Se connecter / S'enregistrer
Votre question

Probleme BAT/Zapchast.AX

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
16 Octobre 2008 17:45:54

Bonjour

Voila j'ai un petit problème a chaque fois que je démarre mon pc mon une fenetre s'affiche me demandant de rentrer une clé donc j'annule vu que je ne sait pas de quoi il s'agit puis un compte a rebours de 5 sec se déclenche avent de me laisser fermer la fenêtre bien peu de temps après mon antivirus (F-secure) me détecte un virus : BAT/Zapchast.AX

J'ai beau supprimé renommé ou mettre en quarantaine le virus je le retrouve toujours au redémarrage de windows

OS : WinXp SP2

Merci

Autres pages sur : probleme bat zapchast

a b 8 Sécurité
16 Octobre 2008 19:02:14

Bonjour,

Tu as l'emplacement ?

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
16 Octobre 2008 19:38:47

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:37:24, on 16/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
D:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
D:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE
D:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE
D:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\IoctlSvc.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\WINDOWS\system32\wdfmgr.exe
D:\Program Files\Securitoo\av_fw\Common\FCH32.EXE
D:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE
D:\Program Files\Securitoo\av_fw\Anti-Virus\fsqh.exe
D:\Program Files\Securitoo\av_fw\FSAUA\program\fsaua.exe
D:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe
D:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe
D:\WINDOWS\System32\alg.exe
D:\Program Files\Securitoo\av_fw\Common\FSM32.EXE
D:\WINDOWS\SOUNDMAN.EXE
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\Logitech\G-series Software\LGDCore.exe
D:\Program Files\Logitech\G-series Software\LCDMon.exe
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
D:\Program Files\FlashGet\FlashGet.exe
D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
D:\WINDOWS\system32\WindowANTasdIVRI.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
D:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe
D:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exe
D:\program files\steam\steam.exe
D:\Program Files\Electronic Arts\EADM\Core.exe
D:\Program Files\SuperCopier2\SuperCopier2.exe
D:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
D:\Program Files\Securitoo\av_fw\FSGUI\fsguidll.exe
D:\Program Files\Securitoo\av_fw\FSAUA\program\fsus.exe
D:\Program Files\NETGEAR\WG111v2\WG111v2.exe
D:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
D:\WINDOWS\system32\wbem\wmiprvse.exe
D:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Documents and Settings\Ichigo\Mes documents\HiJackThis.exe
D:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\Program Files\FlashGet\jccatch.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - D:\Program Files\FlashGet\getflash.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [F-Secure Manager] "D:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "D:\Program Files\Securitoo\av_fw\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [EPSON Stylus D68 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68"
O4 - HKLM\..\Run: [Launch LGDCore] "D:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "D:\Program Files\Logitech\G-series Software\LCDMon.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Flashget] D:\Program Files\FlashGet\FlashGet.exe /min
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "D:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Windowfdgfds DasdLL fgfdg Verifier] WindowANTasdIVRI.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\RunServices: [Windowfdgfds DasdLL fgfdg Verifier] WindowANTasdIVRI.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "d:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools] "D:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [EA Core] D:\Program Files\Electronic Arts\EADM\Core.exe -silent
O4 - HKCU\..\Run: [SuperCopier2.exe] D:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = D:\Program Files\NETGEAR\WG111v2\WG111v2.exe
O8 - Extra context menu item: &Tout télécharger avec FlashGet - D:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - D:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - D:\Program Files\Securitoo\av_fw\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - D:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - D:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - D:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 9264 bytes



l'emplacement est dans c:
Contenus similaires
a b 8 Sécurité
16 Octobre 2008 20:05:58

Ma question ?
16 Octobre 2008 20:09:10

emplacement de quoi du virus? il ce trouve dans c:/ je l'ai di a la fin de mon post
a b 8 Sécurité
16 Octobre 2008 21:03:12

L'emplacement complet, ex :C:\blabla\blabla.exe
17 Octobre 2008 15:39:09

oui j'ai compris pas il é directement dans C: il n'y ya pas de sous fichier direct dans c: ( le disque C: n'est pas celui ou il y a mon OS )
a b 8 Sécurité
17 Octobre 2008 18:18:03

Merci d'écrire correctement, j'ai rien compris.
18 Octobre 2008 10:20:31

Ok désolé pour les textos j'ai écrit le message vite fait donc je disais que le virus ce trouvait dans C: sans aucun sous fichier, dans c:\ du moins c'est ce que me dit mon antivirus.

J'espère avoir été plus claire cette fois

Merci

a b 8 Sécurité
18 Octobre 2008 13:24:44

Tu as essayé de le supprimer manuellement ?
19 Octobre 2008 15:53:54

oui j'ai essayé mais il revient a chaque démarrage
a b 8 Sécurité
19 Octobre 2008 17:08:50

Re,

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM
    19 Octobre 2008 17:57:58

    Le logiciel n'a rien trouvé une autre option ?
    a b 8 Sécurité
    19 Octobre 2008 19:21:19

    Re,

    Télécharge Random's System Information Tool (RSIT) par (random/random[/#f]) et sauvegarde-le sur le Bureau.

  • Double-clique sur RSIT.exe afin de lancer le programme.
  • Clique Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt [#ff0000](affiché)

  • ainsi que de info.txt (réduit dans la Barre des Tâches).
  • Veille bien à poster l'intégralité des rapports. Vérifie qu'ils soient complets une fois que tu les as postés.

    NB : Les rapports sont sauvegardés dans le dossier C:\rsit
    19 Octobre 2008 20:09:37

    Log.txt

    Logfile of random's system information tool 1.04 (written by random/random)
    Run by Ichigo at 2008-10-19 20:07:25
    Microsoft Windows XP Édition familiale Service Pack 2
    System drive D: has 56 GB (37%) free of 153 GB
    Total RAM: 2047 MB (61% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:07:36, on 19/10/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\csrss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\System32\svchost.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\Explorer.EXE
    D:\WINDOWS\system32\spoolsv.exe
    D:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
    D:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
    D:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE
    D:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
    D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    D:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE
    D:\WINDOWS\system32\nvsvc32.exe
    D:\WINDOWS\system32\IoctlSvc.exe
    D:\WINDOWS\system32\PnkBstrA.exe
    D:\Program Files\Securitoo\av_fw\Common\FCH32.EXE
    D:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe
    D:\WINDOWS\System32\alg.exe
    D:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE
    D:\Program Files\Securitoo\av_fw\Anti-Virus\fsqh.exe
    D:\Program Files\Securitoo\av_fw\FSAUA\program\fsaua.exe
    D:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe
    D:\Program Files\Securitoo\av_fw\Common\FSM32.EXE
    D:\WINDOWS\SOUNDMAN.EXE
    D:\WINDOWS\system32\RUNDLL32.EXE
    D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE
    D:\Program Files\Logitech\G-series Software\LGDCore.exe
    D:\Program Files\Logitech\G-series Software\LCDMon.exe
    D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    D:\Program Files\FlashGet\FlashGet.exe
    D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    D:\WINDOWS\system32\WindowANTasdIVRI.exe
    D:\WINDOWS\system32\ctfmon.exe
    D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    D:\program files\steam\steam.exe
    D:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe
    D:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exe
    D:\Program Files\Electronic Arts\EADM\Core.exe
    D:\Program Files\SuperCopier2\SuperCopier2.exe
    D:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
    D:\Program Files\Securitoo\av_fw\FSGUI\fsguidll.exe
    D:\Program Files\NETGEAR\WG111v2\WG111v2.exe
    D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    D:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
    D:\Program Files\Securitoo\av_fw\FSAUA\program\fsus.exe
    D:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
    D:\WINDOWS\System32\svchost.exe
    D:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe
    D:\WINDOWS\system32\wuauclt.exe
    D:\Program Files\Windows Live\Messenger\usnsvc.exe
    D:\Program Files\Windows Media Player\wmplayer.exe
    D:\WINDOWS\system32\imapi.exe
    D:\Program Files\Mozilla Firefox\firefox.exe
    D:\Documents and Settings\Ichigo\Mes documents\RSIT.exe
    D:\WINDOWS\system32\wbem\wmiprvse.exe
    D:\Documents and Settings\Ichigo\Mes documents\Ichigo.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\Program Files\FlashGet\jccatch.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - D:\Program Files\FlashGet\getflash.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [F-Secure Manager] "D:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "D:\Program Files\Securitoo\av_fw\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [EPSON Stylus D68 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68"
    O4 - HKLM\..\Run: [Launch LGDCore] "D:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
    O4 - HKLM\..\Run: [Launch LCDMon] "D:\Program Files\Logitech\G-series Software\LCDMon.exe"
    O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [Flashget] D:\Program Files\FlashGet\FlashGet.exe /min
    O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [NBKeyScan] "D:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [Windowfdgfds DasdLL fgfdg Verifier] WindowANTasdIVRI.exe
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\RunServices: [Windowfdgfds DasdLL fgfdg Verifier] WindowANTasdIVRI.exe
    O4 - HKLM\..\RunOnce: [KB926239] rundll32.exe apphelp.dll,ShimFlushCache
    O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Steam] "d:\program files\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [DAEMON Tools] "D:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [EA Core] D:\Program Files\Electronic Arts\EADM\Core.exe -silent
    O4 - HKCU\..\Run: [SuperCopier2.exe] D:\Program Files\SuperCopier2\SuperCopier2.exe
    O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
    O4 - HKCU\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = D:\Program Files\NETGEAR\WG111v2\WG111v2.exe
    O8 - Extra context menu item: &Tout télécharger avec FlashGet - D:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: &Télécharger avec FlashGet - D:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - D:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - D:\Program Files\Securitoo\av_fw\FSAUA\program\fsaua.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - D:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - D:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - D:\WINDOWS\system32\IoctlSvc.exe
    O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe

    --
    End of file - 9589 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
    FGCatchUrl - D:\Program Files\FlashGet\jccatch.dll [2007-08-06 94308]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
    RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-09-16 308856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
    Groove GFS Browser Helper - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
    FlashGet GetFlash Class - D:\Program Files\FlashGet\getflash.dll [2007-05-18 163840]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"=D:\WINDOWS\system32\NvCpl.dll [2008-05-16 13529088]
    "F-Secure Manager"=D:\Program Files\Securitoo\av_fw\Common\FSM32.EXE [2007-06-13 176177]
    "F-Secure TNB"=D:\Program Files\Securitoo\av_fw\FSGUI\TNBUtil.exe [2007-06-13 733184]
    "SoundMan"=D:\WINDOWS\SOUNDMAN.EXE [2004-07-27 68096]
    "NvMediaCenter"=D:\WINDOWS\system32\NvMcTray.dll [2008-05-16 86016]
    "EPSON Stylus D68 Series"=D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE [2005-01-25 98304]
    ""= []
    "Launch LGDCore"=D:\Program Files\Logitech\G-series Software\LGDCore.exe [2005-11-02 1110079]
    "Launch LCDMon"=D:\Program Files\Logitech\G-series Software\LCDMon.exe [2005-11-02 188928]
    "GrooveMonitor"=D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
    "Flashget"=D:\Program Files\FlashGet\FlashGet.exe [2007-09-25 2007088]
    "TkBellExe"=D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-09-16 185896]
    "Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]
    "NeroFilterCheck"=D:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe [2008-06-19 570664]
    "NBKeyScan"=D:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]
    "Windowfdgfds DasdLL fgfdg Verifier"=D:\WINDOWS\system32\WindowANTasdIVRI.exe [2004-08-19 786432]
    "nwiz"=nwiz.exe /install []

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "KB926239"=D:\WINDOWS\system32\apphelp.dll [2004-08-19 126976]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=D:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
    "MsnMsgr"=D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
    "Steam"=d:\program files\steam\steam.exe [2008-10-08 1410296]
    "DAEMON Tools"=D:\Program Files\DAEMON Tools\daemon.exe [2007-04-04 165784]
    "EA Core"=D:\Program Files\Electronic Arts\EADM\Core.exe [2008-07-21 2752512]
    "SuperCopier2.exe"=D:\Program Files\SuperCopier2\SuperCopier2.exe [2006-07-07 1052672]
    "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=D:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "MPlayer2_FixUp"=D:\WINDOWS\inf\unregmp2.exe [2006-11-03 317440]

    D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    NETGEAR WG111v2 Smart Wizard.lnk - D:\Program Files\NETGEAR\WG111v2\WG111v2.exe

    D:\Documents and Settings\Ichigo\Menu Démarrer\Programmes\Démarrage
    OneNote 2007 - Capture d'écran et lancement.lnk - D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=95000000

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "D:\Program Files\TmUnitedForever\TmForever.exe"="D:\Program Files\TmUnitedForever\TmForever.exe:*:Enabled:TmForever"
    "D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "D:\Program Files\Windows Live\Messenger\livecall.exe"="D:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "C:\UT3\Binaries\UT3.exe"="C:\UT3\Binaries\UT3.exe:*:Enabled:Unreal Tournament 3"
    "D:\Program Files\eMule\emule.exe"="D:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "D:\Program Files\uTorrent\uTorrent.exe"="D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
    "D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
    "D:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="D:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
    "D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
    "D:\Program Files\FlashGet\flashget.exe"="D:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget"
    "D:\Program Files\Steam\SteamApps\renji10\source sdk base\hl2.exe"="D:\Program Files\Steam\SteamApps\renji10\source sdk base\hl2.exe:*:Enabled:hl2"
    "D:\Program Files\Electronic Arts\EADM\Core.exe"="D:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
    "D:\WINDOWS\system32\WindowANTasdIVRI.exe"="D:\WINDOWS\system32\WindowANTasdIVRI.exe:*:D isabled:WindowANTasdIVRI"
    "D:\WINDOWS\system32\PnkBstrA.exe"="D:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:p nkBstrA"
    "D:\WINDOWS\system32\PnkBstrB.exe"="D:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:p nkBstrB"
    "D:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="D:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM)"
    "D:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe"="D:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe:*:Enabled:MessengerDiscovery Live the Windows Live Messenger addon"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "D:\Program Files\Windows Live\Messenger\msnmsgr.exe"="D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "D:\Program Files\Windows Live\Messenger\livecall.exe"="D:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{375ef8d7-5bb9-11dd-8b5f-994d07e75ca3}]
    shell\AutoRun\command - D:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs


    ======List of files/folders created in the last 1 months======

    2008-10-19 20:07:25 ----D---- D:\rsit
    2008-10-19 18:30:10 ----HDC---- D:\WINDOWS\$NtUninstallKB926239$
    2008-10-19 18:30:03 ----N---- D:\WINDOWS\system32\spmsg.dll
    2008-10-19 18:29:48 ----HDC---- D:\WINDOWS\$NtUninstallMSCompPackV1$
    2008-10-19 18:29:32 ----D---- D:\Program Files\Windows Media Connect 2
    2008-10-19 18:29:22 ----HDC---- D:\WINDOWS\$NtUninstallwmp11$
    2008-10-19 18:28:42 ----HDC---- D:\WINDOWS\$NtUninstallWMFDist11$
    2008-10-19 18:28:06 ----HDC---- D:\WINDOWS\$NtUninstallWudf01000$
    2008-10-19 18:27:25 ----D---- D:\WINDOWS\LastGood
    2008-10-19 18:26:58 ----D---- D:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
    2008-10-19 17:43:09 ----A---- D:\WINDOWS\ntbtlog.txt
    2008-10-19 17:40:57 ----D---- D:\Documents and Settings\Ichigo\Application Data\Malwarebytes
    2008-10-19 17:40:52 ----D---- D:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-10-19 17:40:51 ----D---- D:\Program Files\Malwarebytes' Anti-Malware
    2008-10-15 14:05:03 ----HDC---- D:\WINDOWS\$NtUninstallKB956803$
    2008-10-15 14:04:58 ----HDC---- D:\WINDOWS\$NtUninstallKB956391$
    2008-10-15 14:04:52 ----HDC---- D:\WINDOWS\$NtUninstallKB957095$
    2008-10-15 14:04:44 ----HDC---- D:\WINDOWS\$NtUninstallKB954211$
    2008-10-15 14:04:27 ----HDC---- D:\WINDOWS\$NtUninstallKB956841$
    2008-10-15 14:02:43 ----HDC---- D:\WINDOWS\$NtUninstallKB953155$
    2008-10-15 14:02:23 ----HDC---- D:\WINDOWS\$NtUninstallKB956390$
    2008-10-13 16:43:58 ----D---- D:\Program Files\MessengerDiscovery
    2008-10-11 23:36:58 ----A---- D:\WINDOWS\NeroDigital.ini
    2008-10-11 15:51:26 ----SHD---- D:\WINDOWS\ftpcache
    2008-10-11 13:36:56 ----A---- D:\WINDOWS\system32\PnkBstrB.exe
    2008-10-11 13:36:55 ----A---- D:\WINDOWS\system32\PnkBstrA.exe
    2008-10-11 13:36:53 ----A---- D:\WINDOWS\game.ini
    2008-10-11 13:25:45 ----D---- D:\Program Files\Activision
    2008-10-07 17:20:51 ----HDC---- D:\WINDOWS\$NtUninstallKB941569$
    2008-10-07 17:20:34 ----HDC---- D:\WINDOWS\$NtUninstallKB923689$
    2008-10-07 16:23:59 ----D---- D:\WINDOWS\pss
    2008-10-06 12:16:33 ----D---- D:\Program Files\MSXML 4.0
    2008-10-06 11:54:00 ----D---- D:\Documents and Settings\Ichigo\Application Data\Nero
    2008-10-06 11:52:33 ----A---- D:\WINDOWS\system32\MsiExec.exe.log
    2008-10-06 11:47:54 ----D---- D:\Program Files\Nero
    2008-10-06 11:47:54 ----D---- D:\Program Files\Fichiers communs\Nero
    2008-10-06 11:47:54 ----D---- D:\Documents and Settings\All Users\Application Data\Nero
    2008-10-06 11:42:48 ----D---- D:\WINDOWS\RegisteredPackages
    2008-10-06 11:16:18 ----AD---- D:\Documents and Settings\All Users\Application Data\TEMP
    2008-10-05 13:26:08 ----D---- D:\Program Files\Ubisoft
    2008-10-05 13:25:34 ----D---- D:\Documents and Settings\Ichigo\Application Data\InstallShield
    2008-10-03 16:39:49 ----D---- D:\Program Files\LucasArts
    2008-09-27 16:33:03 ----D---- D:\Program Files\SuperCopier2
    2008-09-25 20:19:49 ----D---- D:\Documents and Settings\All Users\Application Data\Adobe
    2008-09-25 20:19:27 ----D---- D:\Program Files\Fichiers communs\Adobe
    2008-09-25 20:19:27 ----D---- D:\Program Files\Adobe

    ======List of files/folders modified in the last 1 months======

    2008-10-19 20:07:32 ----D---- D:\WINDOWS\Temp
    2008-10-19 20:07:32 ----D---- D:\WINDOWS\Prefetch
    2008-10-19 20:06:14 ----D---- D:\Program Files\Mozilla Firefox
    2008-10-19 19:58:03 ----D---- D:\Program Files\FlashGet
    2008-10-19 18:30:17 ----HD---- D:\WINDOWS\inf
    2008-10-19 18:30:17 ----D---- D:\WINDOWS\AppPatch
    2008-10-19 18:30:17 ----D---- D:\WINDOWS
    2008-10-19 18:30:16 ----RSHDC---- D:\WINDOWS\system32\dllcache
    2008-10-19 18:30:05 ----A---- D:\WINDOWS\imsins.BAK
    2008-10-19 18:30:04 ----D---- D:\WINDOWS\system32
    2008-10-19 18:29:39 ----A---- D:\WINDOWS\win.ini
    2008-10-19 18:29:32 ----RD---- D:\Program Files
    2008-10-19 18:29:32 ----D---- D:\Program Files\Windows Media Player
    2008-10-19 18:29:27 ----D---- D:\WINDOWS\Help
    2008-10-19 18:29:01 ----D---- D:\WINDOWS\system32\CatRoot2
    2008-10-19 18:28:55 ----D---- D:\WINDOWS\system32\drivers
    2008-10-19 18:28:12 ----D---- D:\WINDOWS\system32\LogFiles
    2008-10-19 18:08:25 ----D---- D:\Program Files\Steam
    2008-10-19 18:07:41 ----A---- D:\WINDOWS\RTacDbg.txt
    2008-10-19 18:06:07 ----A---- D:\WINDOWS\SchedLgU.Txt
    2008-10-19 17:43:30 ----D---- D:\Documents and Settings
    2008-10-17 21:30:37 ----D---- D:\Documents and Settings\Ichigo\Application Data\uTorrent
    2008-10-15 14:05:32 ----SHD---- D:\WINDOWS\Installer
    2008-10-15 14:05:31 ----D---- D:\Documents and Settings\All Users\Application Data\Microsoft Help
    2008-10-15 14:05:02 ----HD---- D:\WINDOWS\$hf_mig$
    2008-10-15 14:02:30 ----D---- D:\Program Files\Internet Explorer
    2008-10-11 15:50:51 ----D---- D:\WINDOWS\system32\DirectX
    2008-10-11 13:36:51 ----HD---- D:\Program Files\InstallShield Installation Information
    2008-10-10 14:43:56 ----A---- D:\WINDOWS\system.ini
    2008-10-07 21:19:40 ----A---- D:\WINDOWS\system32\MRT.exe
    2008-10-06 12:16:40 ----D---- D:\WINDOWS\security
    2008-10-06 12:16:33 ----D---- D:\WINDOWS\WinSxS
    2008-10-06 11:47:54 ----D---- D:\Program Files\Fichiers communs
    2008-10-06 11:47:52 ----D---- D:\WINDOWS\Cursors
    2008-10-06 11:43:26 ----D---- D:\WINDOWS\Debug
    2008-10-05 13:28:16 ----SD---- D:\Documents and Settings\Ichigo\Application Data\Microsoft
    2008-09-25 20:20:51 ----D---- D:\Documents and Settings\Ichigo\Application Data\Adobe
    2008-09-25 18:38:13 ----D---- D:\Documents and Settings\Ichigo\Application Data\SPORE

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AmdK8;Pilote de processeur AMD; D:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 43008]
    R1 F-Secure HIPS;F-Secure HIPS; \??\D:\Program Files\Securitoo\av_fw\HIPS\fshs.sys []
    R1 kbdhid;Pilote HID de clavier; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
    R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; D:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-07-27 21035]
    R2 atksgt;atksgt; D:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-08-19 278984]
    R2 lirsgt;lirsgt; D:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-08-19 25416]
    R3 ALCXSENS;Service for WDM 3D Audio Driver; D:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-24 400384]
    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); D:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-08-02 635281]
    R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\D:\Program Files\Securitoo\av_fw\Anti-Virus\minifilter\fsgk.sys []
    R3 hidusb;Pilote de classe HID Microsoft; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2003-04-24 9600]
    R3 nv;nv; D:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]
    R3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver; D:\WINDOWS\system32\DRIVERS\wg111v2.sys [2006-03-27 167808]
    R3 ULI5261XP;ULi M526X Ethernet NT Driver; D:\WINDOWS\system32\DRIVERS\ULILAN51.SYS [2005-03-22 28672]
    R3 usbccgp;Pilote parent générique USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; D:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
    R3 usbhub;Pilote de concentrateur standard USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
    S3 usbaudio;Pilote USB audio (WDM); D:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
    S3 usbprint;Classe d'imprimantes USB Microsoft; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
    S3 USBSTOR;Pilote de stockage de masse USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 F-Secure Filter;F-Secure File System Filter; \??\D:\Program Files\Securitoo\av_fw\Anti-Virus\Win2K\FSfilter.sys []
    S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\D:\Program Files\Securitoo\av_fw\Anti-Virus\Win2K\FSrec.sys []
    S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []
    S4 mchInjDrv;mchInjDrv; \??\D:\DOCUME~1\Ichigo\LOCALS~1\Temp\mc23.tmp []
    S4 sptd;sptd; D:\WINDOWS\System32\Drivers\sptd.sys [2008-08-19 682232]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 F-Secure Gatekeeper Handler Starter;FSGKHS; D:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe [2007-06-13 41043]
    R2 FSMA;F-Secure Management Agent; D:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE [2007-06-13 106546]
    R2 MDM;Machine Debug Manager; D:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
    R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
    R2 NVSvc;NVIDIA Display Driver Service; D:\WINDOWS\system32\nvsvc32.exe [2008-05-16 159812]
    R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; D:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
    R2 PnkBstrA;PnkBstrA; D:\WINDOWS\system32\PnkBstrA.exe [2008-10-14 66872]
    R3 FSAUA;F-Secure Automatic Update Agent; D:\Program Files\Securitoo\av_fw\FSAUA\program\fsaua.exe [2007-06-13 450560]
    R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; D:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe [2007-06-13 446464]
    R3 NMIndexingService;NMIndexingService; D:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
    R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; D:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S2 spupdsvc;Windows Service Pack Installer update service; D:\WINDOWS\system32\spupdsvc.exe [2006-09-25 23856]
    S3 IDriverT;InstallDriver Table Manager; D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
    S3 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
    S3 ose;Office Source Engine; D:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 WLSetupSvc;Windows Live Setup Service; D:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; D:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2004-08-19 14336]

    -----------------EOF-----------------

    info.txt

    info.txt logfile of random's system information tool 1.04 2008-10-19 20:07:37

    ======Uninstall list======

    -->"D:\Program Files\Securitoo\av_fw\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware Scanner"
    -->"D:\Program Files\Securitoo\av_fw\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware"
    -->"D:\Program Files\Securitoo\av_fw\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus Client Security Installer"
    -->"D:\Program Files\Securitoo\av_fw\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus"
    -->"D:\Program Files\Securitoo\av_fw\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Automatic Update Agent"
    -->"D:\Program Files\Securitoo\av_fw\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure DAAS"
    -->"D:\Program Files\Securitoo\av_fw\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Diagnostics"
    -->"D:\Program Files\Securitoo\av_fw\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure E-mail Scanning"
    -->"D:\Program Files\Securitoo\av_fw\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure FWES"
    -->"D:\Program Files\Securitoo\av_fw\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GateKeeper Interface"
    -->"D:\Program Files\Securitoo\av_fw\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Gemini"
    -->"D:\Program Files\Securitoo\av_fw\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GUI"
    -->"D:\Program Files\Securitoo\av_fw\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Help"
    -->"D:\Program Files\Securitoo\av_fw\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure HIPS"
    -->"D:\Program Files\Securitoo\av_fw\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Internet Shield"
    -->"D:\Program Files\Securitoo\av_fw\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Localization API"
    -->"D:\Program Files\Securitoo\av_fw\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Management Agent"
    -->"D:\Program Files\Securitoo\av_fw\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Pegasus Engine"
    -->"D:\Program Files\Securitoo\av_fw\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Spam Control"
    -->"D:\Program Files\Securitoo\av_fw\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Spam Scanner"
    -->"D:\Program Files\Securitoo\av_fw\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure TNB"
    -->"D:\Program Files\Securitoo\av_fw\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Uninstall"
    -->D:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    -->D:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
    -->D:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
    -->D:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
    -->D:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
    -->D:\WINDOWS\UNNeroVision.exe /UNINSTALL
    -->D:\WINDOWS\UNRecode.exe /UNINSTALL
    -->MsiExec /X{45235788-142C-44BE-8A4D-DDE9A84492E5}
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 D:\WINDOWS\INF\PCHealth.inf
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0416-0000-0000000FF1CE} /uninstall {669EB263-0AFE-4FCB-A068-DB082CA6273C}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0416-0000-0000000FF1CE} /uninstall {98003BDC-1B68-4970-B28E-ACC8000D2F3E}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0100-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0101-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0101-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    Adobe Flash Player ActiveX-->D:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player Plugin-->D:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Reader 8.1.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003}
    AGEIA PhysX v7.09.13-->MsiExec.exe /X{45235788-142C-44BE-8A4D-DDE9A84492E5}
    Aliens versus Predator Gold Edition-->D:\WINDOWS\IsUn040c.exe -fc:\avp\Uninst.isu
    Archiveur WinRAR-->D:\Program Files\WinRAR\uninstall.exe
    Athlon 64 Processor Driver-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x40c
    AviSynth 2.5-->"D:\Program Files\AviSynth 2.5\Uninstall.exe"
    Call of Duty(R) 4 - Modern Warfare(TM)-->D:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x040c
    Correctif pour Windows XP (KB952287)-->"D:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Counter-Strike: Source-->MsiExec.exe /I{9580813D-94B1-4C28-9426-A441E2BB29A5}
    Dark Messiah -->D:\Program Files\InstallShield Installation Information\{A8E2EF8F-73EF-4DD8-BB38-31FCCAF50103}\setup.exe -runfromtemp -l0x040c -removeonly
    EA Download Manager-->D:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{EF7E931D-DC84-471B-8DB6-A83358095474} /l1036
    eMule-->"D:\Program Files\eMule\Uninstall.exe"
    EPSON Logiciel imprimante-->D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
    FlashGet 1.9.6.1073-->D:\Program Files\FlashGet\uninst.exe
    Free FLV Converter V 5.6-->"D:\Program Files\Free FLV Converter\unins000.exe"
    Half-Life 2: Episode One-->"D:\Program Files\Steam\steam.exe" steam://uninstall/380
    Half-Life 2: Episode Two-->"D:\Program Files\Steam\steam.exe" steam://uninstall/420
    Half-Life 2-->"D:\Program Files\Steam\steam.exe" steam://uninstall/220
    HijackThis 2.0.2-->"D:\Documents and Settings\Ichigo\Mes documents\HijackThis.exe" /uninstall
    Hitman Blood Money-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}\setup.exe" -l0xc0c -removeonly
    Hotfix for Windows XP (KB926239)-->"D:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
    Lecteur Windows Media 11-->"D:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    livebox-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe" -l0x40c
    Logitech G-series Keyboard Software-->MsiExec.exe /X{2FB418AB-562D-43B4-BA0D-9282AAD8C207}
    Malwarebytes' Anti-Malware-->"D:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Messenger Plus! Live-->"D:\Program Files\Messenger Plus! Live\Uninstall.exe"
    MessengerDiscovery Live 1.5.0725-->"D:\Program Files\MessengerDiscovery\unins000.exe"
    Microsoft Compression Client Pack 1.0 for Windows XP-->"D:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
    Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
    Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
    Microsoft Office Enterprise 2007-->"D:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
    Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
    Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
    Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
    Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
    Microsoft Office Groove MUI (French) 2007-->MsiExec.exe /X{90120000-00BA-040C-0000-0000000FF1CE}
    Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
    Microsoft Office Language Pack 2007 - French/Français-->"D:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall OMUI.FR-FR /dll OSETUP.DLL
    Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
    Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
    Microsoft Office O MUI (French) 2007-->MsiExec.exe /X{90120000-0100-040C-0000-0000000FF1CE}
    Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
    Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
    Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001F-0416-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Proofing (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-002C-0416-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
    Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-006E-0416-0000-0000000FF1CE}
    Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
    Microsoft Office SharePoint Designer 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-0017-040C-0000-0000000FF1CE} /uninstall {5DD79E02-6B69-4BC5-AFA8-914C6A910458}
    Microsoft Office SharePoint Designer MUI (French) 2007-->MsiExec.exe /X{90120000-0017-040C-0000-0000000FF1CE}
    Microsoft Office Visio 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-0051-0000-0000-0000000FF1CE} /uninstall {AA4F2610-5FF1-4DCD-A6FB-BCA2D09A6443}
    Microsoft Office Visio 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-0054-040C-0000-0000000FF1CE} /uninstall {FA47AC65-8DFE-4FB5-8E26-7CD1807FB7E9}
    Microsoft Office Visio 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-0054-0416-0000-0000000FF1CE} /uninstall {154A1D4F-7042-42B4-A9E2-88CDA1712B4C}
    Microsoft Office Visio 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-0055-040C-0000-0000000FF1CE} /uninstall {FA47AC65-8DFE-4FB5-8E26-7CD1807FB7E9}
    Microsoft Office Visio Language Pack 2007 - French/Français-->"D:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall VISMUI.FR-FR /dll OSETUP.DLL
    Microsoft Office Visio MUI (French) 2007-->MsiExec.exe /X{90120000-0054-040C-0000-0000000FF1CE}
    Microsoft Office Visio MUI (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-0054-0416-0000-0000000FF1CE}
    Microsoft Office Visio Professional 2007-->"D:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall VISPRO /dll OSETUP.DLL
    Microsoft Office Visio Professional 2007-->MsiExec.exe /X{90120000-0051-0000-0000-0000000FF1CE}
    Microsoft Office VisMUI (French) 2007-->MsiExec.exe /X{90120000-0055-040C-0000-0000000FF1CE}
    Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
    Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
    Microsoft Office X MUI (French) 2007-->MsiExec.exe /X{90120000-0101-040C-0000-0000000FF1CE}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"D:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Mise à jour de sécurité pour Windows XP (KB923689)-->"D:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923789)-->D:\WINDOWS\system32\MacroMed\Flash\genuinst.exe D:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
    Mise à jour de sécurité pour Windows XP (KB938464)-->"D:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"D:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB944338-v2)-->"D:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"D:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950749)-->"D:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"D:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"D:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"D:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"D:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"D:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"D:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"D:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953155)-->"D:\WINDOWS\$NtUninstallKB953155$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953838)-->"D:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953839)-->"D:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"D:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956390)-->"D:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956391)-->"D:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"D:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"D:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957095)-->"D:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951072-v2)-->"D:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Mozilla Firefox (3.0.3)-->D:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    Nero 8-->MsiExec.exe /X{D6C9AF27-9414-46C8-B9D8-D878BA041033}
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    NETGEAR WG111v2 wireless USB 2.0 adapter-->D:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{E0F252A6-DE85-4E93-A93B-DFC3537B3965}
    NVIDIA Drivers-->D:\WINDOWS\system32\nvuninst.exe UninstallGUI
    Portal-->"D:\Program Files\Steam\steam.exe" steam://uninstall/400
    RealPlayer-->D:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    Realtek AC'97 Audio-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
    Securitoo AntiVirus Firewall-->"D:\Program Files\Securitoo\av_fw\FSGUI\PostInstall.exe" /tUnInstall
    Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
    Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0051-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
    Security Update for 2007 Microsoft Office System (KB955936)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1D94099C-2BBA-440E-BD5E-093BBDF8F028}
    Security Update for Microsoft Office Excel 2007 (KB955470)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E8637D8-10D6-4568-AA06-E2706F31685E}
    Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
    Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
    Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
    Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
    Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
    Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0051-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
    Security Update for Microsoft Office Visio 2007 (KB947590)-->msiexec /package {90120000-0051-0000-0000-0000000FF1CE} /uninstall {199018BD-578E-44BD-A28F-7F944931CABD}
    Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
    Source SDK Base - Orange Box-->"D:\Program Files\Steam\steam.exe" steam://uninstall/218
    Source SDK Base-->"D:\Program Files\Steam\steam.exe" steam://uninstall/215
    Source SDK-->"D:\Program Files\Steam\steam.exe" steam://uninstall/211
    SPORE™-->"D:\Program Files\InstallShield Installation Information\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\setup.exe" -runfromtemp -l0x040c -removeonly
    Star Wars Battlefront II-->RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{3D374523-CFDE-461A-827E-2A102E2AB365}\Setup.exe" -l0x40c -removeonly
    StargateTC2-->"d:\program files\steam\SteamApps\SourceMods\stargatetc2\desinstall-sgtc2b1.exe"
    Steam(TM)-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
    SuperCopier2-->"D:\Program Files\SuperCopier2\SC2Uninst.exe"
    Team Fortress 2-->"D:\Program Files\Steam\steam.exe" steam://uninstall/440
    The Witcher-->"D:\Program Files\InstallShield Installation Information\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}\setup.exe" -runfromtemp -l0x040c -removeonly
    TmUnitedForever-->"D:\Program Files\TmUnitedForever\unins000.exe"
    ULi LAN Driver-->D:\WINDOWS\system32\UnLAN.EXE RunDll32 D:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{143BE018-D8F8-4014-8CB6-AF63F5799D21}\Setup.exe" -uninst
    Unreal Tournament 3-->MsiExec.exe /X{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}
    Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
    Update for Office 2007 (KB946691)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
    Update for Office 2007 (KB946691)-->msiexec /package {90120000-0051-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
    Update for Outlook 2007 Junk Email Filter (kb957258)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E070CDA4-A8DD-47FA-89A0-F5DA5D5DDFF9}
    VideoLAN VLC media player 0.8.6i-->D:\Program Files\VideoLAN\VLC\uninstall.exe
    Windows Installer 3.1 (KB893803)-->"D:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
    Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
    Windows Media Format 11 runtime-->"D:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"D:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"D:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"

    ======Security center information======

    AV: Securitoo AntiVirus Firewall 7.00
    FW: Securitoo AntiVirus Firewall 7.00

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 55 Stepping 2, AuthenticAMD
    "PROCESSOR_REVISION"=3702
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "sourcesdk"=d:\program files\steam\steamapps\renji10\sourcesdk
    "VProject"=d:\program files\steam\steamapps\renji10\half-life 2 episode two\ep2

    -----------------EOF-----------------
    a b 8 Sécurité
    19 Octobre 2008 20:23:31

    Re,

    Télécharge OTMoveIt3 (OldTimer). Sauvegarde-le sur ton Bureau.
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    :files
    D:\WINDOWS\system32\WindowANTasdIVRI.exe

    :reg
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Windowfdgfds DasdLL fgfdg Verifier"=-


    Double clique sur OTMoveIt3.exe afin de le lancer.
    Colle (ou Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
    Clique maintenant sur le bouton [#ff0000]MoveIt![/#f] puis ferme OTMoveIt3.

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log
    19 Octobre 2008 20:28:52

    ========== FILES ==========
    D:\WINDOWS\system32\WindowANTasdIVRI.exe moved successfully.
    ========== REGISTRY ==========
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\\ deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Windowfdgfds DasdLL fgfdg Verifier deleted successfully.

    OTMoveIt3 by OldTimer - Version 1.0.5.0 log created on 10192008_202741


    Voila le rapport
    a b 8 Sécurité
    19 Octobre 2008 20:34:08

    Reposte un rapport Hijackthis.
    19 Octobre 2008 20:38:19

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:37:52, on 19/10/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\csrss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\System32\svchost.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\Explorer.EXE
    D:\WINDOWS\system32\spoolsv.exe
    D:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
    D:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
    D:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE
    D:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
    D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    D:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE
    D:\WINDOWS\system32\nvsvc32.exe
    D:\WINDOWS\system32\IoctlSvc.exe
    D:\WINDOWS\system32\PnkBstrA.exe
    D:\Program Files\Securitoo\av_fw\Common\FCH32.EXE
    D:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe
    D:\WINDOWS\System32\alg.exe
    D:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE
    D:\Program Files\Securitoo\av_fw\Anti-Virus\fsqh.exe
    D:\Program Files\Securitoo\av_fw\FSAUA\program\fsaua.exe
    D:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe
    D:\Program Files\Securitoo\av_fw\Common\FSM32.EXE
    D:\WINDOWS\SOUNDMAN.EXE
    D:\WINDOWS\system32\RUNDLL32.EXE
    D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE
    D:\Program Files\Logitech\G-series Software\LGDCore.exe
    D:\Program Files\Logitech\G-series Software\LCDMon.exe
    D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    D:\Program Files\FlashGet\FlashGet.exe
    D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    D:\WINDOWS\system32\WindowANTasdIVRI.exe
    D:\WINDOWS\system32\ctfmon.exe
    D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    D:\program files\steam\steam.exe
    D:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe
    D:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exe
    D:\Program Files\Electronic Arts\EADM\Core.exe
    D:\Program Files\SuperCopier2\SuperCopier2.exe
    D:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
    D:\Program Files\Securitoo\av_fw\FSGUI\fsguidll.exe
    D:\Program Files\NETGEAR\WG111v2\WG111v2.exe
    D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    D:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
    D:\Program Files\Securitoo\av_fw\FSAUA\program\fsus.exe
    D:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
    D:\WINDOWS\System32\svchost.exe
    D:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe
    D:\WINDOWS\system32\wuauclt.exe
    D:\Program Files\Windows Live\Messenger\usnsvc.exe
    D:\Program Files\Windows Media Player\wmplayer.exe
    D:\WINDOWS\system32\imapi.exe
    D:\Program Files\Mozilla Firefox\firefox.exe
    D:\WINDOWS\system32\mspaint.exe
    D:\WINDOWS\system32\svchost.exe
    D:\Documents and Settings\Ichigo\Mes documents\Ichigo.exe
    D:\WINDOWS\system32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\Program Files\FlashGet\jccatch.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - D:\Program Files\FlashGet\getflash.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [F-Secure Manager] "D:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "D:\Program Files\Securitoo\av_fw\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [EPSON Stylus D68 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68"
    O4 - HKLM\..\Run: [Launch LGDCore] "D:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
    O4 - HKLM\..\Run: [Launch LCDMon] "D:\Program Files\Logitech\G-series Software\LCDMon.exe"
    O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [Flashget] D:\Program Files\FlashGet\FlashGet.exe /min
    O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [NBKeyScan] "D:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [Windowfdgfds DasdLL fgfdg Verifier] WindowANTasdIVRI.exe
    O4 - HKLM\..\RunServices: [Windowfdgfds DasdLL fgfdg Verifier] WindowANTasdIVRI.exe
    O4 - HKLM\..\RunOnce: [KB926239] rundll32.exe apphelp.dll,ShimFlushCache
    O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Steam] "d:\program files\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [DAEMON Tools] "D:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [EA Core] D:\Program Files\Electronic Arts\EADM\Core.exe -silent
    O4 - HKCU\..\Run: [SuperCopier2.exe] D:\Program Files\SuperCopier2\SuperCopier2.exe
    O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
    O4 - HKCU\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = D:\Program Files\NETGEAR\WG111v2\WG111v2.exe
    O8 - Extra context menu item: &Tout télécharger avec FlashGet - D:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: &Télécharger avec FlashGet - D:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - D:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - D:\Program Files\Securitoo\av_fw\FSAUA\program\fsaua.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - D:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - D:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - D:\WINDOWS\system32\IoctlSvc.exe
    O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe

    --
    End of file - 9524 bytes
    a b 8 Sécurité
    19 Octobre 2008 21:00:26

    Refais un scan RSTI, bizarre que les lignes reviennent.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS