Virus chez Capdec

OK. Merci pour tout. Je lance l'installation de Windows XP Service Pack 3 et je vais me coucher. Bonne nuit. :)

Bonjour,

Le passage de SP2 à SP3 s'est bien déroulé, ce qui veut dire que l'ordinateur a redémarré cette fois normalement...

J'attends tes consignes éclairées. :)

Voici le rapport de ToolBar. A bientôt. :)


-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : Ver 1.00PARTTBL;
USER : Jean-Louis ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1296 [VPS 090201-0] 4.8.1296 (Activated)
Firewall : ZoneAlarm Firewall 7.0.483.000 (Activated)
C:\ (Local Disk) - NTFS - Total:39 Go (Free:2 Go)
D:\ (Local Disk) - NTFS - Total:35 Go (Free:26 Go)
E:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 02/02/2009|15:07 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\AskBarDis
C:\Program Files\AskBarDis\bar
C:\Program Files\AskBarDis\bar\Settings
C:\Program Files\AskBarDis\bar\Settings\prevCfg2.htm

-----------\\ Extensions

(Jean-Louis) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
(Jean-Louis) - {b055c535-4a3a-11db-9659-00e08161165f} => mediadicotoolbar
(Jean-Louis) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
"Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"


--------------------\\ Recherche d'autres infections

C:\DOCUME~1\JEAN-L~1\APPLIC~1\hidires
[b]==> BAGLE <==/b


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 30/01/2009|19:41 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 30/01/2009|20:04 - Option : [2]
3 - "C:\ToolBar SD\TB_3.txt" - 02/02/2009|15:14 - Option : [1]

-----------\\ Fin du rapport a 15:14:29,31

Voici le 2nd rapport de ToolBar...

-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : Ver 1.00PARTTBL;
USER : Jean-Louis ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1296 [VPS 090201-0] 4.8.1296 (Activated)
Firewall : ZoneAlarm Firewall 7.0.483.000 (Activated)
C:\ (Local Disk) - NTFS - Total:39 Go (Free:2 Go)
D:\ (Local Disk) - NTFS - Total:35 Go (Free:26 Go)
E:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 02/02/2009|15:35 )

-----------\\ SUPPRESSION

Supprime! - C:\Program Files\AskBarDis\bar
Supprime! - C:\Program Files\AskBarDis

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ Extensions

(Jean-Louis) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
(Jean-Louis) - {b055c535-4a3a-11db-9659-00e08161165f} => mediadicotoolbar
(Jean-Louis) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
"Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="https://www.msn.com/fr-fr/"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"


--------------------\\ Recherche d'autres infections

C:\DOCUME~1\JEAN-L~1\APPLIC~1\hidires
[b]==> BAGLE <==/b


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 30/01/2009|19:41 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 30/01/2009|20:04 - Option : [2]
3 - "C:\ToolBar SD\TB_3.txt" - 02/02/2009|15:14 - Option : [1]
4 - "C:\ToolBar SD\TB_4.txt" - 02/02/2009|15:43 - Option : [2]

-----------\\ Fin du rapport a 15:43:40,51

Voici (enfin !) le rapport de Malwarebytes' :

Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1716
Windows 5.1.2600 Service Pack 3

02/02/2009 21:35:28
mbam-log-2009-02-02 (21-35-28).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 219840
Temps écoulé: 1 hour(s), 35 minute(s), 4 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 5

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Program Files\free-downloads.net\free-downloads.netToolbarHelper.exe (Adware.NetPumper) -> Quarantined and deleted successfully.
C:\Program Files\eMule\Uninstall.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7E0ADBBB-DF0D-4DBB-BDF3-298E5063892A}\RP17\A0070017.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7E0ADBBB-DF0D-4DBB-BDF3-298E5063892A}\RP18\A0073678.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{7E0ADBBB-DF0D-4DBB-BDF3-298E5063892A}\RP19\A0083033.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Et celui de FindyKill :


###################### [ FindyKill V4.715 ]

# User : Jean-Louis - HP-BARREAU
# Emplacement : C:\Program Files\FindyKill
# Outils Mis a jours 29/01/09 par Chiquitine29
# Recherche effectuée à 21:56:44 le 02/02/2009
# Windows XP - Internet Explorer 6.0.2900.5512

# [ FindyKill V4.715 - Scan ] ##############

\\\\\\\\\\\\\\\\\\\\ [ Processus actifs ] ///////////////////


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\Fichiers communs\Seagate\Schedule2\schedul2.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Fichiers communs\NMSAccessU.exe
C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe
C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
D:\Program Files\Seagate\Sync\SeaSyncServices.exe
D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Java\jre6\bin\jusched.exe
D:\Program Files\Seagate\SystemTray\StxMenuMgr.exe
C:\Program Files\Fichiers communs\Seagate\Schedule2\schedhlp.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\CPSHelpRunner.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe
C:\Program Files\Clavier+\Clavier.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Range-Notes\Range-Notes.exe
C:\Documents and Settings\Jean-Louis\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
D:\Program Files\Babylon\Babylon-Pro\Babylon.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Mozilla Firefox\firefox.exe

\\\\\\\\\\\\\\\\\\ [ Fichiers/Dossiers infectieux ] ///////////////////


################## [ C:\ ]


################## [ C:\WINDOWS ]


################## [ C:\WINDOWS\Prefetch ]


################## [ C:\WINDOWS\system32 ]


################## [ C:\WINDOWS\system32\drivers ]


################## [ C:\Documents and Settings\Jean-Louis\Application Data ]

Found ! [01/02/2009 19:18] - "C:\Documents and Settings\Jean-Louis\Application Data\hidires"

################## [ C:\DOCUME~1\JEAN-L~1\LOCALS~1\Temp ]


\\\\\\\\\\\\\\\\\\ [ Registre / Startup ] ///////////////////

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
LDM=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
TuneUp MemOptimizer="C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart
SpybotSD TeaTimer=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
Clavier+=C:\Program Files\Clavier+\Clavier.exe
swg=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
Range-Notes=C:\Program Files\Range-Notes\Range-Notes.exe
Google Update="C:\Documents and Settings\Jean-Louis\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
DAEMON Tools Lite="D:\Program Files\DAEMON Tools\daemon.exe" -autorun
OM2_Monitor="C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
IMJPMIG8.1="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
PHIME2002ASync=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
PHIME2002A=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
SynTPLpr=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
SynTPEnh=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
ATIPTA=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
Cpqset=C:\Program Files\HPQ\Default Settings\cpqset.exe
UpdateManager="C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
zBrowser Launcher=C:\Program Files\Logitech\iTouch\iTouch.exe
Logitech Utility=Logi_MwX.Exe
Google Desktop Search="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
MSPY2002=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
Windows Defender="C:\Program Files\Windows Defender\MSASCui.exe" -hide
Babylon Client=D:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart
SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
StxTrayMenu="D:\Program Files\Seagate\SystemTray\StxMenuMgr.exe"
Acronis Scheduler2 Service="C:\Program Files\Fichiers communs\Seagate\Schedule2\schedhlp.exe"
QuickTime Task="C:\Program Files\QuickTime\QTTask.exe" -atboottime
iTunesHelper="C:\Program Files\iTunes\iTunesHelper.exe"
RoxWatchTray="C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe"
ZoneAlarm Client="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
IMEKRMIG6.1=C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
OM2_Monitor="C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
UserFaultCheck=%systemroot%\system32\dumprep 0 -u
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
NoChange=1
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
<NO NAME>=

[HKEY_CURRENT_USER\software\local appwizard-generated applications\FotoTagger]

\\\\\\\\\\\\\\\\\\ [ Registre / Clés infectieuses ] ///////////////////




\\\\\\\\\\\\\\\\\\ [ Etat / Services ] ///////////////////


# Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

Ndisuio - # Type de démarrage = 3

EapHost - # Type de démarrage = 3

Ip6Fw - # Type de démarrage = 3

SharedAccess - # Type de démarrage = 2

wuauserv - # Type de démarrage = 2

wscsvc - # Type de démarrage = 2

WinDefend - # Type de démarrage = 2


\\\\\\\\\\\\\\\\\\ [ Recherche dans supports amovibles] ///////////////////


# Informations :

C: - Lecteur fixe

D: - Lecteur fixe


# presence des fichiers :



\\\\\\\\\\\\\\\\\\ [ Registre / Mountpoint2 ] ///////////////////


-> Not found !


################## [ ! Fin du rapport # FindyKill V4.715 ! ]

Il n'y a eu qu'un redémarrage, mais voici le rapport :


###################### [ FindyKill V4.715 ]

# User : Jean-Louis - HP-BARREAU
# Executed from : C:\Program Files\FindyKill
# Update on 29/01/09Nby Chiquitine29
# Start at 22:36:54 the 02/02/2009
# Windows XP - Internet Explorer 6.0.2900.5512

# [ FindyKill V4.715 - Deleting ] ###############

\\\\\\\\\\\\\\\\\\ [ Active Processes ] ///////////////////


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\userinit.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

\\\\\\\\\\\\\\\\\\ [ Infected Files / Folders ] ///////////////////


################## [ C:\ ]


################## [ C:\WINDOWS ]


################## [ C:\WINDOWS\Prefetch ]


################## [ C:\WINDOWS\system32 ]


################## [ C:\WINDOWS\system32\drivers ]


################## [ C:\Documents and Settings\Jean-Louis\Application Data ]

Deleted ! - "C:\Documents and Settings\Jean-Louis\Application Data\hidires"
Deleted ! - "C:\Documents and Settings\Jean-Louis\Application Data\inst.exe"

################## [ C:\DOCUME~1\JEAN-L~1\LOCALS~1\Temp ]


################## [ C:\Documents and Settings\Jean-Louis\Local Settings\Temporary Internet Files\Content.IE5 ]


\\\\\\\\\\\\\\\\\\ [ Registry / Infected keys ] ///////////////////


\\\\\\\\\\\\\\\\\\ [ States / Restarting of services ] ///////////////////


# Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - # Type of startup = 3

EapHost - # Type of startup = 2

Ip6Fw - # Type of startup = 2

SharedAccess - # Type of startup = 2

wuauserv - # Type of startup = 2

wscsvc - # Type of startup = 2

WinDefend - # Type of startup = 2


\\\\\\\\\\\\\\\\\\ [ Cleaning Removable drives ] ///////////////////

# Informations :

C: - Lecteur fixe

D: - Lecteur fixe

F: - Lecteur fixe

G: - Lecteur amovible


# deleting files :

Deleted ! - F:\autorun.inf

\\\\\\\\\\\\\\\\\\ [ Registry / Mountpoint2 ] ///////////////////


-> Not found !


\\\\\\\\\\\\\\\\\\ [ Searching Other Infections ] ///////////////////


\\\\\\\\\\\\\\\\\\ [ Searching Cracks / Keygen ] ///////////////////

C:\Program Files\EasyPHP 2.0b1\php5\ext\php_crack.dll
C:\Program Files\eMule\config\Incoming\Dictionnaire Le Petit Robert 2009 Crack

################## [ ! End of report # ! ]

Voici enfin le rapport de SDFIx. Dois-je vraiment recommencer avec Malwarebyte' Anti-Malware et CCleaner ?

Merci beaucoup en tout cas. A bientôt :)

=================

[b]SDFix: Version 1.240 [/b]
Run by Jean-Louis on 03/02/2009 at 00:09

Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


[b]Checking Files [/b]:

No Trojan Files Found






Removing Temp Files

[b]ADS Check [/b]:

C:\WINDOWS
:11D98ADC68584651 24
Total size: 24 bytes.
WINDOWS: deleted 24 bytes in 1 streams.

Checking for remaining Streams

C:\WINDOWS
No streams found.



[b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-03 00:24:47
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="D:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000001
"ujdew"=hex:0f,63,0d,96,74,3d,ab,02,33,68,9c,cb,85,b4,8c,24,dc,b4,63,41,e7,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:cd,d5,cc,ef,6a,f4,a4,4f,44,52,7f,08,82,7a,5d,ad,d2,8b,8e,1b,05,..
"p0"="D:\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:64,8b,fb,8a,45,7a,6f,a4,29,3d,73,aa,56,97,48,e3,ba,15,d2,3d,96,..
"a0"=hex:20,01,00,00,1c,0b,4a,60,6d,20,e7,1d,bc,f1,e2,38,40,c2,85,25,72,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:2d,8b,df,39,01,8b,22,c4,20,bb,31,a0,6e,26,fb,9e,9e,3d,ad,48,7a,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SysmonLog\Log Queries]
"Defaults Installed"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:23,08,32,a6,5b,e3,70,3b,9f,92,73,d3,ad,14,72,e4,1c,0e,f6,c2,1d,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,bd,c9,78,23,da,7b,1b,7d,85,33,d6,06,6b,1a,ee,b5,c3,..
"khjeh"=hex:db,ee,85,8e,5d,b3,c5,2c,3b,17,e1,a9,50,f5,94,e8,92,1d,49,26,50,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:27,7a,56,50,d0,bf,28,16,39,60,3f,71,db,69,fa,95,b0,14,f6,9c,ae,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:f5,a4,ed,4e,70,fc,f8,52,06,d9,50,18,93,df,c8,81,c4,a7,79,3b,95,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:2e,52,c1,04,38,47,4a,5e,c7,58,29,2b,52,1f,ff,73,09,c7,36,28,dd,..
"p0"="C:\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:db,ee,85,8e,5d,b3,c5,2c,3b,17,e1,a9,50,f5,94,e8,92,1d,49,26,50,..
"a0"=hex:20,01,00,00,8e,b6,9a,6a,e7,cc,f6,53,7a,9f,28,c7,2e,0a,6f,f2,e0,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:cd,d5,cc,ef,6a,f4,a4,4f,44,52,7f,08,82,7a,5d,ad,d2,8b,8e,1b,05,..
"p0"="C:\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:db,ee,85,8e,5d,b3,c5,2c,3b,17,e1,a9,50,f5,94,e8,92,1d,49,26,50,..
"a0"=hex:20,01,00,00,1c,0b,4a,60,6d,20,e7,1d,bc,f1,e2,38,40,c2,85,25,72,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:2d,8b,df,39,01,8b,22,c4,20,bb,31,a0,6e,26,fb,9e,9e,3d,ad,48,7a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:cd,d5,cc,ef,6a,f4,a4,4f,44,52,7f,08,82,7a,5d,ad,d2,8b,8e,1b,05,..
"p0"="C:\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:db,ee,85,8e,5d,b3,c5,2c,3b,17,e1,a9,50,f5,94,e8,92,1d,49,26,50,..
"a0"=hex:20,01,00,00,1c,0b,4a,60,6d,20,e7,1d,bc,f1,e2,38,40,c2,85,25,72,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:2d,8b,df,39,01,8b,22,c4,20,bb,31,a0,6e,26,fb,9e,9e,3d,ad,48,7a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:cd,d5,cc,ef,6a,f4,a4,4f,44,52,7f,08,82,7a,5d,ad,d2,8b,8e,1b,05,..
"p0"="C:\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:db,ee,85,8e,5d,b3,c5,2c,3b,17,e1,a9,50,f5,94,e8,92,1d,49,26,50,..
"a0"=hex:20,01,00,00,1c,0b,4a,60,6d,20,e7,1d,bc,f1,e2,38,40,c2,85,25,72,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:2d,8b,df,39,01,8b,22,c4,20,bb,31,a0,6e,26,fb,9e,9e,3d,ad,48,7a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:cd,d5,cc,ef,6a,f4,a4,4f,44,52,7f,08,82,7a,5d,ad,d2,8b,8e,1b,05,..
"p0"="C:\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:db,ee,85,8e,5d,b3,c5,2c,3b,17,e1,a9,50,f5,94,e8,92,1d,49,26,50,..
"a0"=hex:20,01,00,00,1c,0b,4a,60,6d,20,e7,1d,bc,f1,e2,38,40,c2,85,25,72,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:2d,8b,df,39,01,8b,22,c4,20,bb,31,a0,6e,26,fb,9e,9e,3d,ad,48,7a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:cd,d5,cc,ef,6a,f4,a4,4f,44,52,7f,08,82,7a,5d,ad,d2,8b,8e,1b,05,..
"p0"="C:\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:db,ee,85,8e,5d,b3,c5,2c,3b,17,e1,a9,50,f5,94,e8,92,1d,49,26,50,..
"a0"=hex:20,01,00,00,1c,0b,4a,60,6d,20,e7,1d,bc,f1,e2,38,40,c2,85,25,72,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:2d,8b,df,39,01,8b,22,c4,20,bb,31,a0,6e,26,fb,9e,9e,3d,ad,48,7a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:cd,d5,cc,ef,6a,f4,a4,4f,44,52,7f,08,82,7a,5d,ad,d2,8b,8e,1b,05,..
"p0"="C:\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:db,ee,85,8e,5d,b3,c5,2c,3b,17,e1,a9,50,f5,94,e8,92,1d,49,26,50,..
"a0"=hex:20,01,00,00,1c,0b,4a,60,6d,20,e7,1d,bc,f1,e2,38,40,c2,85,25,72,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:2d,8b,df,39,01,8b,22,c4,20,bb,31,a0,6e,26,fb,9e,9e,3d,ad,48,7a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:cd,d5,cc,ef,6a,f4,a4,4f,44,52,7f,08,82,7a,5d,ad,d2,8b,8e,1b,05,..
"p0"="C:\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:db,ee,85,8e,5d,b3,c5,2c,3b,17,e1,a9,50,f5,94,e8,92,1d,49,26,50,..
"a0"=hex:20,01,00,00,1c,0b,4a,60,6d,20,e7,1d,bc,f1,e2,38,40,c2,85,25,72,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:2d,8b,df,39,01,8b,22,c4,20,bb,31,a0,6e,26,fb,9e,9e,3d,ad,48,7a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:cd,d5,cc,ef,6a,f4,a4,4f,44,52,7f,08,82,7a,5d,ad,d2,8b,8e,1b,05,..
"p0"="C:\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:db,ee,85,8e,5d,b3,c5,2c,3b,17,e1,a9,50,f5,94,e8,92,1d,49,26,50,..
"a0"=hex:20,01,00,00,1c,0b,4a,60,6d,20,e7,1d,bc,f1,e2,38,40,c2,85,25,72,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:2d,8b,df,39,01,8b,22,c4,20,bb,31,a0,6e,26,fb,9e,9e,3d,ad,48,7a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:cd,d5,cc,ef,6a,f4,a4,4f,44,52,7f,08,82,7a,5d,ad,d2,8b,8e,1b,05,..
"p0"="C:\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:db,ee,85,8e,5d,b3,c5,2c,3b,17,e1,a9,50,f5,94,e8,92,1d,49,26,50,..
"a0"=hex:20,01,00,00,1c,0b,4a,60,6d,20,e7,1d,bc,f1,e2,38,40,c2,85,25,72,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:2d,8b,df,39,01,8b,22,c4,20,bb,31,a0,6e,26,fb,9e,9e,3d,ad,48,7a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet013\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:cd,d5,cc,ef,6a,f4,a4,4f,44,52,7f,08,82,7a,5d,ad,d2,8b,8e,1b,05,..
"p0"="C:\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet013\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:db,ee,85,8e,5d,b3,c5,2c,3b,17,e1,a9,50,f5,94,e8,92,1d,49,26,50,..
"a0"=hex:20,01,00,00,1c,0b,4a,60,6d,20,e7,1d,bc,f1,e2,38,40,c2,85,25,72,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet013\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:2d,8b,df,39,01,8b,22,c4,20,bb,31,a0,6e,26,fb,9e,9e,3d,ad,48,7a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet013\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet013\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:cd,d5,cc,ef,6a,f4,a4,4f,44,52,7f,08,82,7a,5d,ad,d2,8b,8e,1b,05,..
"p0"="C:\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:db,ee,85,8e,5d,b3,c5,2c,3b,17,e1,a9,50,f5,94,e8,92,1d,49,26,50,..
"a0"=hex:20,01,00,00,1c,0b,4a,60,6d,20,e7,1d,bc,f1,e2,38,40,c2,85,25,72,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:2d,8b,df,39,01,8b,22,c4,20,bb,31,a0,6e,26,fb,9e,9e,3d,ad,48,7a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet014\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet015\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:cd,d5,cc,ef,6a,f4,a4,4f,44,52,7f,08,82,7a,5d,ad,d2,8b,8e,1b,05,..
"p0"="C:\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet015\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:db,ee,85,8e,5d,b3,c5,2c,3b,17,e1,a9,50,f5,94,e8,92,1d,49,26,50,..
"a0"=hex:20,01,00,00,1c,0b,4a,60,6d,20,e7,1d,bc,f1,e2,38,40,c2,85,25,72,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet015\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:2d,8b,df,39,01,8b,22,c4,20,bb,31,a0,6e,26,fb,9e,9e,3d,ad,48,7a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet015\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet015\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet016\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:cd,d5,cc,ef,6a,f4,a4,4f,44,52,7f,08,82,7a,5d,ad,d2,8b,8e,1b,05,..
"p0"="C:\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet016\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:db,ee,85,8e,5d,b3,c5,2c,3b,17,e1,a9,50,f5,94,e8,92,1d,49,26,50,..
"a0"=hex:20,01,00,00,1c,0b,4a,60,6d,20,e7,1d,bc,f1,e2,38,40,c2,85,25,72,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet016\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:2d,8b,df,39,01,8b,22,c4,20,bb,31,a0,6e,26,fb,9e,9e,3d,ad,48,7a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet016\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet016\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet017\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:cd,d5,cc,ef,6a,f4,a4,4f,44,52,7f,08,82,7a,5d,ad,d2,8b,8e,1b,05,..
"p0"="C:\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet017\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:db,ee,85,8e,5d,b3,c5,2c,3b,17,e1,a9,50,f5,94,e8,92,1d,49,26,50,..
"a0"=hex:20,01,00,00,1c,0b,4a,60,6d,20,e7,1d,bc,f1,e2,38,40,c2,85,25,72,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet017\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:2d,8b,df,39,01,8b,22,c4,20,bb,31,a0,6e,26,fb,9e,9e,3d,ad,48,7a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet017\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet017\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet018\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:64,8b,fb,8a,45,7a,6f,a4,29,3d,73,aa,56,97,48,e3,ba,15,d2,3d,96,..
"a0"=hex:20,01,00,00,1c,0b,4a,60,6d,20,e7,1d,bc,f1,e2,38,40,c2,85,25,72,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet018\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:2d,8b,df,39,01,8b,22,c4,20,bb,31,a0,6e,26,fb,9e,9e,3d,ad,48,7a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet018\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet018\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet019\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="D:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000001
"ujdew"=hex:0f,63,0d,96,74,3d,ab,02,33,68,9c,cb,85,b4,8c,24,dc,b4,63,41,e7,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet019\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:cd,d5,cc,ef,6a,f4,a4,4f,44,52,7f,08,82,7a,5d,ad,d2,8b,8e,1b,05,..
"p0"="D:\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet019\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:64,8b,fb,8a,45,7a,6f,a4,29,3d,73,aa,56,97,48,e3,ba,15,d2,3d,96,..
"a0"=hex:20,01,00,00,1c,0b,4a,60,6d,20,e7,1d,bc,f1,e2,38,40,c2,85,25,72,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet019\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:2d,8b,df,39,01,8b,22,c4,20,bb,31,a0,6e,26,fb,9e,9e,3d,ad,48,7a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet019\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet019\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet019\Services\SysmonLog\Log Queries]
"Defaults Installed"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet020\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="D:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000001
"ujdew"=hex:0f,63,0d,96,74,3d,ab,02,33,68,9c,cb,85,b4,8c,24,dc,b4,63,41,e7,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet020\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:cd,d5,cc,ef,6a,f4,a4,4f,44,52,7f,08,82,7a,5d,ad,d2,8b,8e,1b,05,..
"p0"="D:\Program Files\DAEMON Tools\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet020\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"khjeh"=hex:64,8b,fb,8a,45,7a,6f,a4,29,3d,73,aa,56,97,48,e3,ba,15,d2,3d,96,..
"a0"=hex:20,01,00,00,1c,0b,4a,60,6d,20,e7,1d,bc,f1,e2,38,40,c2,85,25,72,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet020\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:2d,8b,df,39,01,8b,22,c4,20,bb,31,a0,6e,26,fb,9e,9e,3d,ad,48,7a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet020\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet020\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:48,c2,1a,58,86,9d,37,2a,e5,91,b5,33,7e,a0,4b,d4,d1,aa,7b,d3,0e,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet020\Services\SysmonLog\Log Queries]
"Defaults Installed"=dword:00000000

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\CancelAutoplay\CLSID]
"\30 A?E?2?A?E?D?8?F?-?5?6?9?5?-?4?a?6?d?-?9?7?0?9?-?1?4?E?5?1?C?D?1?7?B?1?C?'?"=""

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


[b]Remaining Services [/b]:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Magentic\\bin\\MgImp.exe"="C:\\Program Files\\Magentic\\bin\\MgImp.exe:*:Enabled:Magentic"
"C:\\Program Files\\Magentic\\bin\\Magentic.exe"="C:\\Program Files\\Magentic\\bin\\Magentic.exe:*:Enabled:Magentic"
"C:\\Program Files\\Magentic\\bin\\MgApp.exe"="C:\\Program Files\\Magentic\\bin\\MgApp.exe:*:Enabled:Magentic"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Roxio\\Easy Media Creator 8\\Digital Home\\RoxUpnpServer.exe"="C:\\Program Files\\Roxio\\Easy Media Creator 8\\Digital Home\\RoxUpnpServer.exe:*:Enabled:Roxio Upnp Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[b]Remaining Files [/b]:



[b]Files with Hidden Attributes [/b]:

Mon 7 Jul 2008 1,429,840 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Mon 7 Jul 2008 4,891,472 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Mon 18 Aug 2008 1,832,272 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Wed 3 May 2006 163,328 A.SHR --- "C:\WINDOWS\system32\flvDX.dll"
Wed 21 Feb 2007 31,232 A.SHR --- "C:\WINDOWS\system32\msfDX.dll"
Mon 17 Dec 2007 27,648 A.SH. --- "C:\WINDOWS\system32\Smab0.dll"
Wed 14 Jan 2009 9,934,392 A..H. --- "C:\Program Files\Google\Picasa3\setup.exe"
Fri 13 Aug 2004 1,953,792 A..HR --- "C:\Program Files\Microsoft Works Suite 2005\Setup\launcher.exe"
Fri 13 Aug 2004 53,760 A..HR --- "C:\Program Files\Microsoft Works Suite 2005\Setup\mnyinsta.dll"
Fri 13 Aug 2004 94,208 A..HR --- "C:\Program Files\Microsoft Works Suite 2005\Setup\RmvSuite.exe"
Mon 16 Aug 2004 35,328 A..HR --- "C:\Program Files\Microsoft Works Suite 2005\Setup\setuplng.dll"
Fri 13 Aug 2004 20,480 A..HR --- "C:\Program Files\Microsoft Works Suite 2005\Setup\unregwtr.exe"
Sun 28 Sep 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"

[b]Finished![/b]

Bonjour,

Voici de le rapport (encourageant) de Malwarebytes' :

Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1718
Windows 5.1.2600 Service Pack 3

03/02/2009 08:36:44
mbam-log-2009-02-03 (08-36-44).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 210267
Temps écoulé: 1 hour(s), 36 minute(s), 53 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Voici le 1er rapport de RSIT :


Logfile of random's system information tool 1.05 (written by random/random)
Run by Jean-Louis at 2009-02-03 10:37:34
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 12 GB (30%) free of 40 GB
Total RAM: 1278 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:37:49, on 03/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Seagate\Schedule2\schedul2.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Fichiers communs\NMSAccessU.exe
C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe
C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
D:\Program Files\Seagate\Sync\SeaSyncServices.exe
D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Documents and Settings\Jean-Louis\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
D:\Program Files\Seagate\SystemTray\StxMenuMgr.exe
C:\Program Files\Fichiers communs\Seagate\Schedule2\schedhlp.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\CPSHelpRunner.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Clavier+\Clavier.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Range-Notes\Range-Notes.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
D:\Program Files\Babylon\Babylon-Pro\Babylon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Jean-Louis\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Jean-Louis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = hideupv.univ-montp3.fr:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Babylon Client] D:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [StxTrayMenu] "D:\Program Files\Seagate\SystemTray\StxMenuMgr.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Seagate\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Clavier+] C:\Program Files\Clavier+\Clavier.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Range-Notes] C:\Program Files\Range-Notes\Range-Notes.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Jean-Louis\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools\daemon.exe" -autorun
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: Babylon.exe.lnk = D:\Program Files\Babylon\Babylon-Pro\Babylon.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Translate with &Babylon - res://D:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Xanadu - {5CC384BB-1326-11D5-F4AE-00C04923F885} - C:\Program Files\Foreignword\Xanadu\XanaduLaunch.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} (Shockwave ActiveX Control) -
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} -
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} -
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} -
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} (Java Plug-in 1.5.0) -
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} (Java Plug-in 1.5.0_10) -
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} (Java Plug-in 1.6.0) -
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.6.0_01) -
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} (Java Plug-in 1.6.0_02) -
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Plug-in 1.6.0_03) -
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) -
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Plug-in 1.6.0_07) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Seagate\Schedule2\schedul2.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Fichiers communs\NMSAccessU.exe
O23 - Service: Planificateur LiveUpdate automatique - VSO Software - (no file)
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe
O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: Seagate Sync Service - Seagate Technology LLC - D:\Program Files\Seagate\Sync\SeaSyncServices.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Et voici le 2nd :)

info.txt logfile of random's system information tool 1.05 2009-02-03 10:37:58

======Uninstall list======

-->"C:\Program Files\Gran Diccionario de la Lengua Española\pop.exe" -q C:\WINDOWS\ISUN040A.EXE -f"C:\Program Files\Gran Diccionario de la Lengua Española\Uninst.isu"
-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\system32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {637099FB-45FD-4BC7-9651-6FB540DBB749}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{0D330013-4A99-46D6-83C6-2C959C68DBFF}
-->MsiExec.exe /I{26792CA7-D87A-4DBE-896B-C2F66B344511}
-->MsiExec.exe /I{637099FB-45FD-4BC7-9651-6FB540DBB749}
-->MsiExec.exe /I{6D4F02C4-F6AF-4659-A933-7FC06235A8D5}
-->MsiExec.exe /I{7FD9FD10-9F7F-4DDF-B9F0-911209FF0CEA}
-->MsiExec.exe /I{8C60949A-46F9-4DD7-BA9F-78C00D9D4C8D}
-->MsiExec.exe /I{EB748B9B-F872-4E95-98E8-5CA7E5425DAF}
-->MsiExec.exe /I{F0EACC27-A729-406C-9BF6-C8F10CEC36F8}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D43F13A1-1E39-4BD4-9682-DF889FE75421}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D43F13A1-1E39-4BD4-9682-DF889FE75421}\setup.exe" -l0x40c /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
123 Free Solitaire-->D:\PROGRA~1\123FRE~1\UNWISE.EXE D:\PROGRA~1\123FRE~1\INSTALL.LOG
7-Zip 4.59 beta-->"C:\Program Files\7-Zip\Uninstall.exe"
ActivIcons version 3.20-->"C:\Program Files\ActivIcons\unins000.exe"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe® Photoshop® Album Edition Découverte 3.0-->MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
AFPL Ghostscript 8.54-->D:\Program Files\gs\uninstgs.exe "D:\Program Files\gs\gs8.54\uninstal.txt"
AFPL Ghostscript Fonts-->D:\Program Files\gs\uninstgs.exe "D:\Program Files\gs\fonts\uninstal.txt"
Agfa ScanWise 1.60-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Agfa\ScanWise 1_60\uninst.isu" -c"C:\Program Files\Agfa\ScanWise 1_60\UNINSTALL.DLL"
AM-DeadLink 3.2-->"D:\Program Files\AM-DeadLink\unins000.exe"
Amic Email Backup v2.0-->"D:\Program Files\Amic Tools\Amic Email Backup\unins000.exe"
Analyseur et SDK MSXML 4.0 SP2-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Apple Mobile Device Support-->MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
Archiveur WinRAR-->D:\Program Files\WinRAR\uninstall.exe
Arovax Shield 2.1.95-->C:\Program Files\Arovax Shield\uninst.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Atelier historique-->C:\WINDOWS\unin040c.exe -fc:\atelier\DeIsL1.isu -cc:\atelier\_ISREG32.DLL
ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
Avant Browser (remove only)-->"D:\Program Files\Avant Browser\uninst.exe"
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Babelbox-->C:\Program Files\beon Widgets\Babelbox\uninst.exe
Babylon-->D:\Program Files\Babylon\Babylon-Pro\Utils\uninstbb.exe
Belarc Advisor 7.2-->C:\PROGRA~1\Belarc\Advisor\Uninstall.exe C:\PROGRA~1\Belarc\Advisor\INSTALL.LOG
Broadcom 802.11 Driver-->C:\WINDOWS\system32\BCMWLU00.exe verbose /rootkey=Software\Broadcom\802.11\UninstallInfo
Bullzip PDF Printer 4.0.0.545-->"D:\Program Files\Bullzip\PDF Printer\unins000.exe"
Calendar v.4.0-->"D:\Program Files\Serge_LAGIER\Calendar\unins000.exe"
Cardiris-->C:\WINDOWS\IsUn040c.exe -fC:\Cardiris\Uninst.isu
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CDBurnerXP-->"D:\Program Files\CDBurnerXP\unins000.exe"
CDex 1.40 Fr [Extraction Audio]-->"C:\Program Files\CDex\uninstall.exe"
Cimaware OfficeFIX 6-->D:\Program Files\Cimaware\OfficeFix6\uninst.exe
Clavier+ 10.6.1-->"C:\Program Files\Clavier+\unins000.exe"
Coloriage-->C:\WINDOWS\GPInstall.exe "/UNINST=C:\Program Files\denouvel\Coloriage\UnInst.log" "/APPNAME=Coloriage"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Conexant AC-97 Audio-->CIAunwdm.exe
Conexant Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_266D&SUBSYS_3082103C\HXFSETUP.EXE -U -Ihpm30825.inf
Creative WebCam NX Driver (1.02.01.0827)-->C:\WINDOWS\CtDrvIns.exe -uninstall -script P1110.uns -unsext NT -plugin p1110pin.dll -pluginres p1110pin.crl
Dam 2.2-->"C:\Program Files\Dam22\unins000.exe"
DAZ|Studio 1.5.1.0-->C:\WINDOWS\unvise32.exe D:\Program Files\DAZ\Studio\DAZ Studio Uninstall.log
DeepBurner v1.8.0.224-->"C:\Program Files\Astonsoft\DeepBurner\Uninstall.exe" "C:\Program Files\Astonsoft\DeepBurner\install.log"
Defraggler (remove only)-->"D:\Program Files\Defraggler\uninst.exe"
Désinstaller Le Petit Robert de la langue française-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Le Robert\Le Petit Robert\Uninst.isu"
Dia (supprimer uniquement)-->C:\Program Files\Dia\dia-0.96.1-8-uninstall.exe
DICCIONARIO CLAVE-->C:\WINDOWS\DICCIONARIO CLAVE Uninstaller.exe
Diccionario de uso del Español Actual-->"C:\Program Files\sgel\diccionario\unins000.exe"
DRAE-->"C:\Program Files\DRAE\UninstallerData\Uninstall DRAE.exe"
DriveClone-->C:\Program files\Farstone\DClone\Uninstal.exe
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
EasyCleaner-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9 -removeonly
EasyPHP 2.0b1-->"C:\Program Files\EasyPHP 2.0b1\unins000.exe"
Encyclopédie Hachette Multimédia (désinstallation)-->"C:\Program Files\Hachette\EHM\uninstall.exe"
Encyclopédie Microsoft Encarta 2006-->MsiExec.exe /I{06180048-3E21-46D6-9A91-D927BA08F41D}
EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
FileZilla Client 3.2.0-->D:\Program Files\FileZilla FTP Client\uninstall.exe
FindyKill-->C:\Program Files\FindyKill\Uninstal.exe
Folder Marker Pro v 2.0-->"C:\Program Files\Folder Marker\unins000.exe"
FotoSketcher - Version 1.81-->"D:\Program Files\FotoSketcher\unins000.exe"
FotoTagger 2.7.0.1-->D:\Program Files\FotoTagger\uninst.exe
FreeAgent Go Tools-->C:\Program Files\InstallShield Installation Information\{ECD43B7A-CB3B-4AF8-91F6-C460A575E411}\setup.exe -runfromtemp -l0x040c
FreeCommander 2008.06a-->"D:\Program Files\FreeCommander\unins000.exe"
free-downloads.net Toolbar-->C:\PROGRA~1\FREE-D~1.NET\UNWISE.EXE C:\PROGRA~1\FREE-D~1.NET\INSTALL.LOG
FreeOCR.net-->"C:\WINDOWS\FreeOCR.net Uninstaller.exe"
FreshUI-->"C:\Program Files\FreshDevices\FreshUI\unins000.exe"
Gabbasoft Cube Demo-->MsiExec.exe /X{E6B4523B-A47C-4DBA-918C-D9E220B3F4EC}
GCompris (supprimer uniquement)-->C:\Program Files\Gcompris\gcompris-uninst.exe
GéoKid-->C:\WINDOWS\GPInstall.exe "/UNINST=C:\Program Files\denouvel\GéoKid\UnInst.log" "/APPNAME=GéoKid"
GIMP 2.4.7-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
Glary Utilities 2.5.1-->"D:\Program Files\Glary Utilities\unins000.exe"
GoodFrame-->"D:\Program Files\FDSoftware\GoodFrame\unins000.exe"
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
GraphCalc v4.0.1-->"D:\Program Files\GraphCalc\unins000.exe"
GTK+ 2.10.6-1 runtime environment-->"C:\Program Files\Fichiers communs\GTK\2.0\setup\unins000.exe"
Harrap's Shorter-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Harrap's Multimédia\Shorter\Uninstharraps.isu" -c"C:\Program Files\Harrap's Multimédia\Shorter\_UnInstall.dll"
HD Tune 2.55-->"D:\Program Files\HD Tune\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Wireless Assistant-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}\setup.exe" -l0x40c
HTML Shrinker Light-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\SHRI_LIT.INF, DefaultUninstall.ntx86
IE Favoris Export version 1.0-->"C:\Program Files\IEFavorisExport10\unins000.exe"
Image Resizer Powertoy for Windows XP-->MsiExec.exe /I{1CB92574-96F2-467B-B793-5CEB35C40C29}
IMG-TXT 5-->"D:\Program Files\IMG-TXT 5\uninstall.exe"
iPuissance 4D-->C:\Program Files\iPuissance 4D\Uninst.exe
Irregular Verbs 2.0-->D:\Program Files\Irregular Verbs\Uninstal.exe
IsoBuster 2.0-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
iTunes-->MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000}
JAlbum 7.3-->D:\Program Files\JAlbum7.3\Uninstall.exe
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Kikoo-->D:\Program Files\Kikoo\Uninstal.exe
la version 0.95.00 du 20 Février 2008, configurée pour la maiso-->"D:\Program Files\7x8\unins000.exe"
Larousse Diccionario Francés - Español-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{72E2470C-C387-4C15-91B2-012DDF71A466}\Setup.exe" -l0xa
Le Petit Robert 2007-->MsiExec.exe /I{DEDF46CC-CF38-4790-872B-FA6DC6B8C517}
Le Petit Robert 2009-->"D:\Program Files\Le Robert\Le Petit Robert 2009\Uninstall.exe"
Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LedRenommer 1.4.1-->"D:\Program Files\LED\LedRenommer\unins000.exe"
Les départements français-->"C:\Program Files\GEOGRAPHIE\FRANCE\uninstall.exe"
Lexibase Pro-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{22AE875F-B8B3-46AF-856C-CE858538D912}\setup.exe" -l0x40c
Lines95 3.2e-->"D:\Program Files\Lines95\unins000.exe"
Lingo-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Lingo\ST6UNST.LOG"
Logiciel iTouch de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{036AA4D4-6D32-11D4-9875-00105ACE7734}\setup.exe" -l0x40c UNINSTALL
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\setup.exe" -l0x40c UNINSTALL
Logitech MouseWare 9.79 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\setup.exe" -l0x40c -l040c UNINSTALL
Lupas Rename 2000 v5.0 Release-->"D:\Program Files\Lupas Rename 2000\unins000.exe"
Macromedia Dreamweaver 8-->MsiExec.exe /I{5FD788ED-1A37-4496-9BDD-463F493B27FA}
Macromedia Extension Manager-->MsiExec.exe /I{3C8C9FB3-5FDF-40B4-B314-EAD722728C76}
Macromedia Fireworks 8-->MsiExec.exe /I{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}
Macromedia Flash 8 Video Encoder-->MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
Macromedia Flash 8-->MsiExec.exe /I{2BD5C305-1B27-4D41-B690-7A61172D2FEB}
Magentic-->C:\PROGRA~1\Magentic\bin\mgsetup.exe /remove /addon:Magentic
Malwarebytes' Anti-Malware-->"D:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Maxthon2 Browser (remove only)-->D:\Program Files\Maxthon2\MaxthonUINST.exe
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Baseline Security Analyzer 2.0.1-->MsiExec.exe /I{7F231232-C309-4401-964A-2A002B6E1ED9}
Microsoft Bootvis-->MsiExec.exe /I{0F9196C6-58B4-445B-B56E-B1200FECC151}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works-->MsiExec.exe /I{A059DE09-1B49-4450-B340-7AE097EC3F04}
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Mon Encyclopédie des Sciences-->D:\Program Files\DK\Become a Science Explorer\_uninst\uninstaller.exe
Mots Cachés 2.0-->"C:\Program Files\MotsCachés 2.0\unins000.exe"
MozBackup 1.4.7-->"C:\Program Files\MozBackup\unins000.exe"
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.19)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Multi Virus Cleaner 2008-->"D:\Program Files\AxBx\Multi Virus Cleaner 2008\unins001.exe"
MySQL Server 5.0-->MsiExec.exe /I{56A36E76-B35F-4453-B899-9B2190A7B500}
Nero 7-->MsiExec.exe /I{43FFE159-3199-4188-A1CD-629166AD1036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
News Interceptor 3-->"C:\Program Files\News Interceptor 3\Uninstall.exe"
nLite 1.4 RC2-->"C:\Program Files\nLite\unins000.exe"
Norton Security Scan (Symantec Corporation)-->"C:\Program Files\Fichiers communs\Symantec Shared\NSSSetup\{E579F5FB-D9C9-43A6-8DCF-67B9573C2E7C}_2_0_0\NSSSetup.exe" /X
Norton Security Scan-->MsiExec.exe /X{E579F5FB-D9C9-43A6-8DCF-67B9573C2E7C}
Numedia CD-DVD writing as non-admin user-->MsiExec.exe /X{94056AE8-EF0F-45E4-A1B4-D754115F8A28}
Nvu 1.0-->"C:\Program Files\Nvu\unins000.exe"
o_Solitaire désinstallation-->"C:\Program Files\olibul\unins000.exe"
OLYMPUS Master 2-->MsiExec.exe /X{0815D55A-5EFF-4E1B-8C04-7035E914D90D}
OpenOffice.org 3.0-->MsiExec.exe /I{1572F66F-F9AD-4D45-B0D2-0F45A0D5A0F6}
Opera 9.61-->MsiExec.exe /X{F8CCEF4F-6EEF-4B81-B70D-821E72451D93}
Paint.NET v3.20-->MsiExec.exe /X{C1CAAF9E-2A80-4AD0-8D9A-B4327966249F}
Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
Panda NanoScan-->C:\WINDOWS\system32\Panda Software\NanoScan\nanounst.exe
PC SECURITY TEST 2007-->"C:\Program Files\AxBx\PC Security Test 2007\unins000.exe"
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
Petit Larousse 2007-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1444B13F-B744-4624-9695-D9E6471817B1}\Setup.exe" -l0x40c
Photo To Sketch 3.51-->"C:\Program Files\Photo To Sketch\unins000.exe"
PhotoFiltre-->"D:\Program Files\PhotoFiltre\Uninst.exe"
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
Pixia 3.3b-->"D:\Program Files\Seagrand\Pixia\unins000.exe"
Pluslong-->C:\Program Files\Le mot le plus long\uninstall.exe
PSPad editor-->"D:\Program Files\PSPad editor\Uninst\unins000.exe"
QI98 - Edition 2006-->C:\WINDOWS\st6unst.exe -n "D:\QI98\ST6UNST.LOG"
Quick Launch Buttons 5.10 A2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEB326EC-8F40-47B2-BA22-BB092565D66F}\setup.exe" -l0x40c -uninst
QuickTime-->MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
RaimaRadio 1.4-->"D:\Program Files\RaimaRadio\unins000.exe"
Range-Notes 5.1-->"C:\Program Files\Range-Notes\unins000.exe"
Rapide Créateur D'Icône 5.1-->"C:\Program Files\Rapide Créateur D'Icône\uninstall.exe"
RapidTyping-->"C:\Program Files\RapidTyping\Uninstall.exe"
Readiris-->C:\WINDOWS\ISUN040A.EXE -fC:\Readiris\Uninst.isu -cC:\Readiris\delcache.dll
REALTEK Gigabit and Fast Ethernet NIC Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\Setup.exe" -l0x40c REMOVE
Recuva (remove only)-->"D:\Program Files\Recuva\uninst.exe"
RegCure 1.5.1.3-->D:\Program Files\RegCure\uninst.exe
Registry Mechanic 6.0-->"C:\Program Files\Registry Mechanic\unins000.exe"
RepareOE-->D:\Program Files\RepareOE\uninstall.exe
Rep-Listing-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{887EF08A-011E-477C-B6CB-01E540538ADB}\setup.exe" -l0x40c -removeonly
RogueRemover 1.20-->C:\Program Files\RogueRemover\uninst.exe
Roxio Easy Media Creator 8 Suite-->MsiExec.exe /I{868901EE-7807-4F89-A134-7C705D34F91F}
SaveOE-->D:\Program Files\SaveOE\uninstall.exe
Scribus 1.3.3.9-->D:\Program Files\Scribus 1.3.3.9\uninst.exe
SDL Trados 2006 Freelance-->MsiExec.exe /I{010E52FC-DF6A-4E1A-84F4-9AB41DC9653B}
Sélecteur d'installation de Microsoft Works 2005-->C:\Program Files\Microsoft Works Suite 2005\Setup\Launcher.exe /ARP E:\
Simple Sudoku 4.2-->"C:\Program Files\Simple Sudoku\unins000.exe"
Skype™ 3.6-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SmartDraw 7-->C:\PROGRA~1\SMARTD~1\UNWISE.EXE C:\PROGRA~1\SMARTD~1\INSTALL.LOG
SnIco Edit 2.2-->"C:\Program Files\SnIco Edit\unins000.exe"
Solone-->"C:\Program Files\Solone\unins000.exe"
Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Sonic Update Manager-->MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"
S-Tris 2 PC-->"D:\Program Files\Elements Interactive\S-Tris2\unins000.exe"
StudioLine Photo Basic-->D:\Program Files\StudioLine Photo Basic\SLUninst.exe
SUPER © Version 2008.bld.30 (Mar 22, 2008)-->D:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
Super Mastermind-->C:\Program Files\Super Mastermind\Uninstal.exe
Suppress plus 1.8-->"C:\Program Files\splus\unins000.exe"
Switch-->C:\Program Files\NCH Swift Sound\Switch\uninst.exe
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
SyncBack-->"C:\Program Files\2BrightSparks\SyncBack\unins000.exe"
TchecMeet-->C:\Program Files\TchecMeet\Uninstal.exe
Texas Instruments PCIxx21/x515 drivers.-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{C569D686-A444-4AF0-A437-15CBB2816E34}
TomCat Soft : Le Pendu-->"C:\Program Files\TomCat Soft\Le Pendu\unins000.exe"
TuneUp Utilities 2007-->MsiExec.exe /I{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}
TurboCalc Light v.2.9.60-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\TurboCalc Light v.2.9.60\ST6UNST.LOG"
Tux of Math Command (remove only)-->"D:\Program Files\TuxMath\uninstall.exe"
Tux Paint 0.9.18-->"C:\Program Files\TuxPaint\unins000.exe"
VideoLAN VLC media player 0.8.6f-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VPN Client-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5624C000-B109-11D4-9DB4-00E0290FCAC5}\Setup.exe" -l0x9 VpnUninstall
VSO Image Resizer 1.3.4d-->"C:\Program Files\VSO\Image Resizer\unins000.exe"
Vuze-->D:\Program Files\Azureus\uninstall.exe
Warning Banner Creator-->"C:\Program Files\Warning Banner Creator\Uninstall Warning Banner Creator.exe"
WavePad Uninstall-->C:\Program Files\NCH Swift Sound\WavePad\uninst.exe
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Resource Kit Tools - SubInAcl.exe-->MsiExec.exe /X{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinHTTrack Website Copier 3.42-3-->"C:\Program Files\WinHTTrack\unins000.exe"
winLAME prerelease3-->MsiExec.exe /I{D54B8695-1F1F-4856-9B1D-1678B242DF27}
Xanadu-->C:\WINDOWS\unvise32.exe C:\Program Files\Foreignword\Xanadu\uninstal.log
Xenu's Link Sleuth-->"D:\Program Files\Xenu\unins000.exe"
XnView 1.91.6-->"D:\Program Files\XnView\unins000.exe"
xplorer² lite-->"C:\Program Files\zabkat\xplorer2_lite\Uninstall.exe"
ZikiTranslator 1.3.4a-->D:\Program Files\ZikiTranslator\uninst.exe
ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

======Hosts File======

127.0.0.1 localhost

======Security center information======

AV: BitDefender Antivirus (disabled)
AV: Norton AntiVirus 2005 (disabled)
AV: avast! antivirus 4.8.1296 [VPS 090202-1]
FW: Norton Internet Worm Protection
FW: BitDefender Firewall
FW: ZoneAlarm Firewall (disabled)

System event log

Computer Name: HP-BARREAU
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service NLA (Network Location Awareness).

Record Number: 1261
Source Name: Service Control Manager
Time Written: 20090201140427.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: HP-BARREAU
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service avast! Web Scanner.

Record Number: 1260
Source Name: Service Control Manager
Time Written: 20090201140427.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: HP-BARREAU
Event Code: 7036
Message: Le service avast! Mail Scanner est entré dans l'état : en cours d'exécution.

Record Number: 1259
Source Name: Service Control Manager
Time Written: 20090201140425.000000+060
Event Type: Informations
User:

Computer Name: HP-BARREAU
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service avast! Mail Scanner.

Record Number: 1258
Source Name: Service Control Manager
Time Written: 20090201140424.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: HP-BARREAU
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Compatibilité avec le Changement rapide d'utilisateur.

Record Number: 1257
Source Name: Service Control Manager
Time Written: 20090201140423.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Application event log

Computer Name: HP-BARREAU
Event Code: 0
Message:
Record Number: 5929
Source Name: RoxLiveShare
Time Written: 20080815191339.000000+120
Event Type: Informations
User:

Computer Name: HP-BARREAU
Event Code: 0
Message:
Record Number: 5928
Source Name: RoxSniffer
Time Written: 20080815191338.000000+120
Event Type: Informations
User:

Computer Name: HP-BARREAU
Event Code: 11728
Message: Produit : Microsoft Office XP Professional avec FrontPage -- La configuration s'est terminée correctement.

Record Number: 5927
Source Name: MsiInstaller
Time Written: 20080815185555.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: HP-BARREAU
Event Code: 1022
Message: Produit : Microsoft Office XP Professional avec FrontPage - La mise à jour 'Mise à jour de sécurité Access 2002 (KB955440): SNAPVIEW' a été installée.

Record Number: 5926
Source Name: MsiInstaller
Time Written: 20080815185555.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: HP-BARREAU
Event Code: 11728
Message: Produit : Microsoft Office XP Professional avec FrontPage -- La configuration s'est terminée correctement.

Record Number: 5925
Source Name: MsiInstaller
Time Written: 20080815185545.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;C:\Program Files\Fichiers communs\GTK\2.0\bin;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Fichiers communs\Roxio Shared\DLLShared\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 3, GenuineIntel
"PROCESSOR_REVISION"=0403
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"LANG"=fr
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"RoxioCentral"=C:\Program Files\Fichiers communs\Roxio Shared\Roxio Central\
"tvdumpflags"=8

-----------------EOF-----------------

Et voici le 2nd. Bonne lecture. :)

info.txt logfile of random's system information tool 1.05 2009-02-03 10:37:58

======Uninstall list======

-->"C:\Program Files\Gran Diccionario de la Lengua Española\pop.exe" -q C:\WINDOWS\ISUN040A.EXE -f"C:\Program Files\Gran Diccionario de la Lengua Española\Uninst.isu"
-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\system32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {637099FB-45FD-4BC7-9651-6FB540DBB749}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{0D330013-4A99-46D6-83C6-2C959C68DBFF}
-->MsiExec.exe /I{26792CA7-D87A-4DBE-896B-C2F66B344511}
-->MsiExec.exe /I{637099FB-45FD-4BC7-9651-6FB540DBB749}
-->MsiExec.exe /I{6D4F02C4-F6AF-4659-A933-7FC06235A8D5}
-->MsiExec.exe /I{7FD9FD10-9F7F-4DDF-B9F0-911209FF0CEA}
-->MsiExec.exe /I{8C60949A-46F9-4DD7-BA9F-78C00D9D4C8D}
-->MsiExec.exe /I{EB748B9B-F872-4E95-98E8-5CA7E5425DAF}
-->MsiExec.exe /I{F0EACC27-A729-406C-9BF6-C8F10CEC36F8}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D43F13A1-1E39-4BD4-9682-DF889FE75421}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D43F13A1-1E39-4BD4-9682-DF889FE75421}\setup.exe" -l0x40c /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
123 Free Solitaire-->D:\PROGRA~1\123FRE~1\UNWISE.EXE D:\PROGRA~1\123FRE~1\INSTALL.LOG
7-Zip 4.59 beta-->"C:\Program Files\7-Zip\Uninstall.exe"
ActivIcons version 3.20-->"C:\Program Files\ActivIcons\unins000.exe"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe® Photoshop® Album Edition Découverte 3.0-->MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
AFPL Ghostscript 8.54-->D:\Program Files\gs\uninstgs.exe "D:\Program Files\gs\gs8.54\uninstal.txt"
AFPL Ghostscript Fonts-->D:\Program Files\gs\uninstgs.exe "D:\Program Files\gs\fonts\uninstal.txt"
Agfa ScanWise 1.60-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Agfa\ScanWise 1_60\uninst.isu" -c"C:\Program Files\Agfa\ScanWise 1_60\UNINSTALL.DLL"
AM-DeadLink 3.2-->"D:\Program Files\AM-DeadLink\unins000.exe"
Amic Email Backup v2.0-->"D:\Program Files\Amic Tools\Amic Email Backup\unins000.exe"
Analyseur et SDK MSXML 4.0 SP2-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Apple Mobile Device Support-->MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
Archiveur WinRAR-->D:\Program Files\WinRAR\uninstall.exe
Arovax Shield 2.1.95-->C:\Program Files\Arovax Shield\uninst.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Atelier historique-->C:\WINDOWS\unin040c.exe -fc:\atelier\DeIsL1.isu -cc:\atelier\_ISREG32.DLL
ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
Avant Browser (remove only)-->"D:\Program Files\Avant Browser\uninst.exe"
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Babelbox-->C:\Program Files\beon Widgets\Babelbox\uninst.exe
Babylon-->D:\Program Files\Babylon\Babylon-Pro\Utils\uninstbb.exe
Belarc Advisor 7.2-->C:\PROGRA~1\Belarc\Advisor\Uninstall.exe C:\PROGRA~1\Belarc\Advisor\INSTALL.LOG
Broadcom 802.11 Driver-->C:\WINDOWS\system32\BCMWLU00.exe verbose /rootkey=Software\Broadcom\802.11\UninstallInfo
Bullzip PDF Printer 4.0.0.545-->"D:\Program Files\Bullzip\PDF Printer\unins000.exe"
Calendar v.4.0-->"D:\Program Files\Serge_LAGIER\Calendar\unins000.exe"
Cardiris-->C:\WINDOWS\IsUn040c.exe -fC:\Cardiris\Uninst.isu
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CDBurnerXP-->"D:\Program Files\CDBurnerXP\unins000.exe"
CDex 1.40 Fr [Extraction Audio]-->"C:\Program Files\CDex\uninstall.exe"
Cimaware OfficeFIX 6-->D:\Program Files\Cimaware\OfficeFix6\uninst.exe
Clavier+ 10.6.1-->"C:\Program Files\Clavier+\unins000.exe"
Coloriage-->C:\WINDOWS\GPInstall.exe "/UNINST=C:\Program Files\denouvel\Coloriage\UnInst.log" "/APPNAME=Coloriage"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Conexant AC-97 Audio-->CIAunwdm.exe
Conexant Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_266D&SUBSYS_3082103C\HXFSETUP.EXE -U -Ihpm30825.inf
Creative WebCam NX Driver (1.02.01.0827)-->C:\WINDOWS\CtDrvIns.exe -uninstall -script P1110.uns -unsext NT -plugin p1110pin.dll -pluginres p1110pin.crl
Dam 2.2-->"C:\Program Files\Dam22\unins000.exe"
DAZ|Studio 1.5.1.0-->C:\WINDOWS\unvise32.exe D:\Program Files\DAZ\Studio\DAZ Studio Uninstall.log
DeepBurner v1.8.0.224-->"C:\Program Files\Astonsoft\DeepBurner\Uninstall.exe" "C:\Program Files\Astonsoft\DeepBurner\install.log"
Defraggler (remove only)-->"D:\Program Files\Defraggler\uninst.exe"
Désinstaller Le Petit Robert de la langue française-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Le Robert\Le Petit Robert\Uninst.isu"
Dia (supprimer uniquement)-->C:\Program Files\Dia\dia-0.96.1-8-uninstall.exe
DICCIONARIO CLAVE-->C:\WINDOWS\DICCIONARIO CLAVE Uninstaller.exe
Diccionario de uso del Español Actual-->"C:\Program Files\sgel\diccionario\unins000.exe"
DRAE-->"C:\Program Files\DRAE\UninstallerData\Uninstall DRAE.exe"
DriveClone-->C:\Program files\Farstone\DClone\Uninstal.exe
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
EasyCleaner-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9 -removeonly
EasyPHP 2.0b1-->"C:\Program Files\EasyPHP 2.0b1\unins000.exe"
Encyclopédie Hachette Multimédia (désinstallation)-->"C:\Program Files\Hachette\EHM\uninstall.exe"
Encyclopédie Microsoft Encarta 2006-->MsiExec.exe /I{06180048-3E21-46D6-9A91-D927BA08F41D}
EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
FileZilla Client 3.2.0-->D:\Program Files\FileZilla FTP Client\uninstall.exe
FindyKill-->C:\Program Files\FindyKill\Uninstal.exe
Folder Marker Pro v 2.0-->"C:\Program Files\Folder Marker\unins000.exe"
FotoSketcher - Version 1.81-->"D:\Program Files\FotoSketcher\unins000.exe"
FotoTagger 2.7.0.1-->D:\Program Files\FotoTagger\uninst.exe
FreeAgent Go Tools-->C:\Program Files\InstallShield Installation Information\{ECD43B7A-CB3B-4AF8-91F6-C460A575E411}\setup.exe -runfromtemp -l0x040c
FreeCommander 2008.06a-->"D:\Program Files\FreeCommander\unins000.exe"
free-downloads.net Toolbar-->C:\PROGRA~1\FREE-D~1.NET\UNWISE.EXE C:\PROGRA~1\FREE-D~1.NET\INSTALL.LOG
FreeOCR.net-->"C:\WINDOWS\FreeOCR.net Uninstaller.exe"
FreshUI-->"C:\Program Files\FreshDevices\FreshUI\unins000.exe"
Gabbasoft Cube Demo-->MsiExec.exe /X{E6B4523B-A47C-4DBA-918C-D9E220B3F4EC}
GCompris (supprimer uniquement)-->C:\Program Files\Gcompris\gcompris-uninst.exe
GéoKid-->C:\WINDOWS\GPInstall.exe "/UNINST=C:\Program Files\denouvel\GéoKid\UnInst.log" "/APPNAME=GéoKid"
GIMP 2.4.7-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
Glary Utilities 2.5.1-->"D:\Program Files\Glary Utilities\unins000.exe"
GoodFrame-->"D:\Program Files\FDSoftware\GoodFrame\unins000.exe"
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
GraphCalc v4.0.1-->"D:\Program Files\GraphCalc\unins000.exe"
GTK+ 2.10.6-1 runtime environment-->"C:\Program Files\Fichiers communs\GTK\2.0\setup\unins000.exe"
Harrap's Shorter-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Harrap's Multimédia\Shorter\Uninstharraps.isu" -c"C:\Program Files\Harrap's Multimédia\Shorter\_UnInstall.dll"
HD Tune 2.55-->"D:\Program Files\HD Tune\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Wireless Assistant-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}\setup.exe" -l0x40c
HTML Shrinker Light-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\SHRI_LIT.INF, DefaultUninstall.ntx86
IE Favoris Export version 1.0-->"C:\Program Files\IEFavorisExport10\unins000.exe"
Image Resizer Powertoy for Windows XP-->MsiExec.exe /I{1CB92574-96F2-467B-B793-5CEB35C40C29}
IMG-TXT 5-->"D:\Program Files\IMG-TXT 5\uninstall.exe"
iPuissance 4D-->C:\Program Files\iPuissance 4D\Uninst.exe
Irregular Verbs 2.0-->D:\Program Files\Irregular Verbs\Uninstal.exe
IsoBuster 2.0-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
iTunes-->MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000}
JAlbum 7.3-->D:\Program Files\JAlbum7.3\Uninstall.exe
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Kikoo-->D:\Program Files\Kikoo\Uninstal.exe
la version 0.95.00 du 20 Février 2008, configurée pour la maiso-->"D:\Program Files\7x8\unins000.exe"
Larousse Diccionario Francés - Español-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{72E2470C-C387-4C15-91B2-012DDF71A466}\Setup.exe" -l0xa
Le Petit Robert 2007-->MsiExec.exe /I{DEDF46CC-CF38-4790-872B-FA6DC6B8C517}
Le Petit Robert 2009-->"D:\Program Files\Le Robert\Le Petit Robert 2009\Uninstall.exe"
Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LedRenommer 1.4.1-->"D:\Program Files\LED\LedRenommer\unins000.exe"
Les départements français-->"C:\Program Files\GEOGRAPHIE\FRANCE\uninstall.exe"
Lexibase Pro-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{22AE875F-B8B3-46AF-856C-CE858538D912}\setup.exe" -l0x40c
Lines95 3.2e-->"D:\Program Files\Lines95\unins000.exe"
Lingo-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Lingo\ST6UNST.LOG"
Logiciel iTouch de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{036AA4D4-6D32-11D4-9875-00105ACE7734}\setup.exe" -l0x40c UNINSTALL
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\setup.exe" -l0x40c UNINSTALL
Logitech MouseWare 9.79 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\setup.exe" -l0x40c -l040c UNINSTALL
Lupas Rename 2000 v5.0 Release-->"D:\Program Files\Lupas Rename 2000\unins000.exe"
Macromedia Dreamweaver 8-->MsiExec.exe /I{5FD788ED-1A37-4496-9BDD-463F493B27FA}
Macromedia Extension Manager-->MsiExec.exe /I{3C8C9FB3-5FDF-40B4-B314-EAD722728C76}
Macromedia Fireworks 8-->MsiExec.exe /I{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}
Macromedia Flash 8 Video Encoder-->MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
Macromedia Flash 8-->MsiExec.exe /I{2BD5C305-1B27-4D41-B690-7A61172D2FEB}
Magentic-->C:\PROGRA~1\Magentic\bin\mgsetup.exe /remove /addon:Magentic
Malwarebytes' Anti-Malware-->"D:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Maxthon2 Browser (remove only)-->D:\Program Files\Maxthon2\MaxthonUINST.exe
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Baseline Security Analyzer 2.0.1-->MsiExec.exe /I{7F231232-C309-4401-964A-2A002B6E1ED9}
Microsoft Bootvis-->MsiExec.exe /I{0F9196C6-58B4-445B-B56E-B1200FECC151}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works-->MsiExec.exe /I{A059DE09-1B49-4450-B340-7AE097EC3F04}
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Mon Encyclopédie des Sciences-->D:\Program Files\DK\Become a Science Explorer\_uninst\uninstaller.exe
Mots Cachés 2.0-->"C:\Program Files\MotsCachés 2.0\unins000.exe"
MozBackup 1.4.7-->"C:\Program Files\MozBackup\unins000.exe"
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.19)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Multi Virus Cleaner 2008-->"D:\Program Files\AxBx\Multi Virus Cleaner 2008\unins001.exe"
MySQL Server 5.0-->MsiExec.exe /I{56A36E76-B35F-4453-B899-9B2190A7B500}
Nero 7-->MsiExec.exe /I{43FFE159-3199-4188-A1CD-629166AD1036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
News Interceptor 3-->"C:\Program Files\News Interceptor 3\Uninstall.exe"
nLite 1.4 RC2-->"C:\Program Files\nLite\unins000.exe"
Norton Security Scan (Symantec Corporation)-->"C:\Program Files\Fichiers communs\Symantec Shared\NSSSetup\{E579F5FB-D9C9-43A6-8DCF-67B9573C2E7C}_2_0_0\NSSSetup.exe" /X
Norton Security Scan-->MsiExec.exe /X{E579F5FB-D9C9-43A6-8DCF-67B9573C2E7C}
Numedia CD-DVD writing as non-admin user-->MsiExec.exe /X{94056AE8-EF0F-45E4-A1B4-D754115F8A28}
Nvu 1.0-->"C:\Program Files\Nvu\unins000.exe"
o_Solitaire désinstallation-->"C:\Program Files\olibul\unins000.exe"
OLYMPUS Master 2-->MsiExec.exe /X{0815D55A-5EFF-4E1B-8C04-7035E914D90D}
OpenOffice.org 3.0-->MsiExec.exe /I{1572F66F-F9AD-4D45-B0D2-0F45A0D5A0F6}
Opera 9.61-->MsiExec.exe /X{F8CCEF4F-6EEF-4B81-B70D-821E72451D93}
Paint.NET v3.20-->MsiExec.exe /X{C1CAAF9E-2A80-4AD0-8D9A-B4327966249F}
Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
Panda NanoScan-->C:\WINDOWS\system32\Panda Software\NanoScan\nanounst.exe
PC SECURITY TEST 2007-->"C:\Program Files\AxBx\PC Security Test 2007\unins000.exe"
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
Petit Larousse 2007-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1444B13F-B744-4624-9695-D9E6471817B1}\Setup.exe" -l0x40c
Photo To Sketch 3.51-->"C:\Program Files\Photo To Sketch\unins000.exe"
PhotoFiltre-->"D:\Program Files\PhotoFiltre\Uninst.exe"
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
Pixia 3.3b-->"D:\Program Files\Seagrand\Pixia\unins000.exe"
Pluslong-->C:\Program Files\Le mot le plus long\uninstall.exe
PSPad editor-->"D:\Program Files\PSPad editor\Uninst\unins000.exe"
QI98 - Edition 2006-->C:\WINDOWS\st6unst.exe -n "D:\QI98\ST6UNST.LOG"
Quick Launch Buttons 5.10 A2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEB326EC-8F40-47B2-BA22-BB092565D66F}\setup.exe" -l0x40c -uninst
QuickTime-->MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
RaimaRadio 1.4-->"D:\Program Files\RaimaRadio\unins000.exe"
Range-Notes 5.1-->"C:\Program Files\Range-Notes\unins000.exe"
Rapide Créateur D'Icône 5.1-->"C:\Program Files\Rapide Créateur D'Icône\uninstall.exe"
RapidTyping-->"C:\Program Files\RapidTyping\Uninstall.exe"
Readiris-->C:\WINDOWS\ISUN040A.EXE -fC:\Readiris\Uninst.isu -cC:\Readiris\delcache.dll
REALTEK Gigabit and Fast Ethernet NIC Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\Setup.exe" -l0x40c REMOVE
Recuva (remove only)-->"D:\Program Files\Recuva\uninst.exe"
RegCure 1.5.1.3-->D:\Program Files\RegCure\uninst.exe
Registry Mechanic 6.0-->"C:\Program Files\Registry Mechanic\unins000.exe"
RepareOE-->D:\Program Files\RepareOE\uninstall.exe
Rep-Listing-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{887EF08A-011E-477C-B6CB-01E540538ADB}\setup.exe" -l0x40c -removeonly
RogueRemover 1.20-->C:\Program Files\RogueRemover\uninst.exe
Roxio Easy Media Creator 8 Suite-->MsiExec.exe /I{868901EE-7807-4F89-A134-7C705D34F91F}
SaveOE-->D:\Program Files\SaveOE\uninstall.exe
Scribus 1.3.3.9-->D:\Program Files\Scribus 1.3.3.9\uninst.exe
SDL Trados 2006 Freelance-->MsiExec.exe /I{010E52FC-DF6A-4E1A-84F4-9AB41DC9653B}
Sélecteur d'installation de Microsoft Works 2005-->C:\Program Files\Microsoft Works Suite 2005\Setup\Launcher.exe /ARP E:\
Simple Sudoku 4.2-->"C:\Program Files\Simple Sudoku\unins000.exe"
Skype™ 3.6-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SmartDraw 7-->C:\PROGRA~1\SMARTD~1\UNWISE.EXE C:\PROGRA~1\SMARTD~1\INSTALL.LOG
SnIco Edit 2.2-->"C:\Program Files\SnIco Edit\unins000.exe"
Solone-->"C:\Program Files\Solone\unins000.exe"
Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Sonic Update Manager-->MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"
S-Tris 2 PC-->"D:\Program Files\Elements Interactive\S-Tris2\unins000.exe"
StudioLine Photo Basic-->D:\Program Files\StudioLine Photo Basic\SLUninst.exe
SUPER © Version 2008.bld.30 (Mar 22, 2008)-->D:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
Super Mastermind-->C:\Program Files\Super Mastermind\Uninstal.exe
Suppress plus 1.8-->"C:\Program Files\splus\unins000.exe"
Switch-->C:\Program Files\NCH Swift Sound\Switch\uninst.exe
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
SyncBack-->"C:\Program Files\2BrightSparks\SyncBack\unins000.exe"
TchecMeet-->C:\Program Files\TchecMeet\Uninstal.exe
Texas Instruments PCIxx21/x515 drivers.-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{C569D686-A444-4AF0-A437-15CBB2816E34}
TomCat Soft : Le Pendu-->"C:\Program Files\TomCat Soft\Le Pendu\unins000.exe"
TuneUp Utilities 2007-->MsiExec.exe /I{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}
TurboCalc Light v.2.9.60-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\TurboCalc Light v.2.9.60\ST6UNST.LOG"
Tux of Math Command (remove only)-->"D:\Program Files\TuxMath\uninstall.exe"
Tux Paint 0.9.18-->"C:\Program Files\TuxPaint\unins000.exe"
VideoLAN VLC media player 0.8.6f-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VPN Client-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5624C000-B109-11D4-9DB4-00E0290FCAC5}\Setup.exe" -l0x9 VpnUninstall
VSO Image Resizer 1.3.4d-->"C:\Program Files\VSO\Image Resizer\unins000.exe"
Vuze-->D:\Program Files\Azureus\uninstall.exe
Warning Banner Creator-->"C:\Program Files\Warning Banner Creator\Uninstall Warning Banner Creator.exe"
WavePad Uninstall-->C:\Program Files\NCH Swift Sound\WavePad\uninst.exe
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Resource Kit Tools - SubInAcl.exe-->MsiExec.exe /X{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinHTTrack Website Copier 3.42-3-->"C:\Program Files\WinHTTrack\unins000.exe"
winLAME prerelease3-->MsiExec.exe /I{D54B8695-1F1F-4856-9B1D-1678B242DF27}
Xanadu-->C:\WINDOWS\unvise32.exe C:\Program Files\Foreignword\Xanadu\uninstal.log
Xenu's Link Sleuth-->"D:\Program Files\Xenu\unins000.exe"
XnView 1.91.6-->"D:\Program Files\XnView\unins000.exe"
xplorer² lite-->"C:\Program Files\zabkat\xplorer2_lite\Uninstall.exe"
ZikiTranslator 1.3.4a-->D:\Program Files\ZikiTranslator\uninst.exe
ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

======Hosts File======

127.0.0.1 localhost

======Security center information======

AV: BitDefender Antivirus (disabled)
AV: Norton AntiVirus 2005 (disabled)
AV: avast! antivirus 4.8.1296 [VPS 090202-1]
FW: Norton Internet Worm Protection
FW: BitDefender Firewall
FW: ZoneAlarm Firewall (disabled)

System event log

Computer Name: HP-BARREAU
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service NLA (Network Location Awareness).

Record Number: 1261
Source Name: Service Control Manager
Time Written: 20090201140427.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: HP-BARREAU
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service avast! Web Scanner.

Record Number: 1260
Source Name: Service Control Manager
Time Written: 20090201140427.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: HP-BARREAU
Event Code: 7036
Message: Le service avast! Mail Scanner est entré dans l'état : en cours d'exécution.

Record Number: 1259
Source Name: Service Control Manager
Time Written: 20090201140425.000000+060
Event Type: Informations
User:

Computer Name: HP-BARREAU
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service avast! Mail Scanner.

Record Number: 1258
Source Name: Service Control Manager
Time Written: 20090201140424.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: HP-BARREAU
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Compatibilité avec le Changement rapide d'utilisateur.

Record Number: 1257
Source Name: Service Control Manager
Time Written: 20090201140423.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Application event log

Computer Name: HP-BARREAU
Event Code: 0
Message:
Record Number: 5929
Source Name: RoxLiveShare
Time Written: 20080815191339.000000+120
Event Type: Informations
User:

Computer Name: HP-BARREAU
Event Code: 0
Message:
Record Number: 5928
Source Name: RoxSniffer
Time Written: 20080815191338.000000+120
Event Type: Informations
User:

Computer Name: HP-BARREAU
Event Code: 11728
Message: Produit : Microsoft Office XP Professional avec FrontPage -- La configuration s'est terminée correctement.

Record Number: 5927
Source Name: MsiInstaller
Time Written: 20080815185555.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: HP-BARREAU
Event Code: 1022
Message: Produit : Microsoft Office XP Professional avec FrontPage - La mise à jour 'Mise à jour de sécurité Access 2002 (KB955440): SNAPVIEW' a été installée.

Record Number: 5926
Source Name: MsiInstaller
Time Written: 20080815185555.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: HP-BARREAU
Event Code: 11728
Message: Produit : Microsoft Office XP Professional avec FrontPage -- La configuration s'est terminée correctement.

Record Number: 5925
Source Name: MsiInstaller
Time Written: 20080815185545.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;C:\Program Files\Fichiers communs\GTK\2.0\bin;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Fichiers communs\Roxio Shared\DLLShared\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 3, GenuineIntel
"PROCESSOR_REVISION"=0403
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"LANG"=fr
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"RoxioCentral"=C:\Program Files\Fichiers communs\Roxio Shared\Roxio Central\
"tvdumpflags"=8

-----------------EOF-----------------

2nd rapport RSIT. :)

info.txt logfile of random's system information tool 1.05 2009-02-03 10:37:58

======Uninstall list======

-->"C:\Program Files\Gran Diccionario de la Lengua Española\pop.exe" -q C:\WINDOWS\ISUN040A.EXE -f"C:\Program Files\Gran Diccionario de la Lengua Española\Uninst.isu"
-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\system32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {637099FB-45FD-4BC7-9651-6FB540DBB749}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{0D330013-4A99-46D6-83C6-2C959C68DBFF}
-->MsiExec.exe /I{26792CA7-D87A-4DBE-896B-C2F66B344511}
-->MsiExec.exe /I{637099FB-45FD-4BC7-9651-6FB540DBB749}
-->MsiExec.exe /I{6D4F02C4-F6AF-4659-A933-7FC06235A8D5}
-->MsiExec.exe /I{7FD9FD10-9F7F-4DDF-B9F0-911209FF0CEA}
-->MsiExec.exe /I{8C60949A-46F9-4DD7-BA9F-78C00D9D4C8D}
-->MsiExec.exe /I{EB748B9B-F872-4E95-98E8-5CA7E5425DAF}
-->MsiExec.exe /I{F0EACC27-A729-406C-9BF6-C8F10CEC36F8}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D43F13A1-1E39-4BD4-9682-DF889FE75421}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D43F13A1-1E39-4BD4-9682-DF889FE75421}\setup.exe" -l0x40c /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
123 Free Solitaire-->D:\PROGRA~1\123FRE~1\UNWISE.EXE D:\PROGRA~1\123FRE~1\INSTALL.LOG
7-Zip 4.59 beta-->"C:\Program Files\7-Zip\Uninstall.exe"
ActivIcons version 3.20-->"C:\Program Files\ActivIcons\unins000.exe"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe® Photoshop® Album Edition Découverte 3.0-->MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
AFPL Ghostscript 8.54-->D:\Program Files\gs\uninstgs.exe "D:\Program Files\gs\gs8.54\uninstal.txt"
AFPL Ghostscript Fonts-->D:\Program Files\gs\uninstgs.exe "D:\Program Files\gs\fonts\uninstal.txt"
Agfa ScanWise 1.60-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Agfa\ScanWise 1_60\uninst.isu" -c"C:\Program Files\Agfa\ScanWise 1_60\UNINSTALL.DLL"
AM-DeadLink 3.2-->"D:\Program Files\AM-DeadLink\unins000.exe"
Amic Email Backup v2.0-->"D:\Program Files\Amic Tools\Amic Email Backup\unins000.exe"
Analyseur et SDK MSXML 4.0 SP2-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Apple Mobile Device Support-->MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
Archiveur WinRAR-->D:\Program Files\WinRAR\uninstall.exe
Arovax Shield 2.1.95-->C:\Program Files\Arovax Shield\uninst.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Atelier historique-->C:\WINDOWS\unin040c.exe -fc:\atelier\DeIsL1.isu -cc:\atelier\_ISREG32.DLL
ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
Avant Browser (remove only)-->"D:\Program Files\Avant Browser\uninst.exe"
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Babelbox-->C:\Program Files\beon Widgets\Babelbox\uninst.exe
Babylon-->D:\Program Files\Babylon\Babylon-Pro\Utils\uninstbb.exe
Belarc Advisor 7.2-->C:\PROGRA~1\Belarc\Advisor\Uninstall.exe C:\PROGRA~1\Belarc\Advisor\INSTALL.LOG
Broadcom 802.11 Driver-->C:\WINDOWS\system32\BCMWLU00.exe verbose /rootkey=Software\Broadcom\802.11\UninstallInfo
Bullzip PDF Printer 4.0.0.545-->"D:\Program Files\Bullzip\PDF Printer\unins000.exe"
Calendar v.4.0-->"D:\Program Files\Serge_LAGIER\Calendar\unins000.exe"
Cardiris-->C:\WINDOWS\IsUn040c.exe -fC:\Cardiris\Uninst.isu
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CDBurnerXP-->"D:\Program Files\CDBurnerXP\unins000.exe"
CDex 1.40 Fr [Extraction Audio]-->"C:\Program Files\CDex\uninstall.exe"
Cimaware OfficeFIX 6-->D:\Program Files\Cimaware\OfficeFix6\uninst.exe
Clavier+ 10.6.1-->"C:\Program Files\Clavier+\unins000.exe"
Coloriage-->C:\WINDOWS\GPInstall.exe "/UNINST=C:\Program Files\denouvel\Coloriage\UnInst.log" "/APPNAME=Coloriage"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Conexant AC-97 Audio-->CIAunwdm.exe
Conexant Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_266D&SUBSYS_3082103C\HXFSETUP.EXE -U -Ihpm30825.inf
Creative WebCam NX Driver (1.02.01.0827)-->C:\WINDOWS\CtDrvIns.exe -uninstall -script P1110.uns -unsext NT -plugin p1110pin.dll -pluginres p1110pin.crl
Dam 2.2-->"C:\Program Files\Dam22\unins000.exe"
DAZ|Studio 1.5.1.0-->C:\WINDOWS\unvise32.exe D:\Program Files\DAZ\Studio\DAZ Studio Uninstall.log
DeepBurner v1.8.0.224-->"C:\Program Files\Astonsoft\DeepBurner\Uninstall.exe" "C:\Program Files\Astonsoft\DeepBurner\install.log"
Defraggler (remove only)-->"D:\Program Files\Defraggler\uninst.exe"
Désinstaller Le Petit Robert de la langue française-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Le Robert\Le Petit Robert\Uninst.isu"
Dia (supprimer uniquement)-->C:\Program Files\Dia\dia-0.96.1-8-uninstall.exe
DICCIONARIO CLAVE-->C:\WINDOWS\DICCIONARIO CLAVE Uninstaller.exe
Diccionario de uso del Español Actual-->"C:\Program Files\sgel\diccionario\unins000.exe"
DRAE-->"C:\Program Files\DRAE\UninstallerData\Uninstall DRAE.exe"
DriveClone-->C:\Program files\Farstone\DClone\Uninstal.exe
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
EasyCleaner-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9 -removeonly
EasyPHP 2.0b1-->"C:\Program Files\EasyPHP 2.0b1\unins000.exe"
Encyclopédie Hachette Multimédia (désinstallation)-->"C:\Program Files\Hachette\EHM\uninstall.exe"
Encyclopédie Microsoft Encarta 2006-->MsiExec.exe /I{06180048-3E21-46D6-9A91-D927BA08F41D}
EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
FileZilla Client 3.2.0-->D:\Program Files\FileZilla FTP Client\uninstall.exe
FindyKill-->C:\Program Files\FindyKill\Uninstal.exe
Folder Marker Pro v 2.0-->"C:\Program Files\Folder Marker\unins000.exe"
FotoSketcher - Version 1.81-->"D:\Program Files\FotoSketcher\unins000.exe"
FotoTagger 2.7.0.1-->D:\Program Files\FotoTagger\uninst.exe
FreeAgent Go Tools-->C:\Program Files\InstallShield Installation Information\{ECD43B7A-CB3B-4AF8-91F6-C460A575E411}\setup.exe -runfromtemp -l0x040c
FreeCommander 2008.06a-->"D:\Program Files\FreeCommander\unins000.exe"
free-downloads.net Toolbar-->C:\PROGRA~1\FREE-D~1.NET\UNWISE.EXE C:\PROGRA~1\FREE-D~1.NET\INSTALL.LOG
FreeOCR.net-->"C:\WINDOWS\FreeOCR.net Uninstaller.exe"
FreshUI-->"C:\Program Files\FreshDevices\FreshUI\unins000.exe"
Gabbasoft Cube Demo-->MsiExec.exe /X{E6B4523B-A47C-4DBA-918C-D9E220B3F4EC}
GCompris (supprimer uniquement)-->C:\Program Files\Gcompris\gcompris-uninst.exe
GéoKid-->C:\WINDOWS\GPInstall.exe "/UNINST=C:\Program Files\denouvel\GéoKid\UnInst.log" "/APPNAME=GéoKid"
GIMP 2.4.7-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
Glary Utilities 2.5.1-->"D:\Program Files\Glary Utilities\unins000.exe"
GoodFrame-->"D:\Program Files\FDSoftware\GoodFrame\unins000.exe"
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
GraphCalc v4.0.1-->"D:\Program Files\GraphCalc\unins000.exe"
GTK+ 2.10.6-1 runtime environment-->"C:\Program Files\Fichiers communs\GTK\2.0\setup\unins000.exe"
Harrap's Shorter-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Harrap's Multimédia\Shorter\Uninstharraps.isu" -c"C:\Program Files\Harrap's Multimédia\Shorter\_UnInstall.dll"
HD Tune 2.55-->"D:\Program Files\HD Tune\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Wireless Assistant-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}\setup.exe" -l0x40c
HTML Shrinker Light-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\SHRI_LIT.INF, DefaultUninstall.ntx86
IE Favoris Export version 1.0-->"C:\Program Files\IEFavorisExport10\unins000.exe"
Image Resizer Powertoy for Windows XP-->MsiExec.exe /I{1CB92574-96F2-467B-B793-5CEB35C40C29}
IMG-TXT 5-->"D:\Program Files\IMG-TXT 5\uninstall.exe"
iPuissance 4D-->C:\Program Files\iPuissance 4D\Uninst.exe
Irregular Verbs 2.0-->D:\Program Files\Irregular Verbs\Uninstal.exe
IsoBuster 2.0-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
iTunes-->MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000}
JAlbum 7.3-->D:\Program Files\JAlbum7.3\Uninstall.exe
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Kikoo-->D:\Program Files\Kikoo\Uninstal.exe
la version 0.95.00 du 20 Février 2008, configurée pour la maiso-->"D:\Program Files\7x8\unins000.exe"
Larousse Diccionario Francés - Español-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{72E2470C-C387-4C15-91B2-012DDF71A466}\Setup.exe" -l0xa
Le Petit Robert 2007-->MsiExec.exe /I{DEDF46CC-CF38-4790-872B-FA6DC6B8C517}
Le Petit Robert 2009-->"D:\Program Files\Le Robert\Le Petit Robert 2009\Uninstall.exe"
Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LedRenommer 1.4.1-->"D:\Program Files\LED\LedRenommer\unins000.exe"
Les départements français-->"C:\Program Files\GEOGRAPHIE\FRANCE\uninstall.exe"
Lexibase Pro-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{22AE875F-B8B3-46AF-856C-CE858538D912}\setup.exe" -l0x40c
Lines95 3.2e-->"D:\Program Files\Lines95\unins000.exe"
Lingo-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Lingo\ST6UNST.LOG"
Logiciel iTouch de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{036AA4D4-6D32-11D4-9875-00105ACE7734}\setup.exe" -l0x40c UNINSTALL
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\setup.exe" -l0x40c UNINSTALL
Logitech MouseWare 9.79 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\setup.exe" -l0x40c -l040c UNINSTALL
Lupas Rename 2000 v5.0 Release-->"D:\Program Files\Lupas Rename 2000\unins000.exe"
Macromedia Dreamweaver 8-->MsiExec.exe /I{5FD788ED-1A37-4496-9BDD-463F493B27FA}
Macromedia Extension Manager-->MsiExec.exe /I{3C8C9FB3-5FDF-40B4-B314-EAD722728C76}
Macromedia Fireworks 8-->MsiExec.exe /I{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}
Macromedia Flash 8 Video Encoder-->MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
Macromedia Flash 8-->MsiExec.exe /I{2BD5C305-1B27-4D41-B690-7A61172D2FEB}
Magentic-->C:\PROGRA~1\Magentic\bin\mgsetup.exe /remove /addon:Magentic
Malwarebytes' Anti-Malware-->"D:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Maxthon2 Browser (remove only)-->D:\Program Files\Maxthon2\MaxthonUINST.exe
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Baseline Security Analyzer 2.0.1-->MsiExec.exe /I{7F231232-C309-4401-964A-2A002B6E1ED9}
Microsoft Bootvis-->MsiExec.exe /I{0F9196C6-58B4-445B-B56E-B1200FECC151}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works-->MsiExec.exe /I{A059DE09-1B49-4450-B340-7AE097EC3F04}
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Mon Encyclopédie des Sciences-->D:\Program Files\DK\Become a Science Explorer\_uninst\uninstaller.exe
Mots Cachés 2.0-->"C:\Program Files\MotsCachés 2.0\unins000.exe"
MozBackup 1.4.7-->"C:\Program Files\MozBackup\unins000.exe"
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.19)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Multi Virus Cleaner 2008-->"D:\Program Files\AxBx\Multi Virus Cleaner 2008\unins001.exe"
MySQL Server 5.0-->MsiExec.exe /I{56A36E76-B35F-4453-B899-9B2190A7B500}
Nero 7-->MsiExec.exe /I{43FFE159-3199-4188-A1CD-629166AD1036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
News Interceptor 3-->"C:\Program Files\News Interceptor 3\Uninstall.exe"
nLite 1.4 RC2-->"C:\Program Files\nLite\unins000.exe"
Norton Security Scan (Symantec Corporation)-->"C:\Program Files\Fichiers communs\Symantec Shared\NSSSetup\{E579F5FB-D9C9-43A6-8DCF-67B9573C2E7C}_2_0_0\NSSSetup.exe" /X
Norton Security Scan-->MsiExec.exe /X{E579F5FB-D9C9-43A6-8DCF-67B9573C2E7C}
Numedia CD-DVD writing as non-admin user-->MsiExec.exe /X{94056AE8-EF0F-45E4-A1B4-D754115F8A28}
Nvu 1.0-->"C:\Program Files\Nvu\unins000.exe"
o_Solitaire désinstallation-->"C:\Program Files\olibul\unins000.exe"
OLYMPUS Master 2-->MsiExec.exe /X{0815D55A-5EFF-4E1B-8C04-7035E914D90D}
OpenOffice.org 3.0-->MsiExec.exe /I{1572F66F-F9AD-4D45-B0D2-0F45A0D5A0F6}
Opera 9.61-->MsiExec.exe /X{F8CCEF4F-6EEF-4B81-B70D-821E72451D93}
Paint.NET v3.20-->MsiExec.exe /X{C1CAAF9E-2A80-4AD0-8D9A-B4327966249F}
Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
Panda NanoScan-->C:\WINDOWS\system32\Panda Software\NanoScan\nanounst.exe
PC SECURITY TEST 2007-->"C:\Program Files\AxBx\PC Security Test 2007\unins000.exe"
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
Petit Larousse 2007-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1444B13F-B744-4624-9695-D9E6471817B1}\Setup.exe" -l0x40c
Photo To Sketch 3.51-->"C:\Program Files\Photo To Sketch\unins000.exe"
PhotoFiltre-->"D:\Program Files\PhotoFiltre\Uninst.exe"
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
Pixia 3.3b-->"D:\Program Files\Seagrand\Pixia\unins000.exe"
Pluslong-->C:\Program Files\Le mot le plus long\uninstall.exe
PSPad editor-->"D:\Program Files\PSPad editor\Uninst\unins000.exe"
QI98 - Edition 2006-->C:\WINDOWS\st6unst.exe -n "D:\QI98\ST6UNST.LOG"
Quick Launch Buttons 5.10 A2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEB326EC-8F40-47B2-BA22-BB092565D66F}\setup.exe" -l0x40c -uninst
QuickTime-->MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
RaimaRadio 1.4-->"D:\Program Files\RaimaRadio\unins000.exe"
Range-Notes 5.1-->"C:\Program Files\Range-Notes\unins000.exe"
Rapide Créateur D'Icône 5.1-->"C:\Program Files\Rapide Créateur D'Icône\uninstall.exe"
RapidTyping-->"C:\Program Files\RapidTyping\Uninstall.exe"
Readiris-->C:\WINDOWS\ISUN040A.EXE -fC:\Readiris\Uninst.isu -cC:\Readiris\delcache.dll
REALTEK Gigabit and Fast Ethernet NIC Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\Setup.exe" -l0x40c REMOVE
Recuva (remove only)-->"D:\Program Files\Recuva\uninst.exe"
RegCure 1.5.1.3-->D:\Program Files\RegCure\uninst.exe
Registry Mechanic 6.0-->"C:\Program Files\Registry Mechanic\unins000.exe"
RepareOE-->D:\Program Files\RepareOE\uninstall.exe
Rep-Listing-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{887EF08A-011E-477C-B6CB-01E540538ADB}\setup.exe" -l0x40c -removeonly
RogueRemover 1.20-->C:\Program Files\RogueRemover\uninst.exe
Roxio Easy Media Creator 8 Suite-->MsiExec.exe /I{868901EE-7807-4F89-A134-7C705D34F91F}
SaveOE-->D:\Program Files\SaveOE\uninstall.exe
Scribus 1.3.3.9-->D:\Program Files\Scribus 1.3.3.9\uninst.exe
SDL Trados 2006 Freelance-->MsiExec.exe /I{010E52FC-DF6A-4E1A-84F4-9AB41DC9653B}
Sélecteur d'installation de Microsoft Works 2005-->C:\Program Files\Microsoft Works Suite 2005\Setup\Launcher.exe /ARP E:\
Simple Sudoku 4.2-->"C:\Program Files\Simple Sudoku\unins000.exe"
Skype™ 3.6-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SmartDraw 7-->C:\PROGRA~1\SMARTD~1\UNWISE.EXE C:\PROGRA~1\SMARTD~1\INSTALL.LOG
SnIco Edit 2.2-->"C:\Program Files\SnIco Edit\unins000.exe"
Solone-->"C:\Program Files\Solone\unins000.exe"
Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Sonic Update Manager-->MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"
S-Tris 2 PC-->"D:\Program Files\Elements Interactive\S-Tris2\unins000.exe"
StudioLine Photo Basic-->D:\Program Files\StudioLine Photo Basic\SLUninst.exe
SUPER © Version 2008.bld.30 (Mar 22, 2008)-->D:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
Super Mastermind-->C:\Program Files\Super Mastermind\Uninstal.exe
Suppress plus 1.8-->"C:\Program Files\splus\unins000.exe"
Switch-->C:\Program Files\NCH Swift Sound\Switch\uninst.exe
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
SyncBack-->"C:\Program Files\2BrightSparks\SyncBack\unins000.exe"
TchecMeet-->C:\Program Files\TchecMeet\Uninstal.exe
Texas Instruments PCIxx21/x515 drivers.-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{C569D686-A444-4AF0-A437-15CBB2816E34}
TomCat Soft : Le Pendu-->"C:\Program Files\TomCat Soft\Le Pendu\unins000.exe"
TuneUp Utilities 2007-->MsiExec.exe /I{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}
TurboCalc Light v.2.9.60-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\TurboCalc Light v.2.9.60\ST6UNST.LOG"
Tux of Math Command (remove only)-->"D:\Program Files\TuxMath\uninstall.exe"
Tux Paint 0.9.18-->"C:\Program Files\TuxPaint\unins000.exe"
VideoLAN VLC media player 0.8.6f-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VPN Client-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5624C000-B109-11D4-9DB4-00E0290FCAC5}\Setup.exe" -l0x9 VpnUninstall
VSO Image Resizer 1.3.4d-->"C:\Program Files\VSO\Image Resizer\unins000.exe"
Vuze-->D:\Program Files\Azureus\uninstall.exe
Warning Banner Creator-->"C:\Program Files\Warning Banner Creator\Uninstall Warning Banner Creator.exe"
WavePad Uninstall-->C:\Program Files\NCH Swift Sound\WavePad\uninst.exe
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Resource Kit Tools - SubInAcl.exe-->MsiExec.exe /X{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinHTTrack Website Copier 3.42-3-->"C:\Program Files\WinHTTrack\unins000.exe"
winLAME prerelease3-->MsiExec.exe /I{D54B8695-1F1F-4856-9B1D-1678B242DF27}
Xanadu-->C:\WINDOWS\unvise32.exe C:\Program Files\Foreignword\Xanadu\uninstal.log
Xenu's Link Sleuth-->"D:\Program Files\Xenu\unins000.exe"
XnView 1.91.6-->"D:\Program Files\XnView\unins000.exe"
xplorer² lite-->"C:\Program Files\zabkat\xplorer2_lite\Uninstall.exe"
ZikiTranslator 1.3.4a-->D:\Program Files\ZikiTranslator\uninst.exe
ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

======Hosts File======

127.0.0.1 localhost

======Security center information======

AV: BitDefender Antivirus (disabled)
AV: Norton AntiVirus 2005 (disabled)
AV: avast! antivirus 4.8.1296 [VPS 090202-1]
FW: Norton Internet Worm Protection
FW: BitDefender Firewall
FW: ZoneAlarm Firewall (disabled)

System event log

Computer Name: HP-BARREAU
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service NLA (Network Location Awareness).

Record Number: 1261
Source Name: Service Control Manager
Time Written: 20090201140427.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: HP-BARREAU
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service avast! Web Scanner.

Record Number: 1260
Source Name: Service Control Manager
Time Written: 20090201140427.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: HP-BARREAU
Event Code: 7036
Message: Le service avast! Mail Scanner est entré dans l'état : en cours d'exécution.

Record Number: 1259
Source Name: Service Control Manager
Time Written: 20090201140425.000000+060
Event Type: Informations
User:

Computer Name: HP-BARREAU
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service avast! Mail Scanner.

Record Number: 1258
Source Name: Service Control Manager
Time Written: 20090201140424.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: HP-BARREAU
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Compatibilité avec le Changement rapide d'utilisateur.

Record Number: 1257
Source Name: Service Control Manager
Time Written: 20090201140423.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Application event log

Computer Name: HP-BARREAU
Event Code: 0
Message:
Record Number: 5929
Source Name: RoxLiveShare
Time Written: 20080815191339.000000+120
Event Type: Informations
User:

Computer Name: HP-BARREAU
Event Code: 0
Message:
Record Number: 5928
Source Name: RoxSniffer
Time Written: 20080815191338.000000+120
Event Type: Informations
User:

Computer Name: HP-BARREAU
Event Code: 11728
Message: Produit : Microsoft Office XP Professional avec FrontPage -- La configuration s'est terminée correctement.

Record Number: 5927
Source Name: MsiInstaller
Time Written: 20080815185555.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: HP-BARREAU
Event Code: 1022
Message: Produit : Microsoft Office XP Professional avec FrontPage - La mise à jour 'Mise à jour de sécurité Access 2002 (KB955440): SNAPVIEW' a été installée.

Record Number: 5926
Source Name: MsiInstaller
Time Written: 20080815185555.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: HP-BARREAU
Event Code: 11728
Message: Produit : Microsoft Office XP Professional avec FrontPage -- La configuration s'est terminée correctement.

Record Number: 5925
Source Name: MsiInstaller
Time Written: 20080815185545.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;C:\Program Files\Fichiers communs\GTK\2.0\bin;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Fichiers communs\Roxio Shared\DLLShared\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 3, GenuineIntel
"PROCESSOR_REVISION"=0403
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"LANG"=fr
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"RoxioCentral"=C:\Program Files\Fichiers communs\Roxio Shared\Roxio Central\
"tvdumpflags"=8

-----------------EOF-----------------

Je croyais avoir (bien) désinstallé BitDefender. Quant à Norton, il faudrait aussi que je l'enlève. En ce qui concerne Avast, je croyais que c'était le meilleur des gratuits...

Je dois aussi me débarrasser de la toolbar en question. Il faut comme tu dis que je fasse le ménage là-dedans mais je ne sais pas très bien comment. J'espère pouvoir compter encore sur tes conseils éclairés.

Je dois m'absenter aussi. A+

Merci encore. :)

Bonsoir,

Voici quelques interrogations qui me viennent après ces longues heures de lutte acharnée :

1) Peut-on considérer que mon PC est maintenant complètement désinfecté ?

2) Faire un scan avec Avast au démarrage ?

3) Antivir est-il meilleur qu'Avast ?

4) Firewall PC Tool Plus est-il meilleur que Zone Alarm ?

5) Au démarrage, j'ai une fenêtre qui indique ceci :
DAEMON Tools Lite
Ce programme nécessite au moins Windows 2000 avec SPTD 1.56 ou plus récent. Le débugger Kernel doit être désactivé.

6) Puis-je continuer à utiliser les programmes téléchargés qui étaient apparemment accompagné d'une sale bête ?

7) Comment te remercier pour tout le temps que tu as perdu à cause de moi ?

A bientôt. :)

Bonsoir,

Je viens de désinstaller Avast et de mettre Antivir à la place. Tu trouveras ci-dessous le résultat de son 1er scan.

--------------------------
Avira AntiVir Personal
Date de création du fichier de rapport : mardi 3 février 2009 20:15

La recherche porte sur 1312037 souches de virus.

Détenteur de la licence :Avira AntiVir PersonalEdition Classic
Numéro de série : 0000149996-ADJIE-0001
Plateforme : Windows XP
Version de Windows :(Service Pack 3) [5.1.2600]
Mode Boot : Démarré normalement
Identifiant : SYSTEM
Nom de l'ordinateur :HP-BARREAU

Informations de version :
BUILD.DAT : 8.2.0.52 16931 Bytes 02/12/2008 14:55:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 08:21:00
AVSCAN.DLL : 8.1.4.1 49921 Bytes 21/07/2008 13:44:27
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:16
LUKERES.DLL : 8.1.4.0 13057 Bytes 04/07/2008 07:30:27
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
ANTIVIR1.VDF : 7.1.1.113 2817536 Bytes 14/01/2009 19:12:16
ANTIVIR2.VDF : 7.1.1.207 1359360 Bytes 30/01/2009 19:12:24
ANTIVIR3.VDF : 7.1.1.222 149504 Bytes 03/02/2009 19:12:25
Version du moteur: 8.2.0.71
AEVDF.DLL : 8.1.1.0 106868 Bytes 03/02/2009 19:12:40
AESCRIPT.DLL : 8.1.1.39 344443 Bytes 03/02/2009 19:12:39
AESCN.DLL : 8.1.1.6 127348 Bytes 03/02/2009 19:12:37
AERDL.DLL : 8.1.1.3 438645 Bytes 04/11/2008 13:58:38
AEPACK.DLL : 8.1.3.6 393589 Bytes 03/02/2009 19:12:36
AEOFFICE.DLL : 8.1.0.33 196987 Bytes 03/02/2009 19:12:34
AEHEUR.DLL : 8.1.0.89 1569143 Bytes 03/02/2009 19:12:33
AEHELP.DLL : 8.1.2.0 119159 Bytes 03/02/2009 19:12:29
AEGEN.DLL : 8.1.1.12 328053 Bytes 03/02/2009 19:12:28
AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 10:05:56
AECORE.DLL : 8.1.6.4 176501 Bytes 03/02/2009 19:12:26
AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 10:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:02
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:27:58
AVREP.DLL : 8.0.0.2 98344 Bytes 31/07/2008 12:02:15
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:37
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:19
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:46
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:36
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:07
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 04/07/2008 07:23:16
RCTEXT.DLL : 8.0.52.1 86273 Bytes 17/07/2008 10:08:43

Configuration pour la recherche actuelle :
Nom de la tâche..................: Contrôle intégral du système
Fichier de configuration.........: c:\program files\avira\antivir personaledition classic\sysscan.avp
Documentation....................: bas
Action principale................: interactif
Action secondaire................: ignorer
Recherche sur les secteurs d'amorçage maître: marche
Recherche sur les secteurs d'amorçage: marche
Secteurs d'amorçage..............: C:, D:,
Recherche dans les programmes actifs: marche
Recherche en cours sur l'enregistrement: marche
Recherche de Rootkits............: arrêt
Fichier mode de recherche........: Sélection de fichiers intelligente
Recherche sur les archives.......: marche
Limiter la profondeur de récursivité: 20
Archive Smart Extensions.........: marche
Heuristique de macrovirus........: marche
Heuristique fichier..............: moyen

Début de la recherche : mardi 3 février 2009 20:15

La recherche sur les processus démarrés commence :
Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'firefox.exe' - '1' module(s) sont contrôlés
Processus de recherche 'msmsgs.exe' - '1' module(s) sont contrôlés
Processus de recherche 'msimn.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Babylon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iPodService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'NMIndexStoreSvr.exe' - '1' module(s) sont contrôlés
Processus de recherche 'daemon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'NMIndexingService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'MMonitor.exe' - '1' module(s) sont contrôlés
Processus de recherche 'GoogleUpdate.exe' - '1' module(s) sont contrôlés
Processus de recherche 'CPSHelpRunner.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Range-Notes.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Clavier.exe' - '1' module(s) sont contrôlés
Processus de recherche 'MemOptimizer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'NMBgMonitor.exe' - '1' module(s) sont contrôlés
Processus de recherche 'GoogleDesktop.exe' - '1' module(s) sont contrôlés
Processus de recherche 'backWeb-8876480.exe' - '1' module(s) sont contrôlés
Processus de recherche 'zlclient.exe' - '0' module(s) sont contrôlés
Processus de recherche 'RoxWatchTray.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iTunesHelper.exe' - '1' module(s) sont contrôlés
Processus de recherche 'QTTask.exe' - '1' module(s) sont contrôlés
Processus de recherche 'schedhlp.exe' - '1' module(s) sont contrôlés
Processus de recherche 'StxMenuMgr.exe' - '1' module(s) sont contrôlés
Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'EM_EXEC.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'MSASCui.exe' - '1' module(s) sont contrôlés
Processus de recherche 'GoogleDesktop.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iTouch.exe' - '1' module(s) sont contrôlés
Processus de recherche 'atiptaxx.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SynTPEnh.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SynTPLpr.exe' - '1' module(s) sont contrôlés
Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés
Processus de recherche 'wmiapsrv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'StarWindServiceAE.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SeaSyncServices.exe' - '1' module(s) sont contrôlés
Processus de recherche 'RoxWatch.exe' - '1' module(s) sont contrôlés
Processus de recherche 'RoxMediaDB.exe' - '1' module(s) sont contrôlés
Processus de recherche 'NMSAccessU.exe' - '1' module(s) sont contrôlés
Processus de recherche 'mdm.exe' - '1' module(s) sont contrôlés
Processus de recherche 'jqs.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'cvpnd.exe' - '1' module(s) sont contrôlés
Processus de recherche 'AppleMobileDeviceService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'schedul2.exe' - '1' module(s) sont contrôlés
Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'BRSS01A.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'BRSVC01A.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ati2evxx.exe' - '1' module(s) sont contrôlés
Processus de recherche 'vsmon.exe' - '0' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'MsMpEng.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ati2evxx.exe' - '1' module(s) sont contrôlés
Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés
Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
'67' processus ont été contrôlés avec '67' modules

La recherche sur les secteurs d'amorçage maître commence :
Secteur d'amorçage maître HD0
[INFO] Aucun virus trouvé !

La recherche sur les secteurs d'amorçage commence :
Secteur d'amorçage 'C:\'
[INFO] Aucun virus trouvé !
Secteur d'amorçage 'D:\'
[INFO] Aucun virus trouvé !

La recherche sur les renvois aux fichiers exécutables (registre) commence.
Le registre a été contrôlé ( '68' fichiers).


La recherche sur les fichiers sélectionnés commence :

Recherche débutant dans 'C:\'
C:\pagefile.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
C:\System Volume Information\_restore{7E0ADBBB-DF0D-4DBB-BDF3-298E5063892A}\RP45\A0092051.exe
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Fichier supprimé.
C:\System Volume Information\_restore{7E0ADBBB-DF0D-4DBB-BDF3-298E5063892A}\RP45\A0092052.exe
[RESULTAT] Contient le cheval de Troie TR/Trash.Gen
[REMARQUE] Fichier supprimé.
C:\WINDOWS\system32\drivers\sptd.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
Recherche débutant dans 'D:\' <Données>


Fin de la recherche : mardi 3 février 2009 22:32
Temps nécessaire: 2:17:23 Heure(s)

La recherche a été effectuée intégralement

15279 Les répertoires ont été contrôlés
1008534 Des fichiers ont été contrôlés
2 Des virus ou programmes indésirables ont été trouvés
0 Des fichiers ont été classés comme suspects
2 Des fichiers ont été supprimés
0 Des virus ou programmes indésirables ont été réparés
0 Les fichiers ont été déplacés dans la quarantaine
0 Les fichiers ont été renommés
2 Impossible de contrôler des fichiers
1008530 Fichiers non infectés
4419 Les archives ont été contrôlées
2 Avertissements
2 Consignes

Bonjour, bien dormi ?

1) Moi je ne suis pas très bien réveillé, ce qui explique peut-être le fait que je ne trouve pas le "rootkit au démarrage dont tu me parlais...

"Penses pour le prochain scan avec antivir a le parametrer au demarrage ainsi,tu vas ddans etat puis configuration,puis tu coches recherche de rootkit au demarrage"

2) Ensuite tu disais : "vas sur virus total" : c'est quoi ?

3) Je n'ai pas bien compris non plus l'histoire du lien: "et copies, colles ce lien, puis tu cliques sur envoyer ce lien. une recherche va se faire et un rapport sera edité (postes moi le rapport)
C:\WINDOWS\system32\drivers\sptd.sys"

Décidément aujourd'hui... Je vais prendre un café. A tout à l'heure.

Aurais-tu une adresse pour désisntaller complètement Spybot ?

Une autre question...

J'ai depuis quelques temps une fenêtre qui s'ouvre à la fin du démarrage du pc :

Assistant matériel détecté
Assistant ajout de nouveau matériel détecté
Cet assistant vous aide à installer le logiciel pour : Contrôleur hôte SCSI/RAID

Puis un message d'erreur...

Que dois-je faire ?

Voici le rapport complet d'Antivir avec recherche de rootkit au démarrage.

Avira AntiVir Personal
Date de création du fichier de rapport : mercredi 4 février 2009 13:53

La recherche porte sur 1312037 souches de virus.

Détenteur de la licence :Avira AntiVir PersonalEdition Classic
Numéro de série : 0000149996-ADJIE-0001
Plateforme : Windows XP
Version de Windows :(Service Pack 3) [5.1.2600]
Mode Boot : Démarré normalement
Identifiant : SYSTEM
Nom de l'ordinateur :HP-BARREAU

Informations de version :
BUILD.DAT : 8.2.0.52 16931 Bytes 02/12/2008 14:55:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 08:21:00
AVSCAN.DLL : 8.1.4.1 49921 Bytes 21/07/2008 13:44:27
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:16
LUKERES.DLL : 8.1.4.0 13057 Bytes 04/07/2008 07:30:27
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
ANTIVIR1.VDF : 7.1.1.113 2817536 Bytes 14/01/2009 19:12:16
ANTIVIR2.VDF : 7.1.1.207 1359360 Bytes 30/01/2009 19:12:24
ANTIVIR3.VDF : 7.1.1.222 149504 Bytes 03/02/2009 19:12:25
Version du moteur: 8.2.0.71
AEVDF.DLL : 8.1.1.0 106868 Bytes 03/02/2009 19:12:40
AESCRIPT.DLL : 8.1.1.39 344443 Bytes 03/02/2009 19:12:39
AESCN.DLL : 8.1.1.6 127348 Bytes 03/02/2009 19:12:37
AERDL.DLL : 8.1.1.3 438645 Bytes 04/11/2008 13:58:38
AEPACK.DLL : 8.1.3.6 393589 Bytes 03/02/2009 19:12:36
AEOFFICE.DLL : 8.1.0.33 196987 Bytes 03/02/2009 19:12:34
AEHEUR.DLL : 8.1.0.89 1569143 Bytes 03/02/2009 19:12:33
AEHELP.DLL : 8.1.2.0 119159 Bytes 03/02/2009 19:12:29
AEGEN.DLL : 8.1.1.12 328053 Bytes 03/02/2009 19:12:28
AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 10:05:56
AECORE.DLL : 8.1.6.4 176501 Bytes 03/02/2009 19:12:26
AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 10:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:02
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:27:58
AVREP.DLL : 8.0.0.2 98344 Bytes 31/07/2008 12:02:15
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:37
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:19
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:46
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:36
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:07
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 04/07/2008 07:23:16
RCTEXT.DLL : 8.0.52.1 86273 Bytes 17/07/2008 10:08:43

Configuration pour la recherche actuelle :
Nom de la tâche..................: Contrôle intégral du système
Fichier de configuration.........: c:\program files\avira\antivir personaledition classic\sysscan.avp
Documentation....................: bas
Action principale................: interactif
Action secondaire................: ignorer
Recherche sur les secteurs d'amorçage maître: marche
Recherche sur les secteurs d'amorçage: marche
Secteurs d'amorçage..............: C:, D:,
Recherche dans les programmes actifs: marche
Recherche en cours sur l'enregistrement: marche
Recherche de Rootkits............: marche
Fichier mode de recherche........: Tous les fichiers
Recherche sur les archives.......: marche
Limiter la profondeur de récursivité: 20
Archive Smart Extensions.........: marche
Heuristique de macrovirus........: marche
Heuristique fichier..............: moyen

Début de la recherche : mercredi 4 février 2009 13:53

La recherche d'objets cachés commence.
'70370' objets ont été contrôlés, '0' objets cachés ont été trouvés.

La recherche sur les processus démarrés commence :
Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
Processus de recherche 'wuauclt.exe' - '1' module(s) sont contrôlés
Processus de recherche 'firefox.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
Processus de recherche 'msmsgs.exe' - '1' module(s) sont contrôlés
Processus de recherche 'msimn.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Babylon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'MMonitor.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SUPERAntiSpyware.exe' - '1' module(s) sont contrôlés
Processus de recherche 'wmiapsrv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'daemon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'NMIndexStoreSvr.exe' - '1' module(s) sont contrôlés
Processus de recherche 'NMIndexingService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'GoogleUpdate.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Range-Notes.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Clavier.exe' - '1' module(s) sont contrôlés
Processus de recherche 'MemOptimizer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'CPSHelpRunner.exe' - '1' module(s) sont contrôlés
Processus de recherche 'NMBgMonitor.exe' - '1' module(s) sont contrôlés
Processus de recherche 'backWeb-8876480.exe' - '1' module(s) sont contrôlés
Processus de recherche 'FirewallGUI.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iPodService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'GoogleDesktop.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés
Processus de recherche 'RoxWatchTray.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iTunesHelper.exe' - '1' module(s) sont contrôlés
Processus de recherche 'QTTask.exe' - '1' module(s) sont contrôlés
Processus de recherche 'schedhlp.exe' - '1' module(s) sont contrôlés
Processus de recherche 'StxMenuMgr.exe' - '1' module(s) sont contrôlés
Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'MSASCui.exe' - '1' module(s) sont contrôlés
Processus de recherche 'EM_EXEC.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'GoogleDesktop.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iTouch.exe' - '1' module(s) sont contrôlés
Processus de recherche 'atiptaxx.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SynTPEnh.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SynTPLpr.exe' - '1' module(s) sont contrôlés
Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'StarWindServiceAE.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SeaSyncServices.exe' - '1' module(s) sont contrôlés
Processus de recherche 'RoxWatch.exe' - '1' module(s) sont contrôlés
Processus de recherche 'RoxMediaDB.exe' - '1' module(s) sont contrôlés
Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ati2evxx.exe' - '1' module(s) sont contrôlés
Processus de recherche 'FWService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'NMSAccessU.exe' - '1' module(s) sont contrôlés
Processus de recherche 'mdm.exe' - '1' module(s) sont contrôlés
Processus de recherche 'jqs.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'cvpnd.exe' - '1' module(s) sont contrôlés
Processus de recherche 'AppleMobileDeviceService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
Processus de recherche 'schedul2.exe' - '1' module(s) sont contrôlés
Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'BRSS01A.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'BRSVC01A.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'MsMpEng.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ati2evxx.exe' - '1' module(s) sont contrôlés
Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés
Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
'71' processus ont été contrôlés avec '71' modules

La recherche sur les secteurs d'amorçage maître commence :
Secteur d'amorçage maître HD0
[INFO] Aucun virus trouvé !

La recherche sur les secteurs d'amorçage commence :
Secteur d'amorçage 'C:\'
[INFO] Aucun virus trouvé !
Secteur d'amorçage 'D:\'
[INFO] Aucun virus trouvé !

La recherche sur les renvois aux fichiers exécutables (registre) commence.
Le registre a été contrôlé ( '69' fichiers).


La recherche sur les fichiers sélectionnés commence :

Recherche débutant dans 'C:\'
C:\pagefile.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
C:\WINDOWS\system32\drivers\sptd.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
Recherche débutant dans 'D:\' <Données>


Fin de la recherche : mercredi 4 février 2009 15:12
Temps nécessaire: 1:19:14 Heure(s)

La recherche a été effectuée intégralement

15287 Les répertoires ont été contrôlés
1008846 Des fichiers ont été contrôlés
0 Des virus ou programmes indésirables ont été trouvés
0 Des fichiers ont été classés comme suspects
0 Des fichiers ont été supprimés
0 Des virus ou programmes indésirables ont été réparés
0 Les fichiers ont été déplacés dans la quarantaine
0 Les fichiers ont été renommés
2 Impossible de contrôler des fichiers
1008844 Fichiers non infectés
4464 Les archives ont été contrôlées
2 Avertissements
0 Consignes
70370 Des objets ont été contrôlés lors du Rootkitscan
0 Des objets cachés ont été trouvés

J'ai été obligé de faire "parcourir" pour insérer le fichier et la rapport ne s'est pas fait attendre car le fichier en question est vide !

0 bytes size received / Se ha recibido un archivo vacio

Selon l'explorateur le fichier n'est pas vide : 701 Ko. Bizarre, non ?

Rien à faire. Le résultat est le même. Ce fichier ne peut pas être ouvert, ou il est considéré comme vide.