Se connecter / S'enregistrer
Votre question

service.exe probleme au demarrage (reboot )

Tags :
  • Demarrage
  • Sécurité
Dernière réponse : dans Sécurité et virus
1 Octobre 2008 08:42:36

bonjour,

Depuis 2jours j'ai un message d'erreur au demarrage. service.exe (dans systeme32) c'est mal fermer ou est introuvable... Code 1073741819.

J'ai bien trouvé un poste à ce sujet de Resolu... mais je ne peu pas m'approprier la solution car le rapport de "hijackthis" N'est ABSOLUMENT pas le meme...

Pourriez vous s'il vous plais, m'aider à resoudre ce probleme ?

Merci d'avance à ceux qui tenterons de m'aider.

Autres pages sur : service exe probleme demarrage reboot

1 Octobre 2008 10:12:24

Bonjour,

Je vais m'occuper de toi. Merci de prendre en compte que je suis bénévole, que j'ai une vie privée et que j'aide plusieurs internautes à la fois, donc merci d'être patient. Cependant, je ne lâche jamais un internaute tant que son PC n'est pas propre ;) 

Télécharge Hijackthis (de Trend Micro) sur ton Bureau.

  • Double clique sur HJTInstall.exe pour lancer l'installation.
  • Clique sur Install.
  • Double clique sur le raccourci d'HijackThis qui vient d'être créé pour le lancer. (Clique droit -> lancer en tant qu'admin si sous Vista)
  • Accepte la licence en cliquant sur Yes.
  • Clique sur "Do a system scan and save a logfile".
  • Poste ici[ le rapport généré.

    Note : Le rapport se trouve également ici : C:\Program Files\Trend Micro\Hijackthis\Hijackthis.log

    Aide : Comment utiliser HijackThis.

    ;) 
    1 Octobre 2008 15:13:57

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:10:56, on 01/10/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    E:\WINDOWS\System32\smss.exe
    E:\WINDOWS\system32\winlogon.exe
    E:\WINDOWS\system32\services.exe
    E:\WINDOWS\system32\lsass.exe
    E:\WINDOWS\system32\svchost.exe
    E:\WINDOWS\System32\svchost.exe
    E:\WINDOWS\system32\spoolsv.exe
    E:\WINDOWS\Explorer.EXE
    E:\WINDOWS\system32\rundll32.exe
    E:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    E:\WINDOWS\system32\rundll32.exe
    E:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
    E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
    E:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    E:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    E:\WINDOWS\SOUNDMAN.EXE
    E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    E:\WINDOWS\system32\ctfmon.exe
    E:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    E:\Program Files\Microsoft ActiveSync\wcescomm.exe
    E:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
    E:\PROGRA~1\MI3AA1~1\rapimgr.exe
    E:\Program Files\IncrediMail\bin\IMApp.exe
    E:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
    E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
    E:\Program Files\Bonjour\mDNSResponder.exe
    E:\WINDOWS\system32\nvsvc32.exe
    E:\WINDOWS\system32\svchost.exe
    E:\Program Files\Windows Live\Messenger\usnsvc.exe
    E:\Program Files\Mozilla Firefox\firefox.exe
    E:\Documents and Settings\ben et nat\Bureau\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://bl141w.blu141.mail.live.com/mail/inboxlight.aspx...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://kaspersky.telechargement.fr/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - E:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - E:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
    O3 - Toolbar: fdkowvbp - {2A071B1F-95AD-467B-9463-64DA449CB769} - E:\WINDOWS\fdkowvbp.dll (file missing)
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [HP Software Update] E:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "E:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
    O4 - HKLM\..\Run: [AVP] "E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] E:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [MSConfig] E:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
    O4 - HKLM\..\Run: [osselectorreinstall] E:\Program Files\Fichiers communs\Acronis\Partition Suite\oss_reinstall.exe
    O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "E:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [IncrediMail] E:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [Active Desktop Calendar] E:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
    O4 - HKCU\..\Run: [christmastree] E:\Program Files\ChristmasTree\ChristmasTree.exe
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Zapu Acceleration Engine.lnk = E:\Program Files\Zapu\Zapu\wincm.exe
    O4 - Startup: Zapu.lnk = E:\Program Files\Zapu\Zapu\wDivi.exe
    O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr33...
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - E:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
    O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - E:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Port Resolver - Hewlett-Packard Company - E:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
    O23 - Service: HP Status Server - Hewlett-Packard Company - E:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - E:\WINDOWS\system32\HPZipm12.exe

    --
    End of file - 8419 bytes
    Contenus similaires
    1 Octobre 2008 15:16:42

    Merci,

    T'inquiette pas je sais attendre... En principe je suis toujours la donc je ne mets pas longtemps a répondre.

    Quelques fois le PC ne bug pas... comme la... mais c'est rare!
    1 Octobre 2008 23:34:09

    Re,

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.
    Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

    Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
    AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM

    Et poste-moi un nouveau rapport HijackThis.

    ;) 
    1 Octobre 2008 23:56:28

    ok je fais ca... merci
    2 Octobre 2008 07:43:49

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 07:42:58, on 02/10/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    E:\WINDOWS\System32\smss.exe
    E:\WINDOWS\system32\winlogon.exe
    E:\WINDOWS\system32\services.exe
    E:\WINDOWS\system32\lsass.exe
    E:\WINDOWS\system32\svchost.exe
    E:\WINDOWS\System32\svchost.exe
    E:\WINDOWS\system32\spoolsv.exe
    E:\WINDOWS\Explorer.EXE
    E:\WINDOWS\system32\rundll32.exe
    E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
    E:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    E:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    E:\WINDOWS\system32\rundll32.exe
    E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    E:\WINDOWS\system32\ctfmon.exe
    E:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    E:\Program Files\Microsoft ActiveSync\wcescomm.exe
    E:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
    E:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
    E:\PROGRA~1\MI3AA1~1\rapimgr.exe
    E:\Program Files\IncrediMail\bin\IMApp.exe
    E:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
    E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
    E:\Program Files\Bonjour\mDNSResponder.exe
    E:\WINDOWS\system32\nvsvc32.exe
    E:\WINDOWS\system32\svchost.exe
    E:\Program Files\Windows Live\Messenger\usnsvc.exe
    E:\WINDOWS\system32\wuauclt.exe
    E:\Documents and Settings\ben et nat\Bureau\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://bl141w.blu141.mail.live.com/mail/inboxlight.aspx...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://kaspersky.telechargement.fr/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - E:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - E:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
    O3 - Toolbar: fdkowvbp - {2A071B1F-95AD-467B-9463-64DA449CB769} - E:\WINDOWS\fdkowvbp.dll (file missing)
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [AVP] "E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] E:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "E:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [IncrediMail] E:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [Active Desktop Calendar] E:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
    O4 - HKCU\..\Run: [RegistryBooster 2 d’Uniblue ] E:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr33...
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - E:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
    O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe

    --
    End of file - 6795 bytes
    2 Octobre 2008 18:08:00

    Re,

    Je peux avoir le rapport de MBAM comme demandé ?

    ;) 
    2 Octobre 2008 19:29:20

    oups pardon

    Malwarebytes' Anti-Malware 1.28
    Database version: 1226
    Windows 5.1.2600 Service Pack 3

    02/10/2008 07:35:55
    mbam-log-2008-10-02 (07-35-55).txt

    Scan type: Full Scan (C:\|D:\|E:\|F:\|)
    Objects scanned: 170943
    Time elapsed: 1 hour(s), 10 minute(s), 8 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 7
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 1
    Files Infected: 5

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{9233c3c0-1472-4091-a505-5580a23bb4ac} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\fdkowvbp.bqfw (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\fdkowvbp.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebVideo (Trojan.FakeAlert) -> Quarantined and deleted successfully.

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    E:\Program Files\AntiSpywareExpert (Rogue.AntiSpywareExpert) -> Quarantined and deleted successfully.

    Files Infected:
    E:\Documents and Settings\ben et nat\Local Settings\Temp\nsoF1.tmp\blowfish.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    E:\Program Files\SAV\sav0.dat (Rogue.SystemAntivirus) -> Quarantined and deleted successfully.
    E:\Program Files\SAV\sav1.dat (Rogue.SystemAntivirus) -> Quarantined and deleted successfully.
    E:\Documents and Settings\ben et nat\Local Settings\Temp\vistasp1.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    E:\Documents and Settings\ben et nat\Local Settings\Temp\video232.cfg.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    3 Octobre 2008 14:01:14

    Re,

    Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.
  • Double-clique sur RSIT.exe afin de lancer RSIT.
  • Clique Continue à l'écran Disclaimer.
  • Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
    ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
  • NB : Les rapports sont sauvegardés dans le dossier C:\rsit
  • Veille bien à me poster l'intégralité des rapports, vérifie qu'ils soient complets une fois que tu les as postés.

    ;) 
    3 Octobre 2008 14:20:00

    log:

    Logfile of random's system information tool 1.04 (written by random/random)
    Run by ben et nat at 2008-10-03 14:18:01
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive E: has 24 GB (30%) free of 80 GB
    Total RAM: 2047 MB (43% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:18:25, on 03/10/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    E:\WINDOWS\System32\smss.exe
    E:\WINDOWS\system32\winlogon.exe
    E:\WINDOWS\system32\services.exe
    E:\WINDOWS\system32\lsass.exe
    E:\WINDOWS\system32\svchost.exe
    E:\WINDOWS\System32\svchost.exe
    E:\WINDOWS\system32\spoolsv.exe
    E:\WINDOWS\Explorer.EXE
    E:\WINDOWS\system32\rundll32.exe
    E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
    E:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    E:\WINDOWS\system32\rundll32.exe
    E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    E:\WINDOWS\system32\ctfmon.exe
    E:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    E:\Program Files\Microsoft ActiveSync\wcescomm.exe
    E:\PROGRA~1\MI3AA1~1\rapimgr.exe
    E:\Program Files\IncrediMail\bin\IMApp.exe
    E:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
    E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
    E:\Program Files\Bonjour\mDNSResponder.exe
    E:\WINDOWS\system32\nvsvc32.exe
    E:\WINDOWS\system32\svchost.exe
    E:\Program Files\Windows Live\Messenger\usnsvc.exe
    E:\Program Files\eMule\emule.exe
    E:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
    E:\WINDOWS\system32\drwtsn32.exe
    E:\WINDOWS\system32\drwtsn32.exe
    E:\WINDOWS\system32\drwtsn32.exe
    E:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    E:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
    E:\Program Files\IncrediMail\bin\IncMail.exe
    E:\WINDOWS\system32\drwtsn32.exe
    E:\Program Files\Mozilla Firefox\firefox.exe
    E:\Documents and Settings\ben et nat\Bureau\RSIT.exe
    E:\Documents and Settings\ben et nat\Bureau\ben et nat.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://bl141w.blu141.mail.live.com/mail/inboxlight.aspx...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://kaspersky.telechargement.fr/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - E:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - E:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
    O3 - Toolbar: fdkowvbp - {2A071B1F-95AD-467B-9463-64DA449CB769} - (no file)
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [AVP] "E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] E:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "E:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [IncrediMail] E:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [Active Desktop Calendar] E:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
    O4 - HKCU\..\Run: [RegistryBooster 2 d’Uniblue ] E:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr33...
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - E:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
    O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe

    --
    End of file - 7137 bytes

    ======Scheduled tasks folder======

    E:\WINDOWS\tasks\AppleSoftwareUpdate.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
    RealPlayer Download and Record Plugin for Internet Explorer - E:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-06-05 308856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - E:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll [2008-06-05 654320]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {2A071B1F-95AD-467B-9463-64DA449CB769} - []

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"=E:\WINDOWS\system32\NvCpl.dll [2006-03-02 7557120]
    "nwiz"=nwiz.exe /install []
    "BluetoothAuthenticationAgent"=E:\WINDOWS\system32\bthprops.cpl [2008-04-14 110592]
    "NWEReboot"= []
    "AVP"=E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe [2007-06-28 218376]
    "Microsoft Works Update Detection"=E:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe [2003-06-10 50688]
    "TkBellExe"=E:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-06-05 185896]
    "SunJavaUpdateSched"=E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
    "QuickTime Task"=E:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"=E:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "msnmsgr"=E:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
    "IncrediMail"=E:\Program Files\IncrediMail\bin\IncMail.exe [2008-07-24 243072]
    "H/PC Connection Agent"=E:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-06-26 1211176]
    "Active Desktop Calendar"=E:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe [2008-09-23 4467712]
    "RegistryBooster 2 d’Uniblue "=E:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe [2007-11-21 1902592]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\acronis scheduler2 service]
    E:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe [2006-03-02 118784]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\adobe reader speed launcher]
    E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\christmastree]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hp software update]
    E:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ituneshelper]
    E:\Program Files\iTunes\iTunesHelper.exe [2008-09-10 289576]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nerofiltercheck]
    E:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\osselectorreinstall]
    E:\Program Files\Fichiers communs\Acronis\Partition Suite\oss_reinstall.exe [2006-04-19 1281425]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\quicktime task]
    E:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\soundman]
    E:\WINDOWS\SOUNDMAN.EXE [2006-03-02 577536]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\trueimagemonitor.exe]
    E:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe [2006-03-02 1009003]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\e:^documents and settings^all users^menu démarrer^programmes^démarrage^accélérateur de démarrage autocad.lnk]
    E:\PROGRA~1\FICHIE~1\AUTODE~1\ACSTAR~1.EXE [2004-02-25 10872]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\e:^documents and settings^all users^menu démarrer^programmes^démarrage^démarrage rapide de hp photosmart premier.lnk]
    E:\PROGRA~1\HP\DIGITA~1\bin\hpqthb08.exe [2006-02-10 73728]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\e:^documents and settings^all users^menu démarrer^programmes^démarrage^hp digital imaging monitor.lnk]
    E:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2006-02-19 288472]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\e:^documents and settings^all users^menu démarrer^programmes^démarrage^microsoft office.lnk]
    E:\PROGRA~1\MICROS~2\Office10\OSA.EXE [2001-02-13 83360]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\e:^documents and settings^ben et nat^menu démarrer^programmes^démarrage^zapu acceleration engine.lnk]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\e:^documents and settings^ben et nat^menu démarrer^programmes^démarrage^zapu.lnk]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "Pml Driver HPZ12"=2
    "iPod Service"=3
    "idsvc"=3
    "HP Status Server"=3
    "HP Port Resolver"=3
    "gusvc"=2
    "Autodesk Licensing Service"=3

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    E:\WINDOWS\system32\klogon.dll [2007-06-28 206088]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "authentication packages"=msv1_0
    relog_ap

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "E:\Program Files\IncrediMail\bin\ImApp.exe"="E:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
    "E:\Program Files\IncrediMail\bin\IncMail.exe"="E:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
    "E:\Program Files\IncrediMail\bin\ImpCnt.exe"="E:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
    "E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"="E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe:*:Enabled:Kaspersky Anti-Virus"
    "E:\Program Files\eMule\emule.exe"="E:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "N:\Program Files\Wolfenstein - Enemy Territory\ET.exe"="N:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:D isabled:ET"
    "E:\Program Files\Zapu\Zapu\wDivi.exe"="E:\Program Files\Zapu\Zapu\wDivi.exe:*:D isabled:Zapu Control"
    "E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"="E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe:*:D isabled:Kaspersky Anti-Virus"
    "E:\WINDOWS\system32\[Emoticons-plus.com] Winkaa 2.0.exe"="E:\WINDOWS\system32\[Emoticons-plus.com] Winkaa 2.0.exe:*:Enabled:[Emoticons-plus.com] Winkaa 2.0"
    "E:\Program Files\IncrediMail\bin\ImPackr.exe"="E:\Program Files\IncrediMail\bin\ImPackr.exe:*:Enabled:IncrediMail"
    "E:\Program Files\KAZAA LITE TOOLS K++\KazaaLite.kpp"="E:\Program Files\KAZAA LITE TOOLS K++\KazaaLite.kpp:*:Enabled:KazaaLite"
    "E:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="E:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:D isabled:@xpsp3res.dll,-20000"
    "E:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="E:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:D isabled:hpfccopy.exe"
    "E:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="E:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:D isabled:hpoews01.exe"
    "E:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="E:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:D isabled:hpofxm08.exe"
    "E:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="E:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:D isabled:hposfx08.exe"
    "E:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="E:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:D isabled:hposid01.exe"
    "E:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:D isabled:hpqcopy.exe"
    "E:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="E:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:D isabled:hpqdia.exe"
    "E:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:D isabled:hpqkygrp.exe"
    "E:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:D isabled:hpqnrs08.exe"
    "E:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="E:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:D isabled:hpqphunl.exe"
    "E:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:D isabled:hpqscnvw.exe"
    "E:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:D isabled:hpqste08.exe"
    "E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:D isabled:hpqtra08.exe"
    "E:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="E:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:D isabled:hpzwiz01.exe"
    "E:\Program Files\Microsoft ActiveSync\rapimgr.exe"="E:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
    "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"="E:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
    "E:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="E:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
    "E:\Program Files\Real\RealPlayer\realplay.exe"="E:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "E:\Program Files\Windows Live\Messenger\msnmsgr.exe"="E:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "E:\Program Files\Windows Live\Messenger\livecall.exe"="E:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "E:\Program Files\Bonjour\mDNSResponder.exe"="E:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "E:\Program Files\iTunes\iTunes.exe"="E:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "E:\Program Files\Microsoft ActiveSync\rapimgr.exe"="E:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
    "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"="E:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
    "E:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="E:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
    "E:\Program Files\Windows Live\Messenger\msnmsgr.exe"="E:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "E:\Program Files\Windows Live\Messenger\livecall.exe"="E:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    ======File associations======

    .scr - open - "E:\WINDOWS\notepad.exe" "%1"
    .scr - install -
    .scr - config -

    ======List of files/folders created in the last 1 months======

    2008-10-03 14:18:01 ----D---- E:\rsit
    2008-10-03 11:04:44 ----D---- E:\Documents and Settings\ben et nat\Application Data\aicon
    2008-10-02 09:31:20 ----D---- E:\WINDOWS\LastGood
    2008-10-02 00:12:36 ----A---- E:\WINDOWS\ntbtlog.txt
    2008-10-02 00:00:31 ----D---- E:\Documents and Settings\ben et nat\Application Data\Malwarebytes
    2008-10-02 00:00:26 ----D---- E:\Program Files\Malwarebytes' Anti-Malware
    2008-10-02 00:00:26 ----D---- E:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-10-01 22:02:37 ----D---- E:\Program Files\CCleaner
    2008-10-01 21:53:12 ----D---- E:\Documents and Settings\ben et nat\Application Data\Uniblue
    2008-10-01 21:53:04 ----D---- E:\Program Files\Uniblue
    2008-10-01 21:50:45 ----D---- E:\Program Files\NODouble
    2008-10-01 09:00:10 ----D---- E:\WINDOWS\pss
    2008-09-30 22:38:31 ----D---- E:\Documents and Settings\ben et nat\Application Data\XemiComputers
    2008-09-30 22:38:14 ----D---- E:\Program Files\XemiComputers
    2008-09-29 21:36:03 ----A---- E:\WINDOWS\system32\VB5StKit.dll
    2008-09-29 21:36:03 ----A---- E:\WINDOWS\system32\VB5ES.dll
    2008-09-29 21:36:03 ----A---- E:\WINDOWS\ST5UNST.EXE
    2008-09-28 21:53:51 ----D---- E:\AgendaST
    2008-09-28 21:53:51 ----A---- E:\Renkar.ini
    2008-09-28 21:35:23 ----D---- E:\Documents and Settings\ben et nat\Application Data\Pense-bete
    2008-09-22 13:44:30 ----D---- E:\Program Files\Microsoft.NET
    2008-09-22 12:30:23 ----D---- E:\Program Files\Microsoft Silverlight
    2008-09-22 12:30:13 ----D---- E:\Program Files\Microsoft Synchronization Services
    2008-09-22 12:30:12 ----D---- E:\Program Files\Microsoft SQL Server Compact Edition
    2008-09-22 12:26:16 ----D---- E:\Program Files\Microsoft Visual Studio 9.0
    2008-09-22 12:26:16 ----D---- E:\Documents and Settings\All Users\Application Data\Microsoft Help
    2008-09-22 12:25:37 ----D---- E:\Program Files\Microsoft SDKs
    2008-09-22 12:24:13 ----HDC---- E:\WINDOWS\$NtUninstallXPSEPSCLP$
    2008-09-22 12:21:43 ----D---- E:\Program Files\MSBuild
    2008-09-22 12:21:37 ----D---- E:\WINDOWS\system32\XPSViewer
    2008-09-22 12:21:31 ----D---- E:\WINDOWS\system32\en-us
    2008-09-22 12:21:30 ----D---- E:\Program Files\Reference Assemblies
    2008-09-22 12:20:58 ----N---- E:\WINDOWS\system32\spmsg2.dll
    2008-09-22 10:45:48 ----N---- E:\WINDOWS\system32\SET157.tmp
    2008-09-20 13:04:21 ----D---- E:\Program Files\SAV
    2008-09-18 08:13:31 ----D---- E:\Program Files\Apple Software Update
    2008-09-18 08:13:06 ----D---- E:\Documents and Settings\ben et nat\Application Data\Apple Computer
    2008-09-18 08:12:23 ----A---- E:\WINDOWS\system32\GEARAspi.dll
    2008-09-18 08:12:00 ----D---- E:\Program Files\iPod
    2008-09-18 08:11:57 ----D---- E:\Program Files\iTunes
    2008-09-18 08:11:57 ----D---- E:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    2008-09-18 08:11:43 ----D---- E:\Program Files\Bonjour
    2008-09-18 08:02:47 ----D---- E:\Program Files\Fichiers communs\Apple
    2008-09-18 08:02:43 ----D---- E:\Program Files\QuickTime
    2008-09-18 08:02:41 ----D---- E:\Documents and Settings\All Users\Application Data\Apple Computer
    2008-09-14 17:48:52 ----D---- E:\films
    2008-09-10 09:33:16 ----HDC---- E:\WINDOWS\$NtUninstallKB938464$
    2008-09-10 09:32:26 ----HDC---- E:\WINDOWS\$NtUninstallKB954154_WM11$
    2008-09-09 14:58:21 ----D---- E:\Documents and Settings\All Users\Application Data\Apple
    2008-09-09 14:42:30 ----HDC---- E:\WINDOWS\ie7
    2008-09-09 14:08:40 ----D---- E:\Program Files\Windows Live Safety Center
    2008-09-09 10:50:19 ----D---- E:\Program Files\Edith
    2008-09-06 00:43:13 ----D---- E:\Documents and Settings\All Users\Application Data\JollyBear
    2008-09-06 00:39:06 ----D---- E:\Program Files\GameHouse
    2008-09-05 15:25:01 ----A---- E:\WINDOWS\system32\lfpng13n.dll
    2008-09-05 12:32:37 ----D---- E:\Program Files\Coucou le Hibou
    2008-09-05 12:32:08 ----A---- E:\WINDOWS\gfact.ini
    2008-09-05 12:32:07 ----D---- E:\WINDOWS\vocabulon
    2008-09-05 12:32:07 ----A---- E:\WINDOWS\system32\cncs32.dll
    2008-09-05 12:18:45 ----A---- E:\WINDOWS\JMC_1000.INI

    ======List of files/folders modified in the last 1 months======

    2008-10-03 14:18:10 ----D---- E:\WINDOWS\Temp
    2008-10-03 14:17:57 ----D---- E:\WINDOWS\Prefetch
    2008-10-03 14:15:53 ----D---- E:\Program Files\Mozilla Firefox
    2008-10-03 14:13:19 ----D---- E:\Program Files\eMule
    2008-10-03 11:13:03 ----D---- E:\Program Files
    2008-10-02 19:43:08 ----A---- E:\WINDOWS\NeroDigital.ini
    2008-10-02 09:56:17 ----D---- E:\WINDOWS\system32\config
    2008-10-02 09:32:15 ----HD---- E:\WINDOWS\inf
    2008-10-02 09:31:22 ----D---- E:\WINDOWS
    2008-10-02 07:38:25 ----D---- E:\WINDOWS\system32\CatRoot2
    2008-10-02 07:38:15 ----D---- E:\Documents and Settings\All Users\Application Data\Kaspersky Lab
    2008-10-02 00:12:52 ----D---- E:\Documents and Settings
    2008-10-02 00:11:32 ----A---- E:\WINDOWS\SchedLgU.Txt
    2008-10-02 00:00:28 ----D---- E:\WINDOWS\system32\drivers
    2008-10-01 22:59:28 ----D---- E:\WINDOWS\Debug
    2008-10-01 21:14:13 ----A---- E:\WINDOWS\win.ini
    2008-10-01 21:14:13 ----A---- E:\WINDOWS\system.ini
    2008-09-30 23:11:41 ----SHD---- E:\WINDOWS\Installer
    2008-09-30 23:11:41 ----SHD---- E:\Config.Msi
    2008-09-30 22:51:46 ----D---- E:\Documents and Settings\All Users\Application Data\Google Updater
    2008-09-29 21:42:56 ----D---- E:\WINDOWS\system32
    2008-09-28 21:58:13 ----D---- E:\WINDOWS\system
    2008-09-28 21:39:14 ----D---- E:\Program Files\Java
    2008-09-28 21:38:23 ----D---- E:\Program Files\IncrediMail
    2008-09-22 14:40:53 ----D---- E:\WINDOWS\Microsoft.NET
    2008-09-22 14:40:52 ----RSD---- E:\WINDOWS\assembly
    2008-09-22 13:45:43 ----D---- E:\WINDOWS\WinSxS
    2008-09-22 13:44:37 ----D---- E:\Program Files\Fichiers communs\Microsoft Shared
    2008-09-22 13:30:06 ----RSHDC---- E:\WINDOWS\system32\dllcache
    2008-09-22 12:30:18 ----SD---- E:\Documents and Settings\All Users\Application Data\Microsoft
    2008-09-22 12:28:31 ----SD---- E:\Documents and Settings\ben et nat\Application Data\Microsoft
    2008-09-22 12:25:31 ----D---- E:\WINDOWS\system32\CatRoot
    2008-09-22 12:23:55 ----D---- E:\WINDOWS\system32\fr-fr
    2008-09-22 12:23:31 ----D---- E:\Program Files\Internet Explorer
    2008-09-22 12:22:29 ----A---- E:\WINDOWS\system32\PerfStringBackup.INI
    2008-09-22 12:21:41 ----RSD---- E:\WINDOWS\Fonts
    2008-09-22 12:21:10 ----D---- E:\WINDOWS\system32\spool
    2008-09-22 10:59:29 ----HD---- E:\Program Files\InstallShield Installation Information
    2008-09-18 08:13:33 ----SD---- E:\WINDOWS\Tasks
    2008-09-18 08:12:23 ----DC---- E:\WINDOWS\system32\DRVSTORE
    2008-09-18 08:02:47 ----D---- E:\Program Files\Fichiers communs
    2008-09-10 09:33:41 ----HD---- E:\WINDOWS\$hf_mig$
    2008-09-09 14:48:18 ----D---- E:\WINDOWS\Help
    2008-09-05 09:53:40 ----D---- E:\Program Files\Messenger Plus! Live

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 klif;Klif; \??\E:\WINDOWS\system32\drivers\klif.sys []
    R2 SBKUPNT;SBKUPNT; \??\E:\WINDOWS\system32\Drivers\SBKUPNT.SYS []
    R2 tifsfilter;Acronis TrueImage FS Filter; E:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2007-12-13 30688]
    R3 3xHybrid;3xHybrid service; E:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2006-01-24 835200]
    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); E:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-05-19 3965056]
    R3 Arp1394;Protocole client ARP 1394; E:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; E:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
    R3 hidusb;Pilote de classe HID Microsoft; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 klim5;Kaspersky Anti-Virus NDIS Filter; E:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 24344]
    R3 LVUSBSta;Logitech USB Monitor Filter; E:\WINDOWS\system32\drivers\lvusbsta.sys [2004-10-08 22016]
    R3 mouhid;Pilote HID de souris; E:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
    R3 NIC1394;Pilote réseau 1394; E:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 nv;nv; E:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-03-02 3648864]
    R3 NVENETFD;NVIDIA nForce Networking Controller Driver; E:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-09-30 34048]
    R3 nvnetbus;NVIDIA Network Bus Enumerator; E:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-09-30 13056]
    R3 QCMerced;Logitech QuickCam Communicate; E:\WINDOWS\system32\DRIVERS\LVCM.sys [2004-10-08 585824]
    R3 usbaudio;Pilote USB audio (WDM); E:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    R3 usbccgp;Pilote parent générique USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; E:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Pilote de concentrateur standard USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
    R3 usbstor;Pilote de stockage de masse USB; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S1 kbdhid;Pilote HID de clavier; E:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
    S3 BthEnum;Service d'énumérateur Bluetooth; E:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
    S3 BTHMODEM;Pilote de communication série Bluetooth; E:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
    S3 BthPan;Périphérique Bluetooth (réseau personnel); E:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
    S3 BTHPORT;Pilote de port Bluetooth; E:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
    S3 BTHUSB;Pilote USB radio Bluetooth; E:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
    S3 CCDECODE;Décodeur sous-titre fermé; E:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 HidBth;Miniport HID Microsoft Bluetooth; E:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-14 25856]
    S3 HPZid412;IEEE-1284.4 Driver HPZid412; E:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
    S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; E:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; E:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
    S3 MPE;Filtre BDA MPE; E:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; E:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; E:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; E:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); E:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
    S3 se57bus;Sony Ericsson Device 087 driver (WDM); E:\WINDOWS\system32\DRIVERS\se57bus.sys [2006-11-30 61536]
    S3 se57mdfl;Sony Ericsson Device 087 USB WMC Modem Filter; E:\WINDOWS\system32\DRIVERS\se57mdfl.sys [2006-11-30 9360]
    S3 se57mdm;Sony Ericsson Device 087 USB WMC Modem Driver; E:\WINDOWS\system32\DRIVERS\se57mdm.sys [2006-11-30 97088]
    S3 se57mgmt;Sony Ericsson Device 087 USB WMC Device Management Drivers (WDM); E:\WINDOWS\system32\DRIVERS\se57mgmt.sys [2006-11-30 88624]
    S3 se57nd5;Sony Ericsson Device 087 USB Ethernet Emulation SEMC57 (NDIS); E:\WINDOWS\system32\DRIVERS\se57nd5.sys [2006-11-30 18704]
    S3 se57obex;Sony Ericsson Device 087 USB WMC OBEX Interface; E:\WINDOWS\system32\DRIVERS\se57obex.sys [2006-11-30 86432]
    S3 se57unic;Sony Ericsson Device 087 USB Ethernet Emulation SEMC57 (WDM); E:\WINDOWS\system32\DRIVERS\se57unic.sys [2006-11-30 90800]
    S3 SIS163u;SiS163 usb Wireless LAN Adapter Driver; E:\WINDOWS\system32\DRIVERS\sis163u.sys [2005-06-20 215040]
    S3 SLIP;Détrameur décalage BDA; E:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); E:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
    S3 streamip;BDA IPSink; E:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 usbprint;Classe d'imprimantes USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbscan;Pilote de scanneur USB; E:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 wceusbsh;Windows CE USB Serial Host Driver; E:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2007-06-28 108208]
    S3 WSTCODEC;Codec Teletext standard; E:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; E:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S3 ZSMC301b;Philips SPC 200NC PC Camera; E:\WINDOWS\System32\Drivers\usbVM31b.sys []
    S4 IntelIde;IntelIde; E:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AcrSch2Svc;Acronis Scheduler2 Service; E:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe [2006-03-02 172032]
    R2 AVP;Kaspersky Anti-Virus 7.0; E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe [2007-06-28 218376]
    R2 Bonjour Service;Service Bonjour; E:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    R2 BthServ;Bluetooth Support Service; E:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R2 NVSvc;NVIDIA Display Driver Service; E:\WINDOWS\system32\nvsvc32.exe [2006-03-02 143426]
    R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; E:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S3 aspnet_state;ASP.NET State Service; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; E:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
    S3 WLSetupSvc;Windows Live Setup Service; E:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; E:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; E:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S4 Apple Mobile Device;Apple Mobile Device; E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-10 116040]
    S4 Autodesk Licensing Service;Autodesk Licensing Service; E:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2007-12-09 74360]
    S4 gusvc;Google Updater Service; E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-05 137200]
    S4 HP Port Resolver;HP Port Resolver; E:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE [2005-05-20 81920]
    S4 HP Status Server;HP Status Server; E:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE [2004-10-16 73728]
    S4 idsvc;Windows CardSpace; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
    S4 iPod Service;Service de l’iPod; E:\Program Files\iPod\bin\iPodService.exe [2008-09-10 536872]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]
    S4 Pml Driver HPZ12;Pml Driver HPZ12; E:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]

    -----------------EOF-----------------


    et info:

    info.txt logfile of random's system information tool 1.04 2008-10-03 14:18:32

    ======Uninstall list======

    -->E:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 E:\WINDOWS\INF\PCHealth.inf
    1000 mots pour apprendre à lire V 2.3-->C:\educampa\unins000.exe
    Acronis True Image-->MsiExec.exe /X{CA83357B-931E-44DC-AD43-9996FEEB8116}
    Active Desktop Calendar 7.6-->"E:\Program Files\XemiComputers\Active Desktop Calendar\unins000.exe"
    Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
    Adobe Flash Player ActiveX-->E:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
    Album photo Microsoft 9-->E:\WINDOWS\system32\msiexec.exe /i {9F7FC79B-3059-4264-9450-39EB368E3225}
    Apple Mobile Device Support-->MsiExec.exe /I{AA9768AA-FF0B-4C66-A085-31E934F77841}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Archiveur WinRAR-->E:\Program Files\WinRAR\uninstall.exe
    Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
    AutoCAD 2005 - Français-->MsiExec.exe /I{5783F2D7-0301-040C-0002-0060B0CE6BBA}
    AviSynth 2.5-->"E:\Program Files\AviSynth 2.5\Uninstall.exe"
    Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
    CCleaner (remove only)-->"E:\Program Files\CCleaner\uninst.exe"
    CompuApps SwissKnife V3-->E:\WINDOWS\ISUNINST.EXE -fC:\SWISNIFE\SKUninst.ISU
    Correctif pour Lecteur Windows Media 11 (KB939683)-->"E:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"E:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Coucou le Hibou-->E:\Program Files\Coucou le Hibou\Uninstal.exe
    DWG TrueView 2008-->E:\Program Files\DWG TrueView 2008\Setup\Setup.exe /P {B1A9CD45-A702-4E3B-91ED-8CD562869901} /M AOEM
    Edith-->E:\Program Files\Edith\Uninstal.exe
    eMule-->"E:\Program Files\eMule\Uninstall.exe"
    Fujitsu Siemens Computers WLAN 802.11b/g D1705/D1706-->E:\WINDOWS\system32\unwlsdrv.exe SiS163u
    HijackThis 2.0.2-->"E:\Documents and Settings\ben et nat\Bureau\HijackThis.exe" /uninstall
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"E:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    HP Customer Participation Program 7.0-->E:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
    HP Document Viewer 7.0-->E:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
    HP Imaging Device Functions 7.0-->E:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
    HP Photosmart Premier Software 6.5-->E:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
    HP Photosmart, Officejet and Deskjet 7.0.A-->E:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.dat
    HP Solution Center 7.0-->E:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
    HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4}
    IncrediMail Xe-->E:\Program Files\IncrediMail\bin\ImSetup.exe /remove /addon:IncrediMail /log:IncMail.log
    iTunes-->MsiExec.exe /I{41B9E2CF-0B3F-442A-B5B3-592A4A355634}
    J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
    Jasc Paint Shop Pro 8-->MsiExec.exe /I{81A34902-9D0B-4920-A25C-4CDC5D14B328}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Kaspersky Anti-Virus 7.0-->MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
    Kaspersky Anti-Virus 7.0-->MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
    K-Lite Codec Pack 3.5.9 Full BETA-->"E:\Program Files\K-Lite Codec Pack\unins000.exe"
    Lecteur Windows Media 11-->"E:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Livebox-->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe" -l0x40c
    Local Cooling Setup-->MsiExec.exe /I{79166E9D-4D2B-405A-B8F5-B43E0C795FF2}
    Mahjong Escape-->E:\PROGRA~1\GAMEHO~1\MAHJON~1\UNWISE.EXE /U E:\PROGRA~1\GAMEHO~1\MAHJON~1\INSTALL.LOG
    Malwarebytes' Anti-Malware-->"E:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Messenger Plus! Live-->"E:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"E:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "E:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940}
    Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
    Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{511DF669-2930-30C0-8EB6-552887E29EC8}
    Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
    Microsoft .NET Framework 3.5 Language Pack - fra-->MsiExec.exe /I{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}
    Microsoft .NET Framework 3.5-->E:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
    Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
    Microsoft ActiveSync 4.0-->MsiExec.exe /I{B208806F-A231-4FA0-AB3F-5C1B8979223E}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"E:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Internationalized Domain Names Mitigation APIs-->"E:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"E:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office Live Small Business Image Uploader-->MsiExec.exe /X{A580547F-4FB6-433E-A595-21CAA858C556}
    Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
    Microsoft Photo Pro 9-->E:\WINDOWS\system32\msiexec.exe /i {DBA8B9E1-C6FF-4624-9598-73D3B41A0905}
    Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server Compact 3.5 Design Tools FRA-->MsiExec.exe /X{043ECF7B-4724-4F7B-8A9D-BC22719E95F7}
    Microsoft SQL Server Compact 3.5 FRA-->MsiExec.exe /I{BE361597-42AC-4513-9BA6-FFAB310038FB}
    Microsoft Visual Basic 2008 Express - Français-->E:\Program Files\Microsoft Visual Studio 9.0\Microsoft Visual Basic 2008 Express Edition - FRA\setup.exe
    Microsoft Visual Basic 2008 Express Edition - FRA-->MsiExec.exe /X{ACC61C04-48C5-3F6F-977B-AD33E94E5F40}
    Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework-->MsiExec.exe /X{AB47EEE8-507B-331F-AA28-B7C7257F014C}
    Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32-->MsiExec.exe /X{07FCBED5-94C3-4F94-B9D3-360FA27C7B06}
    MIKSOFT Mobile 3GP converter-->"E:\Program Files\MIKSOFT\Mobile 3GP converter\unins000.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"E:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"E:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"E:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"E:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464)-->"E:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"E:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"E:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950759)-->"E:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950760)-->"E:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"E:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"E:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"E:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376)-->"E:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"E:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"E:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"E:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"E:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953838)-->"E:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953839)-->"E:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951072-v2)-->"E:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"E:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Module linguistique Microsoft .NET Framework 3.5 - fra-->E:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - fra\setup.exe
    Mozilla Firefox (3.0.3)-->E:\Program Files\Mozilla Firefox\uninstall\helper.exe
    Nero 6 Ultra Edition-->E:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
    Nettoyeur de Disque-->MsiExec.exe /X{4E4DF456-9F14-4EB4-9D74-8A17A345B9D4}
    NODouble-->E:\Program Files\NODouble\uninstall.exe
    NVIDIA Drivers-->E:\WINDOWS\system32\nvudisp.exe UninstallGUI
    OCR Software by I.R.I.S 7.0-->E:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
    OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
    Outil de mise à jour Google-->"E:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
    Partition Suite-->MsiExec.exe /X{2300EE96-0A41-4FAB-BD03-989EC44577A0}
    PC Inspector File Recovery-->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\Setup.exe" -l0x40c
    pvAuthor v3.3.1-->E:\PROGRA~1\PACKET~1\PVAuthor\UNWISE.EXE E:\PROGRA~1\PACKET~1\PVAuthor\INSTALL.LOG
    QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
    RealPlayer-->E:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    Realtek AC'97 Audio-->Alcrmv.exe -r -m
    Ri4m v5.0.1d-->E:\Program Files\Ripp-it_AM\Ri4m_Uninstal.exe
    Shop for HP Supplies-->E:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
    StuffPlug-NG (Messenger Plus! Plugins)-->E:\Program Files\MessengerPlus! 3\Plugins\StuffPlug-NG\Uninstall.exe
    Uniblue RegistryBooster 2-->"E:\Program Files\Uniblue\RegistryBooster 2\unins000.exe"
    ViaMichelin Navigation PND-->"E:\Program Files\InstallShield Installation Information\{47FF921C-E834-47A6-8CE4-F0A99CDE347F}\setup.exe" -runfromtemp -l0x040c -removeonly
    VideoLAN VLC media player 0.8.1-->E:\Program Files\VideoLAN\VLC\uninstall.exe
    Windows Internet Explorer 7-->"E:\WINDOWS\ie7\spuninst\spuninst.exe"
    Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
    Windows Live OneCare safety scanner-->RunDll32.exe "E:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
    Windows Media Format 11 runtime-->"E:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"E:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"E:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows XP Service Pack 3-->"E:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    Winkaa 1.0 1.0-->"E:\Program Files\Emoticons-plus.com\Winkaa 1.0\uninstall.exe"
    XML Paper Specification Shared Components Language Pack 1.0-->"E:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

    =====HijackThis Backups=====

    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe

    ======Security center information======

    AV: Kaspersky Anti-Virus

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;E:\PROGRA~1\FICHIE~1\AUTODE~1;E:\Program Files\Fichiers communs\Autodesk Shared\;E:\Program Files\QuickTime\QTSystem\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 43 Stepping 1, AuthenticAMD
    "PROCESSOR_REVISION"=2b01
    "NUMBER_OF_PROCESSORS"=2
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "CLASSPATH"=.;E:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
    "QTJAVA"=E:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

    -----------------EOF-----------------
    voila...
    3 Octobre 2008 14:25:31

    a par que émoticone c'est : D sinon ils sont complets
    3 Octobre 2008 22:30:24

    Re,

    ~Fais une analyse antivirus en ligne sur le site de Kaspersky
    http://www.kaspersky.com/kos/eng/partner/default/kavweb...
  • Clique sur Accept
  • Une barre jaune va te demander si tu acceptes d'installer le Kavwebscan_Unicode.cab, installe l'Active X.
  • clique une nouvelle fois sur "Accept"
  • Les bases de mises à jour vont s'installer, patiente un moment
  • Clique sur Next.
  • Clique sur My Computer, le scan se met en route; attends la fin du scan sans fermer la fenêtre sinon il s'arrêtera.

    ;) 
    3 Octobre 2008 22:42:08

    ok mais il y a qelque chose ou pas? parceque ca fait 2 jour que je l'ai pas eteint, de peur de ne pouvoir le rallumer...
    Donc, si tu pouvez me dire plus en detail a quoi correspond ce que tu me demande ca serai bien pour moi
    3 Octobre 2008 22:53:32

    Re,

    Je n'ai rien trouvé d'inquiétant dans ton rapport, donc je demande une analyse online Kaspersky car elle est très poussée.

    Il y a quelques bricoles à faire, mais rien d'inquiétant.

    ;) 
    3 Octobre 2008 23:24:21

    ok je suis entrain de la faire. merci
    4 Octobre 2008 11:12:33

    bonjour,
    il a rien trouvé... juste un tit trojan dans les fichiers temp
    4 Octobre 2008 11:13:45

    bon ba aparament y a rien... entre temps j'avais vidé ma poubelle qui etait pleine... alors peu etre...
    4 Octobre 2008 19:37:28

    Re,

    E:\Renkar.ini

    Ce fichier te dit-il quelque chose ?

    ***

    Désinstalle via Ajout/Suppression de Programmes (si présents) :

  • Adobe Reader 8.1.2 - Français
  • Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
  • eMule
  • J2SE Runtime Environment 5.0 Update 6
  • Uniblue RegistryBooster 2

    Je te conseille de désinstaller et de supprimer tous tes logiciels de p2p : 50% de ce que tu télécharges via p2p est piégé. Le p2p est le premier vecteur d'infection de nos jours.
    Plus d'informations disponibles en cliquant sur le lien suivant : Cracks / P2P

    Tu es en train d'utiliser une vieille version de Adobe Acrobat Reader : cela peut constituer une faille de sécurité, c'est-à-dire une brèche dans ton système qu'un pirate pourrait exploiter. Tu peux le mettre à jour ici :
    http://www.adobe.com/products/acrobat/readstep2.html

    ***

    Relance HijackThis (clique droit -> lancer en tant qu'adminstrateur sous Vista), clique sur "do a system scan only", coche ces lignes ( si présentes ) :

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    Ferme toutes les applications en cours (particulièrement ton navigateur Internet).
    Puis Fix Checked ! N.B : Il est très important de fermer toutes les applications en cours et de se déconnecter d'internet pour fixer avec hijackthis au risque d'interférer avec les résultats de la manip'.

    ***

    Télécharge OTMoveIt3 (OldTimer). Sauvegarde-le sur ton Bureau.
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    :processes
    explorer.exe

    :reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{2A071B1F-95AD-467B-9463-64DA449CB769}"=-
    [-HKEY_CLASSES_ROOT\CLSID\{2A071B1F-95AD-467B-9463-64DA449CB769}]

    :commands
    [purity]
    [emptytemp]
    [start explorer]
    [reboot]


    Double clique sur OTMoveIt3.exe afin de le lancer.
    Colle (ou Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
    Clique maintenant sur le bouton [#ff0000]MoveIt![/#f] puis ferme OTMoveIt3.

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log

    Comment va le PC ? Toujours des problèmes ?

    ;) 
    6 Octobre 2008 09:45:33

    bonjour,

    Apres l'avoir eteint l'autre jour, j'ai eu le meme probleme et beaucoup de mal a le rallumer sans qu il reboot!

    Pris de colere, je suis aller dans sys32 j'ai supprimé service.exe, et supprimé Uniblue RegistryBooster 2 qui ne me servai pas. quand a "renkar" je l'avais installé mais il ne me plaisai pas du tout et donc enlevé aussitot! (je cherchais un agenda...)

    Bref, du coup forcement sans service.exe ca marchait moins bien (mdr) j'ai fait une reparation de windows en bootant le cd...

    Pour l'instant, ca fonctionne. j'ai passé un scan minucieux archive comprise mon anti virus n'a rien retrouvé... (j'ai kapersky non piraté je te rasure... lol)

    En tout cas merci beaucoup pour ton aide.
    Si tu as quelques conseils... (a par ne plus se servir de p2p, ca je le sais deja...) :-p
    6 Octobre 2008 15:38:21

    Citation :
    Bref, du coup forcement sans service.exe ca marchait moins bien (mdr) j'ai fait une reparation de windows en bootant le cd...


    :lol:  C'était un peu bourrin ça :D 

    Services.exe dans system32 est légitime, je pense que tu l'as appris à tes dépens :p 

    Poste-moi un nouveau rapport RSIT qu'on fasse le point.

    ;) 
    13 Novembre 2008 10:52:47

    bonjour,

    Désolé de n'avoir pas donné de nouvelle depuis 1 mois... (pbm perso) :sweat: 


    J'ai aussi réinstallé sp2, car il avait un probleme aussi apparament (apres la MaJ de crosoft en sp3 qui fonctionnait pas...)
    13 Novembre 2008 10:59:22

    voici a nouveau un rapport de RSIT.

    LOG:

    Logfile of random's system information tool 1.04 (written by random/random)
    Run by ben et nat at 2008-11-13 10:56:38
    Microsoft Windows XP Édition familiale Service Pack 2
    System drive E: has 23 GB (29%) free of 80 GB
    Total RAM: 2047 MB (64% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:56:55, on 13/11/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    E:\WINDOWS\System32\smss.exe
    E:\WINDOWS\system32\winlogon.exe
    E:\WINDOWS\system32\services.exe
    E:\WINDOWS\system32\lsass.exe
    E:\WINDOWS\system32\svchost.exe
    E:\WINDOWS\System32\svchost.exe
    E:\WINDOWS\system32\spoolsv.exe
    E:\WINDOWS\Explorer.EXE
    E:\WINDOWS\system32\rundll32.exe
    E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
    E:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    E:\WINDOWS\system32\rundll32.exe
    E:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    E:\WINDOWS\SOUNDMAN.EXE
    E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    E:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    E:\Program Files\Unlocker\UnlockerAssistant.exe
    E:\Program Files\Microsoft ActiveSync\wcescomm.exe
    E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    E:\PROGRA~1\MI3AA1~1\rapimgr.exe
    E:\Program Files\IncrediMail\bin\IMApp.exe
    E:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
    E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
    E:\WINDOWS\system32\nvsvc32.exe
    E:\WINDOWS\system32\svchost.exe
    E:\Program Files\Windows Live\Messenger\msnmsgr.exe
    E:\Program Files\Windows Live\Messenger\usnsvc.exe
    E:\Program Files\Mozilla Firefox\firefox.exe
    E:\Program Files\Internet Explorer\IEXPLORE.EXE
    E:\Documents and Settings\ben et nat\Bureau\RSIT.exe
    E:\Program Files\trend micro\ben et nat.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://kaspersky.telechargement.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - E:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: fdkowvbp - {2A071B1F-95AD-467B-9463-64DA449CB769} - (no file)
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [AVP] "E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] E:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    O4 - HKLM\..\Run: [VirtualCloneDrive] "E:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
    O4 - HKLM\..\Run: [UnlockerAssistant] "E:\Program Files\Unlocker\UnlockerAssistant.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [IncrediMail] E:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [Active Desktop Calendar] E:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
    O4 - HKCU\..\Run: [RegistryBooster 2 d’Uniblue ] E:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
    O4 - HKCU\..\Run: [WOOKIT] E:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
    O4 - HKCU\..\Run: [Software Informer] "E:\Program Files\Software Informer\softinfo.exe" -autorun
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [AdobeUpdater] "E:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [searching] Search from the Address bar
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientContr...
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr33...
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - E:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
    O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
    O23 - Service: HP Port Resolver - Hewlett-Packard Company - E:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
    O23 - Service: HP Status Server - Hewlett-Packard Company - E:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe

    --
    End of file - 8335 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
    RealPlayer Download and Record Plugin for Internet Explorer - E:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-06-05 308856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - E:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {2A071B1F-95AD-467B-9463-64DA449CB769} - []

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"=E:\WINDOWS\system32\NvCpl.dll [2006-03-02 7557120]
    "nwiz"=nwiz.exe /install []
    "BluetoothAuthenticationAgent"=E:\WINDOWS\system32\bthprops.cpl [2004-08-19 110592]
    "NWEReboot"= []
    "AVP"=E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe [2007-06-28 218376]
    "Microsoft Works Update Detection"=E:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe [2003-06-10 50688]
    "TkBellExe"=E:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-06-05 185896]
    "QuickTime Task"=E:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
    "SoundMan"=E:\WINDOWS\SOUNDMAN.EXE [2006-03-02 577536]
    "SunJavaUpdateSched"=E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
    "VirtualCloneDrive"=E:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2008-06-29 52168]
    "UnlockerAssistant"=E:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]
    "Adobe Reader Speed Launcher"=E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "IncrediMail"=E:\Program Files\IncrediMail\bin\IncMail.exe [2008-07-24 243072]
    "H/PC Connection Agent"=E:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-06-26 1211176]
    "Active Desktop Calendar"=E:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe [2008-09-23 4467712]
    "RegistryBooster 2 d’Uniblue "=E:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S []
    "WOOKIT"=E:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM= []
    "Software Informer"=E:\Program Files\Software Informer\softinfo.exe -autorun []
    "fsm"= []
    "SpybotSD TeaTimer"=E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
    "AdobeUpdater"=E:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe [2008-09-26 2356088]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\acronis scheduler2 service]
    E:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe [2006-03-02 118784]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\adobe reader speed launcher]
    E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\christmastree]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hp software update]
    E:\Program Files\HP\HP Software Update\HPWuSchd2.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ituneshelper]
    E:\Program Files\iTunes\iTunesHelper.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nerofiltercheck]
    E:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\osselectorreinstall]
    E:\Program Files\Fichiers communs\Acronis\Partition Suite\oss_reinstall.exe [2006-04-19 1281425]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\quicktime task]
    E:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\soundman]
    E:\WINDOWS\SOUNDMAN.EXE [2006-03-02 577536]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\trueimagemonitor.exe]
    E:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\e:^documents and settings^all users^menu démarrer^programmes^démarrage^accélérateur de démarrage autocad.lnk]
    E:\PROGRA~1\FICHIE~1\AUTODE~1\ACSTAR~1.EXE []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\e:^documents and settings^all users^menu démarrer^programmes^démarrage^démarrage rapide de hp photosmart premier.lnk]
    E:\PROGRA~1\HP\DIGITA~1\bin\hpqthb08.exe -s []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\e:^documents and settings^all users^menu démarrer^programmes^démarrage^hp digital imaging monitor.lnk]
    E:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\e:^documents and settings^all users^menu démarrer^programmes^démarrage^microsoft office.lnk]
    E:\PROGRA~1\MICROS~2\Office10\OSA.EXE [2001-02-13 83360]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\e:^documents and settings^ben et nat^menu démarrer^programmes^démarrage^zapu acceleration engine.lnk]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\e:^documents and settings^ben et nat^menu démarrer^programmes^démarrage^zapu.lnk]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "Pml Driver HPZ12"=2
    "iPod Service"=3
    "idsvc"=3
    "HP Status Server"=3
    "HP Port Resolver"=3
    "gusvc"=2
    "Autodesk Licensing Service"=3

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    E:\WINDOWS\system32\klogon.dll [2007-06-28 206088]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "authentication packages"=msv1_0
    relog_ap

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=95000000

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "E:\Program Files\IncrediMail\bin\ImApp.exe"="E:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
    "E:\Program Files\IncrediMail\bin\IncMail.exe"="E:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
    "E:\Program Files\IncrediMail\bin\ImpCnt.exe"="E:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
    "E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"="E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe:*:Enabled:Kaspersky Anti-Virus"
    "E:\Program Files\eMule\emule.exe"="E:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "N:\Program Files\Wolfenstein - Enemy Territory\ET.exe"="N:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:D isabled:ET"
    "E:\Program Files\Zapu\Zapu\wDivi.exe"="E:\Program Files\Zapu\Zapu\wDivi.exe:*:D isabled:Zapu Control"
    "E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"="E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe:*:D isabled:Kaspersky Anti-Virus"
    "E:\WINDOWS\system32\[Emoticons-plus.com] Winkaa 2.0.exe"="E:\WINDOWS\system32\[Emoticons-plus.com] Winkaa 2.0.exe:*:Enabled:[Emoticons-plus.com] Winkaa 2.0"
    "E:\Program Files\IncrediMail\bin\ImPackr.exe"="E:\Program Files\IncrediMail\bin\ImPackr.exe:*:Enabled:IncrediMail"
    "E:\Program Files\KAZAA LITE TOOLS K++\KazaaLite.kpp"="E:\Program Files\KAZAA LITE TOOLS K++\KazaaLite.kpp:*:Enabled:KazaaLite"
    "E:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="E:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:D isabled:@xpsp3res.dll,-20000"
    "E:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="E:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:D isabled:hpfccopy.exe"
    "E:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="E:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:D isabled:hpoews01.exe"
    "E:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="E:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:D isabled:hpofxm08.exe"
    "E:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="E:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:D isabled:hposfx08.exe"
    "E:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="E:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:D isabled:hposid01.exe"
    "E:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:D isabled:hpqcopy.exe"
    "E:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="E:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:D isabled:hpqdia.exe"
    "E:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:D isabled:hpqkygrp.exe"
    "E:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:D isabled:hpqnrs08.exe"
    "E:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="E:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:D isabled:hpqphunl.exe"
    "E:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:D isabled:hpqscnvw.exe"
    "E:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:D isabled:hpqste08.exe"
    "E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:D isabled:hpqtra08.exe"
    "E:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="E:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:D isabled:hpzwiz01.exe"
    "E:\Program Files\Microsoft ActiveSync\rapimgr.exe"="E:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
    "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"="E:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
    "E:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="E:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
    "E:\Program Files\Real\RealPlayer\realplay.exe"="E:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "E:\Program Files\iTunes\iTunes.exe"="E:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "E:\Program Files\Windows Live\Messenger\msnmsgr.exe"="E:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "E:\Program Files\Microsoft ActiveSync\rapimgr.exe"="E:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
    "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"="E:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
    "E:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="E:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
    "E:\Program Files\Windows Live\Messenger\msnmsgr.exe"="E:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    ======List of files/folders created in the last 1 months======

    2008-11-13 10:56:39 ----D---- E:\Program Files\trend micro
    2008-11-12 19:17:19 ----N---- E:\WINDOWS\system32\spmsg.dll
    2008-11-12 19:17:18 ----HDC---- E:\WINDOWS\$NtUninstallMSCompPackV1$
    2008-11-06 17:29:56 ----D---- E:\Documents and Settings\ben et nat\Application Data\Desktopicon
    2008-11-06 17:27:56 ----D---- E:\Program Files\Unlocker
    2008-11-02 23:48:17 ----A---- E:\WINDOWS\game.ini
    2008-11-02 23:28:31 ----D---- E:\Program Files\Activision
    2008-11-02 16:46:13 ----A---- E:\WINDOWS\wininit.ini
    2008-11-01 22:13:06 ----SHD---- E:\WINDOWS\ftpcache
    2008-11-01 21:45:10 ----D---- E:\Program Files\Elaborate Bytes
    2008-11-01 19:52:06 ----D---- E:\Program Files\Spybot - Search & Destroy
    2008-11-01 19:52:06 ----D---- E:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-10-31 22:23:40 ----D---- E:\Program Files\Free Download Manager
    2008-10-30 23:08:59 ----HDC---- E:\WINDOWS\$NtUninstallKB885836$
    2008-10-30 23:03:45 ----HDC---- E:\WINDOWS\$NtUninstallKB941569$
    2008-10-30 18:53:07 ----HDC---- E:\WINDOWS\$NtUninstallKB956803$
    2008-10-30 18:52:58 ----HDC---- E:\WINDOWS\$NtUninstallKB956391$
    2008-10-30 18:52:48 ----HDC---- E:\WINDOWS\$NtUninstallKB957095$
    2008-10-30 18:51:49 ----HDC---- E:\WINDOWS\$NtUninstallKB954211$
    2008-10-30 18:50:54 ----HDC---- E:\WINDOWS\$NtUninstallKB956841$
    2008-10-30 18:49:05 ----HDC---- E:\WINDOWS\$NtUninstallKB925720$
    2008-10-30 18:48:54 ----HDC---- E:\WINDOWS\$NtUninstallKB953155$
    2008-10-30 18:48:18 ----HDC---- E:\WINDOWS\$NtUninstallKB958644$
    2008-10-30 12:58:08 ----D---- E:\WINDOWS\system32\CatRoot_bak
    2008-10-30 12:06:29 ----HDC---- E:\WINDOWS\$NtUninstallKB951376-v2$
    2008-10-30 12:06:17 ----HDC---- E:\WINDOWS\$NtUninstallKB952954$
    2008-10-30 12:06:05 ----HDC---- E:\WINDOWS\$NtUninstallKB950974$
    2008-10-30 12:05:52 ----HDC---- E:\WINDOWS\$NtUninstallKB951698$
    2008-10-30 12:05:20 ----HDC---- E:\WINDOWS\$NtUninstallKB950762$
    2008-10-30 12:05:05 ----HDC---- E:\WINDOWS\$NtUninstallKB951072-v2$
    2008-10-30 12:04:52 ----HDC---- E:\WINDOWS\$NtUninstallKB952287$
    2008-10-30 12:03:13 ----HDC---- E:\WINDOWS\$NtUninstallKB951066$
    2008-10-30 12:02:44 ----HDC---- E:\WINDOWS\$NtUninstallKB951748$
    2008-10-30 12:02:24 ----HDC---- E:\WINDOWS\$NtUninstallKB938464$
    2008-10-29 21:55:23 ----HDC---- E:\WINDOWS\$NtUninstallKB883939$
    2008-10-29 21:46:35 ----D---- E:\WINDOWS\Prefetch
    2008-10-29 21:30:17 ----A---- E:\WINDOWS\000001_.tmp
    2008-10-29 19:08:08 ----HDC---- E:\WINDOWS\$NtUninstallKB885894$
    2008-10-16 10:45:16 ----A---- E:\WINDOWS\system32\tasklist.exe
    2008-10-16 09:57:29 ----D---- E:\WINDOWS\Internet Logs
    2008-10-15 21:52:12 ----HDC---- E:\WINDOWS\ie7
    2008-10-14 10:08:15 ----D---- E:\Program Files\SAGEM
    2008-10-14 09:24:42 ----D---- E:\Program Files\MSBuild
    2008-10-14 09:24:34 ----D---- E:\Program Files\Reference Assemblies

    ======List of files/folders modified in the last 1 months======

    2008-11-13 10:56:40 ----D---- E:\WINDOWS\Temp
    2008-11-13 10:56:39 ----RD---- E:\Program Files
    2008-11-13 10:44:19 ----D---- E:\Program Files\Mozilla Firefox
    2008-11-12 20:18:48 ----D---- E:\WINDOWS\system32\CatRoot2
    2008-11-12 20:18:48 ----D---- E:\Documents and Settings\All Users\Application Data\Kaspersky Lab
    2008-11-12 20:16:54 ----A---- E:\WINDOWS\SchedLgU.Txt
    2008-11-12 19:22:00 ----D---- E:\WINDOWS\system32
    2008-11-12 19:21:29 ----D---- E:\WINDOWS
    2008-11-12 19:21:07 ----RSHDC---- E:\WINDOWS\system32\dllcache
    2008-11-12 19:21:07 ----D---- E:\WINDOWS\AppPatch
    2008-11-12 19:21:07 ----D---- E:\Program Files\Windows Media Player
    2008-11-12 19:18:18 ----HD---- E:\WINDOWS\inf
    2008-11-12 19:18:15 ----HDC---- E:\WINDOWS\$NtUninstallKB926239$
    2008-11-12 19:17:23 ----A---- E:\WINDOWS\imsins.BAK
    2008-11-12 19:17:19 ----D---- E:\WINDOWS\system32\CatRoot
    2008-11-12 19:16:21 ----D---- E:\WINDOWS\Help
    2008-11-12 08:54:06 ----D---- E:\Program Files\eMule
    2008-11-11 15:59:14 ----A---- E:\WINDOWS\NeroDigital.ini
    2008-11-10 16:55:09 ----SHD---- E:\WINDOWS\Installer
    2008-11-10 16:55:06 ----SHD---- E:\Config.Msi
    2008-11-10 16:54:32 ----D---- E:\Program Files\Fichiers communs\Adobe
    2008-11-10 16:54:20 ----D---- E:\Documents and Settings\All Users\Application Data\Adobe
    2008-11-10 16:54:03 ----D---- E:\Program Files\Adobe
    2008-11-02 23:25:24 ----D---- E:\Program Files\Fichiers communs\InstallShield
    2008-11-01 21:45:31 ----D---- E:\WINDOWS\system32\drivers
    2008-10-31 11:18:55 ----D---- E:\WINDOWS\msagent
    2008-10-30 23:09:51 ----HDC---- E:\WINDOWS\$NtUninstallKB899587$
    2008-10-30 23:09:41 ----HDC---- E:\WINDOWS\$NtUninstallKB927779$
    2008-10-30 23:09:31 ----HDC---- E:\WINDOWS\$NtUninstallKB927802$
    2008-10-30 23:09:16 ----HDC---- E:\WINDOWS\$NtUninstallKB943460$
    2008-10-30 23:08:51 ----HDC---- E:\WINDOWS\$NtUninstallKB928255$
    2008-10-30 23:08:41 ----HDC---- E:\WINDOWS\$NtUninstallKB933729$
    2008-10-30 23:08:31 ----HDC---- E:\WINDOWS\$NtUninstallKB920685$
    2008-10-30 23:08:21 ----HDC---- E:\WINDOWS\$NtUninstallKB923980$
    2008-10-30 23:08:12 ----HDC---- E:\WINDOWS\$NtUninstallKB911280$
    2008-10-30 23:08:03 ----HDC---- E:\WINDOWS\$NtUninstallKB936021$
    2008-10-30 23:07:54 ----HDC---- E:\WINDOWS\$NtUninstallKB911562$
    2008-10-30 23:07:44 ----HDC---- E:\WINDOWS\$NtUninstallKB938828$
    2008-10-30 23:07:36 ----HDC---- E:\WINDOWS\$NtUninstallKB924667$
    2008-10-30 23:07:30 ----HDC---- E:\WINDOWS\$NtUninstallKB900485$
    2008-10-30 23:07:16 ----HDC---- E:\WINDOWS\$NtUninstallKB924270$
    2008-10-30 23:07:08 ----HDC---- E:\WINDOWS\$NtUninstallKB931261$
    2008-10-30 23:06:26 ----HDC---- E:\WINDOWS\$NtUninstallKB927891$
    2008-10-30 23:06:18 ----HDC---- E:\WINDOWS\$NtUninstallKB946026$
    2008-10-30 23:05:41 ----HDC---- E:\WINDOWS\$NtUninstallKB910437$
    2008-10-30 23:05:01 ----HDC---- E:\WINDOWS\$NtUninstallKB925902$
    2008-10-30 23:04:54 ----D---- E:\Program Files\Outlook Express
    2008-10-30 23:04:53 ----D---- E:\Program Files\Fichiers communs\System
    2008-10-30 23:04:52 ----HDC---- E:\WINDOWS\$NtUninstallKB929123$
    2008-10-30 23:04:42 ----HDC---- E:\WINDOWS\$NtUninstallKB920670$
    2008-10-30 23:04:33 ----HDC---- E:\WINDOWS\$NtUninstallKB918439$
    2008-10-30 23:04:25 ----HDC---- E:\WINDOWS\$NtUninstallKB926436$
    2008-10-30 23:04:17 ----HDC---- E:\WINDOWS\$NtUninstallKB920872$
    2008-10-30 23:04:04 ----HDC---- E:\WINDOWS\$NtUninstallKB930178$
    2008-10-30 23:03:55 ----HDC---- E:\WINDOWS\$NtUninstallKB914388$
    2008-10-30 23:03:08 ----HDC---- E:\WINDOWS\$NtUninstallKB905414$
    2008-10-30 23:02:59 ----HDC---- E:\WINDOWS\$NtUninstallKB932168$
    2008-10-30 23:02:50 ----HDC---- E:\WINDOWS\$NtUninstallKB923191$
    2008-10-30 23:02:43 ----HDC---- E:\WINDOWS\$NtUninstallKB922582$
    2008-10-30 23:02:31 ----HDC---- E:\WINDOWS\$NtUninstallKB918118$
    2008-10-30 23:02:23 ----HDC---- E:\WINDOWS\$NtUninstallKB926255$
    2008-10-30 23:02:14 ----HDC---- E:\WINDOWS\$NtUninstallKB948590$
    2008-10-30 23:02:06 ----HDC---- E:\WINDOWS\$NtUninstallKB920213$
    2008-10-30 23:01:58 ----HDC---- E:\WINDOWS\$NtUninstallKB935840$
    2008-10-30 23:01:50 ----HDC---- E:\WINDOWS\$NtUninstallKB943485$
    2008-10-30 23:01:43 ----HDC---- E:\WINDOWS\$NtUninstallKB945553$
    2008-10-30 23:01:35 ----HDC---- E:\WINDOWS\$NtUninstallKB916595$
    2008-10-30 23:01:27 ----HDC---- E:\WINDOWS\$NtUninstallKB930916$
    2008-10-30 23:01:15 ----HDC---- E:\WINDOWS\$NtUninstallKB950749$
    2008-10-30 23:01:03 ----HDC---- E:\WINDOWS\$NtUninstallKB932823-v3$
    2008-10-30 23:00:55 ----HDC---- E:\WINDOWS\$NtUninstallKB908531$
    2008-10-30 23:00:43 ----HDC---- E:\WINDOWS\$NtUninstallKB913580$
    2008-10-30 23:00:34 ----HDC---- E:\WINDOWS\$NtUninstallKB935839$
    2008-10-30 23:00:26 ----HDC---- E:\WINDOWS\$NtUninstallKB943055$
    2008-10-30 23:00:19 ----HDC---- E:\WINDOWS\$NtUninstallKB908519$
    2008-10-30 23:00:10 ----HDC---- E:\WINDOWS\$NtUninstallKB920683$
    2008-10-30 23:00:02 ----HDC---- E:\WINDOWS\$NtUninstallKB914389$
    2008-10-30 22:59:54 ----HDC---- E:\WINDOWS\$NtUninstallKB944653$
    2008-10-30 22:59:44 ----HDC---- E:\WINDOWS\$NtUninstallKB928843$
    2008-10-30 20:59:55 ----D---- E:\Program Files\Internet Explorer
    2008-10-30 18:53:06 ----HD---- E:\WINDOWS\$hf_mig$
    2008-10-30 18:52:07 ----D---- E:\WINDOWS\ie7updates
    2008-10-30 12:02:28 ----D---- E:\WINDOWS\WinSxS
    2008-10-29 21:46:15 ----D---- E:\WINDOWS\system32\wbem
    2008-10-29 21:45:19 ----D---- E:\WINDOWS\security
    2008-10-29 21:36:21 ----D---- E:\WINDOWS\system32\oobe
    2008-10-29 21:36:20 ----D---- E:\WINDOWS\system32\Setup
    2008-10-29 21:36:19 ----D---- E:\WINDOWS\system32\mui
    2008-10-29 21:36:19 ----D---- E:\WINDOWS\ime
    2008-10-29 21:36:05 ----D---- E:\WINDOWS\PeerNet
    2008-10-29 21:36:05 ----D---- E:\Program Files\Movie Maker
    2008-10-29 21:33:30 ----D---- E:\WINDOWS\system32\Restore
    2008-10-29 21:33:30 ----D---- E:\WINDOWS\system32\npp
    2008-10-29 21:33:29 ----D---- E:\WINDOWS\srchasst
    2008-10-29 21:33:28 ----D---- E:\Program Files\NetMeeting
    2008-10-29 21:33:27 ----D---- E:\WINDOWS\system32\Com
    2008-10-29 21:33:25 ----D---- E:\Program Files\Windows NT
    2008-10-29 21:33:09 ----D---- E:\WINDOWS\system32\usmt
    2008-10-29 21:33:08 ----D---- E:\WINDOWS\system
    2008-10-29 21:13:48 ----D---- E:\WINDOWS\EHome
    2008-10-29 20:39:53 ----SD---- E:\WINDOWS\Downloaded Program Files
    2008-10-28 10:01:09 ----D---- E:\WINDOWS\Debug
    2008-10-18 17:03:50 ----A---- E:\WINDOWS\win.ini
    2008-10-15 17:59:28 ----A---- E:\WINDOWS\system32\netapi32.dll
    2008-10-14 10:08:14 ----HD---- E:\Program Files\InstallShield Installation Information
    2008-10-14 09:45:29 ----RSD---- E:\WINDOWS\assembly
    2008-10-14 09:45:29 ----D---- E:\WINDOWS\Microsoft.NET
    2008-10-14 09:32:18 ----D---- E:\Program Files\Fichiers communs
    2008-10-14 09:32:17 ----D---- E:\Documents and Settings\All Users\Application Data\Autodesk
    2008-10-14 09:32:12 ----RSD---- E:\WINDOWS\Fonts
    2008-10-14 09:30:44 ----D---- E:\Program Files\Fichiers communs\Designer
    2008-10-14 09:28:42 ----D---- E:\Program Files\VideoLAN
    2008-10-14 09:25:24 ----D---- E:\WINDOWS\system32\XPSViewer
    2008-10-14 09:22:06 ----A---- E:\WINDOWS\system32\PerfStringBackup.INI
    2008-10-14 09:06:48 ----D---- E:\Program Files\Google

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 ElbyCDIO;ElbyCDIO Driver; E:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2008-07-21 24392]
    R1 klif;Klif; \??\E:\WINDOWS\system32\drivers\klif.sys []
    R2 SBKUPNT;SBKUPNT; \??\E:\WINDOWS\system32\Drivers\SBKUPNT.SYS []
    R3 3xHybrid;3xHybrid service; E:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2006-01-24 835200]
    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); E:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-05-19 3965056]
    R3 Arp1394;Protocole client ARP 1394; E:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; E:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
    R3 hidusb;Pilote de classe HID Microsoft; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600]
    R3 klim5;Kaspersky Anti-Virus NDIS Filter; E:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 24344]
    R3 LVUSBSta;Logitech USB Monitor Filter; E:\WINDOWS\system32\drivers\lvusbsta.sys [2004-10-08 22016]
    R3 mouhid;Pilote HID de souris; E:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
    R3 NIC1394;Pilote réseau 1394; E:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]
    R3 nv;nv; E:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-03-02 3648864]
    R3 NVENETFD;NVIDIA nForce Networking Controller Driver; E:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-09-30 34048]
    R3 nvnetbus;NVIDIA Network Bus Enumerator; E:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-09-30 13056]
    R3 QCMerced;Logitech QuickCam Communicate; E:\WINDOWS\system32\DRIVERS\LVCM.sys [2004-10-08 585824]
    R3 usbaudio;Pilote USB audio (WDM); E:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
    R3 usbccgp;Pilote parent générique USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-05 31616]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; E:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624]
    R3 usbhub;Concentrateur USB2; E:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-05 17024]
    R3 usbstor;Pilote de stockage de masse USB; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496]
    R3 VClone;VClone; E:\WINDOWS\system32\DRIVERS\VClone.sys [2008-09-24 29184]
    S1 cd439d28;cd439d28; E:\WINDOWS\System32\drivers\cd439d28.sys []
    S1 kbdhid;Pilote HID de clavier; E:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-05 14848]
    S3 BthEnum;Pilote de bloc de demande Bluetooth; E:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-05 17024]
    S3 BTHMODEM;Pilote de communication série Bluetooth; E:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-05 38016]
    S3 BthPan;Périphérique Bluetooth (réseau personnel); E:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-05 100992]
    S3 BTHPORT;Pilote de port Bluetooth; E:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
    S3 BTHUSB;Pilote USB radio Bluetooth; E:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-05 18944]
    S3 CCDECODE;Décodeur sous-titre fermé; E:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
    S3 HidBth;Miniport HID Microsoft Bluetooth; E:\WINDOWS\system32\DRIVERS\hidbth.sys [2004-08-05 25856]
    S3 HPZid412;IEEE-1284.4 Driver HPZid412; E:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
    S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; E:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; E:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
    S3 MPE;Filtre BDA MPE; E:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-05 15360]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; E:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; E:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
    S3 NdisIP;Connection TV/vidéo Microsoft; E:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-05 10880]
    S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); E:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-05 59648]
    S3 se57bus;Sony Ericsson Device 087 driver (WDM); E:\WINDOWS\system32\DRIVERS\se57bus.sys [2006-11-30 61536]
    S3 se57mdfl;Sony Ericsson Device 087 USB WMC Modem Filter; E:\WINDOWS\system32\DRIVERS\se57mdfl.sys [2006-11-30 9360]
    S3 se57mdm;Sony Ericsson Device 087 USB WMC Modem Driver; E:\WINDOWS\system32\DRIVERS\se57mdm.sys [2006-11-30 97088]
    S3 se57mgmt;Sony Ericsson Device 087 USB WMC Device Management Drivers (WDM); E:\WINDOWS\system32\DRIVERS\se57mgmt.sys [2006-11-30 88624]
    S3 se57nd5;Sony Ericsson Device 087 USB Ethernet Emulation SEMC57 (NDIS); E:\WINDOWS\system32\DRIVERS\se57nd5.sys [2006-11-30 18704]
    S3 se57obex;Sony Ericsson Device 087 USB WMC OBEX Interface; E:\WINDOWS\system32\DRIVERS\se57obex.sys [2006-11-30 86432]
    S3 se57unic;Sony Ericsson Device 087 USB Ethernet Emulation SEMC57 (WDM); E:\WINDOWS\system32\DRIVERS\se57unic.sys [2006-11-30 90800]
    S3 se58bus;Sony Ericsson Device 088 driver (WDM); E:\WINDOWS\system32\DRIVERS\se58bus.sys [2006-09-05 61536]
    S3 se58mdfl;Sony Ericsson Device 088 USB WMC Modem Filter; E:\WINDOWS\system32\DRIVERS\se58mdfl.sys [2006-09-05 9360]
    S3 se58mdm;Sony Ericsson Device 088 USB WMC Modem Driver; E:\WINDOWS\system32\DRIVERS\se58mdm.sys [2006-09-05 97088]
    S3 SIS163u;SiS163 usb Wireless LAN Adapter Driver; E:\WINDOWS\system32\DRIVERS\sis163u.sys [2005-06-20 215040]
    S3 SLIP;Détrameur décalage BDA; E:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-05 11136]
    S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); E:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
    S3 streamip;BDA IPSink; E:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-05 15360]
    S3 usbprint;Classe d'imprimantes USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
    S3 usbscan;Pilote de scanneur USB; E:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    S3 wceusbsh;Windows CE USB Serial Host Driver; E:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2004-08-05 32128]
    S3 WSTCODEC;Codec Teletext standard; E:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; E:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S3 ZSMC301b;Philips SPC 200NC PC Camera; E:\WINDOWS\System32\Drivers\usbVM31b.sys []
    S4 IntelIde;IntelIde; E:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AcrSch2Svc;Acronis Scheduler2 Service; E:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe [2006-03-02 172032]
    R2 AVP;Kaspersky Anti-Virus 7.0; E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe [2007-06-28 218376]
    R2 BthServ;Bluetooth Support Service; E:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
    R2 NVSvc;NVIDIA Display Driver Service; E:\WINDOWS\system32\nvsvc32.exe [2006-03-02 143426]
    R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; E:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S3 aspnet_state;ASP.NET State Service; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; E:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
    S3 HP Port Resolver;HP Port Resolver; E:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE [2005-05-20 81920]
    S3 HP Status Server;HP Status Server; E:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE [2004-10-16 73728]
    S3 idsvc;Windows CardSpace; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
    S3 NetTcpPortSharing;Net.Tcp Port Sharing Service; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]
    S3 WLSetupSvc;Windows Live Setup Service; E:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; E:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; E:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
    S4 iPod Service;Service de l’iPod; E:\Program Files\iPod\bin\iPodService.exe []
    S4 Pml Driver HPZ12;Pml Driver HPZ12; E:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]

    -----------------EOF-----------------


    et INFO:

    info.txt logfile of random's system information tool 1.04 2008-10-03 14:18:32

    ======Uninstall list======

    -->E:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 E:\WINDOWS\INF\PCHealth.inf
    1000 mots pour apprendre à lire V 2.3-->C:\educampa\unins000.exe
    Acronis True Image-->MsiExec.exe /X{CA83357B-931E-44DC-AD43-9996FEEB8116}
    Active Desktop Calendar 7.6-->"E:\Program Files\XemiComputers\Active Desktop Calendar\unins000.exe"
    Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
    Adobe Flash Player ActiveX-->E:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
    Album photo Microsoft 9-->E:\WINDOWS\system32\msiexec.exe /i {9F7FC79B-3059-4264-9450-39EB368E3225}
    Apple Mobile Device Support-->MsiExec.exe /I{AA9768AA-FF0B-4C66-A085-31E934F77841}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Archiveur WinRAR-->E:\Program Files\WinRAR\uninstall.exe
    Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
    AutoCAD 2005 - Français-->MsiExec.exe /I{5783F2D7-0301-040C-0002-0060B0CE6BBA}
    AviSynth 2.5-->"E:\Program Files\AviSynth 2.5\Uninstall.exe"
    Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
    CCleaner (remove only)-->"E:\Program Files\CCleaner\uninst.exe"
    CompuApps SwissKnife V3-->E:\WINDOWS\ISUNINST.EXE -fC:\SWISNIFE\SKUninst.ISU
    Correctif pour Lecteur Windows Media 11 (KB939683)-->"E:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"E:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Coucou le Hibou-->E:\Program Files\Coucou le Hibou\Uninstal.exe
    DWG TrueView 2008-->E:\Program Files\DWG TrueView 2008\Setup\Setup.exe /P {B1A9CD45-A702-4E3B-91ED-8CD562869901} /M AOEM
    Edith-->E:\Program Files\Edith\Uninstal.exe
    eMule-->"E:\Program Files\eMule\Uninstall.exe"
    Fujitsu Siemens Computers WLAN 802.11b/g D1705/D1706-->E:\WINDOWS\system32\unwlsdrv.exe SiS163u
    HijackThis 2.0.2-->"E:\Documents and Settings\ben et nat\Bureau\HijackThis.exe" /uninstall
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"E:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    HP Customer Participation Program 7.0-->E:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
    HP Document Viewer 7.0-->E:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
    HP Imaging Device Functions 7.0-->E:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
    HP Photosmart Premier Software 6.5-->E:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
    HP Photosmart, Officejet and Deskjet 7.0.A-->E:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.dat
    HP Solution Center 7.0-->E:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
    HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4}
    IncrediMail Xe-->E:\Program Files\IncrediMail\bin\ImSetup.exe /remove /addon:IncrediMail /log:IncMail.log
    iTunes-->MsiExec.exe /I{41B9E2CF-0B3F-442A-B5B3-592A4A355634}
    J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
    Jasc Paint Shop Pro 8-->MsiExec.exe /I{81A34902-9D0B-4920-A25C-4CDC5D14B328}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Kaspersky Anti-Virus 7.0-->MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
    Kaspersky Anti-Virus 7.0-->MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
    K-Lite Codec Pack 3.5.9 Full BETA-->"E:\Program Files\K-Lite Codec Pack\unins000.exe"
    Lecteur Windows Media 11-->"E:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Livebox-->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe" -l0x40c
    Local Cooling Setup-->MsiExec.exe /I{79166E9D-4D2B-405A-B8F5-B43E0C795FF2}
    Mahjong Escape-->E:\PROGRA~1\GAMEHO~1\MAHJON~1\UNWISE.EXE /U E:\PROGRA~1\GAMEHO~1\MAHJON~1\INSTALL.LOG
    Malwarebytes' Anti-Malware-->"E:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Messenger Plus! Live-->"E:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"E:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "E:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940}
    Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
    Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{511DF669-2930-30C0-8EB6-552887E29EC8}
    Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
    Microsoft .NET Framework 3.5 Language Pack - fra-->MsiExec.exe /I{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}
    Microsoft .NET Framework 3.5-->E:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
    Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
    Microsoft ActiveSync 4.0-->MsiExec.exe /I{B208806F-A231-4FA0-AB3F-5C1B8979223E}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"E:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Internationalized Domain Names Mitigation APIs-->"E:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"E:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office Live Small Business Image Uploader-->MsiExec.exe /X{A580547F-4FB6-433E-A595-21CAA858C556}
    Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
    Microsoft Photo Pro 9-->E:\WINDOWS\system32\msiexec.exe /i {DBA8B9E1-C6FF-4624-9598-73D3B41A0905}
    Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server Compact 3.5 Design Tools FRA-->MsiExec.exe /X{043ECF7B-4724-4F7B-8A9D-BC22719E95F7}
    Microsoft SQL Server Compact 3.5 FRA-->MsiExec.exe /I{BE361597-42AC-4513-9BA6-FFAB310038FB}
    Microsoft Visual Basic 2008 Express - Français-->E:\Program Files\Microsoft Visual Studio 9.0\Microsoft Visual Basic 2008 Express Edition - FRA\setup.exe
    Microsoft Visual Basic 2008 Express Edition - FRA-->MsiExec.exe /X{ACC61C04-48C5-3F6F-977B-AD33E94E5F40}
    Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework-->MsiExec.exe /X{AB47EEE8-507B-331F-AA28-B7C7257F014C}
    Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32-->MsiExec.exe /X{07FCBED5-94C3-4F94-B9D3-360FA27C7B06}
    MIKSOFT Mobile 3GP converter-->"E:\Program Files\MIKSOFT\Mobile 3GP converter\unins000.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"E:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"E:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"E:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"E:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464)-->"E:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"E:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"E:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950759)-->"E:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950760)-->"E:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"E:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"E:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"E:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376)-->"E:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"E:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"E:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"E:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"E:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953838)-->"E:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953839)-->"E:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951072-v2)-->"E:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"E:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Module linguistique Microsoft .NET Framework 3.5 - fra-->E:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - fra\setup.exe
    Mozilla Firefox (3.0.3)-->E:\Program Files\Mozilla Firefox\uninstall\helper.exe
    Nero 6 Ultra Edition-->E:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
    Nettoyeur de Disque-->MsiExec.exe /X{4E4DF456-9F14-4EB4-9D74-8A17A345B9D4}
    NODouble-->E:\Program Files\NODouble\uninstall.exe
    NVIDIA Drivers-->E:\WINDOWS\system32\nvudisp.exe UninstallGUI
    OCR Software by I.R.I.S 7.0-->E:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
    OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
    Outil de mise à jour Google-->"E:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
    Partition Suite-->MsiExec.exe /X{2300EE96-0A41-4FAB-BD03-989EC44577A0}
    PC Inspector File Recovery-->RunDll32 E:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\Setup.exe" -l0x40c
    pvAuthor v3.3.1-->E:\PROGRA~1\PACKET~1\PVAuthor\UNWISE.EXE E:\PROGRA~1\PACKET~1\PVAuthor\INSTALL.LOG
    QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
    RealPlayer-->E:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    Realtek AC'97 Audio-->Alcrmv.exe -r -m
    Ri4m v5.0.1d-->E:\Program Files\Ripp-it_AM\Ri4m_Uninstal.exe
    Shop for HP Supplies-->E:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
    StuffPlug-NG (Messenger Plus! Plugins)-->E:\Program Files\MessengerPlus! 3\Plugins\StuffPlug-NG\Uninstall.exe
    Uniblue RegistryBooster 2-->"E:\Program Files\Uniblue\RegistryBooster 2\unins000.exe"
    ViaMichelin Navigation PND-->"E:\Program Files\InstallShield Installation Information\{47FF921C-E834-47A6-8CE4-F0A99CDE347F}\setup.exe" -runfromtemp -l0x040c -removeonly
    VideoLAN VLC media player 0.8.1-->E:\Program Files\VideoLAN\VLC\uninstall.exe
    Windows Internet Explorer 7-->"E:\WINDOWS\ie7\spuninst\spuninst.exe"
    Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
    Windows Live OneCare safety scanner-->RunDll32.exe "E:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
    Windows Media Format 11 runtime-->"E:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"E:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"E:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows XP Service Pack 3-->"E:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    Winkaa 1.0 1.0-->"E:\Program Files\Emoticons-plus.com\Winkaa 1.0\uninstall.exe"
    XML Paper Specification Shared Components Language Pack 1.0-->"E:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

    =====HijackThis Backups=====

    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe

    ======Security center information======

    AV: Kaspersky Anti-Virus

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;E:\PROGRA~1\FICHIE~1\AUTODE~1;E:\Program Files\Fichiers communs\Autodesk Shared\;E:\Program Files\QuickTime\QTSystem\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 43 Stepping 1, AuthenticAMD
    "PROCESSOR_REVISION"=2b01
    "NUMBER_OF_PROCESSORS"=2
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "CLASSPATH"=.;E:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
    "QTJAVA"=E:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

    -----------------EOF-----------------
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS