Votre question

plusieur rundll.exe

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
17 Mars 2008 14:54:23

bonjour a tous,

j'ai un petit problème je pense, j'ai rundll.exe qui s'execute plusieur fois (10fois +-) dans mon gestionnaire de taches... et j'ai firefox qui s'ouvre une fois sur 15 je pense donc que j'ai choppé une saloperie :'( 

je suis sous vista comme antivirus j'ai antivir et comme firewall zonealarme

voici mon log hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:24:53, on 17/03/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apvfb.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SysMon] C:\Windows\system32\rundll32.exe "C:\ProgramData\SysMon\SysMon.dll" rdl
O4 - HKLM\..\Run: [win16dll] C:\Program Files\10BE9\Advanced Invisible Keylogger.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Pando.lnk = ?
O4 - Startup: Sidebar.lnk = D:\Program Files\Windows Sidebar\sidebar.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra 'Tools' menuitem: &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Groom - {66F83792-DAE1-4823-8F20-ADA94B33A4FF} - C:\Program Files\Toox\Groom\Groom.exe (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.2.20/cfweb_a...
O16 - DPF: {7B93CAE6-29D1-4E4C-82EF-8648E29FB31F} (CamfrogWEB Advanced Unicode Control) - http://www.visiocool.com/download/cfweb_www.visiocool.c...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

--
End of file - 10694 bytes

Merci de votre aide

Autres pages sur : plusieur rundll exe

18 Mars 2008 15:21:59

up svp
18 Mars 2008 16:33:09

:hello: 
Rends toi sur ce lien : Virus Total
  • Clique sur Parcourir
  • Rends toi jusque sur ce fichier si tu le trouves :

    C:\ProgramData\SysMon\SysMon.dll

  • Clique sur Envoyer le fichier et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
  • Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
  • Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté
  • Une nouvelle fenêtre de ton navigateur va apparaître
  • Clique alors sur cette image :
  • Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
  • Enfin colle le résultat dans ta prochaine réponse.
    Note : Peu importe le résultat, il est important de me communiquer le résultat de toute l'analyse.
    Il est possible que tes outils de sécurité réagissent à l'envoi du fichier, en ce cas il te faudra ignorer les alertes.
    Contenus similaires
    18 Mars 2008 20:44:39

    le problème est que je trouve pas ce fichier...

    j'ai beau faire des recherches je le trouve pas :s
    18 Mars 2008 20:45:51

    Re,

    On va s'en assurer ;) 

    Télécharge OAD (de !aur3n7)
    http://sosvirus.changelog.fr/OAD.exe
  • Enregistre le sur ton Bureau
  • Double clique sur le OAD pour le lancer
  • Nom de fichier à rechercher tape ou fais un copier coller de : SysMon.dll
  • Type de recherche : sélectionne l’option 6 puis valide [entrée]
  • OAD va maintenant rechercher le fichier. Laisse le travailler jusqu'à ce qu'il ait terminé.
    Le rapport de recherche s'affichera automatiquement dès qu'il aura terminé.
    Fais un copier / coller de ce rapport dans ton prochain post.

    Note importante : Suivant la taille des disques dur cette recherche peut prendre plusieurs minutes. Sois patient.
    19 Mars 2008 04:18:33

    mer. 19/03/2008 ---- 4:17:34,32

    ----------------------------------
    §§§§§§ [SysMon.dll] §§§§§§
    ----------------------------------
    [X] Registre

    -------------- [ ] rapide
    -- Fichier --- [ ] disque systeme
    ------------- [X] complete


    ********************
    [Registre]
    ********************


    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ASUS.CXCM\CImpIPSW_80211Adapter]
    "Path"="C:\\Program Files\\ASUS\\Net4Switch\\ipswsysmon.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ASUS.CXCM\CImpIPSW_Adapter]
    "Path"="C:\\Program Files\\ASUS\\Net4Switch\\ipswsysmon.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ASUS.CXCM\CImpIPSW_APInfo]
    "Path"="C:\\Program Files\\ASUS\\Net4Switch\\ipswsysmon.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ASUS.CXCM\CImpIPSW_Device]
    "Path"="C:\\Program Files\\ASUS\\Net4Switch\\ipswsysmon.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ASUS.CXCM\CImpIPSW_ICFEntry]
    "Path"="C:\\Program Files\\ASUS\\Net4Switch\\ipswsysmon.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ASUS.CXCM\CImpIPSW_ICSICFConn]
    "Path"="C:\\Program Files\\ASUS\\Net4Switch\\ipswsysmon.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ASUS.CXCM\CImpIPSW_IEInfo]
    "Path"="C:\\Program Files\\ASUS\\Net4Switch\\ipswsysmon.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ASUS.CXCM\CImpIPSW_Modem]
    "Path"="C:\\Program Files\\ASUS\\Net4Switch\\ipswsysmon.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ASUS.CXCM\CImpIPSW_NetMapDriver]
    "Path"="C:\\Program Files\\ASUS\\Net4Switch\\ipswsysmon.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ASUS.CXCM\CImpIPSW_PrinterInfo]
    "Path"="C:\\Program Files\\ASUS\\Net4Switch\\ipswsysmon.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ASUS.CXCM\CImpIPSW_RAS]
    "Path"="C:\\Program Files\\ASUS\\Net4Switch\\ipswsysmon.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ASUS.CXCM\CImpIPSW_SysMon]
    "Path"="C:\\Program Files\\ASUS\\Net4Switch\\ipswsysmon.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ASUS.CXCM\CImpIPSW_WindowsFirewallInfo]
    "Path"="C:\\Program Files\\ASUS\\Net4Switch\\ipswsysmon.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SysMon"="C:\\Windows\\system32\\rundll32.exe \"C:\\ProgramData\\SysMon\\SysMon.dll\" rdl"

    *******************
    [Fichier]
    *******************

    c:\ProgramData\SysMon\SysMon.dll


    *********************
    [Même date]
    *********************

    Aucun fichier créé à la même date détecté


    Outil Aide Diagnostic By !aur3n7 Version 1.1
    ----------------------------------
    §§§§§ Fin Rapport §§§§§
    ----------------------------------


    voila le rapport que j'ai eu... je vois donc que sysmon.dll a été trouver mais j'ai encore refait une recherche et je le vois nul part :/ 
    19 Mars 2008 18:51:57

    Fichier SysMon.dll reçu le 2008.03.19 18:40:26 (CET)
    Antivirus Version Dernière mise à jour Résultat
    AhnLab-V3 2008.3.19.1 2008.03.19 -
    AntiVir 7.6.0.75 2008.03.19 -
    Authentium 4.93.8 2008.03.19 -
    Avast 4.7.1098.0 2008.03.19 -
    AVG 7.5.0.516 2008.03.19 -
    BitDefender 7.2 2008.03.19 -
    CAT-QuickHeal 9.50 2008.03.14 -
    ClamAV 0.92.1 2008.03.19 -
    DrWeb 4.44.0.09170 2008.03.19 -
    eSafe 7.0.15.0 2008.03.18 -
    eTrust-Vet 31.3.5626 2008.03.19 -
    Ewido 4.0 2008.03.19 -
    F-Prot 4.4.2.54 2008.03.19 -
    F-Secure 6.70.13260.0 2008.03.19 -
    FileAdvisor 1 2008.03.19 -
    Fortinet 3.14.0.0 2008.03.19 -
    Ikarus T3.1.1.20 2008.03.19 -
    Kaspersky 7.0.0.125 2008.03.19 -
    McAfee 5254 2008.03.18 -
    Microsoft 1.3301 2008.03.19 -
    NOD32v2 2960 2008.03.19 -
    Norman 5.80.02 2008.03.19 -
    Panda 9.0.0.4 2008.03.18 -
    Prevx1 V2 2008.03.19 -
    Rising 20.36.21.00 2008.03.19 -
    Sophos 4.27.0 2008.03.19 -
    Sunbelt 3.0.978.0 2008.03.18 -
    Symantec 10 2008.03.19 Spyware.StealthKeylog
    TheHacker 6.2.92.249 2008.03.18 -
    VBA32 3.12.6.3 2008.03.17 -
    VirusBuster 4.3.26:9 2008.03.19 -
    Webwasher-Gateway 6.6.2 2008.03.19 -
    Information additionnelle
    File size: 626688 bytes
    MD5: 3d4ed66a437fe672a3feb4f11bfda79e
    SHA1: 14ec3f69d007eece3fd28a194deeb1a66dea2980
    PEiD: -



    Information additionnelle
    File size: 626688 bytes
    MD5: 3d4ed66a437fe672a3feb4f11bfda79e
    SHA1: 14ec3f69d007eece3fd28a194deeb1a66dea2980
    PEiD: -


    voila le rapport

    pas très équivoque quand meme 1/32 lol
    19 Mars 2008 19:12:20

    Re,

    Télécharge Deckard's System Scanner (DSS) (ou DSS) sur ton Bureau.
    NB : Tu dois être connecté avec des droits d'Administrateur.
  • ferme toutes les applications et fenêtres
  • double-clique sur dss.exe pour le lancer et suis les instructions ci-dessous
    Attention, il est conseillé de stopper temporairement les logiciels résidents de protection (pare-feu, antivirus, etc.)
  • s'il s'agit d'une première utilisation ou d'une nouvelle version de DSS :
  • tu devras cliquer 2 fois sur le OK des boîtes de dialogue
    Attention, si tu tardes trop, la réponse Abandon sera automatiquement validée
  • quand le traitement est terminé (clique sur OK), deux fichiers texte s'affichent :
    main.txt <- ouvert en premier plan et en plein écran
    extra.txt <- ouvert en second plan et en fenêtré (regarde la barre des taches)
    S'il s'agit d'une utilisation supplémentaire de DSS :
  • tu n'auras pas de boîte de dialogue (pas de OK)
  • quand le traitement est terminé, un fichier texte s'affiche :
    main.txt <- ouvert en premier plan et en plein écran

  • copie (Ctrl+A puis Ctrl+C) et colle (Ctrl+V) le contenu de main.txt dans ton prochain post
  • copie de même le contenu de extra.txt dans ton prochain post, si tu as ce fichier (première utilisation)
  • n'oublie pas de réactiver les protections si elles ont été stoppées.



    Ce que fait DSS :
  • crée un point de restauration dans Windows XP et Vista
  • nettoie les fichiers temporaires, DPF-Downloaded Program Files et le Cache Internet, vide la Corbeille de tous les lecteurs
  • vérifie quelques zones importantes de ton système et établit un rapport pour examen par ton conseiller en sécurité. DSS lance automatiquement HijackThis pour toi; il va aussi créer un raccourci HijackThis sur ton Bureau si tu n'as pas déjà HijackThis d'installé.

    ;) 
    19 Mars 2008 19:42:43

    Le rapport main.txt

    Deckard's System Scanner v20071014.68
    Run by kevin on 2008-03-19 19:25:07
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------

    Backed up registry hives.
    Performed disk cleanup.

    System Drive C: has 1.26 GiB (less than 15%) free.


    -- HijackThis (run as kevin.exe) -----------------------------------------------

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:28:39, on 19/03/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16609)
    Boot mode: Normal

    Running processes:
    C:\Windows\System32\smss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\services.exe
    C:\Windows\system32\winlogon.exe
    C:\Windows\system32\lsass.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\Ati2evxx.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\Ati2evxx.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\ATK Hotkey\Hcontrol.exe
    C:\Program Files\ATKOSD2\ATKOSD2.exe
    C:\Program Files\Wireless Console 2\wcourier.exe
    C:\Program Files\ASUS\Splendid\ACMON.exe
    C:\Program Files\P4G\BatteryLife.exe
    C:\Windows\System32\ACEngSvr.exe
    C:\Program Files\ATK Hotkey\ATKOSD.exe
    C:\Program Files\ATK Hotkey\KBFiltr.exe
    C:\Program Files\a-squared Anti-Malware\a2service.exe
    C:\Program Files\a-squared Free\a2service.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\Program Files\CDBurnerXP\NMSAccessU.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\StkCSrv.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\ASUS\ATK Media\DMedia.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Pando Networks\Pando\pando.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\Apoint2K\ApMsgFwd.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Apoint2K\HidFind.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Program Files\Apoint2K\Apvfb.exe
    C:\Users\kevin\Desktop\dss.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\conime.exe
    C:\PROGRA~1\TRENDM~1\HIJACK~1\kevin.exe
    C:\Windows\system32\wbem\wmiprvse.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [SysMon] C:\Windows\system32\rundll32.exe "C:\ProgramData\SysMon\SysMon.dll" rdl
    O4 - HKLM\..\Run: [win16dll] C:\Program Files\10BE9\Advanced Invisible Keylogger.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" /d=60
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Startup: Pando.lnk = ?
    O4 - Startup: Sidebar.lnk = D:\Program Files\Windows Sidebar\sidebar.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: Groom - {66F83792-DAE1-4823-8F20-ADA94B33A4FF} - C:\Program Files\Toox\Groom\Groom.exe (HKCU)
    O13 - Gopher Prefix:
    O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.2.20/cfweb_a...
    O16 - DPF: {7B93CAE6-29D1-4E4C-82EF-8648E29FB31F} (CamfrogWEB Advanced Unicode Control) - http://www.visiocool.com/download/cfweb_www.visiocool.c...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
    O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

    --
    End of file - 12126 bytes

    -- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

    backup-20080317-022935-797 O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
    backup-20080317-022935-965 O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll

    -- File Associations -----------------------------------------------------------

    All associations okay.


    -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

    R0 AsDsm - c:\windows\system32\drivers\asdsm.sys <Not Verified; Windows (R) Codename Longhorn DDK provider; Windows (R) Codename Longhorn DDK driver>
    R0 PzWDM - c:\windows\system32\drivers\pzwdm.sys <Not Verified; Prassi Technology; PzWDM>
    R2 ASMMAP - \??\c:\program files\atkgfnex\asmmap.sys

    S2 ghaio - \??\c:\program files\asus\nb probe\spm\ghaio.sys
    S3 lvupdtio - \??\c:\program files\asus\asus live update\sys64\lvupdtio.sys


    -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

    R2 ADSMService (ADSM Service) - c:\program files\asus\asus data security manager\adsmsrv.exe
    R2 AntiVirScheduler (AntiVir PersonalEdition Classic Scheduler) - "c:\program files\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; Scheduler>
    R2 ASLDRService (ASLDR Service) - c:\program files\atk hotkey\asldrsrv.exe <Not Verified; ; ADSMSrv>
    R2 ATKGFNEXSrv (ATKGFNEX Service) - c:\program files\atkgfnex\gfnexsrv.exe <Not Verified; ; GFNEXSrv>
    R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe
    R2 spmgr - c:\program files\asus\nb probe\spm\spmgr.exe <Not Verified; ; spmgr Module>

    S2 CLTNetCnService (Symantec Lic NetConnect service) - "c:\program files\common files\symantec shared\ccsvchst.exe" /h cccommon (file missing)


    -- Device Manager: Disabled ----------------------------------------------------

    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Carte Microsoft 6to4
    Device ID: ROOT\*6TO4MP\0000
    Manufacturer: Microsoft
    Name: 6TO4 Adapter
    PNP Device ID: ROOT\*6TO4MP\0000
    Service: tunnel


    -- Files created between 2008-02-19 and 2008-03-19 -----------------------------

    2008-03-17 20:34:20 0 d-------- C:\Program Files\CDBurnerXP
    2008-03-17 20:19:48 1700352 --a------ C:\Windows\system32\GdiPlus.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-17 20:19:30 0 d-------- C:\Program Files\Common Files\AVSMedia
    2008-03-17 20:19:22 0 d-------- C:\Program Files\AVSMedia
    2008-03-17 19:17:44 221184 --a------ C:\Windows\InZU31.exe <Not Verified; Prassi Software; Prassi InZ>
    2008-03-17 19:17:42 15172 --a------ C:\Windows\system32\drivers\PzWDM.sys <Not Verified; Prassi Technology; PzWDM>
    2008-03-17 19:17:40 0 d-------- C:\Program Files\ONES Trial (F)
    2008-03-17 15:23:16 0 d-------- C:\Program Files\a-squared Anti-Malware
    2008-03-17 02:23:54 0 d-------- C:\Program Files\Trend Micro
    2008-03-16 21:53:14 0 d-------- C:\Program Files\a-squared Free
    2008-03-13 16:55:02 0 d-------- C:\Users\kevin\yr4e9373.default
    2008-03-09 15:58:21 0 d-------- C:\Program Files\10BE9
    2008-03-04 04:36:02 0 d-------- C:\Program Files\SystemRequirementsLab
    2008-03-03 19:14:56 0 d-------- C:\Program Files\Azureus
    2008-03-03 17:39:17 0 d-------- C:\Program Files\Toox
    2008-03-01 19:22:28 0 d-------- C:\Program Files\Microsoft Silverlight
    2008-02-26 19:17:50 0 d-------- C:\Users\kevin\Tracing
    2008-02-26 16:14:47 0 d-------- C:\Program Files\Aspell
    2008-02-26 16:12:25 0 d-------- C:\Program Files\Pidgin
    2008-02-26 16:12:11 0 d-------- C:\Program Files\Common Files\GTK
    2008-02-23 15:00:01 691545 --a------ C:\Windows\unins000.exe
    2008-02-23 15:00:01 2543 --a------ C:\Windows\unins000.dat


    -- Find3M Report ---------------------------------------------------------------

    2008-03-19 19:21:08 45056 --a------ C:\Windows\system32\acovcnt.exe
    2008-03-19 18:58:12 12 --a------ C:\Windows\bthservsdp.dat
    2008-03-17 20:35:35 0 d-------- C:\Users\kevin\AppData\Roaming\CDBurnerXP_Soft
    2008-03-17 20:19:30 0 d-------- C:\Program Files\Common Files
    2008-03-17 19:43:00 690832 --a------ C:\Windows\system32\perfh00C.dat
    2008-03-17 19:43:00 117572 --a------ C:\Windows\system32\perfc00C.dat
    2008-03-16 23:44:34 0 d-------- C:\Users\kevin\AppData\Roaming\Shareaza
    2008-03-16 21:55:22 0 d-------- C:\Users\kevin\AppData\Roaming\Grisoft
    2008-03-12 17:42:24 0 d-------- C:\Program Files\Windows Mail
    2008-03-11 22:26:53 0 d-------- C:\Users\kevin\AppData\Roaming\.purple
    2008-03-05 04:11:46 0 d-------- C:\Program Files\Java
    2008-03-04 04:36:02 0 d-------- C:\Users\kevin\AppData\Roaming\SystemRequirementsLab
    2008-03-03 19:21:53 0 d-------- C:\Users\kevin\AppData\Roaming\Azureus
    2008-03-02 14:54:20 0 d-------- C:\Program Files\Arovax AntiSpyware
    2008-03-01 18:44:07 0 d-------- C:\Program Files\OpenOffice.org 2.3
    2008-02-27 03:02:21 0 d-------- C:\Program Files\Windows Live
    2008-02-26 19:07:15 0 d-------- C:\Program Files\MSN Messenger
    2008-02-26 16:28:14 0 d-------- C:\Users\kevin\AppData\Roaming\gtk-2.0
    2008-02-24 02:58:29 0 d-------- C:\Users\kevin\AppData\Roaming\Skype
    2008-02-18 13:41:49 0 d-------- C:\Users\kevin\AppData\Roaming\vlc
    2008-02-11 18:46:33 0 d-------- C:\Program Files\Microsoft Visual Studio 8
    2008-02-07 04:16:04 0 d-------- C:\Users\kevin\AppData\Roaming\OpenOffice.org2
    2008-02-07 04:13:57 0 d-------- C:\Program Files\CodeStuff
    2008-02-05 19:27:38 0 d-------- C:\Program Files\Shareaza
    2008-02-02 20:51:34 16072192 --a------ C:\Windows\system32\imageres.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-02-01 11:17:40 587264 --a------ C:\Windows\WLXPGSS.SCR <Not Verified; Microsoft Corporation; Galerie de photos Windows Live>


    -- Registry Dump ---------------------------------------------------------------

    *Note* empty entries & legit default entries are not shown


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [21/08/2007 04:44]
    "ATKMEDIA"="C:\Program Files\ASUS\ATK Media\DMEDIA.EXE" [02/11/2006 16:27]
    "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [12/09/2006 02:22]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 04:25]
    "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [01/03/2007 15:57]
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [10/12/2007 02:50]
    "SysMon"="C:\ProgramData\SysMon\SysMon.dll" [24/01/2008 11:04]
    "win16dll"="C:\Program Files\10BE9\Advanced Invisible Keylogger.exe" [02/03/2008 02:18]
    "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [11/06/2007 10:25]
    "a-squared"="C:\Program Files\a-squared Anti-Malware\a2guard.exe" [07/01/2008 17:56]
    "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [03/03/2008 14:05]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [07/11/2007 15:34]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [02/11/2006 13:36]
    "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [02/11/2006 13:35]

    C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    OneNote 2007 - Capture d'‚cran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [24/08/2007 4:45:42]
    Pando.lnk - C:\Windows\Installer\{C0B0FA55-D4E9-4374-9871-BBFBF2AEF0D1}\pando.exe1_ED0ECD11C6AB405E9A06D25E96BD6FD7.exe [25/10/2007 1:06:25]
    Sidebar.lnk - C:\Program Files\Windows Sidebar\sidebar.exe [10/01/2008 3:01:32]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
    Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [14/12/2004 12:44:06]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"=2 (0x2)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableTaskMgr"=0 (0x0)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
    @="Volume shadow copy"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
    @="IEEE 1394 Bus host controllers"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
    @="SBP2 IEEE 1394 Devices"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
    @="SecurityDevices"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
    bthsvcs BthServ


    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    C:\Windows\system32\unregmp2.exe /ShowWMP

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



    -- Hosts -----------------------------------------------------------------------

    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com

    8003 more entries in hosts file.


    -- End of Deckard's System Scanner: finished at 2008-03-19 19:33:41 ------------



    Le rapport extra.txt

    Deckard's System Scanner v20071014.68
    Extra logfile - please post this as an attachment with your post.
    --------------------------------------------------------------------------------

    -- System Information ----------------------------------------------------------

    Microsoft® Windows Vista™ Édition Familiale Premium (build 6000)
    Architecture: X86; Language: French

    CPU 0: AMD Athlon(tm) 64 X2 Dual-Core Processor TK-53
    Percentage of Memory in Use: 40%
    Physical Memory (total/avail): 1790.59 MiB / 1069.93 MiB
    Pagefile Memory (total/avail): 3807.97 MiB / 2701.38 MiB
    Virtual Memory (total/avail): 2047.88 MiB / 1920.09 MiB

    C: is Fixed (NTFS) - 55.89 GiB total, 1.26 GiB free.
    D: is Fixed (NTFS) - 49.06 GiB total, 32.41 GiB free.
    E: is CDROM (No Media)
    F: is CDROM (No Media)

    \\.\PHYSICALDRIVE0 - Hitachi HTS541612J9SA00 ATA Device - 111.79 GiB - 3 partitions
    \PARTITION0 - Unknown - 6.84 GiB
    \PARTITION1 (bootable) - Système de fichiers installable - 55.89 GiB - C:
    \PARTITION2 - Étendu avec Inter. 13 étendue - 49.06 GiB - D:



    -- Security Center -------------------------------------------------------------

    AUOptions is scheduled to auto-install.
    Windows Internal Firewall is disabled.

    FW: Pare Feu AVG 7.5.475 v7.5.475 (GRISOFT)
    FW: ZoneAlarm Firewall v7.1.254.000 (Check Point, LTD.) Disabled
    AV: Avira AntiVir PersonalEdition v 7.0.3.49
    (Avira GmbH) Disabled
    AV: AVG 7.5.488 v7.5.488 (GRISOFT)
    AS: Avira AntiVir PersonalEdition v 7.0.3.49
    (Avira GmbH) Disabled
    AS: AVG Anti-Spyware v7, 5, 1, 43 (GRISOFT s.r.o.) Disabled Outdated
    AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)

    [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    -- Environment Variables -------------------------------------------------------

    ALLUSERSPROFILE=C:\ProgramData
    APPDATA=C:\Users\kevin\AppData\Roaming
    CommonProgramFiles=C:\Program Files\Common Files
    COMPUTERNAME=PC-DE-KEVIN
    ComSpec=C:\Windows\system32\cmd.exe
    configsetroot=C:\Windows\ConfigSetRoot
    FP_NO_HOST_CHECK=NO
    HOMEDRIVE=C:
    HOMEPATH=\Users\kevin
    LOCALAPPDATA=C:\Users\kevin\AppData\Local
    LOGONSERVER=\\PC-DE-KEVIN
    NUMBER_OF_PROCESSORS=2
    OS=Windows_NT
    Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
    PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    PROCESSOR_ARCHITECTURE=x86
    PROCESSOR_IDENTIFIER=x86 Family 15 Model 104 Stepping 1, AuthenticAMD
    PROCESSOR_LEVEL=15
    PROCESSOR_REVISION=6801
    ProgramData=C:\ProgramData
    ProgramFiles=C:\Program Files
    PROMPT=$P$G
    PUBLIC=C:\Users\Public
    SystemDrive=C:
    SystemRoot=C:\Windows
    TEMP=C:\Users\kevin\AppData\Local\Temp
    TMP=C:\Users\kevin\AppData\Local\Temp
    tvdumpflags=8
    USERDOMAIN=PC-de-kevin
    USERNAME=kevin
    USERPROFILE=C:\Users\kevin
    windir=C:\Windows


    -- User Profiles ---------------------------------------------------------------

    kevin


    -- Add/Remove Programs ---------------------------------------------------------

    --> C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
    --> C:\Windows\UNNeroBackItUp.exe /UNINSTALL
    --> C:\Windows\UNNeroMediaHome.exe /UNINSTALL
    --> C:\Windows\UNNeroShowTime.exe /UNINSTALL
    --> C:\Windows\UNNeroVision.exe /UNINSTALL
    --> C:\Windows\UNRecode.exe /UNINSTALL
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0015-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0015-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0015-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0019-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0019-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0019-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001A-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {58FC5E37-DD28-4D4A-A549-125744C6763C}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {888B9AC7-8F5C-456B-A27A-157A6C310E52}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0410-0000-0000000FF1CE} /uninstall {B9896689-DF51-4A16-AAD5-002622D86C72}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {1120A001-69F4-43D2-83CE-716B2DC4366F}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00BA-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0100-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0101-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
    2007 Microsoft Office system --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL
    a-squared Anti-Malware 3.1 --> "C:\Program Files\a-squared Anti-Malware\unins000.exe"
    a-squared Free 3.1 --> "C:\Program Files\a-squared Free\unins000.exe"
    Activation Assistant for the 2007 Microsoft Office suites --> "C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
    Ad-Aware 2007 --> MsiExec.exe /X{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
    Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Reader 7.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
    Age of Empires III --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{485775E8-AEB8-46BD-922B-242879E03DD5}
    Age of Empires III - The Asian Dynasties --> C:\Program Files\InstallShield Installation Information\{C43C1415-3DFC-4089-9A32-0BECF28A6046}\install.exe -runfromtemp -l0x040c
    Age of Empires III - The WarChiefs --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{1C08A24C-B168-407E-A826-68FAF5F20710}
    ALPS Touch Pad Driver --> C:\Program Files\Apoint2K\Uninstap.exe ADDREMOVE
    AML Free Registry Cleaner 3.2 --> "C:\Program Files\AML Products\Registry Cleaner\unins000.exe"
    Arovax AntiSpyware 2.1.143 --> C:\Program Files\Arovax AntiSpyware\uninst.exe
    Aspell French Dictionary-0.50-3 --> "C:\Program Files\Aspell\unins001.exe"
    Assistant de connexion Windows Live --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
    ASUS Data Security Manager --> C:\Program Files\InstallShield Installation Information\{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}\SETUP.exe -runfromtemp -l0x0009 -removeonly
    ASUS InstantFun --> MsiExec.exe /I{57B15AD4-8C9D-4164-82BB-E33D8644E757}
    ASUS Live Update --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\setup.exe" -l0x9
    Asus MultiFrame --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9D48531D-2135-49FC-BC29-ACCDA5396A76}\setup.EXE" -l0x9
    ASUS Splendid Video Enhancement Technology --> C:\Program Files\InstallShield Installation Information\{C0FC1C14-4824-4A73-87A6-9E888C9C3102}\SETUP.exe -runfromtemp -l0x0009 -removeonly
    Asus_Camera_ScreenSaver --> "C:\Windows\ASUS Camera ScreenSaver Uninstaller.exe"
    Atheros Driver Installation Program --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\SETUP.exe" -l0x9 -removeonly
    ATI Uninstaller --> C:\Program Files\ATI\CIM\Bin\Atisetup.exe -uninstall all
    ATK Generic Function Service --> C:\Program Files\InstallShield Installation Information\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}\SETUP.exe -runfromtemp -l0x0009 -removeonly
    ATK Hotkey --> C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\SETUP.exe -runfromtemp -l0x0009 -removeonly
    ATK Media --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}\SETUP.EXE" -l0x9
    ATKOSD2 --> C:\Program Files\InstallShield Installation Information\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}\SETUP.exe -runfromtemp -l0x0009 -removeonly
    AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
    Avira AntiVir PersonalEdition Classic --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
    AVS Cover Editor 1.3.1.81 (AVSMedia) --> "C:\Program Files\AVSMedia\CoverEditor\unins000.exe"
    AVS DVD Copy version 1.4 --> "C:\Program Files\AVSMedia\DVDCopy\unins000.exe"
    Azureus Vuze --> C:\Program Files\Azureus\uninstall.exe
    Bibliothèques GTK+ 2.12.1 rev b (supprimer uniquement) --> C:\Program Files\Common Files\GTK\2.0\uninst.exe
    CamfrogWEB Advanced ActiveX Plugin (remove only) --> "C:\Program Files\CFWebAdvancedU\Uninstall.exe"
    CamfrogWeb Custom ActiveX Plugin (remove only) --> "C:\Program Files\CFWebVCOOL\Uninstall.exe"
    CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
    CDBurnerXP --> "C:\Program Files\CDBurnerXP\unins000.exe"
    CodeStuff Starter --> "C:\Program Files\CodeStuff\Starter\unStarter.exe"
    Combined Community Codec Pack 2007-07-22 --> "C:\Program Files\Combined Community Codec Pack\unins000.exe"
    DVD Shrink 3.2 --> "C:\Program Files\DVD Shrink\unins000.exe"
    eMule --> "C:\Program Files\eMule\Uninstall.exe"
    Football Manager 2008 --> "C:\Program Files\Sports Interactive\Football Manager 2008\Uninstall_Football Manager 2008\Uninstall Football Manager 2008.exe"
    Galerie de photos Windows Live --> MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
    GNU Aspell 0.50-3 --> "C:\Program Files\Aspell\unins000.exe"
    Groom --> C:\Program Files\Toox\Groom\uninst.exe
    HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
    Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    KeyScrambler --> C:\Program Files\KeyScrambler\uninstall.exe
    LifeFrame2 --> MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
    LogonStudio Vista --> C:\PROGRA~1\Stardock\OBJECT~1\LOGONS~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\LOGONS~1\INSTALL.LOG
    Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Microsoft Office Access MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE}
    Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
    Microsoft Office Access MUI (French) 2007 --> MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
    Microsoft Office Access MUI (German) 2007 --> MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}
    Microsoft Office Access MUI (Italian) 2007 --> MsiExec.exe /X{90120000-0015-0410-0000-0000000FF1CE}
    Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
    Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
    Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
    Microsoft Office Excel MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE}
    Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
    Microsoft Office Excel MUI (French) 2007 --> MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
    Microsoft Office Excel MUI (German) 2007 --> MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
    Microsoft Office Excel MUI (Italian) 2007 --> MsiExec.exe /X{90120000-0016-0410-0000-0000000FF1CE}
    Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
    Microsoft Office Groove MUI (French) 2007 --> MsiExec.exe /X{90120000-00BA-040C-0000-0000000FF1CE}
    Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (French) 2007 --> MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
    Microsoft Office Language Pack 2007 - French/Français --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall OMUI.FR-FR /dll OSETUP.DLL
    Microsoft Office Language Pack 2007 Service Pack 1 (SP1) --> msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
    Microsoft Office Language Pack 2007 Service Pack 1 (SP1) --> msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
    Microsoft Office O MUI (French) 2007 --> MsiExec.exe /X{90120000-0100-040C-0000-0000000FF1CE}
    Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
    Microsoft Office OneNote MUI (French) 2007 --> MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (French) 2007 --> MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (German) 2007 --> MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (Italian) 2007 --> MsiExec.exe /X{90120000-001A-0410-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (French) 2007 --> MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (German) 2007 --> MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (Italian) 2007 --> MsiExec.exe /X{90120000-0018-0410-0000-0000000FF1CE}
    Microsoft Office Professional Hybrid 2007 --> MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE}
    Microsoft Office Professional Plus 2007 --> MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
    Microsoft Office Proof (Arabic) 2007 --> MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2007 --> MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007 --> MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Italian) 2007 --> MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (Dutch) 2007 --> MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}
    Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007 --> MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Proofing (German) 2007 --> MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
    Microsoft Office Proofing (Italian) 2007 --> MsiExec.exe /X{90120000-002C-0410-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (French) 2007 --> MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (German) 2007 --> MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (Italian) 2007 --> MsiExec.exe /X{90120000-0019-0410-0000-0000000FF1CE}
    Microsoft Office Shared MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}
    Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
    Microsoft Office Shared MUI (French) 2007 --> MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (German) 2007 --> MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
    Microsoft Office Shared MUI (Italian) 2007 --> MsiExec.exe /X{90120000-006E-0410-0000-0000000FF1CE}
    Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
    Microsoft Office SharePoint Designer 2007 Service Pack 1 (SP1) --> msiexec /package {90120000-0017-040C-0000-0000000FF1CE} /uninstall {5DD79E02-6B69-4BC5-AFA8-914C6A910458}
    Microsoft Office SharePoint Designer MUI (French) 2007 --> MsiExec.exe /X{90120000-0017-040C-0000-0000000FF1CE}
    Microsoft Office Word MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE}
    Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
    Microsoft Office Word MUI (French) 2007 --> MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
    Microsoft Office Word MUI (German) 2007 --> MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
    Microsoft Office Word MUI (Italian) 2007 --> MsiExec.exe /X{90120000-001B-0410-0000-0000000FF1CE}
    Microsoft Office X MUI (French) 2007 --> MsiExec.exe /X{90120000-0101-040C-0000-0000000FF1CE}
    Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU] --> MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
    Motorola SM56 Speakerphone Modem --> rundll32.exe sm56co6a.dll,SM56UnInstaller
    Mozilla Firefox (2.0.0.12) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
    MSXML4 Parser --> MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
    NB Probe --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}\setup.exe" -l0x9
    Nero 8 Demo --> MsiExec.exe /X{5E6EC4DD-7B1F-4E10-82B9-EA1B90791036}
    neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    Net4Switch --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9D6D7811-43B3-463C-BC79-5D1755269989}\setup.EXE" -l0x9
    ONES Trial (F) --> C:\Windows\InZU31.exe /U:C:\Program Files\ONES Trial (F)\Uninstall.inz /L:f /K:o NES(F)
    Pack themes tytynono --> C:\Windows\Resources\Themes\Uninstal.exe
    Pando --> MsiExec.exe /I{C0B0FA55-D4E9-4374-9871-BBFBF2AEF0D1}
    Pidgin --> C:\Program Files\Pidgin\pidgin-uninst.exe
    Power4Gear eXtreme --> C:\Program Files\InstallShield Installation Information\{8CFEBE9C-F29F-4C49-80E0-7106970F8734}\SETUP.exe -runfromtemp -l0x0009 -removeonly
    PowerForPhone --> C:\Program Files\InstallShield Installation Information\{FC3D290D-79BE-44B7-ABF9-FDD110925930}\setup.exe -runfromtemp -l0x0009 -removeonly
    Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista --> C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\SETUP.exe -runfromtemp -l0x0009 -removeonly
    Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.exe" -l0x9 -removeonly
    RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\SETUP.EXE" -l0x9 anything
    Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for Excel 2007 (KB946974) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}
    Security Update for Excel 2007 (KB946974) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}
    Security Update for Excel 2007 (KB946974) --> msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}
    Security Update for Office 2007 (KB947801) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}
    Security Update for Office 2007 (KB947801) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}
    Security Update for Office 2007 (KB947801) --> msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}
    Security Update for Outlook 2007 (KB946983) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3}
    Security Update for Outlook 2007 (KB946983) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3}
    Security Update for Outlook 2007 (KB946983) --> msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3}
    Shareaza 2.3.1.0 --> "C:\Program Files\Shareaza\Uninstall\unins000.exe"
    SimCity™ Sociétés --> MsiExec.exe /X{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}
    Skype™ 3.5 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
    Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins001.exe"
    Spybot - Search & Destroy 1.5.2.20 --> "C:\Windows\unins000.exe"
    System Requirements Lab --> C:\Program Files\SystemRequirementsLab\Uninstall.exe
    Todae - Live Media --> C:\Program Files\Windows Media Player\Plugins\Todae\RMP\uninstall_fr.exe
    Update for Outlook 2007 Junk Email Filter (kb947945) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E397056B-7AE5-4FF1-8B13-276BF8201847}
    Update for Outlook 2007 Junk Email Filter (kb947945) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E397056B-7AE5-4FF1-8B13-276BF8201847}
    Update for Outlook 2007 Junk Email Filter (kb947945) --> msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {E397056B-7AE5-4FF1-8B13-276BF8201847}
    Update Service --> C:\Program Files\Sony Ericsson\Update Service\uninst.exe
    USB2.0 1.3M WebCam --> C:\Windows\StkUnist.exe
    VCRedistSetup --> MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
    Version d'évaluation de Microsoft Office Professional Plus 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
    VideoLAN VLC media player 0.8.6d --> C:\Program Files\VideoLAN\VLC\uninstall.exe
    VistaGlazz --> MsiExec.exe /X{CCBCD550-D91D-443D-9CF0-0CD02D2FDB95}
    Windows Live installer --> MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Mail --> MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
    Windows Live Messenger --> MsiExec.exe /X{F1E17FB0-12BC-45D0-ABA3-287F2A1E3A1E}
    Windows Live Writer --> MsiExec.exe /X{3DFF4274-EBB0-4356-9692-972965018954}
    Windows Media Player Firefox Plugin --> MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    WinFlash --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE10AB76-4756-4913-BE25-55D1C1051F9A}\setup.exe" -l0x9
    WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
    Wireless Console 2 --> C:\Program Files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\SETUP.exe -runfromtemp -l0x0009 -removeonly
    ZoneAlarm --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe


    -- Application Event Log -------------------------------------------------------

    Event Record #/Type11675 / Error
    Event Submitted/Written: 03/19/2008 07:21:28 PM
    Event ID/Source: 5007 / WerSvc
    Event Description:
    Impossible d’analyser le fichier cible de la plateforme de signalement de problèmes Windows (fichier DLL contenant la liste des problèmes de l’ordinateur et nécessitant la collecte de données supplémentaires à des fins de diagnostic). Le code d’erreur était : 8014FFF9.

    Event Record #/Type11674 / Success
    Event Submitted/Written: 03/19/2008 07:21:25 PM
    Event ID/Source: 5617 / WinMgmt
    Event Description:


    Event Record #/Type11673 / Success
    Event Submitted/Written: 03/19/2008 07:21:23 PM
    Event ID/Source: 5615 / WinMgmt
    Event Description:


    Event Record #/Type11669 / Success
    Event Submitted/Written: 03/19/2008 07:20:58 PM
    Event ID/Source: 902 / Software Licensing Service
    Event Description:
    Le service de gestion des licences du logiciel a démarré.

    Event Record #/Type11656 / Error
    Event Submitted/Written: 03/19/2008 07:00:24 PM
    Event ID/Source: 5007 / WerSvc
    Event Description:
    Impossible d’analyser le fichier cible de la plateforme de signalement de problèmes Windows (fichier DLL contenant la liste des problèmes de l’ordinateur et nécessitant la collecte de données supplémentaires à des fins de diagnostic). Le code d’erreur était : 8014FFF9.



    -- Security Event Log ----------------------------------------------------------

    No Errors/Warnings found.


    -- System Event Log ------------------------------------------------------------

    Event Record #/Type52422 / Error
    Event Submitted/Written: 03/19/2008 07:31:30 PM
    Event ID/Source: 7000 / Service Control Manager
    Event Description:
    lvupdtio%%193

    Event Record #/Type52420 / Warning
    Event Submitted/Written: 03/19/2008 07:30:04 PM
    Event ID/Source: 3004 / WinDefend
    Event Description:
    L’agent de protection en temps réel %PC-de-kevin27 a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. %PC-de-kevin27 ne peut pas annuler les modifications que vous autorisez.

    Pour plus d’informations, consultez les données suivantes :
    %PC-de-kevin275

    ID d’analyse : {EE15FB37-8C66-4632-9F5A-AF113A380590}

    Utilisateur : PC-de-kevin\kevin

    Nom : %PC-de-kevin271

    ID : %PC-de-kevin272

    ID de gravité : %PC-de-kevin273

    ID de catégorie : %PC-de-kevin274

    Chemin d’accès trouvé : %PC-de-kevin276

    Type d’alerte : %PC-de-kevin278

    Type de détection : 1.1.1505.02

    Event Record #/Type52419 / Warning
    Event Submitted/Written: 03/19/2008 07:30:04 PM
    Event ID/Source: 3004 / WinDefend
    Event Description:
    L’agent de protection en temps réel %PC-de-kevin27 a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. %PC-de-kevin27 ne peut pas annuler les modifications que vous autorisez.

    Pour plus d’informations, consultez les données suivantes :
    %PC-de-kevin275

    ID d’analyse : {D6AD5686-1745-46A4-BB88-6F662DF137C8}

    Utilisateur : PC-de-kevin\kevin

    Nom : %PC-de-kevin271

    ID : %PC-de-kevin272

    ID de gravité : %PC-de-kevin273

    ID de catégorie : %PC-de-kevin274

    Chemin d’accès trouvé : %PC-de-kevin276

    Type d’alerte : %PC-de-kevin278

    Type de détection : 1.1.1505.02

    Event Record #/Type52418 / Warning
    Event Submitted/Written: 03/19/2008 07:30:04 PM
    Event ID/Source: 3004 / WinDefend
    Event Description:
    L’agent de protection en temps réel %PC-de-kevin27 a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. %PC-de-kevin27 ne peut pas annuler les modifications que vous autorisez.

    Pour plus d’informations, consultez les données suivantes :
    %PC-de-kevin275

    ID d’analyse : {F3E718DA-7285-4179-BC70-BC93827AEBEF}

    Utilisateur : PC-de-kevin\kevin

    Nom : %PC-de-kevin271

    ID : %PC-de-kevin272

    ID de gravité : %PC-de-kevin273

    ID de catégorie : %PC-de-kevin274

    Chemin d’accès trouvé : %PC-de-kevin276

    Type d’alerte : %PC-de-kevin278

    Type de détection : 1.1.1505.02

    Event Record #/Type52417 / Warning
    Event Submitted/Written: 03/19/2008 07:30:04 PM
    Event ID/Source: 3004 / WinDefend
    Event Description:
    L’agent de protection en temps réel %PC-de-kevin27 a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. %PC-de-kevin27 ne peut pas annuler les modifications que vous autorisez.

    Pour plus d’informations, consultez les données suivantes :
    %PC-de-kevin275

    ID d’analyse : {7E4632BE-4740-4825-B4DA-F62A25959DB2}

    Utilisateur : PC-de-kevin\kevin

    Nom : %PC-de-kevin271

    ID : %PC-de-kevin272

    ID de gravité : %PC-de-kevin273

    ID de catégorie : %PC-de-kevin274

    Chemin d’accès trouvé : %PC-de-kevin276

    Type d’alerte : %PC-de-kevin278

    Type de détection : 1.1.1505.02



    -- End of Deckard's System Scanner: finished at 2008-03-19 19:33:41 ------------



    Un grand merci de ton aide :) 
    19 Mars 2008 22:42:07

    Re,

    Télécharge MalwareByte's Anti-Malware et installe le.

    ~Redémarre l'ordinateur en mode sans échec (F8 au démarrage de l'ordinateur)
    Aide


  • Lance MalwareByte's Anti-Malware et sélectionne "Exécuter un examen complet". Patiente le temps du scan.
  • Une fois le scan terminé,clique sur "Afficher les résultats" et enregistre le rapport sur ton Bureau.
  • Clique enfin sur "Supprimer la sélection".

    Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.
    Aide

    ;) 
    20 Mars 2008 17:51:23

    voila voila le dernier rapport que j'ai eu

    Malwarebytes' Anti-Malware 1.09
    Version de la base de données: 508

    Type de recherche: Examen complet (C:\|D:\|)
    Eléments examinés: 188644
    Temps écoulé: 37 minute(s), 59 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    20 Mars 2008 17:53:32

    Re,

    Comment va le PC ? Pour le moment je ne vois rien d'alarmant dans tous ces rapports, mais j'ai pu passer à côté de quelque chose, on va vérifier :super:

  • Fais un scan en ligne Kaspersky avec Internet Explorer :
  • Clique sur
  • Clique maintenant sur J'accepte.
  • Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
  • Patiente pendant l'installation des Mises à jour.
  • Choisis par la suite l'analyse du Poste de travail
  • Sauvegarde puis colle le rapport généré en fin d'analyse.

    AIDE : Tuto sur le scan en ligne

    NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.
    20 Mars 2008 18:34:15

    le pc toujours la meme chose sauf que firefox a quelque petit problème mais moins souvent déjà 1fois sur 10 je dois redémarrer le pc

    je vais faire le scan et je te tiens au courant ;) 
    20 Mars 2008 21:38:19

    rien de trouver avec le scan ;) 

    un grand merci
    20 Mars 2008 21:43:19

    Re,

    Outre ton problème, as-tu d'autres symptômes ?
    20 Mars 2008 22:19:32

    non plus rien ;) 

    meme rundll32 n'apparait plus qu'une fois ;)  c'est bizzare :D 

    ah l'informatique
    21 Mars 2008 19:09:56

    Salut !

    Tu peux me reposter un rapport hijackthis que je m'assure que tout est ok ? :p 
    22 Mars 2008 19:11:54

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:28:39, on 19/03/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16609)
    Boot mode: Normal

    Running processes:
    C:\Windows\System32\smss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\services.exe
    C:\Windows\system32\winlogon.exe
    C:\Windows\system32\lsass.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\Ati2evxx.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\Ati2evxx.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\ATK Hotkey\Hcontrol.exe
    C:\Program Files\ATKOSD2\ATKOSD2.exe
    C:\Program Files\Wireless Console 2\wcourier.exe
    C:\Program Files\ASUS\Splendid\ACMON.exe
    C:\Program Files\P4G\BatteryLife.exe
    C:\Windows\System32\ACEngSvr.exe
    C:\Program Files\ATK Hotkey\ATKOSD.exe
    C:\Program Files\ATK Hotkey\KBFiltr.exe
    C:\Program Files\a-squared Anti-Malware\a2service.exe
    C:\Program Files\a-squared Free\a2service.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\Program Files\CDBurnerXP\NMSAccessU.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\StkCSrv.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\ASUS\ATK Media\DMedia.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Pando Networks\Pando\pando.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\Apoint2K\ApMsgFwd.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Apoint2K\HidFind.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Program Files\Apoint2K\Apvfb.exe
    C:\Users\kevin\Desktop\dss.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\conime.exe
    C:\PROGRA~1\TRENDM~1\HIJACK~1\kevin.exe
    C:\Windows\system32\wbem\wmiprvse.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [SysMon] C:\Windows\system32\rundll32.exe "C:\ProgramData\SysMon\SysMon.dll" rdl
    O4 - HKLM\..\Run: [win16dll] C:\Program Files\10BE9\Advanced Invisible Keylogger.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" /d=60
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Startup: Pando.lnk = ?
    O4 - Startup: Sidebar.lnk = D:\Program Files\Windows Sidebar\sidebar.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: Groom - {66F83792-DAE1-4823-8F20-ADA94B33A4FF} - C:\Program Files\Toox\Groom\Groom.exe (HKCU)
    O13 - Gopher Prefix:
    O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.2.20/cfweb_a...
    O16 - DPF: {7B93CAE6-29D1-4E4C-82EF-8648E29FB31F} (CamfrogWEB Advanced Unicode Control) - http://www.visiocool.com/download/cfweb_www.visiocool.c...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
    O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

    --
    End of file - 12126 bytes
    22 Mars 2008 19:14:42

    :hello: 

    Désactive l'UAC ( Menu Démarrer \ Panneau de Configuration \ Comptes d'utilisateurs et protection des utilisateurs \ Comptes d'utilisateurs \ Activer ou désactiver le contrôle des comptes d'utilisateurs \ décoche la case Utiliser le contrôle ...
    et valide par OK , il te sera demandé de redémarrer, fais le )


    1) Désactive toute protection résidente ( antivirus…) !

    Télécharge Combofix de sUBs :
    http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    Sauvegarde le sur ton bureau et pas ailleurs !


    Redémarre en mode sans échecs : aide ici >>>

    http://forum.telecharger.01net.com/telecharger/virus_et...
    /!\ Ne jamais redémarrer en mode sans échec via msconfig ! /!\

    Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
    Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

    2) Copie/colle un nouveau rapport HiJackThis avec.

    ;) 
    26 Mars 2008 20:09:16

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:28:39, on 19/03/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16609)
    Boot mode: Normal

    Running processes:
    C:\Windows\System32\smss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\services.exe
    C:\Windows\system32\winlogon.exe
    C:\Windows\system32\lsass.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\Ati2evxx.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\Ati2evxx.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\ATK Hotkey\Hcontrol.exe
    C:\Program Files\ATKOSD2\ATKOSD2.exe
    C:\Program Files\Wireless Console 2\wcourier.exe
    C:\Program Files\ASUS\Splendid\ACMON.exe
    C:\Program Files\P4G\BatteryLife.exe
    C:\Windows\System32\ACEngSvr.exe
    C:\Program Files\ATK Hotkey\ATKOSD.exe
    C:\Program Files\ATK Hotkey\KBFiltr.exe
    C:\Program Files\a-squared Anti-Malware\a2service.exe
    C:\Program Files\a-squared Free\a2service.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\Program Files\CDBurnerXP\NMSAccessU.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\StkCSrv.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\ASUS\ATK Media\DMedia.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Pando Networks\Pando\pando.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\Apoint2K\ApMsgFwd.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Apoint2K\HidFind.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Program Files\Apoint2K\Apvfb.exe
    C:\Users\kevin\Desktop\dss.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\conime.exe
    C:\PROGRA~1\TRENDM~1\HIJACK~1\kevin.exe
    C:\Windows\system32\wbem\wmiprvse.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [SysMon] C:\Windows\system32\rundll32.exe "C:\ProgramData\SysMon\SysMon.dll" rdl
    O4 - HKLM\..\Run: [win16dll] C:\Program Files\10BE9\Advanced Invisible Keylogger.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" /d=60
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Startup: Pando.lnk = ?
    O4 - Startup: Sidebar.lnk = D:\Program Files\Windows Sidebar\sidebar.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: Groom - {66F83792-DAE1-4823-8F20-ADA94B33A4FF} - C:\Program Files\Toox\Groom\Groom.exe (HKCU)
    O13 - Gopher Prefix:
    O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.2.20/cfweb_a...
    O16 - DPF: {7B93CAE6-29D1-4E4C-82EF-8648E29FB31F} (CamfrogWEB Advanced Unicode Control) - http://www.visiocool.com/download/cfweb_www.visiocool.c...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
    O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

    --
    End of file - 12126 bytes



    LOG COMBO

    ComboFix 08-03-25.4 - kevin 2008-03-26 19:43:06.1 - NTFSx86 MINIMAL
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1380 [GMT 1:00]
    Endroit: C:\Users\kevin\Desktop\ComboFix.exe
    .
    -- Script messages for sUBs --
    GREP -Fis \baiso
    VFind -td "C:\Windows\system32\*"
    pv -d20000 * -t -l

    ((((((((((((((((((((((((((((( Fichiers créés 2008-02-26 to 2008-03-26 ))))))))))))))))))))))))))))))))))))
    .

    Pas de nouveau fichier créé dans cet espace de temps

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-03-26 14:23 --------- d-----w C:\Program Files\File Scavenger 3.2
    2008-03-26 12:29 352,614 ---ha-w C:\Windows\system32\drivers\vsconfig.xml
    2008-03-24 14:49 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-03-24 14:49 --------- d-----w C:\Program Files\PC Inspector File Recovery
    2008-03-22 21:42 --------- d-----w C:\Program Files\a-squared Free
    2008-03-22 21:39 --------- d-----w C:\Program Files\Executive Software
    2008-03-22 21:38 --------- d-----w C:\Program Files\CDBurnerXP
    2008-03-22 21:18 --------- d-----w C:\Program Files\ManyCam 2.2
    2008-03-21 19:54 --------- d-----w C:\Program Files\Movie Collection
    2008-03-20 03:23 --------- d-----w C:\Users\kevin\AppData\Roaming\Malwarebytes
    2008-03-20 03:23 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
    2008-03-20 03:23 --------- d-----w C:\PROGRA~2\Malwarebytes
    2008-03-18 21:26 237,902,871 ----a-w C:\Windows\DUMP4b42.tmp
    2008-03-17 19:35 --------- d-----w C:\Users\kevin\AppData\Roaming\CDBurnerXP_Soft
    2008-03-17 19:21 --------- d-----w C:\PROGRA~2\AVS4YOU
    2008-03-17 19:19 --------- d-----w C:\Program Files\Common Files\AVSMedia
    2008-03-17 19:19 --------- d-----w C:\Program Files\AVSMedia
    2008-03-17 18:05 --------- d-----w C:\Program Files\a-squared Anti-Malware
    2008-03-17 11:49 --------- d-----w C:\Program Files\10BE9
    2008-03-17 01:23 --------- d-----w C:\Program Files\Trend Micro
    2008-03-16 22:44 --------- d-----w C:\Users\kevin\AppData\Roaming\Shareaza
    2008-03-16 20:55 --------- d-----w C:\Users\kevin\AppData\Roaming\Grisoft
    2008-03-16 20:53 --------- d-----w C:\PROGRA~2\Grisoft
    2008-03-12 16:42 --------- d-----w C:\Program Files\Windows Mail
    2008-03-12 16:38 --------- d-----w C:\PROGRA~2\Microsoft Help
    2008-03-11 21:26 --------- d-----w C:\Users\kevin\AppData\Roaming\.purple
    2008-03-10 08:37 --------- d-----w C:\PROGRA~2\66c163f
    2008-03-09 22:58 --------- d-----w C:\PROGRA~2\8c9c54f
    2008-03-09 17:02 --------- d-----w C:\PROGRA~2\SysMon
    2008-03-05 03:11 --------- d-----w C:\Program Files\Java
    2008-03-04 03:36 --------- d-----w C:\Users\kevin\AppData\Roaming\SystemRequirementsLab
    2008-03-04 03:36 --------- d-----w C:\Program Files\SystemRequirementsLab
    2008-03-03 18:21 --------- d-----w C:\Users\kevin\AppData\Roaming\Azureus
    2008-03-03 18:17 --------- d-----w C:\PROGRA~2\Azureus
    2008-03-03 18:15 --------- d-----w C:\Program Files\Azureus
    2008-03-03 16:39 --------- d-----w C:\Program Files\Toox
    2008-03-03 13:06 279,440 ----a-w C:\Windows\system32\drivers\vsdatant.sys
    2008-03-02 13:54 --------- d-----w C:\Program Files\Arovax AntiSpyware
    2008-03-01 18:22 --------- d-----w C:\Program Files\Microsoft Silverlight
    2008-03-01 17:44 --------- d-----w C:\Program Files\OpenOffice.org 2.3
    2008-02-27 02:02 --------- d-----w C:\Program Files\Windows Live
    2008-02-26 18:07 --------- d-----w C:\Program Files\MSN Messenger
    2008-02-26 15:28 --------- d-----w C:\Users\kevin\AppData\Roaming\gtk-2.0
    2008-02-26 15:17 --------- d-----w C:\Program Files\Pidgin
    2008-02-26 15:17 --------- d-----w C:\Program Files\Aspell
    2008-02-26 15:12 --------- d-----w C:\Program Files\Common Files\GTK
    2008-02-24 01:58 --------- d-----w C:\Users\kevin\AppData\Roaming\Skype
    2008-02-23 14:13 --------- d-----w C:\PROGRA~2\Spybot - Search & Destroy
    2008-02-23 14:03 --------- d-----w C:\Program Files\Spybot - Search & Destroy
    2008-02-23 04:37 691,545 ----a-w C:\Windows\unins000.exe
    2008-02-18 12:41 --------- d-----w C:\Users\kevin\AppData\Roaming\vlc
    2008-02-14 02:11 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
    2008-02-14 02:09 54,784 ----a-w C:\Windows\system32\drivers\i8042prt.sys
    2008-02-14 02:09 495,160 ----a-w C:\Windows\system32\drivers\Wdf01000.sys
    2008-02-14 02:09 35,384 ----a-w C:\Windows\system32\drivers\WdfLdr.sys
    2008-02-14 02:09 35,384 ----a-w C:\Windows\system32\drivers\kbdclass.sys
    2008-02-14 02:09 34,360 ----a-w C:\Windows\system32\drivers\mouclass.sys
    2008-02-14 02:09 19,968 ----a-w C:\Windows\system32\drivers\sermouse.sys
    2008-02-14 02:09 15,872 ----a-w C:\Windows\system32\drivers\mouhid.sys
    2008-02-14 02:07 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
    2008-02-14 02:07 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
    2008-02-14 02:07 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
    2008-02-14 02:07 15,928 ----a-w C:\Windows\system32\drivers\pciide.sys
    2008-02-14 02:07 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
    2008-02-14 02:05 806,400 ----a-w C:\Windows\system32\drivers\tcpip.sys
    2008-02-14 02:05 217,144 ----a-w C:\Windows\system32\drivers\netio.sys
    2008-02-14 02:04 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
    2008-02-14 02:04 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
    2008-02-14 02:04 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
    2008-02-14 02:04 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
    2008-02-14 02:01 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
    2008-02-11 17:46 --------- d-----w C:\Program Files\Microsoft Visual Studio 8
    2008-02-11 14:33 --------- d-----w C:\PROGRA~2\DVD Shrink
    2008-02-09 16:41 --------- d-----w C:\PROGRA~2\Lavasoft
    2008-02-07 03:16 --------- d-----w C:\Users\kevin\AppData\Roaming\OpenOffice.org2
    2008-02-07 03:13 --------- d-----w C:\Program Files\CodeStuff
    2008-02-05 18:27 --------- d-----w C:\Program Files\Shareaza
    2008-02-01 10:17 587,264 ----a-w C:\Windows\WLXPGSS.SCR
    2008-01-30 09:11 764,416 ----a-w C:\Windows\system32\drivers\athr.sys
    2007-10-24 20:05 174 --sha-w C:\Program Files\desktop.ini
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-11-07 15:34 3739672]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 13:36 201728]
    "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:35 125440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-08-21 04:44 1006264]
    "ATKMEDIA"="C:\Program Files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 16:27 61440]
    "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2006-09-12 02:22 155648]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
    "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-12-10 02:50 249896]
    "SysMon"="C:\ProgramData\SysMon\SysMon.dll" [2008-01-24 11:04 626688]
    "win16dll"="C:\Program Files\10BE9\Advanced Invisible Keylogger.exe" [2008-03-02 02:18 875008]
    "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]
    "a-squared"="C:\Program Files\a-squared Anti-Malware\a2guard.exe" [2008-01-07 17:56 1816208]
    "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-03-03 14:05 959976]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "GrpConv"="grpconv -o" []

    C:\Users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    OneNote 2007 - Capture d'‚cran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2007-08-24 04:45:42 101784]
    Pando.lnk - C:\Windows\Installer\{C0B0FA55-D4E9-4374-9871-BBFBF2AEF0D1}\pando.exe1_ED0ECD11C6AB405E9A06D25E96BD6FD7.exe [2007-10-25 01:06:25 65536]
    Sidebar.lnk - C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-10 03:01:32 1232896]

    C:\Users\kevin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\
    OneNote 2007 - Capture d'‚cran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2007-08-24 04:45:42 101784]
    Pando.lnk - C:\Windows\Installer\{C0B0FA55-D4E9-4374-9871-BBFBF2AEF0D1}\pando.exe1_ED0ECD11C6AB405E9A06D25E96BD6FD7.exe [2007-10-25 01:06:25 65536]
    Sidebar.lnk - C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-10 03:01:32 1232896]

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{F01999D2-77A4-472B-8A54-BAC91DEE533A}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
    "{2056789D-C8DE-470C-A896-EF149D489898}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
    "{304923AA-7DEF-46DE-B56E-8390D93941AF}"= UDP:C:\Program Files\eMule\emule.exe:eMule
    "{CB0F6EE7-6D3A-4F43-95D7-B7290B1A7578}"= TCP:C:\Program Files\eMule\emule.exe:eMule
    "{DEE08080-368B-4B63-888C-6CC3A141010D}"= UDP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008
    "{F62FA147-A80D-4A32-9BAB-57C442467E81}"= TCP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008
    "{742DB572-3EDA-45FE-9A7D-425B283D6F9A}"= UDP:C:\Program Files\Shareaza\Shareaza.exe:Shareaza
    "{51568A5C-ADDA-4936-86FD-776B153BB63F}"= TCP:C:\Program Files\Shareaza\Shareaza.exe:Shareaza
    "{9355AB17-4F78-41AD-94FB-53E65E070870}"= UDP:D :\Microsoft Games\Age of Empires III\age3x.exe:Age of Empires III - The WarChiefs
    "{6EE90711-9C2A-4C43-A18D-668F9D404326}"= TCP:D :\Microsoft Games\Age of Empires III\age3x.exe:Age of Empires III - The WarChiefs
    "{1F94DB6A-945C-447F-8922-B32F52467F71}"= UDP:D :\Microsoft Games\Age of Empires III\age3y.exe:Age of Empires III - The Asian Dynasties
    "{DF209811-ED37-4841-A062-D5564EDCA3EB}"= TCP:D :\Microsoft Games\Age of Empires III\age3y.exe:Age of Empires III - The Asian Dynasties
    "{3EEC63A7-3D8F-486D-AF16-E16796A74B23}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
    "{1D0A8B19-DD60-4CD1-9463-A8DD3CD8709D}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
    "{DF31C327-4C54-477E-A06D-119D361FA91D}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{0DE53446-D3FD-494D-B248-72C417E2C92B}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{8BCD74E6-EE33-4F29-8214-209C417FC2C3}"= C:\Program Files\Windows Live\Messenger\wlcsdk.exe:Windows Live Messenger (Phone)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
    "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
    "EnableFirewall"= 0 (0x0)

    R3 KeyScrambler;KeyScrambler;C:\Windows\system32\drivers\keyscrambler.sys [2007-12-29 15:35]
    S2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;C:\Windows\System32\StkCSrv.exe [2007-02-07 11:44]
    S3 athr;Atheros Extensible Wireless LAN device driver;C:\Windows\system32\DRIVERS\athr.sys [2008-01-30 10:11]
    S3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-03-14 15:04]
    S3 ggflt;SEMC USB Flash Driver Filter;C:\Windows\system32\DRIVERS\ggflt.sys [2008-01-01 22:45]
    S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\Windows\system32\DRIVERS\ManyCam.sys [2008-01-14 11:06]
    S3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;C:\Windows\system32\Drivers\StkCMini.sys [2007-02-13 05:41]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bthsvcs REG_MULTI_SZ BthServ

    *Newly Created Service* - CATCHME
    *Newly Created Service* - ECACHE
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-26 19:55:10
    Windows 6.0.6000 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-03-26 19:56:06
    ComboFix-quarantined-files.txt 2008-03-26 18:56:03
    .
    2008-03-25 19:57:31 --- E O F ---
    26 Mars 2008 22:14:18

    Re,

  • Fais un scan en ligne Kaspersky avec Internet Explorer :
  • Clique sur
  • Clique maintenant sur J'accepte.
  • Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
  • Patiente pendant l'installation des Mises à jour.
  • Choisis par la suite l'analyse du Poste de travail
  • Sauvegarde puis colle le rapport généré en fin d'analyse.

    AIDE : Tuto sur le scan en ligne

    NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.

    ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS