Analyse hijack

ah bon
je renvoie ce que j'ai

info.txt logfile of random's system information tool 1.05 2009-03-06 19:59:28

======Uninstall list======

-->"C:\Program Files\Creative\SBAudigy2ZS\Program\Ctzapxx.EXE" /W /U /S /L:FRN
-->"C:\Program Files\Creative\SBAudigy2ZS\Program\SETUP.EXE" /S /U /W /L:FRN
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->MsiExec /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{169F8893-C1C5-4847-972C-EA1E008112AC}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{169F8893-C1C5-4847-972C-EA1E008112AC}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1888DAFD-C634-4BC4-865C-3455E24F6177}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1888DAFD-C634-4BC4-865C-3455E24F6177}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{236FADD8-58FD-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{236FADD8-58FD-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5210ED6D-52A9-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5210ED6D-52A9-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5933921D-4253-40B6-B4D9-B7D680F1B6EC}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5933921D-4253-40B6-B4D9-B7D680F1B6EC}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDC05F7-83E4-4611-AD3C-A6EB2100332A}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDC05F7-83E4-4611-AD3C-A6EB2100332A}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67AEFC4C-69E4-11D7-85F4-00E018013273}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67AEFC4C-69E4-11D7-85F4-00E018013273}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7201B853-5833-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7201B853-5833-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{72A810B1-EE62-455A-A086-E1C9FEDE7F29}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{72A810B1-EE62-455A-A086-E1C9FEDE7F29}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{77ACE67A-0D21-4CEF-8A97-ED20A61B978B}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{77ACE67A-0D21-4CEF-8A97-ED20A61B978B}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{869D88A5-BD6C-4E39-8536-D95259EAD7E8}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{869D88A5-BD6C-4E39-8536-D95259EAD7E8}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{87499F38-FD69-4A2B-B41A-BAB8DE9B94FE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{881A74B3-3D17-4842-B9AF-0761C6E6C4B5}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{881A74B3-3D17-4842-B9AF-0761C6E6C4B5}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9154ED7C-926E-49CC-B677-0CF3C5267457}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9154ED7C-926E-49CC-B677-0CF3C5267457}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A4D2983-4662-4387-BE3D-4CFC2FA9C100}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A4D2983-4662-4387-BE3D-4CFC2FA9C100}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1185190-514F-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1185190-514F-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC157741-3285-4D6A-B934-9174587A3493}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC157741-3285-4D6A-B934-9174587A3493}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3549608-69D3-11D7-AB2D-0090271A23A2}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3549608-69D3-11D7-AB2D-0090271A23A2}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5BAAFAE-3561-463D-8E3F-91761A57ADB8}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5BAAFAE-3561-463D-8E3F-91761A57ADB8}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DEBD7BF3-5856-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DEBD7BF3-5856-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE6699B3-E5AD-4E59-8F2B-207DF630670C}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE6699B3-E5AD-4E59-8F2B-207DF630670C}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB2292C6-1F0A-11D7-AB2D-0090271A23A2}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB2292C6-1F0A-11D7-AB2D-0090271A23A2}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD549B7B-3532-4160-80D4-3E3DD39A9AE5}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD549B7B-3532-4160-80D4-3E3DD39A9AE5}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD851F7E-F887-405D-9E1C-488811113EF3}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD851F7E-F887-405D-9E1C-488811113EF3}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B9AE66C-2A8F-4FB2-85D7-416AFFAE8408}\setup.exe" -l0x40c
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Aerosoft's - DHC-6 Twin Otter X-->C:\Program Files\InstallShield Installation Information\{3A8DED06-80E7-4555-AA1F-FF4A2A4D353C}\setup.exe -runfromtemp -l0x0009 -uninst -removeonly
aerosoft's - FlightSim Commander-->C:\Program Files\InstallShield Installation Information\{F941AABE-E868-42D9-9F38-884250F7898A}\setup.exe -runfromtemp -l0x040c -uninst -removeonly
aerosoft's - Mission Lear 1 - FSX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{518C3F99-77AE-4EC2-9A07-940745D6D4E4}\Setup.exe" -uninst
Aerosoft's - MyTrafficX-->C:\Program Files\InstallShield Installation Information\{2C14EA52-0FEA-416C-B6CC-DA51B054ACF3}\Setup.exe -runfromtemp -l0x040c -uninst -removeonly
Aerosoft's - Twin Otter X - Mission Pack-->C:\Program Files\InstallShield Installation Information\{E0BF8C31-2745-4186-A08D-05401FC95AE3}\setup.exe -runfromtemp -l0x0009 -uninst -removeonly
Analyseur et SDK MSXML 4.0 SP2-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Application Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8200C8D1-F178-4BB8-BDBC-EEB8A4943D2F}\Setup.exe" -l0x40c
Application Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9ED398CC-1A14-47D4-A2D7-A2B0627DB0C2}\Setup.exe" -l0x40c
Battlefield 2(TM)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x40c -removeonly
Battlefield 2142 Deluxe Edition-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}\setup.exe" -l0x40c -removeonly
Boeing 787 Dreamliner-->MsiExec.exe /X{7CB0E916-4E47-402F-99FB-ABBC4AFFC3D3}
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Call of Duty(R) - World at War(TM)-->C:\Program Files\InstallShield Installation Information\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\setup.exe -runfromtemp -l0x040c
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x040c
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CDDRV_Installer-->MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}
Command & Conquer 3-->MsiExec.exe /I{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{14574B7F-75D1-4718-B7F2-EBF6E2862A35}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{199E6632-EB28-4F73-AECB-3E192EB92D18}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{25724802-CC14-4B90-9F3B-3D6955EE27B1}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{50193078-F553-4EBA-AA77-64C9FAA12F98}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{51D718D1-DA81-4FAD-919F-5C1CE3C33379}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{66F78C51-D108-4F0C-A93C-1CBE74CE338F}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{80D03817-7943-4839-8E96-B9F924C5E67D}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{97E5205F-EA4F-438F-B211-F1846419F1C1}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{99A7722D-9ACB-43F3-A222-ABC7133F159E}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{BA801B94-C28D-46EE-B806-E1E021A3D519}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{D4D244D1-05E0-4D24-86A2-B2433C435671}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{EAF636A9-F664-4703-A659-85A894DA264F}
Company of Heroes-->"C:\Program Files\THQ\Company of Heroes\Uninstall_French.exe"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Corel Snapfire DVD Maker-->MsiExec.exe /X{17E14D89-3A9F-4706-9F9B-C2DFC7ABE94B}
Corel Snapfire Plus-->MsiExec.exe /X{7ADE3A47-B425-45E9-8FF6-11BE2B775645}
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Creative Audio Console-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B9AE66C-2A8F-4FB2-85D7-416AFFAE8408}\setup.exe" -l0x40c /remove
Creative MediaSource-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\SETUP.EXE" -l0x40c /remove
Creative System Information-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{87499F38-FD69-4A2B-B41A-BAB8DE9B94FE}\setup.exe" -l0x40c /remove
Crysis WARHEAD(R)-->"C:\Documents and Settings\All Users\Application Data\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe" REMOVE=TRUE MODIFY=FALSE
Crysis WARHEAD(R)-->C:\Documents and Settings\All Users\Application Data\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe
Crysis Wars(R)-->"C:\Documents and Settings\All Users\Application Data\{0151C9FC-719D-4459-B1E2-4685CC6E62A8}\setup.exe" REMOVE=TRUE MODIFY=FALSE
Crysis Wars(R)-->C:\Documents and Settings\All Users\Application Data\{0151C9FC-719D-4459-B1E2-4685CC6E62A8}\setup.exe
Cyberavia Moving Map -->MsiExec.exe /I{8FCADAD9-ABF5-4978-8EF4-F95B600D136A}
DesignPro SE-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{3C166D45-B941-436E-BB3A-EBB4FE49DA99}
EA Download Manager-->C:\Program Files\Electronic Arts\EADM\Uninstall.exe
EPSON BX300F Series Printer Uninstall-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FINSEJE.EXE /R /APD /P:"EPSON BX300F Series"
Epson Easy Photo Print 2-->C:\Program Files\InstallShield Installation Information\{DEDB47A3-C988-4A43-A645-E2CEA571E680}\SETUP.EXE -runfromtemp -l0x040c UNINST -removeonly
EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /r
EPSON PhotoQuicker3.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65F5B7AF-3363-11D7-BB6B-00018021113F}\SETUP.EXE" -l0x40c uninst
EPSON PRINT Image Framer Tool2.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23B59ED4-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x40c anything
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Stylus Office BX300F_TX300F Manuel-->C:\Program Files\EPSON\TPMANUAL\ESOBX300F_TX300F\FRA\USE_G\DOCUNINS.EXE
EPSON Web-To-Page-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything
ESC66 Guide de référence-->C:\Program Files\EPSON\TPMANUAL\ESC66\REF_G\DOCUNINS.EXE
ESC66 Guide des logiciels-->C:\Program Files\EPSON\TPMANUAL\ESC66\PQU_G\DOCUNINS.EXE
FSFDT FSCopilot-->C:\Program Files\FSFDT\uninstallFSCopilot.exe
FSFDT FSInn-->C:\Program Files\FSFDT\uninstallFSInn.exe
GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
IZArc 3.81-->"C:\Program Files\IZArc\unins000.exe"
JMB36X Raid Configurer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\setup.exe" -l0x40c -removeonly
KhalInstallWrapper-->MsiExec.exe /I{56918C0C-0D87-4CA6-92BF-4975A43AC719}
Logiciel de Synchronisation Orange-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C2EBC2F1-B766-4AE3-A10C-6EBBC1EE3B02}\setup.exe" -l0x40c -removeonly
Logiciel QuickCam de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF1B5DF7-8DF5-4D38-BFF0-FDC7B7847C00}\setup.exe" -l0x40c
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\setup.exe" -l0x40c UNINSTALL
Logitech Gaming Software 5.02-->MsiExec.exe /X{64B20B36-AEE7-4DD4-897C-C5DA5C218F60}
Logitech Registration-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
Logitech SetPoint-->C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe -runfromtemp -l0x040c -removeonly
Ma-Config.com-->MsiExec.exe /X{8AFB8FC4-3EBA-4C67-943F-CF43DB2180F1}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft ActiveSync 4.0-->MsiExec.exe /I{B208806F-A231-4FA0-AB3F-5C1B8979223E}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Flight Simulator X Service Pack 1-->c:\WINDOWS\system32\msiexec.exe /qb /l*vx "%TEMP%\FlightSimPatchUninstall.log" /uninstall {EDE72ED9-E7FA-45A0-A92D-E4E6D72ECC10} /package {F535B2CF-C9BB-4162-B03A-02D6971F32CC}
Microsoft Flight Simulator X: Acceleration-->C:\WINDOWS\system32\msiexec.exe /qb /l*vx "%TEMP%\FlightSimUninstall.log" /uninstall {3A1EE107-F79B-49FA-83CF-94169E63F25A}
Microsoft Flight Simulator X: Acceleration-->MsiExec.exe /I{3A1EE107-F79B-49FA-83CF-94169E63F25A}
Microsoft Flight Simulator X-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{F535B2CF-C9BB-4162-B03A-02D6971F32CC}
Microsoft Flight Simulator X-->MsiExec.exe /X{F535B2CF-C9BB-4162-B03A-02D6971F32CC}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Windows Media Video 9 VCM-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmv9vcm.inf, Uninstall
Microsoft Works 7.0-->MsiExec.exe /I{64D114CE-4234-45C2-B60A-2B07D5A48F72}
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mozilla Firefox (3.0.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.19)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
Navigateur Orange-->C:\Program Files\Orange\Uninstall\Browser\Shell.exe MainUninstall.shl
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX v8.09.04-->MsiExec.exe /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
Orange - Logiciels Internet-->C:\Program Files\Orange\installation\core\Installgui.exe -u
PIF DESIGNER2.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0A7124DF-F8A4-405B-904F-CFD3D3DFB5AE}\SETUP.EXE" -l0x40c anything
Pilote vidéo Pinnacle-->MsiExec.exe /X{5EB90C06-964F-4195-B83E-BD7E55C88415}
Pinnacle Instant DVD Recorder-->C:\Program Files\InstallShield Installation Information\{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}\Setup.exe -runfromtemp -l0x040cUNINSTALL -removeonly
Pinnacle Studio 12-->MsiExec.exe /I{D041EB9E-890A-4098-8F94-51DA194AC72A}
Programme de gestion Camera de Logitech-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT -l040c
PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u
Quick Zip 4.60.019-->"C:\Program Files\QuickZip4\unins000.exe"
Razer Reclusa Config-->C:\Program Files\InstallShield Installation Information\{328591D2-4F59-4EE1-ABF1-7F47E90E31A1}\setup.exe -runfromtemp -l0x040c -removeonly
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\Setup.exe" -l0x40c -removeonly
ScanToWeb-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\SETUP.EXE" ADDREMOVEDLG
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
SimCity 4-->C:\Program Files\Maxis\SimCity 4\EAUninstall.exe
Skype™ 3.6-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Sound Blaster Audigy 2 ZS-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E2514D9-DC24-4634-B348-61F3EF0F1628}\SETUP.EXE" -l0x40c
SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe" -l0x40c -removeonly
Sprite Backup-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ABC5404F-F0F3-4221-8DB9-5D34DD866E50}\setup.exe" -l0x40c
Studio Content CD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4C643986-DE3C-4737-8472-CCEC36CCC267}\Setup.exe" -l0x40c
TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
Totally Free Burner-->"C:\Program Files\Totally Free Burner\unins000.exe"
VideoLAN VLC media player 0.8.6f-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VirginMega.Fr Premium-->MsiExec.exe /I{EE467474-04A8-48D5-8DDF-0F8D3A3CCBE5}
VirtualDub-MPEG2 v1.6.19 b24587 Fr-->"C:\Program Files\VirtualDub-MPEG2\unins000.exe"
VOZ Scenery X 1.0-->C:\Program Files\Microsoft Games\Microsoft Flight Simulator X\Uninstal.exe
Wanadoo Messager-->C:\PROGRA~1\WANADO~1\UNWISE.EXE C:\PROGRA~1\WANADO~1\INSTALL.LOG
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
WinZip 12.0-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}

=====HijackThis Backups=====

O3 - Toolbar: Internet Service - {DB9FBA9D-AB1B-4CC6-9745-F3B549D64E40} - C:\Program Files\NetProject\wamdl.dll
O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\NetProject\scit.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Program Files\NetProject\sbmntr.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.safeiegate.com/redirect.php (file missing)
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.safeiegate.com/redirect.php (file missing)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O3 - Toolbar: Internet Service - {85BDD81D-31FD-4A6B-A73C-3955B128D2EC} - C:\Program Files\Web Technologies\iebr.dll
O2 - BHO: (no name) - {B8301AF7-D00E-4EA4-87C1-5FF4644FBBA1} - C:\Program Files\Web Technologies\iebt.dll
O2 - BHO: (no name) - {6860A44B-5D3E-433D-A7B5-D517F810D0E7} - (no file)
O2 - BHO: (no name) - {B8301AF7-D00E-4EA4-87C1-5FF4644FBBA1} - C:\Program Files\Web Technologies\iebt.dll
O2 - BHO: (no name) - {B8301AF7-D00E-4EA4-87C1-5FF4644FBBA1} - C:\Program Files\Web Technologies\iebt.dll
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O16 - DPF: {3E82BB3F-ABE4-458D-9281-0187286A4E51} (VoxsyncCtrl Class) - https://login.orange.fr/captcha?return_url=https%3A%2F%2Fmescontacts.orange.fr
O20 - Winlogon Notify: eeekp - C:\WINDOWS\SYSTEM32\eeekp.dll
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O20 - Winlogon Notify: eeekp - C:\WINDOWS\SYSTEM32\eeekp.dll
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\twex.exe,C:\WINDOWS\system32\sdra64.exe,
O15 - Trusted Zone: https://www.orange.fr/portail
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logiciel de Synchronisation Orange.lnk = ?

System event log

Computer Name: BRUNO-A8E651410
Event Code: 26
Message: Application popup : userinit.exe - Image incorrecte : L'application ou la DLL globalroot\systemroot\system32\UAComyurujj.dll n'est pas une image Windows valide. Vérifiez à l'aide de votre disquette d'installation.

Record Number: 13275
Source Name: Application Popup
Time Written: 20090305201119.000000+060
Event Type: Informations
User:

Computer Name: BRUNO-A8E651410
Event Code: 26
Message: Application popup : twex.exe - Image incorrecte : L'application ou la DLL globalroot\systemroot\system32\UACwqwbqbdq.dll n'est pas une image Windows valide. Vérifiez à l'aide de votre disquette d'installation.

Record Number: 13274
Source Name: Application Popup
Time Written: 20090305201117.000000+060
Event Type: Informations
User:

Computer Name: BRUNO-A8E651410
Event Code: 26
Message: Application popup : userinit.exe - Image incorrecte : L'application ou la DLL globalroot\systemroot\system32\UACwqwbqbdq.dll n'est pas une image Windows valide. Vérifiez à l'aide de votre disquette d'installation.

Record Number: 13273
Source Name: Application Popup
Time Written: 20090305201117.000000+060
Event Type: Informations
User:

Computer Name: BRUNO-A8E651410
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.

Record Number: 13272
Source Name: EventLog
Time Written: 20090305201109.000000+060
Event Type: Informations
User:

Computer Name: BRUNO-A8E651410
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 2 Multiprocessor Free.

Record Number: 13271
Source Name: EventLog
Time Written: 20090305201109.000000+060
Event Type: Informations
User:

Application event log

Computer Name: BRUNO-A8E651410
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 418
Source Name: SecurityCenter
Time Written: 20080315150113.000000+060
Event Type: Informations
User:

Computer Name: BRUNO-A8E651410
Event Code: 105
Message: The service was started.

Record Number: 417
Source Name: WMDM PMSP Service
Time Written: 20080315150112.000000+060
Event Type: Informations
User:

Computer Name: BRUNO-A8E651410
Event Code: 4
Message: The LightScribe Service started successfully.

Record Number: 416
Source Name: LightScribeService
Time Written: 20080315150112.000000+060
Event Type: Informations
User:

Computer Name: BRUNO-A8E651410
Event Code: 105
Message: The service was started.

Record Number: 415
Source Name: Creative Service for CDROM Access
Time Written: 20080315150108.000000+060
Event Type: Informations
User:

Computer Name: BRUNO-A8E651410
Event Code: 1517
Message: Windows a sauvegardé le Registre utilisateur BRUNO-A8E651410\bruno alors qu'une application ou un service utilisait toujours le Registre pendant la fermeture de la session. La mémoire utilisée par le Registre de l'utilisateur n'a pas été libérée. le Registre sera déchargé lorsqu'il ne sera plus utilisé.


Cela est souvent causé par des services s'exécutant en tant que compte d'utilisateur, essayez de configurer les services pour s'exécuter dans le compte service réseau ou service local.

Record Number: 414
Source Name: Userenv
Time Written: 20080315145928.000000+060
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Pinnacle\Shared Files\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

Logfile of random's system information tool 1.05 (written by random/random)
Run by bruno at 2009-03-06 19:59:24
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 50 GB (13%) free of 382 GB
Total RAM: 2047 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:59:27, on 06/03/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Razer\Reclusa\razerhid.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe
C:\WINDOWS\system32\lvcomsx.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Razer\Reclusa\razertra.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Orange\Launcher\Launcher.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Orange\connectivity\connectivitymanager.exe
C:\Program Files\Orange\systray\systrayapp.exe
C:\Program Files\Orange\Deskboard\deskboard.exe
C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\bruno\Bureau\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\bruno.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,C:\WINDOWS\system32\sdra64.exe,
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [EPSON Stylus C66 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE /P23 "EPSON Stylus C66 Series" /O6 "USB001" /M "Stylus C66"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Reclusa] C:\Program Files\Razer\Reclusa\razerhid.exe
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpriteService] "C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [EPSON BX300F Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEJE.EXE /FU "C:\WINDOWS\TEMP\E_SF6.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe"
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O15 - Trusted Zone: https://www.orange.fr/portail
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {75A4E024-35E1-408E-BB45-8A6C289BAEF9} - C:\Program Files\Logitech\Desktop Messenger\

ok merci je le fais et reviens vers toi
merci

j'ai fait combofix mais j'ai comme l'impression qu'il ne s'est pas installé
par contre j'ai un fichier qui s'appelle : bug
ci dessous

Killing 'n.com'

PUSHD "C:\32788R22FWJFW"
1 fichier(s) copié(s).

IF NOT EXIST C:\WINDOWS\system32\cmd.exe GOTO Not_NT

VER 1>OsVer

GREP.cfexe -F "5.2." OsVer

IF 1 == 0 GOTO Not_NT

GREP.cfexe -F "5.1.2" OsVer
Microsoft Windows XP [version 5.1.2600]

IF 0 == 0 GOTO NT

=============================================

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\bruno\Application Data
CFLDR=32788R22FWJFW
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Fichiers communs
COMPUTERNAME=BRUNO-A8E651410
ComSpec=C:\WINDOWS\system32\cmd.execf
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\bruno
KMD=CF4755.exe
LOGONSERVER=\\BRUNO-A8E651410
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\32788R22FWJFW;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Pinnacle\Shared Files\
PATHEXT=.CFEXE;.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 11, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0b
ProgramFiles=C:\Program Files
PROMPT=$
Qrntn=C:\Qoobox\Quarantine
RKEY_=hklm\software\microsoft\windows nt\currentversion\windows
SESSIONNAME=Console
sfxcmd="C:\Documents and Settings\bruno\Bureau\test.exe"
sfxname=C:\Documents and Settings\bruno\Bureau\test.exe
SYSTEM=C:\WINDOWS\system32
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\bruno\LOCALS~1\Temp
TMP=C:\DOCUME~1\bruno\LOCALS~1\Temp
USERDOMAIN=BRUNO-A8E651410
USERNAME=bruno
USERPROFILE=C:\Documents and Settings\bruno
windir=C:\WINDOWS

=============================================


IF NOT DEFINED sfxname GOTO END

IF EXIST C:\cfDebug.cmd DEL /A/F C:\cfDebug.cmd

CALL sfx.cmd

CALL AV.cmd

SET /a AVCount+=1

CSCRIPT.exe //NOLOGO //E:VBSCRIPT //B //T:08 av.vbs

FINDSTR -C:"*On-access scanning enabled*" Resident.txt 1>AVChk && (
SED -r "s/AV: (.*) \*On-access .*/* \1/;" AVChk | SED ":a; $!N;s/\n/~n/;ta" 1>AVChkB
NIRCMD beep 3000 200
NIRCMD beep 3000 300
IF 1 LEQ 1 FOR /F "TOKENS=*" %G IN (AVChkB) DO @NIRCMD INFOBOX "ComboFix a détecté que le(s) scanneur(s) en temps réel suivant(s) est(sont) actif(s):~n~n%G~n~nOn sait que les antivirus et les programmes de prévention d'intrusion perturbent~nle travail de ComboFix. Ceci peut aboutir à des résultats imprévisibles ou à d'éventuels dégâts~npour la machine. Veuillez désactiver ces scanneurs avant de cliquer sur 'OK'." "Attention !!" "" && GOTO Av-check
IF 1 GTR 1 FOR /F "TOKENS=*" %G IN (AVChkB) DO @NIRCMD INFOBOX "%G~n~nLe(s) scanneur(s) en temps réel ci-dessus est(sont) toujours actif(s) mais ComboFix va~ncontinuer à s'exécuter. Veuillez noter que c'est à vos risques et périls" "Attention !!" ""
)

DEL /Q AVChk?

SET AVCount=

IF EXIST OsVer00 CALL :Vista

IF /I "C:\32788R22FWJFW" NEQ "C:\32788R22FWJFW" GOTO Abort

IF EXIST "C:\DOCUME~1\bruno\LOCALS~1\Temp\32788R22FWJFW32788R22FWJFW.log" DEL "C:\DOCUME~1\bruno\LOCALS~1\Temp\32788R22FWJFW32788R22FWJFW.log"

(
SET "FileName=test"
SET "FilePath=C:\Documents and Settings\bruno\Bureau\"
)

SET FileName 1>FileName

GREP -isqx "FileName=[-[:alnum:]@.]*" FileName || GOTO AbortB

DIR /AD/B C:\* | FINDSTR -IVX ComboFix 1>DirName00

FINDSTR -LIXC:"test" DirName00 && CALL :NameChk
test

FINDSTR -LIXC:"test" DirName03 1>N_\27941 2>&1 && GOTO AbortB

IF EXIST "\test\*.cfexe" GOTO :EOF

IF EXIST DirName0? DEL /Q DirName0?

IF EXIST Oldsfxname00 DEL Oldsfxname00

IF EXIST "\test" DIR /AD "\test" 1>N_\25412 && (
RD /S/Q "\test"
IF EXIST "\test" (
PV -kf *.cfexe
RD /S/Q "\test"
)
IF EXIST "\test" (
HANDLE "C:\test" 1>temp00
SED -R "/.* pid: (\d*) +(\S*):.*/I!d;s//@ECHO.y|Handle -c \2 -p \1/" temp00 1>temp00.bat
CALL temp00.bat
DEL temp00.bat temp00
RD /S/Q "\test"
)
)

IF EXIST "\test" RD /S/Q "\test"

IF EXIST "\test" GOTO :EOF

CD ..

(
ECHO.MD "\test"
ECHO.MOVE /y "\32788R22FWJFW\*" "\test"
ECHO.RD /S/Q "\32788R22FWJFW"
ECHO.START "." /d"C:\test" "C:\WINDOWS\system32\CF4755.exe" /k c.bat
ECHO.PV -kf cmd.exe cmd.execf
ECHO.DEL \Start_.cmd
) 1>Start_.cmd

bonjour
c'est encore grugro37 - impossible d'installer SDFix , une fois téléchargé -
j'ai cherché si c'était pas les DLL qui déconnait - je les ai pas truvé sur les listes internet :
il me met à chaque lacement d'une application ce mess d'erreur :

application de la DLL globalroot\systemroot\system32\UACwqwbqbdq.dll n'est pas une image Windows valide, verifiez à l'aide de la disquette d'installation...

merci de tes bons conseils

grugro37

rebonjour

combofix ni malware ne veulent s'installer !

merci

rebonsoir

même avec combofix

ci-joint le rapport avec Kaspersky en ligne :

KASPERSKY ON-LINE SCANNER REPORT
Monday, March 09, 2009 6:07:47 PM
Système d'exploitation : Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.84.2
Dernière mise à jour de la base antivirus Kaspersky : 9/03/2009
Enregistrements dans la base antivirus Kaspersky : 1700539
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Dossiers
C:\
Statistiques de l'analyse
Total d'objets analysés 197390
Nombre de virus trouvés 2
Nombre d'objets infectés 18 / 0
Nombre d'objets suspects 0
Durée de l'analyse 02:12:31

Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP7\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav6\7.0.0.119\klif.sys L'objet est verrouillé ignoré
C:\Documents and Settings\bruno\Application Data\Thunderbird\Profiles\awt4mbq9.default\cert8.db L'objet est verrouillé ignoré
C:\Documents and Settings\bruno\Application Data\Thunderbird\Profiles\awt4mbq9.default\key3.db L'objet est verrouillé ignoré
C:\Documents and Settings\bruno\Application Data\Thunderbird\Profiles\awt4mbq9.default\Mail\Local Folders\Inbox.msf L'objet est verrouillé ignoré
C:\Documents and Settings\bruno\Application Data\Thunderbird\Profiles\awt4mbq9.default\panacea.dat L'objet est verrouillé ignoré
C:\Documents and Settings\bruno\Application Data\Thunderbird\Profiles\awt4mbq9.default\parent.lock L'objet est verrouillé ignoré
C:\Documents and Settings\bruno\Application Data\Thunderbird\Profiles\awt4mbq9.default\urlclassifier2.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\bruno\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\bruno\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\bruno\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\bruno\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\bruno\Local Settings\Temp\~DF524C.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\bruno\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré
C:\Documents and Settings\bruno\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\bruno\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\bruno\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Program Files\Electronic Arts\Battlefield 2142 Deluxe Edition\radial.cdb L'objet est verrouillé ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\Download\23ec66f2314a80d718b5483ab6e865af\avc.sys L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Canal+.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\ODiag.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\OSession.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\klif.sys L'objet est verrouillé ignoré
C:\WINDOWS\system32\eeekp.dll Infecté : Trojan-Spy.Win32.Goldun.bvr ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\lowsec\local.ds L'objet est verrouillé ignoré
C:\WINDOWS\system32\lowsec\user.ds L'objet est verrouillé ignoré
C:\WINDOWS\system32\sdra64.exe L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\Temp\178.tmp Infecté : Trojan-Spy.Win32.Zbot.ozo ignoré
C:\WINDOWS\Temp\18E.tmp Infecté : Trojan-Spy.Win32.Zbot.ozo ignoré
C:\WINDOWS\Temp\3.tmp Infecté : Trojan-Spy.Win32.Zbot.ozo ignoré
C:\WINDOWS\Temp\7F.tmp Infecté : Trojan-Spy.Win32.Zbot.ozo ignoré
C:\WINDOWS\Temp\80.tmp Infecté : Trojan-Spy.Win32.Zbot.ozo ignoré
C:\WINDOWS\Temp\81.tmp Infecté : Trojan-Spy.Win32.Zbot.ozo ignoré
C:\WINDOWS\Temp\82.tmp Infecté : Trojan-Spy.Win32.Zbot.ozo ignoré
C:\WINDOWS\Temp\83.tmp Infecté : Trojan-Spy.Win32.Zbot.ozo ignoré
C:\WINDOWS\Temp\84.tmp Infecté : Trojan-Spy.Win32.Zbot.ozo ignoré
C:\WINDOWS\Temp\8C.tmp Infecté : Trojan-Spy.Win32.Zbot.ozo ignoré
C:\WINDOWS\Temp\8D.tmp Infecté : Trojan-Spy.Win32.Zbot.ozo ignoré
C:\WINDOWS\Temp\8E.tmp Infecté : Trojan-Spy.Win32.Zbot.ozo ignoré
C:\WINDOWS\Temp\8F.tmp Infecté : Trojan-Spy.Win32.Zbot.ozo ignoré
C:\WINDOWS\Temp\90.tmp Infecté : Trojan-Spy.Win32.Zbot.ozo ignoré
C:\WINDOWS\Temp\91.tmp Infecté : Trojan-Spy.Win32.Zbot.ozo ignoré
C:\WINDOWS\Temp\97.tmp Infecté : Trojan-Spy.Win32.Zbot.ozo ignoré
C:\WINDOWS\Temp\B9.tmp Infecté : Trojan-Spy.Win32.Zbot.ozo ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
C:\WINDOWS\{00000005-00000000-00000001-00001102-00000004-20021102}.CDF L'objet est verrouillé ignoré
Analyse terminée.

re re

ci dessous rapport OTmove

Error: Unable to interpret <C:\WINDOWS\system32\eeekp.dll> in the current context!
Error: Unable to interpret <C:\WINDOWS\Temp\178.tmp> in the current context!
Error: Unable to interpret <C:\WINDOWS\Temp\18E.tmp> in the current context!
Error: Unable to interpret <C:\WINDOWS\Temp\3.tmp> in the current context!
Error: Unable to interpret <C:\WINDOWS\Temp\7F.tmp> in the current context!
Error: Unable to interpret <C:\WINDOWS\Temp\80.tmp> in the current context!
Error: Unable to interpret <C:\WINDOWS\Temp\81.tmp> in the current context!
Error: Unable to interpret <C:\WINDOWS\Temp\82.tmp> in the current context!
Error: Unable to interpret <C:\WINDOWS\Temp\83.tmp> in the current context!
Error: Unable to interpret <C:\WINDOWS\Temp\84.tmp> in the current context!
Error: Unable to interpret <C:\WINDOWS\Temp\8C.tmp> in the current context!
Error: Unable to interpret <C:\WINDOWS\Temp\8D.tmp> in the current context!
Error: Unable to interpret <C:\WINDOWS\Temp\8E.tmp> in the current context!
Error: Unable to interpret <C:\WINDOWS\Temp\8F.tmp> in the current context!
Error: Unable to interpret <C:\WINDOWS\Temp\90.tmp> in the current context!
Error: Unable to interpret <C:\WINDOWS\Temp\91.tmp> in the current context!
Error: Unable to interpret <C:\WINDOWS\Temp\97.tmp> in the current context!
Error: Unable to interpret <C:\WINDOWS\Temp\B9.tmp > in the current context!

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 03092009_184136


par ailleurs si je lance Killfix, j'ai plein de .exe avec images incorrectes et ça coupe internet

merci de ton aide

grugro37