Log Hijackthis

Résolu/Fermé

triski Messages postés 39 Date d'inscription dimanche 18 novembre 2007 Statut Membre Dernière intervention 9 janvier 2009 - 18 déc. 2008 à 13:15
Utilisateur anonyme - 10 janv. 2009 à 00:12

Bonjour,

Est-ce que quelqu'un pourrait regarder mon log et me dire si un truc cloche ? J'ai des processus iexplorer qui s'ouvrent tout seul sans que je les lance: j'utilise Firefox.

Merci de m'aider svp,

Lily

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:10:21, on 2008-12-18
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\MSN Messenger\usnsvc.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp-consumer.my.aol.qc.ca/?icid=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.playandwin.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/?p=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?setlang=fr-CA&FORM=LTHP&mkt=en-ca&toHttps=1&redig=97927FA48C9041D3B1BB018B773EB4D4
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [regcmdcons] c:\hp\bin\cloaker.exe c:\hp\bin\cmdcons.cmd
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [ApsenseExpress] C:\Program Files\Apsense Software\Apsense Express\ApsenseExpress.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Video_deluxe_2008_e-version\TrayServer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Power2GoExpress] "C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" /Startup
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Outil de détection de support de Cyber-shot Viewer.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Mises à jour de HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O8 - Extra context menu item: &NeoTrace It! - J:\PROGRA~1\NEOTRA~1\NTXcontext.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - c:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - J:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (HKCU)
O16 - DPF: {02A2D714-433E-46E4-B217-7C3B3FAF8EAE} (ScrabbleCubes Control) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab
O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) - http://www.king.com/ctl/kingcomie.cab
O16 - DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} (FixController Control) - http://h30155.www3.hp.com/ediags/dd/install/HPInstallMgr_v01_4.cab
O16 - DPF: {58FC4C77-71C2-4972-A8CD-78691AD85158} (BJA Control) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {62969CF2-0F7A-433B-A221-FD8818C06C2F} (Blockwerx Control) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} (FreeCell Control) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {94299420-321F-4FF9-A247-62A23EBB640B} (WordMojo Control) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} (Sol Control) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {A91FB93D-7561-4524-8484-5C27C8FA8D42} (WwLuxor Control) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} (SwapIt Control) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} (Hangman Control) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {B19FDE22-5907-4315-B558-1D537E86C3E1} - https://www.flipviewer.com/exe/fv421.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - https://www.f-secure.com/en/home/support
O16 - DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} (DinerDash Control) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} (Paint Control) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {CDAA0214-3907-4C47-A3F6-014DA1517440} (ArkDownloader Class) - http://www.gamedek.com/download/arkDownloader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://upload.mediamax.com/404.html
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.6.cab
O22 - SharedTaskScheduler: Component Categories cache daemon preloader - {C83953AB-D1B6-4819-B23C-2C2508E0A413} - C:\WINDOWS\system32\browseuidw.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

A voir également:

Log Hijackthis
Hijackthis windows 10 - Télécharger - Antivirus & Antimalwares
View rescue log - Guide
0.log miui - Forum Logiciels
Log base 2 calculatrice casio - Forum Windows
Bootex log - Forum Windows

63 réponses

Réponse 41 / 63

triski Messages postés 39 Date d'inscription dimanche 18 novembre 2007 Statut Membre Dernière intervention 9 janvier 2009
6 janv. 2009 à 22:25

Je viens de faire un scan avec sreng et ça donne ceci:

[CODE]

2009-01-06,16:07:10

System Repair Engineer 2.7.0.1210
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been selected:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Running Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan
Scheduled Tasks
API HOOK
Hidden Process

Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
<LightScribe Control Panel><C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden> [(Verified)Hewlett-Packard Company]
<MsnMsgr><"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background> [(Verified)Microsoft Corporation]
<SpybotSD TeaTimer><C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe> [(Verified)Safer Networking Ltd.]
<Power2GoExpress><"C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" /Startup> [(Verified)CyberLink]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<ehTray><C:\WINDOWS\ehome\ehtray.exe> [(Verified)Microsoft Windows Publisher]
<ftutil2><rundll32.exe ftutil2.dll,SetWriteCacheMode> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<AlwaysReady Power Message APP><ARPWRMSG.EXE> [(Verified)Microsoft Windows Publisher]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<nwiz><nwiz.exe /install> []
<RTHDCPL><RTHDCPL.EXE> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<HPHUPD08><c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe> [Hewlett-Packard]
<Recguard><C:\WINDOWS\SMINST\RECGUARD.EXE> []
<HPBootOp><"C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run> [Hewlett-Packard Company]
<regcmdcons><c:\hp\bin\cloaker.exe c:\hp\bin\cmdcons.cmd> [File is missing]
<HP Software Update><C:\Program Files\HP\HP Software Update\HPWuSchd2.exe> [Hewlett-Packard Co.]
<KBD><C:\HP\KBD\KBD.EXE> [Hewlett-Packard Company]
<TkBellExe><"C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
<ISUSPM Startup><"C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -startup> [Macrovision Corporation]
<Adobe_ID0EYTHM><C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE> [Adobe Systems Incorporated]
<LanguageShortcut><"C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"> [(Verified)CyberLink]
<LGODDFU><"C:\Program Files\lg_fwupdate\fwupdate.exe" blrun> [File is missing]
<NeroFilterCheck><C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe> [(Verified)Nero AG]
<SecurDisc><C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe> [(Verified)Nero AG]
<InCD><C:\Program Files\Nero\Nero 7\InCD\InCD.exe> [(Verified)Nero AG]
<SunJavaUpdateSched><"C:\Program Files\Java\jre6\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."]
<avgnt><"C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min> [Avira GmbH]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<CDBurn><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<WebCheck><C:\WINDOWS\system32\webcheck.dll> [(Verified)Microsoft Windows Component Publisher]
<SysTray><C:\WINDOWS\system32\stobject.dll> [(Verified)Microsoft Windows Publisher]
<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
<WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
<WinlogonNotify: WgaLogon><WgaLogon.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
<{C83953AB-D1B6-4819-B23C-2C2508E0A413}><%SystemRoot%\system32\browseuidw.dll> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
<IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
<Browser Customizations><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\KB910393]
<KB910393><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
<LightScribe Control Panel><"C:\Program Files\Fichiers communs\LightScribe\LSRunOnce.exe"> [(Verified)Hewlett-Packard Company]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{407408d4-94ed-4d86-ab69-a7f649d112ee}]
<Media Center><%SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA851-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Web Publishing Wizard 1.52><rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\wpie4x86.inf,PerUserStub> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Carnet d'adresses 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Mise à jour du Bureau Windows><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -BaseSettings> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8b15971b-5355-4c82-8c07-7e181ea07608}]
<Fax><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.UnInstall.PerUser> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{94de52c8-2d59-4f1b-883e-79663d2d9a8c}]
<Fax Provider><rundll32.exe C:\WINDOWS\system32\Setup\FxsOcm.dll,XP_UninstallProvider> [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSAVE.EXE><C:\WINDOWS\system32\scrnsave.scr> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<CLJ><; > [N/A]
<CLMLServer><; "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"> [CyberLink]
<Power2GoExpress><; "C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" /Startup> [(Verified)CyberLink]
<RemoteControl><; "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"> [(Verified)CyberLink]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<Shareaza><; "C:\Program Files\Shareaza\Shareaza.exe" -tray> [Shareaza Development Team]
<Uniblue RegistryBooster 2><; C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S> [File is missing]

==================================
Startup Folders
[Assistant d'Acrobat]
<C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Assistant d'Acrobat.lnk --> C:\PROGRA~1\Adobe\ACROBA~3.0\Distillr\acrotray.exe [Adobe Systems Inc.]><N>
[HP Digital Imaging Monitor]
<C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk --> C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [Hewlett-Packard Co.]><N>
[Mises à jour de HP]
<C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Mises à jour de HP.lnk --> C:\PROGRA~1\UPDATE~1\9972322\Program\UPDATE~1.EXE [Hewlett-Packard]><N>
[Adobe Gamma]
<C:\Documents and Settings\HP_Administrateur\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk --> C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><N>
[Outil de détection de support de Cyber-shot Viewer]
<C:\Documents and Settings\HP_Administrateur\Menu Démarrer\Programmes\Démarrage\Outil de détection de support de Cyber-shot Viewer.lnk --> C:\PROGRA~1\Sony\SONYPI~1\VOLUME~1\SPUVOL~1.EXE [Sony Corporation]><N>

==================================
Services
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
<"C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Adobe Version Cue CS3 / Adobe Version Cue CS3][Stopped/Manual Start]
<"C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe" -win32service><Adobe Systems Incorporated>
[Planificateur Avira AntiVir Personal - Free Antivirus / AntiVirScheduler][Running/Auto Start]
<"C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe"><Avira GmbH>
[Avira AntiVir Personal - Free Antivirus Guard / AntiVirService][Running/Auto Start]
<"C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe"><Avira GmbH>
/ Bonjour Service[Stopped/Auto Start]
<"C:\Program Files\Bonjour\mDNSResponder.exe"><(File is missing)>
[FLEXnet Licensing Service / FLEXnet Licensing Service][Stopped/Manual Start]
<"C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"><Macrovision Europe Ltd.>
[Windows Presentation Foundation Font Cache 3.0.0.0 / FontCache3.0.0.0][Stopped/Manual Start]
<C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe><Microsoft Corporation>
[getPlus(R) Helper / getPlus(R) Helper][Stopped/Manual Start]
<C:\Program Files\NOS\bin\getPlus_HelperSvc.exe><NOS Microsystems Ltd.>
[hpqcxs08 / hpqcxs08][Running/Manual Start]
<C:\WINDOWS\system32\svchost.exe -k hpdevmgmt-->C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll><Hewlett-Packard Co.>
[Service HP CUE DeviceDiscovery / hpqddsvc][Running/Auto Start]
<C:\WINDOWS\system32\svchost.exe -k hpdevmgmt-->C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll><Hewlett-Packard Co.>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
<"C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe"><Macrovision Corporation>
[Windows CardSpace / idsvc][Stopped/Manual Start]
<"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"><Microsoft Corporation>
[InCD Helper / InCDsrv][Running/Auto Start]
<C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe><Nero AG>
[Java Quick Starter / JavaQuickStarterService][Running/Auto Start]
<"C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"><Sun Microsystems, Inc.>
[LightScribeService Direct Disc Labeling Service / LightScribeService][Running/Auto Start]
<"C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe"><Hewlett-Packard Company>
[NBService / NBService][Stopped/Manual Start]
<C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe><Nero AG>
[Net Driver HPZ12 / Net Driver HPZ12][Running/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k HPZ12-->C:\WINDOWS\system32\HPZinw12.dll><Hewlett-Packard>
[Net.Tcp Port Sharing Service / NetTcpPortSharing][Stopped/Disabled]
<"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"><Microsoft Corporation>
[NMIndexingService / NMIndexingService][Stopped/Manual Start]
<"C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe"><Nero AG>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
<C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Pml Driver HPZ12 / Pml Driver HPZ12][Running/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k HPZ12-->C:\WINDOWS\system32\HPZipm12.dll><Hewlett-Packard>
[Cyberlink RichVideo Service(CRVS) / RichVideo][Running/Auto Start]
<"C:\Program Files\CyberLink\Shared Files\RichVideo.exe"><>

==================================
Drivers
[Agere Systems Soft Modem / AgereSoftModem][Running/Manual Start]
<system32\DRIVERS\AGRSM.sys><Agere Systems>
[Pilote de processeur AMD / AmdK8][Running/System Start]
<system32\DRIVERS\AmdK8.sys><Advanced Micro Devices>
[avgio / avgio][Running/System Start]
<\??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys><Avira GmbH>
[avgntflt / avgntflt][Running/Manual Start]
<\??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys><Avira GmbH>
[avipbb / avipbb][Running/System Start]
<system32\DRIVERS\avipbb.sys><Avira GmbH>
[Promise driver accelerator / bb-run][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
[catchme / catchme][Stopped/Manual Start]
<\??\C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\catchme.sys><N/A>
[CdaD10BA / CdaD10BA][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\CdaD10BA.SYS><Macrovision Europe Ltd>
[VSO Software ezplay / ezplay][Running/Manual Start]
<System32\Drivers\ezplay.sys><VSO Software>
[ftsata2 / ftsata2][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\ftsata2.sys><Promise Technology, Inc.>
[Pilote de bus Microsoft UAA pour High Definition Audio / HDAudBus][Running/Manual Start]
<system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[IEEE-1284.4 Driver HPZid412 / HPZid412][Running/Manual Start]
<system32\DRIVERS\HPZid412.sys><HP>
[Print Class Driver for IEEE-1284.4 HPZipr12 / HPZipr12][Running/Manual Start]
<system32\DRIVERS\HPZipr12.sys><HP>
[USB to IEEE-1284.4 Translation Driver HPZius12 / HPZius12][Running/Manual Start]
<system32\DRIVERS\HPZius12.sys><HP>
[Intel RAID Controller / iaStor][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\iaStor.sys><Intel Corporation>
[InCD File System / InCDfs][Running/Disabled]
<system32\drivers\InCDFs.sys><Nero AG>
[InCDPass / InCDPass][Running/System Start]
<system32\drivers\InCDPass.sys><Nero AG>
[InCD Reader / incdrm][Running/System Start]
<system32\drivers\InCDRm.sys><Nero AG>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
<system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[Pilote de processeur Intel / intelppm][Stopped/Disabled]
<system32\DRIVERS\intelppm.sys><N/A>
[nv / nv][Running/Manual Start]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[NVIDIA nForce Networking Controller Driver / NVENETFD][Running/Manual Start]
<system32\DRIVERS\NVENETFD.sys><NVIDIA Corporation>
[NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start]
<system32\DRIVERS\nvnetbus.sys><NVIDIA Corporation>
[PCLEPCI / PCLEPCI][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\pclepci.sys><Pinnacle Systems GmbH>
[VSO Software pcouffin / pcouffin][Running/Manual Start]
<System32\Drivers\pcouffin.sys><VSO Software>
[Padus ASPI Shell / pfc][Stopped/Manual Start]
<system32\drivers\pfc.sys><Padus, Inc.>
[Ps2 / Ps2][Running/Manual Start]
<system32\DRIVERS\PS2.sys><Hewlett-Packard Company>
[Pilote de liaison parallèle directe / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Stopped/Boot Start]
<\SystemRoot\System32\Drivers\PxHelp20.sys><N/A>
[Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) / rtl8139][Stopped/Manual Start]
<system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[sptd / sptd][Running/Boot Start]
<\SystemRoot\System32\Drivers\sptd.sys><N/A>
[ssmdrv / ssmdrv][Running/System Start]
<system32\DRIVERS\ssmdrv.sys><AVIRA GmbH>
[tmcomm / tmcomm][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\tmcomm.sys><Trend Micro Inc.>

==================================
Browser Add-ons
[HP Print Enhancer]
{0347C33E-8762-4905-BF09-768834316C61} <C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll, (Signed) Hewlett-Packard Co.>
[HP Print Clips]
{053F9267-DC04-4294-A72C-58F732D338C0} <C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll, (Signed) Hewlett-Packard Co.>
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[Spybot-S&D IE Protection]
{53707962-6F74-2D53-2644-206D7942484F} <C:\Program Files\Spybot - Search & Destroy\SDHelper.dll, (Signed) Safer Networking Limited>
[Java(tm) Plug-In SSV Helper]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre6\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[Java(tm) Plug-In 2 SSV Helper]
{DBC80044-A445-435b-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, Sun Microsystems, Inc.>
[ClipBookBtn Class]
{58ECB495-38F0-49cb-A538-10282ABF65E7} <C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll, (Signed) Hewlett-Packard Co.>
[EnhSelectionBtn Class]
{700259D7-1666-479a-93B1-3250410481E8} <C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll, (Signed) Hewlett-Packard Co.>
[]
{85d1f590-48f4-11d9-9669-0800200c9a66} <%windir%\bdoscandel.exe, N/A>
[&Rechercher]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL, (Signed) Microsoft Corporation>
[Barre de recherche Encarta]
{B205A35E-1FC4-4CE3-818B-899DBBB3388C} <c:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL, (Signed) Microsoft Corporation>
[Spybot-S&D IE Protection]
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} <C:\Program Files\Spybot - Search & Destroy\SDHelper.dll, (Signed) Safer Networking Limited>
[Aide à la connexion]
{E2D4D26B-0180-43a4-B05F-462D6D54C789} <, >
[Toolbar Extension for Executable]
{EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[NeoTrace It!]
{9885224C-1217-4c5f-83C2-00002E6CEF2B} <, >
[QuickTime Object]
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\Program Files\QuickTime\QTPlugin.ocx, (Signed) Apple Inc.>
[Shockwave ActiveX Control]
{166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\system32\Adobe\Director\SwDir.dll, (Signed) Adobe Systems, Inc.>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, (Signed) Microsoft Corporation>
[Java Plug-in 1.6.0_10]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, >
[]
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} <, >
[Java Plug-in 1.5.0_05]
{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, >
[Java Plug-in 1.6.0_05]
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, >
[Java Plug-in 1.6.0_10]
{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, >
[Java Plug-in 1.6.0_10]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\npjpi160_10.dll, (Signed) Sun Microsystems, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx, (Signed) Adobe Systems, Inc.>
[]
{00000000-0000-0000-0000-000020050660} <, >
[]
{00000005-0007-0000-0000-100011000004} <, >
[]
{00000055-9980-0010-8000-00AA00389B71} <, >
[ADODB.Recordset]
{00000535-0000-0010-8000-00AA006D2EA4} <C:\Program Files\Fichiers communs\System\ado\msado15.dll, (Signed) Microsoft Corporation>
[]
{0002E55A-0000-0000-C000-000000000046} <, >
[Microsoft Outlook 8.0 Object Library]
{0006F033-0000-0000-C000-000000000046} <, >
[Microsoft Office Outlook]
{0006F03A-0000-0000-C000-000000000046} <, >
[IERJCtl Class]
{00CEDC01-864D-11D3-908D-00C0F03B3EDC} <C:\Program Files\Real\RealPlayer\ierjplug.dll, RealNetworks, Inc.>
[]
{00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <, >
[]
{02A2D714-433E-46E4-B217-7C3B3FAF8EAE} <, >
[QuickTime Object]
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\Program Files\QuickTime\QTPlugin.ocx, (Signed) Apple Inc.>
[HP Print Enhancer]
{0347C33E-8762-4905-BF09-768834316C61} <C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll, (Signed) Hewlett-Packard Co.>
[Outlook Today's Data-binding control]
{0468C085-CA5B-11D0-AF08-00609797F0E0} <C:\PROGRA~1\MICROS~4\Office12\OUTLCTL.DLL, (Signed) >
[HP Print Clips]
{053F9267-DC04-4294-A72C-58F732D338C0} <C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll, (Signed) Hewlett-Packard Co.>
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[Microsoft ProgressBar Control, version 5.0 (SP2)]
{0713E8D2-850A-101B-AFC0-4210102A8DA7} <C:\WINDOWS\system32\comctl32.ocx, (Signed) Microsoft Corporation>
[]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <, >
[SkillJamLoader Class]
{0A50726E-51A2-42BB-8392-98F050C40A10} <C:\Documents and Settings\All Users\Application Data\SkillJam\SecurePlayer\SkillJamLoader.dll, SkillJam Technologies>
[]
{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} <, >
[PeerDraw Class]
{10072CEC-8CC1-11D1-986E-00A0C955B42E} <%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll, (Signed) N/A>
[Shockwave ActiveX Control]
{166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\system32\Adobe\Director\SwDir.dll, (Signed) Adobe Systems, Inc.>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, (Signed) Microsoft Corporation>
[InformationCardSigninHelper Class]
{19916E01-B44E-4E31-94A4-4696DF46157B} <C:\WINDOWS\system32\icardie.dll, (Signed) Microsoft Corporation>
[]
{1A1F56AA-3401-46F9-B277-D57F3421F821} <, >
[]
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <, >
[RealPlayer SMIL Download Handler]
{224E833B-2CC6-42D9-AE39-90B6A38A4FA2} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[]
{22BF413B-C6D2-4D91-82A9-A0F997BA588C} <, >
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation>
[]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} <, >
[Shockwave ActiveX Control]
{233C1507-6A77-46A4-9443-F871F945D258} <C:\WINDOWS\system32\Adobe\Director\SwDir.dll, (Signed) Adobe Systems, Inc.>
[]
{238F6F83-B8B4-11CF-8771-00A024541EE3} <, >
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation>
[XML DOM Document]
{2933BF90-7B36-11D2-B20E-00C04F983E60} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XSL Template]
{2933BF94-7B36-11D2-B20E-00C04F983E60} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Fichiers communs\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[MHTML Document]
{3050F3D9-98B5-11CF-BB82-00AA00BDCE0B} <C:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation>
[HtmlDlgSafeHelper Class]
{3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\WINDOWS\system32\mshtmled.dll, (Signed) Microsoft Corporation>
[IETag Factory]
{38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\FICHIE~1\MICROS~1\SMARTT~1\IETAG.DLL, (Signed) Microsoft Corporation>
[NeoTraceLoader Class]
{3E1DD897-F300-486C-BEAF-711183773554} <J:\Program Files\NeoTracePro\NeoTraceExplorer.dll, >
[QuickTime Object]
{4063BE15-3B08-470D-A0D5-B37161CFFD69} <C:\Program Files\QuickTime\QTPlugin.ocx, (Signed) Apple Inc.>
[]
{4064EA35-578D-4073-A834-C96D82CBCF40} <, >
[]
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} <, >
[]
{4401FDC3-7996-4774-8D2B-C1AE9CD6CC25} <, >
[]
{4453D895-F2A1-4A38-A285-1EF9BD3F6D5D} <, >
[king.com]
{45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} <C:\WINDOWS\KingComIE.dll, (Signed) Midasplayer.com Ltd>
[Adobe PDF]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} <C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll, N/A>
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[]
{4CCA4E80-9259-11D9-AC6E-444553544200} <, >
[]
{4E430174-1673-4FF3-BF28-A3B37F6573E7} <, >
[HHCtrl Object]
{52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, (Signed) Microsoft Corporation>
[Spybot-S&D IE Protection]
{53707962-6F74-2D53-2644-206D7942484F} <C:\Program Files\Spybot - Search & Destroy\SDHelper.dll, (Signed) Safer Networking Limited>
[]
{54BE6B6F-3056-470B-97E1-BB92E051B6C4} <, >
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[isInstalled Class]
{5852F5ED-8BF4-11D4-A245-0080C6F74284} <C:\Program Files\Java\jre6\bin\wsdetect.dll, Sun Microsystems, Inc.>
[]
{58ECB495-38F0-49CB-A538-10282ABF65E7} <, >
[]
{58FC4C77-71C2-4972-A8CD-78691AD85158} <, >
[]
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} <, >
[]
{615F158E-D5CA-422F-A8E7-F6A5EED7063B} <, >
[]
{62475759-9E84-458E-A1AB-5D2C442ADFDE} <, >
[]
{62969CF2-0F7A-433B-A221-FD8818C06C2F} <, >
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>
[]
{6B75345B-AA36-438A-BBE6-4078B4C6984D} <, >
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[]
{6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} <, >
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>
[]
{6F15128C-E66A-490C-B848-5000B5ABEEAC} <, >
[]
{700259D7-1666-479A-93B1-3250410481E8} <, >
[Active Desktop Mover]
{72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, (Signed) N/A>
[]
{74D05D43-3236-11D4-BDCD-00C04F9A3B61} <, >
[Java(tm) Plug-In SSV Helper]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre6\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[]
{77BF5300-1474-4EC7-9980-D32B190E9B07} <, >
[]
{7D4CF499-32EC-4E8E-8714-7E74303869F0} <, >
[]
{7E853D72-626A-48EC-A868-BA8D5E23E045} <, >
[]
{85D1F590-48F4-11D9-9669-0800200C9A66} <, >
[]
{86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} <, >
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[XML DOM Document 4.0]
{88D969C0-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, (Signed) Microsoft Corporation>
[XML HTTP 4.0]
{88D969C5-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, (Signed) Microsoft Corporation>
[XML DOM Document 5.0]
{88D969E5-F192-11D4-A65F-0040963251E5} <C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\msxml5.dll, (Signed) Microsoft Corporation>
[XML HTTP 5.0]
{88D969EA-F192-11D4-A65F-0040963251E5} <C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\msxml5.dll, (Signed) Microsoft Corporation>
[XML DOM Document 6.0]
{88D96A05-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[XML HTTP 6.0]
{88D96A0A-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[]
{8A94C905-FF9D-43B6-8708-F0F22D22B1CB} <, >
[Java Plug-in 1.6.0_10]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, >
[]
{8E30D88C-6BCE-44B4-BBEE-985DDB92EE30} <, >
[]
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} <, >
[]
{90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} <, >
[]
{917623D1-D8E5-11D2-BE8B-00104B06BDE3} <, >
[]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
[]
{94299420-321F-4FF9-A247-62A23EBB640B} <, >
[]
{9885224C-1217-4C5F-83C2-00002E6CEF2B} <, >
[]
{9903F4ED-B673-456A-A15F-ED90C7DE9EF5} <, >
[]
{9E1DDDD2-0638-4607-B266-13FE69EDFFD3} <, >
[]
{9E385F0A-0BA2-430C-96AA-4399C5E40F6C} <, >
[]
{9ECB9560-04F9-4BBC-943D-298DDF1699E1} <, >
[]
{A442DE97-7F7F-4265-A813-4E5D81C83EFE} <, >
[]
{A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} <, >
[]
{A6FD4E81-807B-477F-8A27-8D834C5AD5C4} <, >
[]
{A8F38D8D-E480-4D52-B7A2-731BB6995FDD} <, >
[]
{A91FB93D-7561-4524-8484-5C27C8FA8D42} <, >
[]
{AA58ED58-01DD-4D91-8333-CF10577473F7} <, >
[]
{AC2881FD-5760-46DB-83AE-20A5C6432A7E} <, >
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation>
[]
{AE7CD045-E861-484F-8273-0445EE161910} <, >
[]
{B06CE1BC-5D9D-4676-BD28-1752DBF394E0} <, >
[]
{B19FDE22-5907-4315-B558-1D537E86C3E1} <, >
[]
{B2CD4730-67E7-401C-A2CB-D74715E05FA4} <, >
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[HPSIEnumeration Class]
{B63C249D-7FA4-42A6-8AF1-D83AB0CE00B3} <C:\Program Files\Hp\Common\HPBasicDetection3.dll, (Signed) Hewlett-Packard>
[Microsoft DirectAnimation Control]
{B6FFC24C-7E13-11D0-9B47-00C04FC2F51D} <, >
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Fichiers communs\System\msadc\msadco.dll, (Signed) Microsoft Corporation>
[]
{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} <, >
[]
{BDF3E430-B101-42AD-A544-FADC6B084872} <, >
[ContentFinder Class]
{BE65189A-4770-47A0-9B7B-68827DB1C317} <C:\Program Files\Hp\Common\RulesEngine.dll, (Signed) Hewlett-Packard>
[Helper Class]
{BF0118D4-63FF-4138-9327-F3028FB1A578} <C:\WINDOWS\web\wallpaper\welcome\AWhelper.dll, >
[]
{C4069E3A-68F1-403E-B40E-20066696354B} <, >
[]
{C5326A4D-E9AA-40AD-A09A-E74304D86B47} <, >
[]
{C93C1C34-CEA9-49B1-9046-040F59E0E0D8} <, >
[Microsoft Office 12 Authorization Control]
{C9712B19-838B-45A5-ABF2-9A315DDDED50} <C:\PROGRA~1\MICROS~4\Office12\AUTHZAX.DLL, (Signed) Microsoft Corporation>
[Adobe Acrobat Control for ActiveX]
{CA8A9780-280D-11CF-A24D-444553540000} <C:\PROGRA~1\Adobe\ACROBA~3.0\Acrobat\ActiveX\pdf.ocx, (Signed) Adobe Systems Incorporated>
[AUDIO__MID Moniker Class]
{CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
{CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[AUDIO__MPEGURL Moniker Class]
{CD3AFA78-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[AUDIO__WAV Moniker Class]
{CD3AFA7B-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[AUDIO__X_MS_WAX Moniker Class]
{CD3AFA83-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
{CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[VIDEO__AVI Moniker Class]
{CD3AFA88-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[VIDEO__X_MS_WVX Moniker Class]
{CD3AFA95-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[]
{CDAA0214-3907-4C47-A3F6-014DA1517440} <, >
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx, (Signed) Adobe Systems, Inc.>
[Microsoft Agent Control 2.0]
{D45FD31B-5C6E-11D1-9EC1-00C04FD7081F} <C:\WINDOWS\msagent\agentctl.dll, (Signed) Microsoft Corporation>
[Java(tm) Plug-In 2 SSV Helper]
{DBC80044-A445-435B-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, Sun Microsystems, Inc.>
[QuickTimeCheck Class]
{DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} <C:\Program Files\QuickTime\QTSystem\QuickTimeCheck.ocx, (Signed) Apple Inc.>
[]
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} <, >
[]
{E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} <C:\PROGRA~1\MSNMES~1\MSGSC8~1.DLL, (Signed) Microsoft Corporation>
[]
{E2D4D26B-0180-43A4-B05F-462D6D54C789} <, >
[]
{E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[WebViewFolderIcon Class]
{E5DF9D10-3B52-11D1-83E8-00A0C90DC849} <C:\WINDOWS\system32\webvw.dll, (Signed) Microsoft Corporation>
[]
{E87F6C8E-16C0-11D3-BEF7-009027438003} <, >
[DeviceEnum Class]
{E9348280-2D74-4933-BE25-73D946926795} <C:\Program Files\Hp\Common\HPBasicDetection3.dll, (Signed) Hewlett-Packard>
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[Scripting.Dictionary]
{EE09B103-97E0-11CF-978F-00A02463E06F} <C:\WINDOWS\system32\scrrun.dll, (Signed) Microsoft Corporation>
[]
{EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} <, >
[Runclose Control]
{F31D1897-7EFD-4647-8687-E05894E382AB} <C:\WINDOWS\System32\RUNCLOSE.OCX, Hewlett-Packard Company>
[JScript Language]
{F414C260-6AC0-11CF-B6D1-00AA00BBBB58} <c:\windows\system32\jscript.dll, (Signed) Microsoft Corporation>
[XML DOM Document 3.0]
{F5078F32-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[Free Threaded XML DOM Document 3.0]
{F5078F33-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML HTTP 3.0]
{F5078F35-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XSL Template 3.0]
{F5078F36-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML DOM Document]
{F6D90F11-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[Free Threaded XML DOM Document]
{F6D90F12-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[]
{FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[IERPCtl Class]
{FDC7A535-4070-4B92-A0EA-D9994BCC0DC5} <C:\Program Files\Real\RealPlayer\rpplugins\ierpplug.dll, RealNetworks, Inc.>
[]
{FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} <, >
[&NeoTrace It!]
<J:\PROGRA~1\NEOTRA~1\NTXcontext.htm, N/A>
[E&xport to Microsoft Excel]
<res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000, N/A>
[E&xporter vers Microsoft Excel]
<res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000, N/A>

==================================
Running Processes
[PID: 676 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 760 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 784 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 828 / SYSTEM][C:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\AppPatch\AcAdProc.dll] [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)]
[PID: 840 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 996 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1052 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1148 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1184 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1292 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1420 / SERVICE LOCAL][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1676 / HP_Administrateur][C:\WINDOWS\Explorer.EXE] [(Verified) Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
[C:\WINDOWS\system32\browseuidw.dll] [N/A, ]
[C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\IadHide5.dll] [BackWeb, Version 6.3.2 (Build 116R)]
[C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll] [Malwarebytes Corporation, 1, 1, 0, 0]
[C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll] [Nero AG, 2, 9, 1, 0]
[C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MFC71FRA.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\Program Files\WinMerge\ShellExtensionU.dll] 1.13.1.0
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll] [Avira GmbH, 7.00.00.15]
[C:\Program Files\Nero\Nero 7\InCD\InCDshx.dll] [Nero AG, 5, 5, 2, 8]
[C:\Program Files\Nero\Nero 7\InCD\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Nero\Nero 7\InCD\InCDAPI2.dll] [Nero AG, 5, 5, 2, 8]
[C:\Program Files\Nero\Nero 7\InCD\NBHApi.dll] [Nero AG, 5, 5, 2, 8]
[C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll] [Nero AG, 2, 9, 1, 0]
[C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\ContextMenu.dll] [Adobe Systems Inc., 1.0.0.2003051500]
[C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\ContextMenu.fra] [Adobe Systems Inc., 1.0.0.2003051500]
[C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 6.0.0.2003051500]
[C:\Program Files\Spybot - Search & Destroy\SDHelper.dll] [Safer Networking Limited, 1, 6, 2, 14]
[PID: 1712 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\WINDOWS\system32\AdobePDF.dll] [Adobe Systems Incorporated., 6.0.000]
[C:\Program Files\Adobe\Acrobat 6.0\Distillr\AdistRes.FRA] [, ]
[C:\WINDOWS\system32\HpTcpMon.dll] [Hewlett Packard, 5.01.00.011]
[C:\WINDOWS\system32\hpzjrd01.dll] [Hewlett Packard, 2.01.00.003]
[C:\WINDOWS\system32\HPTcpMUI.dll] [Microsoft Corporation, 5.01.00.011]
[C:\WINDOWS\system32\hptcpmib.dll] [Hewlett Packard, 5.01.00.011]
[C:\WINDOWS\system32\hpz3l5ha.dll] [Hewlett-Packard Company, 61.071.246.00]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp5ha.dll] [Hewlett-Packard Corporation, 61.071.246.00]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll] [Microsoft Corporation, 6.0.6000.16438 (winmain(wmbla).070123-1305)]
[PID: 1824 / SYSTEM][C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe] [Avira GmbH, 8.00.00.17]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\schedr.dll] [Avira GmbH, 8.00.03.00]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\avevtlog.dll] [Avira GmbH, 8.00.00.16]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\sqlite3.dll] [, 3.3.17.1]
[PID: 1916 / HP_Administrateur][C:\WINDOWS\ehome\ehtray.exe] [(Verified) Microsoft Corporation, 5.1.2710.2732 (xpsp(wmbla).050805-1245)]
[PID: 1972 / HP_Administrateur][C:\WINDOWS\RTHDCPL.EXE] [Realtek Semiconductor Corp., 2.0.4.0]
[PID: 2016 / HP_Administrateur][C:\Program Files\HP\HP Software Update\HPWuSchd2.exe] [Hewlett-Packard Co., 90.0.43.000]
[PID: 2024 / HP_Administrateur][C:\HP\KBD\KBD.EXE] [Hewlett-Packard Company, 1.0.2.2.20205]
[C:\HP\KBD\led.dll] [Hewlett-Packard Company, 1.0.2.0]
[C:\HP\KBD\USB.dll] [Hewlett-Packard Company, 1.0.2.2.071205]
[C:\HP\KBD\ps2.dll] [Hewlett-Packard Company, 1.0.2.2.112404]
[C:\HP\KBD\msg.dll] [Hewlett-Packard Company, 1.0.2.2.112404]
[C:\HP\KBD\osd.dll] [Hewlett-Packard Company, 1.0.2.2.102805]
[C:\HP\KBD\sct.dll] [Hewlett-Packard Company, 1.0.2.2.110305]
[C:\HP\KBD\onl.dll] [Hewlett-Packard Company, 1.0.2.2.102605]
[C:\HP\KBD\aol.dll] [Hewlett-Packard Company, 1.0.2.2.071105]
[C:\HP\KBD\url.dll] [Hewlett-Packard Company, 1.0.2.2.071105]
[C:\HP\KBD\cfg.dll] [Hewlett-Packard Company, 1.0.2.1]
[C:\HP\KBD\MSIKBDIF.DLL] [Hewlett-Packard Company, 1.0.2.0]
[PID: 308 / HP_Administrateur][C:\Program Files\lg_fwupdate\fwupdate.exe] [BL, 1.00]
[C:\WINDOWS\system32\MSVBVM60.DLL] [Microsoft Corporation, 6.00.9782]
[C:\WINDOWS\system32\VB6FR.DLL] [Microsoft Corporation, 6.00.8169]
[PID: 400 / HP_Administrateur][C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe] [Nero AG, 5, 5, 2, 8]
[C:\Program Files\Nero\Nero 7\InCD\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MFC71FRA.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Nero\Nero 7\InCD\NBHStr.dll] [Nero AG, 5, 5, 2, 8]
[C:\Program Files\Nero\Nero 7\InCD\NBHApi.dll] [Nero AG, 5, 5, 2, 8]
[PID: 484 / HP_Administrateur][C:\Program Files\Nero\Nero 7\InCD\InCD.exe] [Nero AG, 5, 5, 2, 8]
[C:\Program Files\Nero\Nero 7\InCD\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MFC71FRA.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Nero\Nero 7\InCD\InCDgui.dll] [Nero AG, 5, 5, 2, 8]
[C:\Program Files\Fichiers communs\Ahead\Lib\AdvrCntr2.dll] [Nero AG, 9,4,2, 10850]
[C:\Program Files\Fichiers communs\Ahead\Lib\ShellManager.dll] [Nero AG, 7.9.4.2]
[C:\Program Files\Nero\Nero 7\InCD\InCDAPI2.dll] [Nero AG, 5, 5, 2, 8]
[PID: 492 / HP_Administrateur][C:\Program Files\Java\jre6\bin\jusched.exe] [Sun Microsystems, Inc., 6.0.100.33]
[PID: 512 / HP_Administrateur][C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe] [Avira GmbH, 8.00.70.02]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\cclib.dll] [Avira GmbH, 8.00.70.05]
[C:\WINDOWS\system32\MFC71FRA.DLL] [Microsoft Corporation, 7.10.3077.0]
[c:\program files\avira\antivir personaledition classic\ccgen.dll] [Avira GmbH, 8.00.70.04]
[c:\program files\avira\antivir personaledition classic\ccgenrc.dll] [Avira GmbH, 8.00.70.00]
[c:\program files\avira\antivir personaledition classic\ccguard.dll] [Avira GmbH, 8.00.70.04]
[c:\program files\avira\antivir personaledition classic\ccgrdrc.dll] [Avira GmbH, 8.00.72.01]
[c:\program files\avira\antivir personaledition classic\avipc.dll] [Avira GmbH, 1.0.6.0]
[c:\program files\avira\antivir personaledition classic\ccupdate.dll] [Avira GmbH, 8.00.70.02]
[c:\program files\avira\antivir personaledition classic\ccupdrc.dll] [Avira GmbH, 8.00.70.00]
[c:\program files\avira\antivir personaledition classic\cclic.dll] [Avira GmbH, 8.00.70.04]
[c:\program files\avira\antivir personaledition classic\cclicrc.dll] [Avira GmbH, 8.00.70.00]
[c:\program files\avira\antivir personaledition classic\ccmsg.dll] [Avira GmbH, 8.00.00.06]
[PID: 556 / HP_Administrateur][C:\WINDOWS\system32\ctfmon.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 568 / HP_Administrateur][C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe] [Hewlett-Packard Company, 1.6.43.1]
[C:\Program Files\Fichiers communs\LightScribe\QtCore4.dll] [N/A, ]
[C:\Program Files\Fichiers communs\LightScribe\QtGui4.dll] [N/A, ]
[PID: 1136 / HP_Administrateur][C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe] [Adobe Systems Inc., 6.0.0.2003051500]
[C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.fra] [Adobe Systems Inc., 6.0.0.0]
[PID: 1324 / SYSTEM][C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe] [Avira GmbH, 8.00.01.30]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\avevtlog.dll] [Avira GmbH, 8.00.00.16]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\guardmsg.dll] [Avira GmbH, 8.00.08.00]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\sqlite3.dll] [, 3.3.17.1]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\AVPREF.DLL] [Avira GmbH, 8.00.02.00]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\SMTPLIB.DLL] [Avira GmbH, 1.02.00.23]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\AVGIO.DLL] [Avira GmbH, 8.00.01.03]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\aecore.dll] [Avira GmbH, 8.1.5.2]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\aevdf.dll] [Avira GmbH, 8.1.0.6]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\aescript.dll] [Avira GmbH, 8.1.1.19]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\aescn.dll] [Avira GmbH, 8.1.1.5]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\aerdl.dll] [Avira GmbH, 8.1.1.3]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\aepack.dll] [Avira GmbH, 8.1.3.4]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\unacev2.dll] [N/A, ]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeoffice.dll] [Avira GmbH, 8.1.0.33]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeheur.dll] [Avira GmbH, 8.1.0.75]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\aehelp.dll] [Avira GmbH, 8.1.2.0]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\aegen.dll] [Avira GmbH, 8.1.1.8]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeemu.dll] [Avira GmbH, 8.1.0.9]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\aebb.dll] [Avira GmbH, 8.1.0.3]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\avipc.dll] [Avira GmbH, 1.0.6.0]
[PID: 1376 / HP_Administrateur][C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe] [Hewlett-Packard, Version 6.3.2 (Build 116R)]
[C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\BackWeb.dll] [BackWeb Technologies Inc., Version 6.3.2 (Build 116R)]
[C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\bwsec.dll] [BackWeb, Version 6.3.2 (Build 116R)]
[C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\clntutil.dll] [N/A, ]
[C:\PROGRA~1\UPDATE~1\9972322\632~1.116\program\EN\ClientRC.dll] [BackWeb Technologies Inc., Version 6.3.2 (Build 116R)]
[C:\Program Files\Updates from HP\9972322\Program\BWfiles-9972322.dll] [Hewlett-Packard, Version 6.3.2 (Build 116R)]
[C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\BWfiles.dll] [, Version 6.3.2 (Build 116R)]
[C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\IadHide5.dll] [BackWeb, Version 6.3.2 (Build 116R)]
[C:\Program Files\Updates from HP\9972322\Program\frext-9972322.dll] [Hewlett-Packard, Version 6.3.2 (Build 116R)]
[C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\frext.dll] [, Version 6.3.2 (Build 116R)]
[C:\Program Files\Updates from HP\9972322\Program\HPClientExt.dll] [, 1, 0, 0, 3]
[PID: 1396 / SYSTEM][C:\WINDOWS\arservice.exe] [Microsoft, 6.0.0160.0]
[PID: 1508 / HP_Administrateur][C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe] [Sony Corporation, 1.0.00.10282]
[C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcherRes.DLL] [Sony Corporation, 1.0.00.10110]
[PID: 348 / SYSTEM][C:\WINDOWS\eHome\ehRecvr.exe] [Microsoft Corporation, 5.1.2715.2773 (xpsp(wmbla).051011-0745)]
[C:\WINDOWS\system32\sbe.dll] [, ]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[PID: 592 / SYSTEM][C:\WINDOWS\eHome\ehSched.exe] [(Verified) Microsoft Corporation, 5.1.2710.2732 (xpsp(wmbla).050805-1245)]
[PID: 724 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[c:\program files\hp\digital imaging\bin\hpqddsvc.dll] [Hewlett-Packard Co., 90.0.146.000]
[c:\program files\hp\digital imaging\bin\hpqddcmn.dll] [Hewlett-Packard Co., 90.0.146.000]
[c:\program files\hp\digital imaging\bin\hpqcxs08.dll] [Hewlett-Packard Co., 90.0.146.000]
[C:\Program Files\HP\Digital Imaging\bin\hpocxi08.dll] [Hewlett-Packard Co., 90.0.189.000]
[C:\Program Files\HP\Digital Imaging\bin\hpqcob08.dll] [Hewlett-Packard Co., 90.0.189.000]
[PID: 1524 / SYSTEM][C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe] [Nero AG, 5, 5, 2, 8]
[C:\Program Files\Fichiers communs\Ahead\Lib\AdvrCntr2.dll] [Nero AG, 9,4,2, 10850]
[C:\Program Files\Fichiers communs\Ahead\Lib\DriveLocker.dll] [Nero AG, 1, 0, 0, 20]
[C:\Program Files\Nero\Nero 7\InCD\incdshx.dll] [Nero AG, 5, 5, 2, 8]
[C:\Program Files\Nero\Nero 7\InCD\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MFC71FRA.DLL] [Microsoft Corporation, 7.10.3077.0]
[PID: 244 / SYSTEM][C:\Program Files\Java\jre6\bin\jqs.exe] [Sun Microsystems, Inc., 6.0.100.33]
[C:\WINDOWS\system32\netfxperf.dll] [Microsoft Corporation, 1.1.4322.573]
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll] [Microsoft Corporation, 1.1.4322.2407]
[PID: 1268 / SYSTEM][C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe] [Hewlett-Packard Company, 1.6.43.1]
[C:\Program Files\Fichiers communs\LightScribe\LSSProxy.dll] [Hewlett-Packard Company, 1.6.43.1]
[C:\Program Files\Fichiers communs\LightScribe\LSLog.dll] [Hewlett-Packard Company, 1.6.43.1]
[PID: 1944 / SYSTEM][C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE] [Microsoft Corporation, 7.00.9466]
[PID: 2088 / SERVICE LOCAL][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[c:\windows\system32\hpzinw12.dll] [Hewlett-Packard, 12,1,1,54]
[PID: 2120 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.10.8205]
[PID: 2168 / SERVICE LOCAL][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[c:\windows\system32\hpzipm12.dll] [Hewlett-Packard, 12,1,1,54]
[C:\WINDOWS\System32\HPZidr12.dll] [Hewlett-Packard, 12,1,1,54]
[PID: 2208 / SYSTEM][C:\Program Files\CyberLink\Shared Files\RichVideo.exe] [, 1.1.0808 ]
[C:\Program Files\Cyberlink\Shared files\RichVideops.dll] [N/A, ]
[PID: 2352 / SERVICE LOCAL][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2616 / SERVICE LOCAL][C:\WINDOWS\ehome\mcrdsvc.exe] [Microsoft Corporation, 4.1.2710.2732 (xpsp(wmbla).050805-1245)]
[PID: 3028 / HP_Administrateur][C:\WINDOWS\eHome\ehmsas.exe] [(Verified) Microsoft Corporation, 5.1.2710.2732 (xpsp(wmbla).050805-1245)]
[C:\WINDOWS\armcex.dll] [, 6.0.0160.0]
[c:\windows\system32\fpalsu.dll] [Hewlett-Packard Company, 1, 0, 2, 3]
[PID: 3200 / SYSTEM][C:\WINDOWS\system32\dllhost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3648 / SERVICE LOCAL][C:\WINDOWS\System32\alg.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3732 / SYSTEM][C:\WINDOWS\system32\wbem\wmiapsrv.exe] [(Verified) Microsoft Corporation, 5.1.2600.21

Réponse 42 / 63

Utilisateur anonyme
7 janv. 2009 à 01:37

Désolé, je ne connais pas SREng!

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.

http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec comme ceci!! :

• Redémarre ton ordinateur
• Tout de suite après le bip de démarrage, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.

• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuie sur une touche pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.

• Appuie sur une touche pour redémarrer le PC.

• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera "Finished".
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.

• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse. Puis un nouveau log hijackthis.

Réponse 43 / 63

triski Messages postés 39 Date d'inscription dimanche 18 novembre 2007 Statut Membre Dernière intervention 9 janvier 2009
7 janv. 2009 à 06:06

Hello,

Flûte, ce fut long cette fois et en voici le rapport:

[b]SDFix: Version 1.240 [/b]
Run by HP_Administrateur on 2009-01-06 at 20:01

Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:

Restoring Default Security Values
Restoring Default Hosts File

Rebooting

[b]Checking Files [/b]:

No Trojan Files Found

Removing Temp Files

[b]ADS Check [/b]:

[b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-06 23:19:27
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:bd,b0,7a,49,e9,df,32,bd,30,d0,1b,8c,a2,3d,fa,b6,d0,66,a4,76,96,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:bd,b0,7a,49,e9,df,32,bd,30,d0,1b,8c,a2,3d,fa,b6,d0,66,a4,76,96,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:bd,b0,7a,49,e9,df,32,bd,30,d0,1b,8c,a2,3d,fa,b6,d0,66,a4,76,96,..

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

[b]Remaining Services [/b]:

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"="C:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe:*:Enabled:Updates from HP"
"C:\\Program Files\\Services en ligne\\AOL\\waol.exe"="C:\\Program Files\\Services en ligne\\AOL\\waol.exe:*:Enabled:AOL Canada"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe"="C:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe:*:Enabled:Render Manager"
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"="C:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe"="C:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe:*:Enabled:umi"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"J:\\backupg\\ws_ftp95\\ws_ftp95.exe"="J:\\backupg\\ws_ftp95\\ws_ftp95.exe:*:Enabled:WS_FTP 95"
"C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Enabled:Shareaza Ultimate File Sharing"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\BitDownload\\BitDownload.exe"="C:\\Program Files\\BitDownload\\BitDownload.exe:*:Enabled:Torrent P2P application"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"J:\\lecteurD\\mirc32.exe"="J:\\lecteurD\\mirc32.exe:*:Enabled:mIRC"
"C:\\Program Files\\Fichiers communs\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"="C:\\Program Files\\Fichiers communs\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\ABC\\abc.exe"="C:\\Program Files\\ABC\\abc.exe:*:Enabled:abc"
"C:\\Program Files\\VoipBuster.com\\VoipBuster\\VoipBuster.exe"="C:\\Program Files\\VoipBuster.com\\VoipBuster\\VoipBuster.exe:*:Enabled:VoipBuster"
"J:\\bckupf\\mirc\\mirc32.exe"="J:\\bckupf\\mirc\\mirc32.exe:*:Enabled:mIRC"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\kav\\kav7.0\\french\\setup.exe"="C:\\kav\\kav7.0\\french\\setup.exe:*:Enabled:Programme d'installation de Kaspersky Anti-Virus 7.0"
"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"="C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe:*:Enabled:Kaspersky Anti-Virus"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"J:\\mIRC\\mirc32.exe"="J:\\mIRC\\mirc32.exe:*:Enabled:mIRC"
"J:\\Program Files\\eMule\\emule.exe"="J:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\WS_FTP\\WS_FTP95.exe"="C:\\Program Files\\WS_FTP\\WS_FTP95.exe:*:Enabled:WS_FTP 95"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Disabled:Skype. Take a deep breath "
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe"="C:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe:*:Disabled:Studio"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"="C:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe:*:Enabled:Updates from HP"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[b]Remaining Files [/b]:

[b]Files with Hidden Attributes [/b]:

Wed 13 Oct 2004 1,694,208 ..SH. --- "C:\Program Files\Messenger\msmsgs1.exe"
Tue 10 Aug 2004 60,416 A.SH. --- "C:\Program Files\Outlook Express\msimn.exe"
Tue 4 Jun 2002 84,992 A..HR --- "C:\Program Files\Replay Converter\14_43260.dll"
Tue 4 Jun 2002 44,032 A..HR --- "C:\Program Files\Replay Converter\28_83260.dll"
Mon 9 Dec 2002 73,766 A..HR --- "C:\Program Files\Replay Converter\atrc3260.dll"
Mon 9 Dec 2002 65,575 A..HR --- "C:\Program Files\Replay Converter\cook3260.dll"
Sun 26 Jun 2005 616,448 A.SHR --- "C:\Program Files\Replay Converter\cygwin1.dll"
Wed 22 Jun 2005 45,568 A.SHR --- "C:\Program Files\Replay Converter\cygz.dll"
Tue 4 Jun 2002 20,480 A..HR --- "C:\Program Files\Replay Converter\dnet3260.dll"
Mon 9 Dec 2002 176,165 A..HR --- "C:\Program Files\Replay Converter\drv23260.dll"
Mon 9 Dec 2002 94,208 A..HR --- "C:\Program Files\Replay Converter\drv33260.dll"
Mon 9 Dec 2002 217,127 A..HR --- "C:\Program Files\Replay Converter\drv43260.dll"
Sat 3 Nov 2001 225,280 A..HR --- "C:\Program Files\Replay Converter\ivvideo.dll"
Tue 10 Apr 2001 225,280 A..HR --- "C:\Program Files\Replay Converter\qtmlClient.dll"
Fri 20 Feb 2004 548,940 A..HR --- "C:\Program Files\Replay Converter\raac.dll"
Mon 9 Dec 2002 102,439 A..HR --- "C:\Program Files\Replay Converter\sipr3260.dll"
Mon 15 Sep 2008 1,562,960 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDHelper.dll"
Thu 14 Aug 2008 1,429,840 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Wed 30 Jul 2008 4,891,984 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Tue 16 Sep 2008 1,833,296 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Fri 23 Feb 2007 88 ..SHR --- "C:\WINDOWS\system32\87725C63D9.sys"
Thu 14 Jul 2005 27,648 A.SH. --- "C:\WINDOWS\system32\AVSredirect.dll"
Mon 6 Nov 2006 56 ..SHR --- "C:\WINDOWS\system32\D9635C7287.sys"
Fri 14 Sep 2007 4,184 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Sun 3 Aug 2008 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Fri 8 Feb 2008 249,856 ...H. --- "C:\RECYCLER\S-1-5-21-1720720457-259345484-2666807106-1008\Dc165\~LiveUpdate.exe"
Thu 10 Apr 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"

[b]Finished![/b]

Réponse 44 / 63

triski Messages postés 39 Date d'inscription dimanche 18 novembre 2007 Statut Membre Dernière intervention 9 janvier 2009
7 janv. 2009 à 06:13

Re. Et voilà le dernier hijack:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:07:48, on 2009-01-07
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [regcmdcons] c:\hp\bin\cloaker.exe c:\hp\bin\cmdcons.cmd
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [CLJ] ;
O4 - HKLM\..\Run: [CLMLServer] ; "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [Power2GoExpress] ; "C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" /Startup
O4 - HKLM\..\Run: [RemoteControl] ; "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Power2GoExpress] "C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" /Startup
O4 - HKCU\..\Run: [Shareaza] ; "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] ; C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Outil de détection de support de Cyber-shot Viewer.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Mises à jour de HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O8 - Extra context menu item: &NeoTrace It! - J:\PROGRA~1\NEOTRA~1\NTXcontext.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - c:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - J:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (HKCU)
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O22 - SharedTaskScheduler: Component Categories cache daemon preloader - {C83953AB-D1B6-4819-B23C-2C2508E0A413} - C:\WINDOWS\system32\browseuidw.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 45 / 63

Utilisateur anonyme
7 janv. 2009 à 15:03

Salut!!

Je n'ose même pas te demander comment va le pc...:)

Réponse 46 / 63

triski Messages postés 39 Date d'inscription dimanche 18 novembre 2007 Statut Membre Dernière intervention 9 janvier 2009
7 janv. 2009 à 18:19

Hello,

J'ose même pas te dire comment il est :-( Ce midi encore plusieurs fenêtres ouvertes à mon arrivée à la maison...

Réponse 47 / 63

Utilisateur anonyme
7 janv. 2009 à 18:28

/!\ Attention l'outil suivant est puissant, une erreur pourrait corrompre le bon fonctionnement de ton pc /!\

Télécharge combofix.exe (par sUBs) sur ton Bureau. ((A lire jusqu'au bout!!!))

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Double clique combofix.exe.
Tape sur la touche 1 (Yes) pour démarrer le scan.
Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Avant d'utiliser ComboFix :

!! Il est très fortement recommandé d'installer la console de réparation sur ton pc !!

Déconnecte toi d'internet et ferme les fenêtres de tous les programmes en cours.

Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.

Une fois fait, sur ton bureau double-clique sur Combofix.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

/!\ Pendant la durée de cette étape, ne te sers pas du pc et n'ouvre aucun programme. Ne touche pas au clavier ni à la souris /!\

- En fin de scan il est possible que ComboFix ait besoin de redémarrer le pc pour finaliser la désinfection, laisse-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé ici C:\Combofix.txt

Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

Reviens sur le forum, et copie/colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

Lis ce tuto avant de l'utiliser: https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

Réponse 48 / 63

triski Messages postés 39 Date d'inscription dimanche 18 novembre 2007 Statut Membre Dernière intervention 9 janvier 2009
8 janv. 2009 à 05:44

Salut,

Désolée de ne pas avoir réagi plus tôt, j'étais pas à la maison ce soir alors je vais tenter le coup demain.

Merci encore de ton aide,

Lily

Réponse 49 / 63

triski Messages postés 39 Date d'inscription dimanche 18 novembre 2007 Statut Membre Dernière intervention 9 janvier 2009
8 janv. 2009 à 18:23

Hello,

Je crois que sans faire quelque chose pour ces sacrées fenêtres que je ne pourrai pas passer combo fix. Hier avant le dodo j'ai lancé f-secure en ligne et ce matin, mon pc était figé, dès que je lance un anti-virus, ces fenêtres deviennent de plus en plus nombreuses.

Que pourrais-je faire pour empêcher ça pendant le scan ? Renommer iexplorer ?

Merci

Lily

Réponse 50 / 63

Utilisateur anonyme
8 janv. 2009 à 19:01

Salut!!

En mode sans échec, les pages s'ouvrent-elles aussi?

Si tu veux essayer, ne passe surtout pas par le msconfig:

Redémarre ton ordinateur
• Tout de suite après le bip de démarrage, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.

Réponse 51 / 63

triski Messages postés 39 Date d'inscription dimanche 18 novembre 2007 Statut Membre Dernière intervention 9 janvier 2009
9 janv. 2009 à 02:16

Hello,

Je dis un gros OUFFFFF en commençant... ces foutues fenêtres me donne la nausée. F-Secure qui m'a déjà secourue du pire arrive à détecter un tas de trucs et lorsque vient la fin du scan online eh ben trop de fenêtres ouvertes font en sorte que je n'arrive pas à avoir la fin du scan et je dois recommencer.

Tout cas, c'est ma minute de chialage lolllllllllllll

Bon, j'ai fait le fâmeux combofix en mode sans échec en m'y reprenant par 20 fois pour installer la console de récup en mode normal avec toutes ces fenêtres et voici le résultat:

ComboFix 09-01-08.01 - HP_Administrateur 2009-01-08 19:58:35.2 - NTFSx86 MINIMAL
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.958.735 [GMT -5:00]
Lancé depuis: c:\documents and settings\HP_Administrateur\Bureau\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\setup.exe
c:\windows\a3kebook.ini
c:\windows\akebook.ini
c:\windows\ANS2000.INI
c:\windows\system32\tmp.reg

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-09 au 2009-01-09 ))))))))))))))))))))))))))))))))))))
.

2009-01-08 19:35 . 2009-01-08 19:35 4,622,056 --a------ C:\WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
2009-01-07 23:39 . 2009-01-07 23:39 2,913,567 -ra------ C:\ComboFix.exe
2009-01-06 19:39 . 2009-01-06 19:39 1,529,241 --a------ C:\SDFix(2).exe
2009-01-06 15:55 . 2009-01-06 16:20 3,550,760,960 --a------ C:\upload_moi.tar
2009-01-06 15:53 . 2009-01-06 16:13 <REP> d-------- C:\sreng2
2009-01-06 15:53 . 2009-01-06 15:53 <REP> d-------- C:\clean
2009-01-06 15:51 . 2009-01-06 15:51 863,754 --a------ C:\sreng2.zip
2009-01-06 15:13 . 2009-01-06 15:13 226,258 --a------ C:\clean.zip
2009-01-06 13:39 . 2009-01-06 14:56 <REP> d-------- c:\program files\FindyKill
2009-01-06 13:39 . 2009-01-06 13:39 554,697 --a------ C:\FindyKill.exe
2009-01-06 13:36 . 2009-01-06 13:38 <REP> d-------- c:\program files\RegCleaner
2009-01-06 13:35 . 2009-01-06 13:35 553,687 --a------ C:\RegCleaner.exe
2009-01-06 12:45 . 2009-01-06 12:51 <REP> d-------- C:\SmitfraudFix
2009-01-05 23:08 . 2009-01-05 23:08 1,660,821 --a------ C:\SmitfraudFix(2).exe
2009-01-05 23:07 . 2009-01-05 23:07 1,660,821 --a------ C:\SmitfraudFix.exe
2009-01-05 12:50 . 2009-01-05 12:51 <REP> d-------- C:\rsit
2009-01-05 12:50 . 2009-01-05 12:50 781,851 --a------ C:\RSIT.exe
2009-01-05 12:31 . 2009-01-05 12:32 <REP> d-------- c:\program files\Ad-remover
2009-01-05 12:30 . 2009-01-05 12:30 625,193 --a------ C:\AD-R.exe
2009-01-05 03:01 . 2009-01-05 03:02 1,355 --a------ c:\windows\imsins.BAK
2009-01-04 14:28 . 2009-01-04 21:47 <REP> d-------- C:\Lop SD
2009-01-04 14:26 . 2009-01-04 14:26 530,106 --a------ C:\LopSD.exe
2009-01-04 12:23 . 2009-01-04 14:20 <REP> d-------- c:\program files\Navilog1
2009-01-04 12:22 . 2009-01-04 12:22 576,868 --a------ C:\Navilog1.exe
2009-01-04 11:45 . 2009-01-04 11:45 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-04 11:45 . 2009-01-04 11:45 <REP> d-------- c:\documents and settings\HP_Administrateur\Application Data\Malwarebytes
2009-01-04 11:45 . 2009-01-04 11:45 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-01-04 11:45 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-04 11:45 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-04 11:44 . 2009-01-04 11:44 2,539,400 --a------ C:\mbam-setup(2).exe
2009-01-04 11:26 . 2009-01-04 11:26 <REP> d-------- c:\program files\Avira
2009-01-04 11:26 . 2009-01-04 11:26 <REP> d-------- c:\documents and settings\All Users\Application Data\Avira
2009-01-04 11:10 . 2009-01-04 11:11 22,148,280 --a------ C:\antivir_workstation_winu_fr_h.exe
2009-01-04 11:04 . 2009-01-04 11:04 230,776 --a------ C:\aswclear.exe
2009-01-04 11:02 . 2009-01-04 11:02 186,880 --a------ C:\LSPFix.exe
2009-01-04 04:21 . 2009-01-04 04:21 <REP> d-------- c:\documents and settings\All Users\Application Data\ESET
2009-01-04 03:54 . 2009-01-04 03:54 <REP> d-------- c:\program files\CCleaner
2009-01-04 00:40 . 2009-01-04 00:40 3,165,824 --a------ C:\ccsetup215.exe
2009-01-04 00:39 . 2009-01-04 00:39 8,880,680 --a------ C:\IE7-WindowsXP-KB944533-x86-FRA.exe
2009-01-02 15:05 . 2009-01-02 15:06 19,910,144 --a------ C:\eav_nt32_fra.msi
2008-12-24 15:52 . 2008-12-24 15:55 <REP> d-------- C:\pijus
2008-12-20 20:57 . 2008-12-20 20:57 1,851,544 --a------ C:\install_flash_player(3).exe
2008-12-20 20:54 . 2008-12-20 20:54 1,851,544 --a------ C:\install_flash_player(2).exe
2008-12-18 07:10 . 2008-12-18 07:10 <REP> d-------- c:\program files\Trend Micro
2008-12-18 07:10 . 2008-12-18 07:10 812,344 --a------ C:\HJTInstall.exe

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-09 00:21 --------- d-----w c:\program files\lg_fwupdate
2009-01-08 17:31 --------- d-----w c:\program files\WS_FTP
2009-01-08 04:19 8,297,866 --sha-w c:\documents and settings\All Users\Application Data\log.dat
2009-01-08 04:18 --------- d-----w c:\documents and settings\HP_Administrateur\Application Data\HPAppData
2009-01-06 20:19 --------- d-----w c:\program files\Fichiers communs\AVSMedia
2009-01-04 16:20 --------- d-----w c:\program files\Alwil Software
2009-01-04 09:06 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-04 05:35 14,771,744 ----a-w C:\IE7-WindowsXP-x86-fra.exe
2009-01-04 05:31 --------- d-----w c:\documents and settings\HP_Administrateur\Application Data\Vso
2009-01-04 05:31 --------- d-----w c:\documents and settings\HP_Administrateur\Application Data\uTorrent
2008-12-20 15:48 32,549 ----a-w c:\windows\king-uninstall.exe
2008-12-18 12:25 --------- d-----w c:\program files\Bonjour222
2008-12-18 12:05 16,639 ----a-w c:\program files\hijackthis.log
2008-12-13 06:37 3,593,216 ----a-w c:\windows\system32\dllcache\mshtml.dll
2008-12-12 08:07 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2008-12-11 17:53 --------- d-----w c:\program files\Ref Hotkey
2008-12-11 17:50 --------- d-----w c:\program files\MSN Messenger
2008-12-11 17:48 --------- d-----w c:\program files\exPressit S.E. 2.2
2008-12-07 03:07 1,077,632 ----a-w C:\RegCureSetup_1501_RW.exe
2008-12-05 17:46 --------- d-----w c:\documents and settings\HP_Administrateur\Application Data\AdobeUM
2008-11-30 05:53 862,144 ----a-w C:\jobberbase_1_5b1.zip
2008-11-29 19:39 33,415 ----a-w C:\fr_FR.zip
2008-11-29 19:38 15,247,454 ----a-w C:\magento-1.1.8.zip
2008-11-29 19:37 10,257,716 ----a-w C:\magento-sample-data-1.1.2.zip
2008-11-23 18:32 410,976 ----a-w c:\windows\system32\deploytk.dll
2008-11-23 18:32 --------- d-----w c:\program files\Java
2008-11-23 18:31 607,640 ----a-w C:\jxpiinstall-6u10-fcs-bin-b92-windows-i586-09_nov_2008.exe
2008-11-20 03:00 2,691,721 ----a-w C:\refhotkey-install.zip
2008-11-16 03:09 3,307,604 ----a-w C:\sites_annu.sql.zip
2008-11-12 03:35 98,371 ----a-w C:\MyPHPAnnuaire[1].zip
2008-11-12 03:26 91,385 ----a-w C:\56_PhpMyAnnu.zip
2008-11-12 02:21 1,613 ----a-w C:\791_phpversi-10.zip
2008-11-11 00:30 502,847 ----a-w C:\web162triski.sql.zip
2008-11-11 00:29 717 ----a-w C:\safe.sql.zip
2008-11-07 22:33 4,130,974 ----a-w C:\chnougannuaire.sql(4).zip
2008-11-07 20:22 4,130,173 ----a-w C:\chnougannuaire.sql(3).zip
2008-11-07 01:33 23,608 ----a-w C:\xoops2-mod_count_v202_bbchen.zip
2008-11-07 01:15 279,026 ----a-w C:\xoops2-mod_counter_v1_0_jan_inge_pettersen.zip
2008-11-05 16:50 1,851,544 ----a-w C:\install_flash_player.exe
2008-11-04 22:12 451,956 ----a-w C:\477_bannerwh-10.zip
2008-11-04 21:39 145,040 ----a-w C:\6-Release3.02.zip
2008-11-04 21:18 793,693 ----a-w C:\phpgiggle_3208.zip
2008-11-04 21:15 2,704 ----a-w C:\publicite_3200.zip
2008-11-04 21:07 101,473 ----a-w C:\echange-story_3189.zip
2008-11-04 20:45 445,494 ----a-w C:\phpLedAds-2.2.zip
2008-11-04 20:42 10,762 ----a-w C:\banner-boy_3214.zip
2008-11-04 20:40 29,975 ----a-w C:\fr-banniere_3190.zip
2008-11-02 02:09 9,935,761 ----a-w C:\news(2).zip
2008-11-02 01:48 767,583 ----a-w C:\xoops2-mod_agendax_2.1-wang-jue.zip
2008-11-02 01:47 930,628 ----a-w C:\xoops2-mod_piCal-0.91g.fr.zip
2008-11-02 00:00 1,378,878 ----a-w C:\mastop_publish_v1.1.zip
2008-11-01 20:15 248,332 ----a-w C:\xoops2-mod_content_v1.1.zip
2008-11-01 04:43 1,278,211 ----a-w C:\m_xv2.0.x_pages_1.16RC.zip
2008-11-01 04:17 1,619,288 ----a-w C:\smartobject_1.0.1_final_smartfactory.zip
2008-11-01 03:03 267,024 ----a-w C:\xoops2-mod_edito_2.3.zip
2008-11-01 02:59 103,744 ----a-w C:\xoops2-mod_altern8news_v011_the_xoopsproject(3).zip
2008-11-01 02:59 103,744 ----a-w C:\xoops2-mod_altern8news_v011_the_xoopsproject(2).zip
2008-11-01 02:18 9,935,761 ----a-w C:\news.zip
2008-11-01 00:33 251,208 ----a-w C:\xoops2-mod_smartpartner_2.0rc_fr.zip
2008-11-01 00:25 93,660 ----a-w C:\xoops2-mod__liaise_1.26_brandycoke.zip
2008-11-01 00:19 34,790 ----a-w C:\xoops-contact2.0.13.x_v1.6_CreepingDeath.zip
2008-11-01 00:18 110,199 ----a-w C:\XOOPS2_mod_freecontent_3.1_wjue.zip
2008-11-01 00:14 195,788 ----a-w C:\extcal-2.0.4.zip
2008-10-31 21:27 345,356 ----a-w C:\extgallery-1.0.4.zip
2008-10-31 16:38 1,316,826 ----a-w C:\xoops2_mod_cbb_1_16a_PredPhppXoopsCn(2).zip
2008-10-31 16:31 1,316,826 ----a-w C:\xoops2_mod_cbb_1_16a_PredPhppXoopsCn.zip
2008-10-31 16:28 277,382 ----a-w C:\xoops2-mod_smartmedia_0_85beta.zip
2008-10-31 11:15 103,744 ----a-w C:\xoops2-mod_altern8news_v011_the_xoopsproject.zip
2008-10-31 11:08 53,114 ----a-w C:\XOOPS2_mod_evennews_2.1.zip
2008-10-29 20:17 945,453 ----a-w C:\xoops_thm_piano_lovers.zip
2008-10-29 20:13 21,591 ----a-w C:\xoops2-thm_artday-style_eng.zip
2008-10-29 04:12 759,476 ----a-w C:\xoops_thm_bw-fixed.zip
2008-10-29 04:02 134,656 ----a-w C:\xoops_thm_fiblack.zip
2008-10-29 03:51 14,654 ----a-w C:\1000ac.zip
2008-10-29 02:55 171,436 ----a-w C:\squelettes.tar.zip
2008-10-29 02:07 266,996 ----a-w C:\templates_992210555.zip
2008-10-29 01:31 115,100 ----a-w C:\master_green.zip
2008-10-25 19:14 6,545,700 ----a-w C:\kompozer-0.7.10-win32.fr-FR(2).exe
2008-10-25 19:12 6,545,700 ----a-w C:\kompozer-0.7.10-win32.fr-FR.exe
2008-10-25 19:08 6,360,005 ----a-w C:\nvu-1.0-win32-installer-fr.exe
2008-10-25 19:01 850,432 ----a-w C:\ws_ftple508.exe
2008-10-24 11:10 453,632 ------w c:\windows\system32\dllcache\mrxsmb.sys
2008-10-23 13:00 283,648 ----a-w c:\windows\system32\gdi32.dll
2008-10-23 13:00 283,648 ----a-w c:\windows\system32\dllcache\gdi32.dll
2008-10-16 19:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 19:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll
2008-10-16 19:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 19:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll
2008-10-16 19:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 19:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll
2008-10-16 19:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 19:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll
2008-10-16 19:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll
2008-10-16 19:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 19:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 19:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe
2008-10-16 19:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 19:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 19:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll
2008-10-16 19:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2003-12-21 21:18 64 -csh--w c:\windows\Hjdf67v1.drv
1999-04-23 22:22 12 -csha-w c:\windows\system\WININETICMP32.drv
2007-02-23 14:36 88 --sh--r c:\windows\system32\87725C63D9.sys
2005-07-14 19:31 27,648 --sha-w c:\windows\system32\AVSredirect.dll
2006-11-06 11:51 56 --sh--r c:\windows\system32\D9635C7287.sys
2007-09-14 20:16 4,184 --sha-w c:\windows\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-10 15360]
"LightScribe Control Panel"="c:\program files\Fichiers communs\LightScribe\LightScribeControlPanel.exe" [2007-04-19 484904]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
"Power2GoExpress"="c:\program files\CyberLink\Power2Go\Power2GoExpress.exe" [2007-09-29 2680104]
"Shareaza"="c:\program files\Shareaza\Shareaza.exe" [2004-09-18 3776512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-01-24 7311360]
"HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-22 237568]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-11-09 249856]
"regcmdcons"="c:\hp\bin\cloaker.exe" [1999-11-07 27136]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2006-05-17 180269]
"ISUSPM Startup"="c:\program files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]
"Adobe_ID0EYTHM"="c:\progra~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [2007-03-20 1884160]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 54832]
"LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" [2008-01-14 249856]
"NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-05-15 1628208]
"InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-05-15 1057328]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-23 136600]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2007-09-27 122880]
"Power2GoExpress"="c:\program files\CyberLink\Power2Go\Power2GoExpress.exe" [2007-09-29 2680104]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]
"ftutil2"="ftutil2.dll" [2004-06-07 c:\windows\system32\ftutil2.dll]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-02 c:\windows\arpwrmsg.exe]
"nwiz"="nwiz.exe" [2006-01-24 c:\windows\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-01-23 c:\windows\RTHDCPL.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160]

c:\documents and settings\Default User\Menu D‚marrer\Programmes\D‚marrage\
Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-03-15 27136]

c:\documents and settings\Default User\Menu D‚marrer\Programmes\D‚marrage\
Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-03-15 27136]

c:\documents and settings\HP_Administrateur\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
Outil de d‚tection de support de Cyber-shot Viewer.lnk - c:\program files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2006-12-28 155648]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Assistant d'Acrobat.lnk - c:\program files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-05-15 217193]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 210520]
Mises … jour de HP.lnk - c:\program files\Updates from HP\9972322\Program\Updates from HP.exe [2006-05-17 36903]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.iv50"= c:\progra~1\REPLAY~1\ir50_32.dll
"msacm.clmp3enc"= c:\progra~1\CYBERL~1\Power2Go\CLMP3Enc.ACM

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^HP_Administrateur^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.0.lnk]
path=c:\documents and settings\HP_Administrateur\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.0.lnk
backup=c:\windows\pss\OpenOffice.org 2.0.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^HP_Administrateur^Menu Démarrer^Programmes^Démarrage^Yahoo! Widget Engine.lnk]
path=c:\documents and settings\HP_Administrateur\Menu Démarrer\Programmes\Démarrage\Yahoo! Widget Engine.lnk
backup=c:\windows\pss\Yahoo! Widget Engine.lnkStartup

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"SpybotSD TeaTimer"=c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"=
"j:\\backupg\\ws_ftp95\\ws_ftp95.exe"=
"c:\\Program Files\\Shareaza\\Shareaza.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Fichiers communs\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\kav\\kav7.0\\french\\setup.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"j:\\mIRC\\mirc32.exe"=
"c:\\Program Files\\WS_FTP\\WS_FTP95.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server
"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server
"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server
"39120:TCP"= 39120:TCP:utorrent

S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [2008-10-12 33752]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Fichiers communs\LightScribe\LSRunOnce.exe"
.
Contenu du dossier 'Tâches planifiées'

2009-01-07 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 16:57]

2009-01-02 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2006\SystemOptimizer.exe []
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-Uniblue RegistryBooster 2 - c:\program files\Uniblue\RegistryBooster 2\RegistryBooster.exe
HKLM-Run-CLJ - (no file)
SharedTaskScheduler-{C83953AB-D1B6-4819-B23C-2C2508E0A413} - %SystemRoot%\system32\browseuidw.dll

.
------- Examen supplémentaire -------
.
uInternet Settings,ProxyOverride = *.local
IE: &NeoTrace It! - j:\progra~1\NEOTRA~1\NTXcontext.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\1ym6bkbo.default\
FF - prefs.js: browser.search.selectedEngine - JeSuisPaye
FF - prefs.js: browser.startup.homepage - hxxp://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmidas.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-08 20:03:00
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\.Default\.Default\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=expand:"%SystemRoot%\\Media\\winNatureDefault.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\.Default\AppGPFault\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=expand:"%SystemRoot%\\Media\\winNatureError.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\.Default\CCSelect\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=""

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\.Default\Close\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=""

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\.Default\CriticalBatteryAlarm\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=expand:"%SystemRoot%\\media\\Windows XP Alarme batterie.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\.Default\DeviceConnect\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=expand:"%SystemRoot%\\media\\Windows XP Insertion d'un matériel.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\.Default\DeviceDisconnect\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=expand:"%SystemRoot%\\media\\Windows XP Suppression d'un matériel.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\.Default\DeviceFail\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=expand:"%SystemRoot%\\media\\Windows XP Échec d'un matériel.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\.Default\LowBatteryAlarm\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=expand:"%SystemRoot%\\media\\Windows XP Batterie déchargée.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\.Default\MailBeep\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=expand:"%SystemRoot%\\media\\Windows XP Avertir.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\.Default\Maximize\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=""

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\.Default\MenuCommand\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=expand:"%SystemRoot%\\Media\\winNatureMenuCMD.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\.Default\MenuPopup\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=expand:"%SystemRoot%\\Media\\winNatureMenuPopUp.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\.Default\Minimize\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=expand:"%SystemRoot%\\Media\\winNatureMinimize.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\.Default\Open\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=""

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\.Default\PrintComplete\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=""

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\.Default\RestoreDown\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=expand:"%SystemRoot%\\Media\\winNatureRestoreDown.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\.Default\RestoreUp\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=expand:"%SystemRoot%\\Media\\winNatureRestoreUp.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\.Default\ShowBand\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=""

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\.Default\SystemAsterisk\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=expand:"%SystemRoot%\\Media\\winNatureAsterisk.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\.Default\SystemExclamation\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=expand:"%SystemRoot%\\Media\\winNatureExclamation.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\.Default\SystemExit\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=expand:"%SystemRoot%\\Media\\winNatureSysExit.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\.Default\SystemHand\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=expand:"%SystemRoot%\\Media\\winNatureCritStop.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\.Default\SystemNotification\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=expand:"%SystemRoot%\\media\\Windows XP Infobulle.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\.Default\SystemQuestion\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=expand:"%SystemRoot%\\Media\\winNatureQuestion.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\.Default\SystemStart\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=expand:"%SystemRoot%\\Media\\winNatureSysStart.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\.Default\WindowsLogoff\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=expand:"%SystemRoot%\\media\\Windows XP Fermeture de session.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\.Default\WindowsLogon\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=expand:"%SystemRoot%\\media\\Windows XP Ouverture de session.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\Conf\Participant\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@="c:\\Program Files\\NetMeeting\\Blip.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\Conf\Recevoir l'appel\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@="RingIn.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\Conf\Recevoir une demande de participation\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@="RingIn.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\Conf\Sortant\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@="c:\\Program Files\\NetMeeting\\Blip.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\Explorer\ActivatingDocument\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=""

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\Explorer\BlockedPopup\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@="Windows XP Fenêtre publicitaire intempestive bloquée.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\Explorer\EmptyRecycleBin\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=expand:"%SystemRoot%\\Media\\winNatureRecycle.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\Explorer\MoveMenuItem\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=""

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\Explorer\Navigating\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@=expand:"%SystemRoot%\\media\\Windows XP Menu Démarrer.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\Explorer\SecurityBand\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@="Windows XP Barre d'informations.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\MSMSGS\MSMSGS_ContactOnline\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@="c:\\Program Files\\Messenger\\online.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\MSMSGS\MSMSGS_NewAlert\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@="c:\\Program Files\\Messenger\\newalert.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\MSMSGS\MSMSGS_NewMail\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@="c:\\Program Files\\Messenger\\newemail.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Apps\MSMSGS\MSMSGS_NewMessage\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@="c:\\Program Files\\Messenger\\type.wav"

[HKEY_USERS\S-1-5-21-1720720457-259345484-2666807106-1008\AppEvents\Schemes\Names\t*NULL*e*NULL*s*NULL*t*NULL*0*NULL*Òw]
@="test"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:e2,63,26,f1,3f,c8,ff,68,dd,de,cd,b5,72,\
9f,02,d4,e2,63,26,f1,3f,c8,ff,68,41,78,54,6b,cb,25,73,5e,e2,63,26,f1,3f,c8,\
ff,68,2d,97,17,36,d3,ed,f0,23,c8,28,51,af,b0,29,a3,98,43,cb,fe,f3,39,1e,33,\
18,f6,68,03,79

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,60,42,35,6a,77,\
23,ce,87,6a,9c,d6,61,af,45,84,18,38,bb,d5,45,c2,68,70,5c,6a,9c,d6,61,af,45,\
84,18,a9,ab,fb,56,0d,e5,2d,da,6a,9c,d6,61,af,45,84,18,e5,f0,6e,f6,01,75,36,\
66,16,bd,c1,9f

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,ee,a9,ec,3c,68,\
e2,f8,49,ff,7c,85,e0,43,d4,0e,fe,e7,38,ef,42,95,63,97,c3,ff,7c,85,e0,43,d4,\
0e,fe,68,eb,b7,64,02,ad,e5,27,ff,7c,85,e0,43,d4,0e,fe,90,c3,01,b2,ce,2e,61,\
e2,0d,17,ba,96

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,c3,5a,d6,df,fc,\
99,66,b3,86,8c,21,01,be,91,eb,e7,ba,33,a5,03,1a,41,48,16,86,8c,21,01,be,91,\
eb,e7,f9,a7,11,0d,49,9e,30,88,86,8c,21,01,be,91,eb,e7,ad,3a,da,fe,00,77,64,\
45,6e,a2,7c,33

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,05,15,24,93,33,\
9a,2b,f9,f5,1d,4d,73,a8,13,5c,05,1d,83,69,e8,ac,fb,66,38,f5,1d,4d,73,a8,13,\
5c,05,62,b5,b4,84,e3,a6,ce,a3,f5,1d,4d,73,a8,13,5c,05,c3,6d,13,7b,4f,6e,9b,\
52,1a,ee,86,23

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:df,20,58,62,78,6b,cf,c8,a8,38,a3,1b,ec,\
76,c0,97,df,20,58,62,78,6b,cf,c8,4e,9e,52,48,ec,c0,a7,1c,df,20,58,62,78,6b,\
cf,c8,4f,99,e8,46,2e,b8,2d,55,b0,18,ed,a7,3f,8d,37,a4,cf,38,ec,b8,0e,c6,2f,\
2e,23,95,b1,d9

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba,b1,f8,68,02,7d,4c,3b,57,63,\
43,15,bd,fb,a7,78,e6,12,2f,9a,ea,e2,c6,0d,83,3a,45,f8,77,fb,a7,78,e6,12,2f,\
9a,ea,4b,c2,8f,34,17,ef,6a,e2,fb,a7,78,e6,12,2f,9a,ea,b9,05,0c,48,09,55,f7,\
c1,76,92,0a,9a

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,95,b7,ba,69,03,\
8c,32,33,01,3a,48,fc,e8,04,4a,f1,82,29,83,2f,7d,40,7b,d2,01,3a,48,fc,e8,04,\
4a,f1,30,26,4f,46,bc,9c,e0,b4,aa,52,c6,00,84,3c,26,64,a6,24,32,e9,e9,ad,86,\
8d,fa,58,52,8f

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:f6,0f,4e,58,98,5b,89,c9,0f,f9,6b,14,3f,\
50,03,12,f6,0f,4e,58,98,5b,89,c9,25,df,65,00,2e,63,32,b1,f6,0f,4e,58,98,5b,\
89,c9,bc,f9,d9,a5,c9,9e,40,f8,f6,0f,4e,58,98,5b,89,c9,0b,b5,cb,7f,a0,e0,e4,\
3d,c2,a5,87,37

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,df,e1,b7,23,a2,\
64,d4,37,3d,ce,ea,26,2d,45,aa,78,37,32,9f,41,5c,1f,78,77,3d,ce,ea,26,2d,45,\
aa,78,ac,ed,c1,c0,f4,e7,26,58,b1,cd,45,5a,a8,c4,f8,b9,b1,33,db,16,0e,36,af,\
2d,13,f8,fa,f1

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:2a,b7,cc,b5,b9,7f,41,e7,2b,b2,e1,51,8b,\
22,10,01,2a,b7,cc,b5,b9,7f,41,e7,8b,2c,6d,d9,31,77,a6,50,2a,b7,cc,b5,b9,7f,\
41,e7,da,97,17,ae,ac,4c,d8,6e,2a,b7,cc,b5,b9,7f,41,e7,05,63,ca,65,7f,ce,c8,\
5d,92,2a,94,6a

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:6c,43,2d,1e,aa,22,2f,9c,10,2a,4c,ba,42,\
2d,58,f6,6c,43,2d,1e,aa,22,2f,9c,92,e1,1e,0f,d6,06,73,36,6c,43,2d,1e,aa,22,\
2f,9c,e1,e1,5f,c5,c2,f4,8d,b5,fa,ea,66,7f,d4,3b,6b,70,53,59,8f,79,be,2c,96,\
c1,cc,f0,6c,bb

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•Ñw*NULL*]
"5E7CEC10DF0760D4F8DAFB12FDC06CCD"=""
.
Heure de fin: 2009-01-08 20:06:16
ComboFix-quarantined-files.txt 2009-01-09 01:04:57

Avant-CF: 45 674 917 888 octets libres
Après-CF: 45,790,388,224 octets libres

489 --- E O F --- 2009-01-05 08:02:12

Réponse 52 / 63

Utilisateur anonyme
9 janv. 2009 à 12:47

Salut!

> Télécharge DirLook (de jpshortstuff) : http://jpshortstuff.247fixes.com/DirLook.exe
- Double-clique sur DirLook.exe pour le lancer.
- Assure-toi que "Show Hidden Files" et "BBCode Ouput" soient bien cochés.
- Copie/colle le contenu suivant dans le champ texte principal :

C:\pijus

- Clique sur le bouton <DirLook> pour lancer l'examen. Quand il est terminé, une fenêtre du Bloc-notes va s'ouvrir avec le résultat du scan.
- Poste le contenu ce rapport dans ta prochaine réponse. (Le rapport se trouve aussi ici C:\dl_log.txt).
Note : Il se peut que l'examen prenne plus de temps pour de gros répertoires.

Réponse 53 / 63

triski Messages postés 39 Date d'inscription dimanche 18 novembre 2007 Statut Membre Dernière intervention 9 janvier 2009
9 janv. 2009 à 13:02

Salut,

Pijus c'est un répertoire au surnom de mon filleul Pierre-Julien lolllllllllllllll C'est pour cela l'étape ci-haut ?

On dirait que mes fenêtres n'ouvrent plus, par contre, ie se fige constamment et mon pc devient lent et je ne peux plus ouvrir quoi que ce soit ?

Réponse 54 / 63

Utilisateur anonyme
9 janv. 2009 à 13:12

Ok pour le répertoire. Revoie un RSIT si tu peux. Poste bien les deux rapports dans deux messages séparés! Merci.

Réponse 55 / 63

triski Messages postés 39 Date d'inscription dimanche 18 novembre 2007 Statut Membre Dernière intervention 9 janvier 2009
9 janv. 2009 à 13:19

heu c'est quoi RSIT ?

Réponse 56 / 63

Utilisateur anonyme
9 janv. 2009 à 13:27

Regarde ici: http://www.commentcamarche.net/forum/affich 9970436 log hijackthis?page=2#25

Je te les avais demandés ici. Encore une fois, poste-les séparément. Merci.

Réponse 57 / 63

triski Messages postés 39 Date d'inscription dimanche 18 novembre 2007 Statut Membre Dernière intervention 9 janvier 2009
9 janv. 2009 à 13:47

Logfile of random's system information tool 1.05 (written by random/random)
Run by HP_Administrateur at 2009-01-09 07:37:45
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 43 GB (24%) free of 181 GB
Total RAM: 958 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:37:57, on 2009-01-09
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\wuauclt.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\HP_Administrateur.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [regcmdcons] c:\hp\bin\cloaker.exe c:\hp\bin\cmdcons.cmd
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [CLMLServer] ; "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [Power2GoExpress] ; "C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" /Startup
O4 - HKLM\..\Run: [RemoteControl] ; "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Power2GoExpress] "C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" /Startup
O4 - HKCU\..\Run: [Shareaza] ; "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Outil de détection de support de Cyber-shot Viewer.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Mises à jour de HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O8 - Extra context menu item: &NeoTrace It! - J:\PROGRA~1\NEOTRA~1\NTXcontext.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - c:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - J:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (HKCU)
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - https://www.f-secure.com/en/home/support
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

Réponse 58 / 63

triski Messages postés 39 Date d'inscription dimanche 18 novembre 2007 Statut Membre Dernière intervention 9 janvier 2009
9 janv. 2009 à 13:47

info.txt logfile of random's system information tool 1.05 2009-01-05 12:51:11

======Uninstall list======

-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\NuNInst.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4E7DC12A-3597-4A94-9429-F6C6987361B1}\setup.exe" -l0x40c -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DADB304-AF20-48C3-A780-4B4133A08817}\setup.exe" -l0x40c -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C423CF6-2DAA-4A37-94B8-59D7ECC7DB13}\setup.exe" -l0x40c -removeonly
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
Add or Remove Adobe Creative Suite 3 Design Premium-->C:\Program Files\Fichiers communs\Adobe\Installers\c14ac4070fd9614ffe63f4bb533db2c\Setup.exe
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5102}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Dreamweaver CS3-->MsiExec.exe /I{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}
Adobe Flash CS3-->MsiExec.exe /I{6B52140A-F189-4945-BFFC-DB3F00B8C589}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Video Encoder-->MsiExec.exe /I{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Center 2.0-->MsiExec.exe /I{8FFC924C-ED06-44CB-8867-3CA778ECE903}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-2E257A25E34D}
Adobe Photoshop CS3-->C:\Program Files\Fichiers communs\Adobe\Installers\719d6f144d0c086a0dfa7ff76bb9ac1\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}
Adobe Setup-->MsiExec.exe /I{09E2111C-16B1-4DDF-BF0D-F994C9A12350}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-0C40-4930-9AFE-113BCE553101}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Version Cue CS3 Server-->MsiExec.exe /I{1D58229F-C505-45CA-8223-F35F3A34B963}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Ad-remover-->C:\Program Files\Ad-remover\Uninstal.exe
Agere Systems PCI-SV92PP Soft Modem-->agrsmdel
Amélioration de nos services-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l3084
Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
AVS DVDMenu Editor 1.2.1.19-->"C:\Program Files\Fichiers communs\AVSMedia\AVS DVDMenu Editor\unins000.exe"
AVS Video Tools 5.6-->"J:\Program Files\VideoTools\unins000.exe"
BlindWrite 6-->"C:\Program Files\VSO\BlindWrite6\unins000.exe"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Connexion Facile à Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l3084
Corel Painter IX-->MsiExec.exe /I{A0383B7D-81A2-49D3-BE06-C0FD9EFB9DFC}
CorelDRAW Graphics Suite X3-->MsiExec.exe /I{63218538-4A69-497F-8455-904261B0E9E4}
Correctif pour Lecteur Windows Media 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB893357)-->"C:\WINDOWS\$NtUninstallKB893357$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB906569)-->"C:\WINDOWS\$NtUninstallKB906569$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB914440)-->"C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB935448)-->"C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Correctif Windows XP - KB883667-->C:\WINDOWS\$NtUninstallKB883667$\spuninst\spuninst.exe
Correctif Windows XP - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Correctif Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Correctif Windows XP - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Correctif Windows XP - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
Correctif Windows XP - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Correctif Windows XP - KB890175-->C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Correctif Windows XP - KB892050-->"C:\WINDOWS\$NtUninstallKB892050$\spuninst\spuninst.exe"
Correctif Windows XP - KB893066-->"C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" /z-uninstall
Déclaration de revenus électronique 6.0-->"C:\Program Files\Revenu Québec 2007\unins000.exe"
DVD Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
DVDx-->"C:\Program Files\DVDx\unins000.exe"
EN-->MsiExec.exe /I{32A72502-BC2C-4C39-ACEA-BC3D463F0697}
Encyclopédie Microsoft Encarta 2006-->MsiExec.exe /I{06180048-3E21-46D6-9A91-D927BA08F41D}
Enhanced Multimedia Keyboard Solution-->C:\HP\KBD\Install.exe /u
Exact Audio Copy 0.99pb3-->C:\Program Files\Exact Audio Copy\uninst.exe
Firebird SQL Server - MAGIX Edition-->C:\Program Files\MAGIX\Common\Database\instslct.exe /p
FontNav-->MsiExec.exe /I{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}
GdiplusUpgrade-->MsiExec.exe /I{5421155F-B033-49DB-9B33-8F80F233D4D5}
Guitar Pro 5.2-->"C:\Program Files\Guitar Pro 5\unins000.exe"
High Definition Audio - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800)-->"C:\WINDOWS\$NtUninstallKB915800$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
HP Boot Optimizer-->C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe /uninstall
HP Customer Participation Program 9.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Deskjet Printer Preload-->MsiExec.exe /I{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}
HP Document Viewer 5.3-->C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP Driver Diagnostics-->MsiExec.exe /X{6314D540-E3C1-4F30-AEEB-4154C93375C3}
HP DVD Play 1.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Imaging Device Functions 9.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart 330,380,420,470,7800,8000,8200 Series-->C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\setup\hpzscr01.exe -d MsiRollbackUninstaller -datfile hphscr08.dat
HP Photosmart Essential 2.01-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Photosmart for Media Center PC-->c:\Program Files\HP\Digital Imaging\bin\mcpc\setupmcl.exe /u
HP Photosmart Premier Software 6.0-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Photosmart Printer Software 9.0-->C:\Program Files\HP\Digital Imaging\{47253C9A-7269-4be7-8BFE-50470F6897FE}\setup\hpzscr01.exe -datfile hposcr16.dat
HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC}
HP PSC & OfficeJet 5.3.A-->"C:\Program Files\HP\Digital Imaging\{3E386744-10FA-44b2-98C9-DF7A270DECB3}\setup\hpzscr01.exe" -datfile hposcr06.dat
HP PSC & OfficeJet 5.3.B-->"C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
HP Smart Web Printing-->MsiExec.exe /X{415CDA53-9100-476F-A7B2-476691E117C7}
HP Solution Center 9.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4}
HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
IsoBuster 2.2-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
J2SE Runtime Environment 5.0 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150050}
Jasc Animation Shop 3-->MsiExec.exe /I{174D5678-D941-433C-BD23-58A5C7B0D36D}
Java(TM) 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
king.com (remove only)-->"C:\WINDOWS\king-uninstall.exe"
KompoZer 0.7.10 (supprimer uniquement)-->C:\Program Files\KompoZer\uninstall.exe
Kys Scriptomania 2.6-->C:\program files\Scriptomania\Uninstall.exe
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LG ODD Auto Firmware Update-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6179550A-3E7C-499E-BCC9-9E8113E0A285}\setup.exe"
Logiciel de jeu sécurisé-->C:\Program Files\SkillJam Technologies\Secure Player\Uninstall.exe
Macromedia Dreamweaver MX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B4AB829-DFD3-436D-B808-D9733D76C590}\Setup.exe" -l0x9 mmUninstall
Macromedia Extension Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}\setup.exe" -l0x9 mmUninstall
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MetaFrame Presentation Server Web Client for Win32-->RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wficat.inf,DefaultUninstall
Microsoft .NET Framework 1.0 Hotfix (KB887998)-->"C:\WINDOWS\$NtUninstallKB887998$\spuninst\spuninst.exe"
Microsoft .NET Framework 1.0 Hotfix (KB930494)-->"C:\WINDOWS\$NtUninstallKB930494$\spuninst\spuninst.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940}
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{511DF669-2930-30C0-8EB6-552887E29EC8}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5 Language Pack - fra-->MsiExec.exe /I{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}
Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft Calculatrice Plus-->MsiExec.exe /I{13922F10-BD74-4912-AB11-E34B35062700}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Web Publishing Wizard 1.52-->RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie4x86.inf,WebPostUninstall
mIRC-->"j:\mirc\mirc32.exe" -uninstall
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899589)-->"C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905915)-->"C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911567)-->"C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB916281)-->"C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917159)-->"C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918899)-->"C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920214)-->"C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921398)-->"C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921883)-->"C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922616)-->"C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922760)-->"C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923694)-->"C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925454)-->"C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925486)-->"C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928090)-->"C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB937894)-->"C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944338)-->"C:\WINDOWS\$NtUninstallKB944338$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB947864)-->"C:\WINDOWS\$NtUninstallKB947864$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB904942)-->"C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB925720)-->"C:\WINDOWS\$NtUninstallKB925720$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB929338)-->"C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB931836)-->"C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB933360)-->"C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942840)-->"C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mises à jour HP (Supprimer uniquement)-->C:\WINDOWS\HPCPCUninstall-9972322\HPBWSetup.exe -appid 9972322 -uninstall
Module linguistique Microsoft .NET Framework 3.5 - fra-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - fra\setup.exe
Monkey's Audio-->"C:\Program Files\Monkey's Audio\unins000.exe"
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.9)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MPEG Encoder 3-->C:\Program Files\ImTOO\MPEG Encoder 3\Uninstall.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{97AA1F3C-DD64-4AA6-AEC5-F8F9F4CC21C5}
muvee autoProducer unPlugged 1.2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35DD9A1D-B340-4F41-A8B0-6EEBFB119280}\setup.exe" -l0x40c
Navilog1 3.7.1-->"C:\Program Files\Navilog1\unins000.exe"
NBG Clean Registry™ 1.7.2 Skin English 2012-->"C:\Program Files\NBGCleanRE\unins000.exe"
NeoTrace Pro 3.25 Trial-->C:\PROGRA~1\NEOTRA~1\UNWISE.EXE C:\PROGRA~1\NEOTRA~1\INSTALL.LOG
NeoTrace Pro 3.25-->J:\PROGRA~1\NEOTRA~1\UNWISE.EXE J:\PROGRA~1\NEOTRA~1\INSTALL.LOG
Nero 7 Essentials-->MsiExec.exe /X{A2104078-AAA5-449E-95DD-55C9443A1033}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\WINDOWS\system32\nvunrm.exe UninstallGUI
Otto-->"C:\Program Files\FrenchOtto\uninstallotto.exe"
Outils et utilitaires v 2.9.2-->C:\INET2\unins000.exe
PC-Doctor 5 for Windows-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
Photo Clip Art 150,000-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{71C1B94A-74CF-4D8A-AE40-A85A00A19E64} /l1036
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PS2-->C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 pywin32 extensions (build 203)-->"C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
Python 2.2.3-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Replay Converter 2.50-->C:\WINDOWS\iun6002.exe "C:\Program Files\Replay Converter\irunin.ini"
Ri4m v5.0.1d-->C:\Program Files\Ripp-it_AM\Ri4m_Uninstal.exe
Riva FLV Encoder 2.0-->"C:\Program Files\Riva\Riva FLV Encoder 2.0\unins000.exe"
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Security Update for Visio 2007 (KB947590)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
Shareaza version 2.1.0.0-->"C:\Program Files\Shareaza\Uninstall\unins000.exe"
SmartSound Quicktracks Plugin-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
Sonic Express Labeler-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sony USB Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\Setup.exe" UNINSTALL
Spybot - Search & Destroy 1.5.2.20-->"C:\WINDOWS\unins000.exe"
StudioTax 2007-->MsiExec.exe /I{32A885F0-590E-49D3-A351-32C0FDA8DE5D}
SWiSHmax-->C:\WINDOWS\unvise32.exe C:\Program Files\SWiSHmax\uninstal.log
Total Video Converter 3.10-->"J:\Program Files\Total Video Converter\unins000.exe"
Tournament Games Console (remove only)-->"C:\Program Files\tg games\Uninstall.exe"
TVPaint Animation-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{91DD9DED-5979-4FB3-AC7D-80091CC1FC40}\Setup.exe" -l0x40c
Ulead GIF Animator 5 ESD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8AF3E926-ED59-11D4-A44B-0000E86D2305}\Setup.exe"
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb958619)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {79B301C1-DBC0-467C-AFDA-2A6CDAFA4302}
Update for Windows XP (KB953356)-->"C:\WINDOWS\$NtUninstallKB953356$\spuninst\spuninst.exe"
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
WinMerge 2.8.0.0-->"C:\Program Files\WinMerge\unins000.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
XviD MPEG-4 Codec-->"C:\Program Files\XviD\UninstXviD.exe"

=====HijackThis Backups=====

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {02A2D714-433E-46E4-B217-7C3B3FAF8EAE} (ScrabbleCubes Control) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - https://www.worldwinner.com/frontend_404.shtml
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O16 - DPF: {58FC4C77-71C2-4972-A8CD-78691AD85158} (BJA Control) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) - http://www.king.com/ctl/kingcomie.cab
O16 - DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} (FixController Control) - http://h30155.www3.hp.com/ediags/dd/install/HPInstallMgr_v01_4.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} (FreeCell Control) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {62969CF2-0F7A-433B-A221-FD8818C06C2F} (Blockwerx Control) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {94299420-321F-4FF9-A247-62A23EBB640B} (WordMojo Control) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {A91FB93D-7561-4524-8484-5C27C8FA8D42} (WwLuxor Control) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} (Sol Control) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - https://www.f-secure.com/en/home/support
O16 - DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} (Hangman Control) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {B19FDE22-5907-4315-B558-1D537E86C3E1} - https://www.flipviewer.com/exe/fv421.cab
O16 - DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} (DinerDash Control) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} (SwapIt Control) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {CDAA0214-3907-4C47-A3F6-014DA1517440} (ArkDownloader Class) - http://www.gamedek.com/download/arkDownloader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} (Paint Control) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.6.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://upload.mediamax.com/404.html

======Security center information======

AV: Avira AntiVir PersonalEdition Classic
FW: F-Secure Anti-Virus 2008 8.00 (disabled)

System event log

Computer Name: HPLINDA
Event Code: 4377
Message: Le correctif Windows XP KB938464 a été installé.

Record Number: 19670
Source Name: NtServicePack
Time Written: 20080910030208.000000-240
Event Type: information
User: AUTORITE NT\SYSTEM

Computer Name: HPLINDA
Event Code: 19
Message: Installation réussie : Windows a installé la mise à jour suivante : Mise à jour de sécurité pour Windows XP (KB954154)

Record Number: 19669
Source Name: Windows Update Agent
Time Written: 20080910030109.000000-240
Event Type: information
User:

Computer Name: HPLINDA
Event Code: 4377
Message: Le correctif Lecteur Windows Media 11 KB954154_WM11 a été installé.

Record Number: 19668
Source Name: WindowsMedia
Time Written: 20080910030103.000000-240
Event Type: information
User: AUTORITE NT\SYSTEM

Computer Name: HPLINDA
Event Code: 18
Message: Prêt pour l'installation : les mises à jour suivantes ont été téléchargées et sont prêtes pour l'installation. L'installation de ces mises à jour est actuellement planifiée pour le 10 septembre 2008 à 03:00 :
- Mise à jour de sécurité pour Windows XP (KB954154)
- Mise à jour de sécurité pour Windows XP (KB938464)
- Mise à jour de sécurité pour Microsoft Office System 2007 (KB951944)
- Mise à jour de sécurité pour Microsoft Office System 2007 (KB954326)
- Mise à jour pour le filtre de courrier indésirable de Microsoft Office Outlook 2007 (KB956080)

Record Number: 19667
Source Name: Windows Update Agent
Time Written: 20080910003656.000000-240
Event Type: information
User:

Computer Name: HPLINDA
Event Code: 18
Message: Prêt pour l'installation : les mises à jour suivantes ont été téléchargées et sont prêtes pour l'installation. L'installation de ces mises à jour est actuellement planifiée pour le 10 septembre 2008 à 03:00 :
- Mise à jour de sécurité pour Windows XP (KB954154)
- Mise à jour de sécurité pour Windows XP (KB938464)
- Mise à jour de sécurité pour Microsoft Office System 2007 (KB951944)
- Mise à jour de sécurité pour Microsoft Office System 2007 (KB954326)
- Mise à jour pour le filtre de courrier indésirable de Microsoft Office Outlook 2007 (KB956080)

Record Number: 19666
Source Name: Windows Update Agent
Time Written: 20080910003645.000000-240
Event Type: information
User:

Application event log

Computer Name: HPLINDA
Event Code: 3
Message: AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer already closed
Trace: (null)

Record Number: 16150
Source Name: Adobe Version Cue CS3
Time Written: 20081030210924.000000-240
Event Type: error
User:

Computer Name: HPLINDA
Event Code: 3
Message: AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer already closed
Trace: (null)

Record Number: 16149
Source Name: Adobe Version Cue CS3
Time Written: 20081030210924.000000-240
Event Type: error
User:

Computer Name: HPLINDA
Event Code: 3
Message: AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer already closed
Trace: (null)

Record Number: 16148
Source Name: Adobe Version Cue CS3
Time Written: 20081030210924.000000-240
Event Type: error
User:

Computer Name: HPLINDA
Event Code: 3
Message: AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer already closed
Trace: (null)

Record Number: 16147
Source Name: Adobe Version Cue CS3
Time Written: 20081030210924.000000-240
Event Type: error
User:

Computer Name: HPLINDA
Event Code: 3
Message: AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer already closed
Trace: (null)

Record Number: 16146
Source Name: Adobe Version Cue CS3
Time Written: 20081030210924.000000-240
Event Type: error
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files\Fichiers communs\Adobe\AGL;C:\Program Files\Smart Projects\IsoBuster;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

-----------------EOF-----------------

Réponse 59 / 63

Utilisateur anonyme
9 janv. 2009 à 14:23

▶ Télécharge RegCleaner

▶ Une fois installé, double-clique sur son icône pour l'exécuter

▶ Dans la barre de menu, clique sur Options puis sélectionne Language => Choose the language

▶ recherche French.rlg et double-clique dessus pour appliquer la langue

▶ Clique ensuite sur Outils dans la barre de menu

▶ Sélectionne Nettoyage du registre => Nettoyeur de registre automatique

▶ RegCleaner va alors lancer le nettoyage automatiquement

▶ Coche ensuite les entrées invalides qui sont apparues dans la fenêtre et clique sur Supprimer sélections => Terminer => Quitter

Réponse 60 / 63

triski Messages postés 39 Date d'inscription dimanche 18 novembre 2007 Statut Membre Dernière intervention 9 janvier 2009
9 janv. 2009 à 19:00

Discussions similaires

TI college plus (calculatrice probleme)

logs freebox serveur

comment taper log10 sur une TI83plus.fr ?

Caluculatrice Ti Collège

Analyse des logs hijackthis

Discussions similaires

Newsletters