:\Windows\AppPatch
    2008-12-11 12:21:18 ----SHD---- C:\System Volume Information
    2008-12-10 21:15:52 ----D---- C:\Users\User\AppData\Roaming\LimeWire
    2008-12-08 21:36:53 ----D---- C:\Windows\system32\Tasks
    2008-12-08 19:54:00 ----D---- C:\Windows\system32\drivers
    2008-12-08 19:52:05 ----HD---- C:\ProgramData
    2008-12-07 18:58:28 ----D---- C:\Windows\rescache
    2008-12-07 18:22:37 ----A---- C:\Windows\ntbtlog.txt
    2008-11-20 11:04:53 ----SHD---- C:\Windows\Installer
    2008-11-20 11:03:22 ----D---- C:\Windows\Logs

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2008-10-31 112144]
    R1 KLIF;KLIF; C:\Windows\system32\DRIVERS\klif.sys [2008-10-28 127768]
    R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2007-04-04 20760]
    R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\Windows\system32\DRIVERS\mdc8021x.sys [2008-07-18 15781]
    R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
    R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-07-10 8704]
    R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-09-29 156672]
    R3 BCM43XX;Pilote pour carte réseau Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-10-08 1044472]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-10-05 14208]
    R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-02-27 201728]
    R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
    R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
    R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-06-20 984064]
    R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-06-20 208896]
    R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-08-20 1790976]
    R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2007-04-23 50176]
    R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2007-11-21 132864]
    R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-06-20 660480]
    R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-10-05 11264]
    S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-10-08 1044472]
    S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
    S3 E100B;Intel(R) PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
    S3 gmer;gmer; C:\Windows\System32\DRIVERS\gmer.sys [2008-12-08 85969]
    S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-10-11 176640]
    S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
    S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-08-20 1790976]
    S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
    S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
    S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
    S3 SymIMMP;SymIMMP; C:\Windows\system32\DRIVERS\SymIM.sys []
    S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AVP;Kaspersky Internet Security 7.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe [2007-06-28 218376]
    R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-09-19 65536]
    R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
    R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-10-03 358936]
    R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
    R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-07-10 386560]
    S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-03-05 110592]
    S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2008-05-05 165416]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

    -----------------EOF-----------------
    11 Décembre 2008 12:53:29

    rapport info.txt
    info.txt logfile of random's system information tool 1.04 2008-12-11 12:50:31

    ======Uninstall list======

    -->"C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
    -->"C:\Program Files\HP Games\Blasterball 2 Revolution\Uninstall.exe"
    -->"C:\Program Files\HP Games\Blasterball 3\Uninstall.exe"
    -->"C:\Program Files\HP Games\Bricks of Egypt\Uninstall.exe"
    -->"C:\Program Files\HP Games\Chicken Invaders 3 - Revenge of the Yolk\Uninstall.exe"
    -->"C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
    -->"C:\Program Files\HP Games\Crystal Maze\Uninstall.exe"
    -->"C:\Program Files\HP Games\Defender of the Crown - Heroes Live Forever\Uninstall.exe"
    -->"C:\Program Files\HP Games\Diner Dash 2 Restaurant Rescue\Uninstall.exe"
    -->"C:\Program Files\HP Games\Diner Dash\Uninstall.exe"
    -->"C:\Program Files\HP Games\FATE\Uninstall.exe"
    -->"C:\Program Files\HP Games\Fish Tycoon\Uninstall.exe"
    -->"C:\Program Files\HP Games\Gem Shop\Uninstall.exe"
    -->"C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
    -->"C:\Program Files\HP Games\Jewel Quest\Uninstall.exe"
    -->"C:\Program Files\HP Games\Magic Academy\Uninstall.exe"
    -->"C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe"
    -->"C:\Program Files\HP Games\My HP Game Console\Uninstall.exe"
    -->"C:\Program Files\HP Games\Ocean Express\Uninstall.exe"
    -->"C:\Program Files\HP Games\Peggle\Uninstall.exe"
    -->"C:\Program Files\HP Games\Penguins!\Uninstall.exe"
    -->"C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"
    -->"C:\Program Files\HP Games\Polar Golfer Pineapple Cup\Uninstall.exe"
    -->"C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"
    -->"C:\Program Files\HP Games\Puzzle Express\Uninstall.exe"
    -->"C:\Program Files\HP Games\Shooting Stars Pool\Uninstall.exe"
    -->"C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe"
    -->"C:\Program Files\HP Games\Sudoku Quest\Uninstall.exe"
    -->"C:\Program Files\HP Games\Super Granny\Uninstall.exe"
    -->"C:\Program Files\HP Games\Tradewinds\Uninstall.exe"
    -->"C:\Program Files\HP Games\Virtual Villagers - A New Home\Uninstall.exe"
    -->"C:\Program Files\HP Games\Zuma Deluxe\Uninstall.exe"
    -->C:\Program Files\Conexant\SmartAudio\SETUP.EXE -U -ISmartAudio -SM=SMAUDIO.EXE,1801
    -->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
    -->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
    -->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
    -->C:\Windows\UNNeroShowTime.exe /UNINSTALL
    -->C:\Windows\UNNeroVision.exe /UNINSTALL
    -->C:\Windows\UNRecode.exe /UNINSTALL
    Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
    Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Reader 8.1.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003}
    Adobe Shockwave Player-->MsiExec.exe /X{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}
    AIM 6-->C:\Program Files\AIM6\uninst.exe
    AOL Toolbar 5.0-->"C:\Program Files\AOL\AOL Toolbar 5.0\uninstall.exe"
    Broadcom 802.11 Wireless LAN Adapter-->"C:\Program Files\Broadcom\Broadcom 802.11\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11\Driver"
    Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU32a.exe -U -ILEOHERza.INF
    CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
    DVD Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
    EA Link-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{F5577101-33CC-4711-8235-3A95BCD49DB0} /l1036
    ESU for Microsoft Vista-->MsiExec.exe /I{AD3FDC40-BCF4-476D-A2D6-C4B154DD9DF5}
    HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDA_HSF\UIU32m.exe -U -I*.INF
    Hewlett-Packard Active Check-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
    Hewlett-Packard Asset Agent for Health Check-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD0E2B92-3814-46F0-893B-4612EA010C7E}\setup.exe" -l0x9 -removeonly
    HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
    HP DVD Play 3.6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
    HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9885A11E-60E4-417C-B58B-8B31B21C0B8A}\setup.exe" -l0x9 -removeonly
    HP Help and Support-->MsiExec.exe /I{28EDCE9C-3304-4331-8AB3-F3EBE94C35B4}
    HP Quick Launch Buttons 6.30 E2-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x040c uninst
    HP Total Care Advisor-->MsiExec.exe /X{b02df929-29a7-4fd2-9a70-81a644b635f7}
    HP Update-->MsiExec.exe /X{11B83AD3-7A46-4C2E-A568-9505981D4C6F}
    HP User Guides 0093-->MsiExec.exe /I{D7358B07-4F10-4014-9869-7999578BE8ED}
    HP Wireless Assistant-->MsiExec.exe /I{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}
    Intel(R) Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
    Intel(R) Matrix Storage Manager-->C:\Windows\System32\Imsmudlg.exe
    Intel(R) TV Wizard-->C:\Windows\system32\TVWizudlg.exe -uninstall
    Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
    Kaspersky Internet Security 7.0-->MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
    Kaspersky Internet Security 7.0-->MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
    LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe" -uninstall
    Les Sims™ Histoires de vie-->MsiExec.exe /I{2284D904-C138-4B58-93EC-5C362AB5130A}
    LimeWire 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe"
    Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
    Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
    Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
    Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
    Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
    Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
    Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
    Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Works-->MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710}
    Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
    Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSCU for Microsoft Vista-->MsiExec.exe /I{E87F5651-CE15-493F-AE99-3B670E25A54E}
    MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    muvee autoProducer 6.1-->C:\Program Files\InstallShield Installation Information\{250E9609-E830-43EB-B379-DAB7546A2422}\muveesetup.exe -removeonly -runfromtemp
    My HP Games-->"C:\Program Files\HP Games\Uninstall.exe"
    Nero 7 Premium-->MsiExec.exe /I{70AB1576-7883-2313-C650-7A71270B1036}
    NetWaiting-->C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x040c -removeonly
    Power2Go-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall
    PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
    QuickPlay SlingPlayer 0.4.4-->"C:\Program Files\HP\QuickPlay\unins000.exe"
    Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista-->C:\Program Files\InstallShield Installation Information\{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}\setup.exe -runfromtemp -l0x040c -removeonly
    Touch Pad Driver-->C:\Program Files\Apoint2K\Uninstap.exe ADDREMOVE
    Update for Office 2007 (KB934528)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {2B939677-2FFD-48F6-9075-7BF48CB87C80}
    Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u

    ======Security center information======

    AV: Kaspersky Internet Security (disabled)
    FW: Kaspersky Internet Security (disabled)
    AS: Windows Defender
    AS: Kaspersky Internet Security (disabled)

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\CyberLink\Power2Go\
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    "PROCESSOR_ARCHITECTURE"=x86
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "USERNAME"=SYSTEM
    "windir"=%SystemRoot%
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
    "PROCESSOR_REVISION"=0f0d
    "NUMBER_OF_PROCESSORS"=2
    "PLATFORM"=MCD
    "PCBRAND"=HP
    "OnlineServices"=Online Services
    "USERPART"=E:

    -----------------EOF-----------------
    11 Décembre 2008 19:10:20

    Re,

    1) Relance HijackThis (clique droit -> lancer en tant qu'adminstrateur sous Vista), clique sur "do a system scan only", coche ces lignes ( si présentes ) :

    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    O4 - HKCU\..\Run: [Cognac] C:\Users\User\AppData\Local\Temp\~tmpb.exe

    Ferme toutes les applications en cours (particulièrement ton navigateur Internet).
    Puis Fix Checked ! N.B : Il est très important de fermer toutes les applications en cours et de se déconnecter d'internet pour fixer avec hijackthis au risque d'interférer avec les résultats de la manip'.

    2)
  • Télécharge UsbFix (de Chiquitine29) sur ton Bureau.
  • Lance l'installation avec les paramètres par défaut.
  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) sans les ouvrir.
  • Double-clique sur le raccourci UsbFix sur ton Bureau.
  • Choisis l'option Nettoyage.
  • Le PC va redémarrer.
  • Après redémarrage, poste le rapport UsbFix.txt

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque.

    3) Poste un nouveau rapport RSIT.

    ;) 
    11 Décembre 2008 19:41:24

    slt
    le HijackThis cest le rsit.exe je suppose ?
    de toute facon je clique bouton droit sur rsit.exe je met executé en tant que administrateur
    une fenètre windows apparét en disant autorisé le programme ou nou je met oui
    la la fenetre rsit ou il ya continue ou exit apparait je met continu mais c'est un autre rapport qui apparait
    je ne trouve pas "do a system scan only",
    11 Décembre 2008 19:55:00

    Re,

    Non ce n'est pas RSIT, mes excuses :) 

    Télécharge Hijackthis (de Trend Micro) sur ton Bureau.

  • Double clique sur HJTInstall.exe pour lancer l'installation.
  • Clique sur Install.

    Ca devrait aller mieux :) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS