Bonjour,

--> Désactive l'UAC le temps de la désinfection.

--> Télécharge Lop S&D (par Eric_71 & Angeldark) sur ton Bureau.

--> Double-clique dessus pour lancer l'installation.

--> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau.
(Sous Vista, il faut cliquer droit sur le raccourci de Lop S&D et choisir Exécuter en tant qu'administrateur)

--> Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche).

--> Patiente jusqu'à la fin du scan.

--> Poste le rapport généré (C:\lopR.txt).

Voilà

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5870 @ 2.00GHz )
BIOS : Default System BIOS
USER : Yohann ( Administrator )
BOOT : Normal boot
Antivirus : Total Protection 4.9.0.295 (Activated)
Firewall : Total Protection 4.0 (Activated)
C:\ (Local Disk) - NTFS - Total:222 Go (Free:175 Go)
D:\ (Local Disk) - NTFS - Total:9 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (Local Disk) - FAT32 - Total:0 Go (Free:0 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 23/06/2009|19:29 )

[ UAC => 0 ]

--------------------\\ Listing des dossiers dans Local

[20/06/2009|11:59] C:\Users\Yohann\AppData\Local\Adobe
[16/06/2009|16:40] C:\Users\Yohann\AppData\Local\Application Data
[16/06/2009|17:02] C:\Users\Yohann\AppData\Local\ATI
[16/06/2009|17:02] C:\Users\Yohann\AppData\Local\AtStart.txt
[16/06/2009|17:02] C:\Users\Yohann\AppData\Local\DSwitch.txt
[18/06/2009|08:41] C:\Users\Yohann\AppData\Local\GDIPFONTCACHEV1.DAT
[21/06/2009|15:30] C:\Users\Yohann\AppData\Local\Google
[16/06/2009|16:40] C:\Users\Yohann\AppData\Local\Historique
[22/06/2009|00:55] C:\Users\Yohann\AppData\Local\IconCache.db
[17/06/2009|23:01] C:\Users\Yohann\AppData\Local\Microsoft
[19/06/2009|09:21] C:\Users\Yohann\AppData\Local\Microsoft Games
[16/06/2009|17:02] C:\Users\Yohann\AppData\Local\QSwitch.txt
[23/06/2009|19:27] C:\Users\Yohann\AppData\Local\Temp
[16/06/2009|16:40] C:\Users\Yohann\AppData\Local\Temporary Internet Files
[16/06/2009|17:02] C:\Users\Yohann\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\windows\tasks

[23/06/2009 19:20][--ah-----] C:\windows\tasks\User_Feed_Synchronization-{7B780B48-2074-446D-8864-2E018D9F0FAC}.job
[23/06/2009 19:19][--ah-----] C:\windows\tasks\SA.DAT
[22/06/2009 00:56][--a------] C:\windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[16/06/2009|18:47] C:\ProgramData\Adobe
[18/06/2008|10:52] C:\ProgramData\AOL
[02/11/2006|15:02] C:\ProgramData\Application Data
[16/06/2009|17:02] C:\ProgramData\ATI
[17/06/2009|09:49] C:\ProgramData\Axis Wipe Wipe.ju1vs1
[21/06/2009|15:48] C:\ProgramData\Axis Wipe Wipe.m42y2
[17/06/2009|09:49] C:\ProgramData\Axis Wipe Wipe.x920e
[16/06/2009|16:32] C:\ProgramData\Bureau
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[17/06/2009|09:50] C:\ProgramData\drv lies base.kbverh4
[21/06/2009|17:39] C:\ProgramData\Eq Anti Fork Live
[16/06/2009|16:32] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[16/06/2009|17:24] C:\ProgramData\Google
[16/06/2009|16:52] C:\ProgramData\Hewlett-Packard
[23/06/2009|19:19] C:\ProgramData\hpqLog
[22/06/2009|00:59] C:\ProgramData\KnobExtra
[21/06/2009|16:29] C:\ProgramData\LightScribe
[21/06/2009|23:20] C:\ProgramData\Malwarebytes
[18/06/2008|11:17] C:\ProgramData\McAfee
[16/06/2009|16:32] C:\ProgramData\Menu D‚marrer
[17/06/2009|22:46] C:\ProgramData\Messenger Plus!
[17/06/2009|02:10] C:\ProgramData\Microsoft
[19/06/2009|03:03] C:\ProgramData\Microsoft Help
[16/06/2009|16:32] C:\ProgramData\ModŠles
[16/06/2009|18:57] C:\ProgramData\NOS
[18/06/2008|11:10] C:\ProgramData\Roxio
[18/06/2008|11:19] C:\ProgramData\SiteAdvisor
[18/06/2008|11:06] C:\ProgramData\Sonic
[16/06/2009|16:41] C:\ProgramData\SonicFocus
[02/11/2006|15:02] C:\ProgramData\Start Menu
[02/11/2006|15:02] C:\ProgramData\Templates
[18/06/2008|11:11] C:\ProgramData\Uninstall
[17/06/2009|00:12] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[18/06/2008|10:39] C:\Program Files\ActivIdentity
[17/06/2009|10:52] C:\Program Files\Activision
[16/06/2009|18:47] C:\Program Files\Adobe
[16/06/2009|16:41] C:\Program Files\Analog Devices
[18/06/2008|10:52] C:\Program Files\AOL
[16/06/2009|16:42] C:\Program Files\ATI
[16/06/2009|16:43] C:\Program Files\ATI Technologies
[22/06/2009|00:59] C:\Program Files\Cicle Developement
[17/06/2009|00:28] C:\Program Files\Common Files
[16/06/2009|16:32] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[21/06/2009|15:13] C:\Program Files\Google
[18/06/2008|11:32] C:\Program Files\Hewlett-Packard
[18/06/2008|11:29] C:\Program Files\HP
[16/06/2009|16:49] C:\Program Files\HP Webcam Application
[18/06/2008|10:39] C:\Program Files\HPQ
[17/06/2009|11:06] C:\Program Files\InstallShield Installation Information
[18/06/2008|10:34] C:\Program Files\Intel
[22/06/2009|18:49] C:\Program Files\Internet Explorer
[18/06/2008|11:13] C:\Program Files\InterVideo
[18/06/2008|11:20] C:\Program Files\Java
[20/06/2009|09:15] C:\Program Files\LimeWire
[21/06/2009|23:20] C:\Program Files\Malwarebytes' Anti-Malware
[18/06/2008|11:24] C:\Program Files\McAfee
[17/06/2009|09:49] C:\Program Files\Messenger Plus! Live
[17/06/2009|02:13] C:\Program Files\Microsoft
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[18/06/2008|11:02] C:\Program Files\Microsoft Office
[17/06/2009|02:12] C:\Program Files\Microsoft Office Outlook Connector
[18/06/2008|11:04] C:\Program Files\Microsoft Office Suite Activation Assistant
[18/06/2009|03:19] C:\Program Files\Microsoft Silverlight
[17/06/2009|02:08] C:\Program Files\Microsoft SQL Server Compact Edition
[17/06/2009|02:10] C:\Program Files\Microsoft Sync Framework
[18/06/2008|11:02] C:\Program Files\Microsoft Visual Studio
[18/06/2009|03:06] C:\Program Files\Microsoft Works
[18/06/2008|11:02] C:\Program Files\Microsoft.NET
[21/01/2008|04:35] C:\Program Files\Movie Maker
[02/11/2006|14:37] C:\Program Files\MSBuild
[16/06/2009|17:51] C:\Program Files\MSXML 4.0
[16/06/2009|18:57] C:\Program Files\NOS
[18/06/2008|10:50] C:\Program Files\PDF Complete
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[18/06/2008|11:10] C:\Program Files\Roxio
[18/06/2008|11:19] C:\Program Files\SiteAdvisor
[18/06/2008|11:11] C:\Program Files\Synaptics
[21/06/2009|23:12] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[16/06/2009|16:46] C:\Program Files\WIDCOMM
[21/01/2008|04:35] C:\Program Files\Windows Calendar
[21/01/2008|04:35] C:\Program Files\Windows Collaboration
[21/01/2008|04:35] C:\Program Files\Windows Defender
[21/01/2008|04:35] C:\Program Files\Windows Journal
[17/06/2009|02:11] C:\Program Files\Windows Live
[17/06/2009|02:05] C:\Program Files\Windows Live SkyDrive
[16/06/2009|18:51] C:\Program Files\Windows Mail
[16/06/2009|18:52] C:\Program Files\Windows Media Player
[16/06/2009|16:32] C:\Program Files\Windows NT
[21/01/2008|04:35] C:\Program Files\Windows Photo Gallery
[21/01/2008|04:35] C:\Program Files\Windows Sidebar

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[18/06/2008|10:39] C:\Program Files\Common Files\ActivIdentity
[16/06/2009|18:47] C:\Program Files\Common Files\Adobe
[18/06/2008|11:02] C:\Program Files\Common Files\DESIGNER
[18/06/2008|11:15] C:\Program Files\Common Files\InstallShield
[18/06/2008|11:14] C:\Program Files\Common Files\InterVideo
[18/06/2008|11:20] C:\Program Files\Common Files\Java
[18/06/2008|11:17] C:\Program Files\Common Files\LightScribe
[18/06/2008|11:17] C:\Program Files\Common Files\McAfee
[18/06/2009|03:07] C:\Program Files\Common Files\microsoft shared
[18/06/2008|11:09] C:\Program Files\Common Files\PX Storage Engine
[18/06/2008|11:09] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[16/06/2009|16:48] C:\Program Files\Common Files\SNP2UVC
[18/06/2008|11:10] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[18/06/2008|11:07] C:\Program Files\Common Files\SureThing Shared
[17/06/2009|02:12] C:\Program Files\Common Files\System
[17/06/2009|00:28] C:\Program Files\Common Files\Windows Live
[17/06/2009|00:14] C:\Program Files\Common Files\WindowsLiveInstaller

--------------------\\ Process

( 99 Processes )

iexplore.exe ~ [PID:1476]
iexplore.exe ~ [PID:5444]
iexplore.exe ~ [PID:2868]
iexplore.exe ~ [PID:5176]

--------------------\\ Recherche avec S_Lop

C:\ProgramData\Axis Wipe Wipe.m42y2
C:\ProgramData\Axis Wipe Wipe.x920e
C:\ProgramData\Axis Wipe Wipe.ju1vs1
C:\ProgramData\drv lies base.kbverh4

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\Users\Yohann\AppData\Roaming\MICROS~1\Windows\Cookies\yohann@www.adserver5[1].txt

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"second 32"="\"C:\\ProgramData\\Axis Wipe Wipe.m42y2\""
"Fork live trust pop"="\"C:\\ProgramData\\drv lies base.kbverh4\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-23 19:29:19
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\Users\Yohann\AppData\Local\Temp\~DF4BB1.tmp
scan completed successfully
hidden processes: 0
hidden files: 1

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:353][D:36]-> C:\Users\Yohann\AppData\Local\Temp
[F:336][D:1]-> C:\Users\Yohann\AppData\Roaming\MICROS~1\Windows\Cookies
[F:13][D:4]-> C:\Users\Yohann\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:3][D:3]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 23/06/2009|19:30 - Option : [1]

--------------------\\ Fin du rapport a 19:30:41
[ UAC => 1 ]

--> Double-clique sur le raccourci de Lop S&D pour le lancer.
(Sous Vista, il faut cliquer droit sur le raccourci de Lop S&D et choisir Exécuter en tant qu'administrateur)

--> Choisis cette fois-ci l'option 2 (Suppression).

--> Ne ferme pas la fenêtre lors de la suppression !

--> Poste le rapport généré (C:\lopR.txt).

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

Voici le rapport


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5870 @ 2.00GHz )
BIOS : Default System BIOS
USER : Yohann ( Administrator )
BOOT : Normal boot
Antivirus : Total Protection 4.9.0.295 (Activated)
Firewall : Total Protection 4.0 (Activated)
C:\ (Local Disk) - NTFS - Total:222 Go (Free:175 Go)
D:\ (Local Disk) - NTFS - Total:9 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (Local Disk) - FAT32 - Total:0 Go (Free:0 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 23/06/2009|19:43 )

[ UAC => 0 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\Users\Yohann\AppData\Roaming\MICROS~1\Windows\Cookies\yohann@www.adserver5[1].txt
Supprime! - C:\ProgramData\Axis Wipe Wipe.m42y2
Supprime! - C:\ProgramData\Axis Wipe Wipe.x920e
Supprime! - C:\ProgramData\Axis Wipe Wipe.ju1vs1
Supprime! - C:\ProgramData\drv lies base.kbverh4
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans Local

[20/06/2009|11:59] C:\Users\Yohann\AppData\Local\Adobe
[16/06/2009|16:40] C:\Users\Yohann\AppData\Local\Application Data
[16/06/2009|17:02] C:\Users\Yohann\AppData\Local\ATI
[16/06/2009|17:02] C:\Users\Yohann\AppData\Local\AtStart.txt
[16/06/2009|17:02] C:\Users\Yohann\AppData\Local\DSwitch.txt
[18/06/2009|08:41] C:\Users\Yohann\AppData\Local\GDIPFONTCACHEV1.DAT
[21/06/2009|15:30] C:\Users\Yohann\AppData\Local\Google
[16/06/2009|16:40] C:\Users\Yohann\AppData\Local\Historique
[22/06/2009|00:55] C:\Users\Yohann\AppData\Local\IconCache.db
[17/06/2009|23:01] C:\Users\Yohann\AppData\Local\Microsoft
[19/06/2009|09:21] C:\Users\Yohann\AppData\Local\Microsoft Games
[16/06/2009|17:02] C:\Users\Yohann\AppData\Local\QSwitch.txt
[23/06/2009|19:43] C:\Users\Yohann\AppData\Local\Temp
[16/06/2009|16:40] C:\Users\Yohann\AppData\Local\Temporary Internet Files
[16/06/2009|17:02] C:\Users\Yohann\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\windows\tasks

[23/06/2009 19:35][--ah-----] C:\windows\tasks\User_Feed_Synchronization-{7B780B48-2074-446D-8864-2E018D9F0FAC}.job
[23/06/2009 19:19][--ah-----] C:\windows\tasks\SA.DAT
[22/06/2009 00:56][--a------] C:\windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[16/06/2009|18:47] C:\ProgramData\Adobe
[18/06/2008|10:52] C:\ProgramData\AOL
[02/11/2006|15:02] C:\ProgramData\Application Data
[16/06/2009|17:02] C:\ProgramData\ATI
[16/06/2009|16:32] C:\ProgramData\Bureau
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[21/06/2009|17:39] C:\ProgramData\Eq Anti Fork Live
[16/06/2009|16:32] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[16/06/2009|17:24] C:\ProgramData\Google
[16/06/2009|16:52] C:\ProgramData\Hewlett-Packard
[23/06/2009|19:19] C:\ProgramData\hpqLog
[22/06/2009|00:59] C:\ProgramData\KnobExtra
[21/06/2009|16:29] C:\ProgramData\LightScribe
[21/06/2009|23:20] C:\ProgramData\Malwarebytes
[18/06/2008|11:17] C:\ProgramData\McAfee
[16/06/2009|16:32] C:\ProgramData\Menu D‚marrer
[17/06/2009|22:46] C:\ProgramData\Messenger Plus!
[17/06/2009|02:10] C:\ProgramData\Microsoft
[19/06/2009|03:03] C:\ProgramData\Microsoft Help
[16/06/2009|16:32] C:\ProgramData\ModŠles
[16/06/2009|18:57] C:\ProgramData\NOS
[18/06/2008|11:10] C:\ProgramData\Roxio
[18/06/2008|11:19] C:\ProgramData\SiteAdvisor
[18/06/2008|11:06] C:\ProgramData\Sonic
[16/06/2009|16:41] C:\ProgramData\SonicFocus
[02/11/2006|15:02] C:\ProgramData\Start Menu
[02/11/2006|15:02] C:\ProgramData\Templates
[18/06/2008|11:11] C:\ProgramData\Uninstall
[17/06/2009|00:12] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[18/06/2008|10:39] C:\Program Files\ActivIdentity
[17/06/2009|10:52] C:\Program Files\Activision
[16/06/2009|18:47] C:\Program Files\Adobe
[16/06/2009|16:41] C:\Program Files\Analog Devices
[18/06/2008|10:52] C:\Program Files\AOL
[16/06/2009|16:42] C:\Program Files\ATI
[16/06/2009|16:43] C:\Program Files\ATI Technologies
[22/06/2009|00:59] C:\Program Files\Cicle Developement
[17/06/2009|00:28] C:\Program Files\Common Files
[16/06/2009|16:32] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[21/06/2009|15:13] C:\Program Files\Google
[18/06/2008|11:32] C:\Program Files\Hewlett-Packard
[18/06/2008|11:29] C:\Program Files\HP
[16/06/2009|16:49] C:\Program Files\HP Webcam Application
[18/06/2008|10:39] C:\Program Files\HPQ
[17/06/2009|11:06] C:\Program Files\InstallShield Installation Information
[18/06/2008|10:34] C:\Program Files\Intel
[22/06/2009|18:49] C:\Program Files\Internet Explorer
[18/06/2008|11:13] C:\Program Files\InterVideo
[18/06/2008|11:20] C:\Program Files\Java
[20/06/2009|09:15] C:\Program Files\LimeWire
[21/06/2009|23:20] C:\Program Files\Malwarebytes' Anti-Malware
[18/06/2008|11:24] C:\Program Files\McAfee
[17/06/2009|09:49] C:\Program Files\Messenger Plus! Live
[17/06/2009|02:13] C:\Program Files\Microsoft
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[18/06/2008|11:02] C:\Program Files\Microsoft Office
[17/06/2009|02:12] C:\Program Files\Microsoft Office Outlook Connector
[18/06/2008|11:04] C:\Program Files\Microsoft Office Suite Activation Assistant
[18/06/2009|03:19] C:\Program Files\Microsoft Silverlight
[17/06/2009|02:08] C:\Program Files\Microsoft SQL Server Compact Edition
[17/06/2009|02:10] C:\Program Files\Microsoft Sync Framework
[18/06/2008|11:02] C:\Program Files\Microsoft Visual Studio
[18/06/2009|03:06] C:\Program Files\Microsoft Works
[18/06/2008|11:02] C:\Program Files\Microsoft.NET
[21/01/2008|04:35] C:\Program Files\Movie Maker
[02/11/2006|14:37] C:\Program Files\MSBuild
[16/06/2009|17:51] C:\Program Files\MSXML 4.0
[16/06/2009|18:57] C:\Program Files\NOS
[18/06/2008|10:50] C:\Program Files\PDF Complete
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[18/06/2008|11:10] C:\Program Files\Roxio
[18/06/2008|11:19] C:\Program Files\SiteAdvisor
[18/06/2008|11:11] C:\Program Files\Synaptics
[21/06/2009|23:12] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[16/06/2009|16:46] C:\Program Files\WIDCOMM
[21/01/2008|04:35] C:\Program Files\Windows Calendar
[21/01/2008|04:35] C:\Program Files\Windows Collaboration
[21/01/2008|04:35] C:\Program Files\Windows Defender
[21/01/2008|04:35] C:\Program Files\Windows Journal
[17/06/2009|02:11] C:\Program Files\Windows Live
[17/06/2009|02:05] C:\Program Files\Windows Live SkyDrive
[16/06/2009|18:51] C:\Program Files\Windows Mail
[16/06/2009|18:52] C:\Program Files\Windows Media Player
[16/06/2009|16:32] C:\Program Files\Windows NT
[21/01/2008|04:35] C:\Program Files\Windows Photo Gallery
[21/01/2008|04:35] C:\Program Files\Windows Sidebar

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[18/06/2008|10:39] C:\Program Files\Common Files\ActivIdentity
[16/06/2009|18:47] C:\Program Files\Common Files\Adobe
[18/06/2008|11:02] C:\Program Files\Common Files\DESIGNER
[18/06/2008|11:15] C:\Program Files\Common Files\InstallShield
[18/06/2008|11:14] C:\Program Files\Common Files\InterVideo
[18/06/2008|11:20] C:\Program Files\Common Files\Java
[18/06/2008|11:17] C:\Program Files\Common Files\LightScribe
[18/06/2008|11:17] C:\Program Files\Common Files\McAfee
[18/06/2009|03:07] C:\Program Files\Common Files\microsoft shared
[18/06/2008|11:09] C:\Program Files\Common Files\PX Storage Engine
[18/06/2008|11:09] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[16/06/2009|16:48] C:\Program Files\Common Files\SNP2UVC
[18/06/2008|11:10] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[18/06/2008|11:07] C:\Program Files\Common Files\SureThing Shared
[17/06/2009|02:12] C:\Program Files\Common Files\System
[17/06/2009|00:28] C:\Program Files\Common Files\Windows Live
[17/06/2009|00:14] C:\Program Files\Common Files\WindowsLiveInstaller

--------------------\\ Process

( 95 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-23 19:43:33
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:347][D:36]-> C:\Users\Yohann\AppData\Local\Temp
[F:335][D:1]-> C:\Users\Yohann\AppData\Roaming\MICROS~1\Windows\Cookies
[F:14][D:4]-> C:\Users\Yohann\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:3][D:3]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 23/06/2009|19:30 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 23/06/2009|19:44 - Option : [2]

--------------------\\ Fin du rapport a 19:44:55
[ UAC => 1 ]

--> Télécharge SystemLook sur ton Bureau.
--> Clique droit sur SystemLook.exe et choisis Exécuter en tant qu'administrateur.
--> Copie-colle le texte entre les deux espaces ci-dessous dans la zone texte de SystemLook :




:dir
C:\ProgramData\Eq Anti Fork Live
C:\ProgramData\KnobExtra
C:\Program Files\Cicle Developement




--> Clique sur le bouton Look pour démarrer l'examen.
--> A la fin, le Bloc-notes s'ouvre avec le résultat de l'analyse. Copie-colle le rapport dans ta prochaine réponse.
Note : Le rapport peut aussi être trouvé sur ton Bureau sous le nom SystemLook.txt

Je copie le rapport ou ce que tu as marqué
:dir
C:\ProgramData\Eq Anti Fork Live
C:\ProgramData\KnobExtra
C:\Program Files\Cicle Developement

:dir
C:\ProgramData\Eq Anti Fork Live
C:\ProgramData\KnobExtra
C:\Program Files\Cicle Developement

SystemLook v1.0 by jpshortstuff (22.05.09)
Log created at 19:55 on 23/06/2009 by Yohann (Administrator - Elevation successful)

========== dir ==========

C:\ProgramData\Eq Anti Fork Live - Parameters: "(none)"

---Files---
ooze copy.dat --a--- 291364 bytes [07:50 17/06/2009] [15:03 21/06/2009]

---Folders---
None found.

C:\ProgramData\KnobExtra - Parameters: "(none)"

---Files---
None found.

---Folders---
None found.

C:\Program Files\Cicle Developement - Parameters: "(none)"

---Files---
None found.

---Folders---
None found.

-=End Of File=-

--> Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

--> Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

--> Clique sur Continue à l'écran Disclaimer.

--> Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

--> Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : les rapports sont sauvegardés dans le dossier C:\rsit.

1er rapport

Logfile of random's system information tool 1.06 (written by random/random)
Run by Yohann at 2009-06-23 20:32:25
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 179 GB (79%) free of 228 GB
Total RAM: 2041 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:32:42, on 23/06/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\windows\system32\taskeng.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
c:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\SiteAdvisor\6173\SiteAdv.exe
C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe­
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtTry.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\windows\system32\conime.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Users\Yohann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1TY6R888\SystemLook[1].exe
C:\WINDOWS\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\Users\Yohann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1TY6R888\RSIT[1].exe
C:\Program Files\Trend Micro\HijackThis\Yohann.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_mq&c=83&bd=all&pf=cmnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_mq&c=83&bd=all&pf=cmnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_mq&c=83&bd=all&pf=cmnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6173\SiteAdv.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6173\SiteAdv.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [accrdsub] "c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
O4 - HKLM\..\Run: [PTHOSTTR] c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [MVS Splash] C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe
O4 - HKLM\..\Run: [McAfee Managed Services Tray] C:\Program Files\McAfee\Managed VirusScan\Agent\StartMyAgtTry.Exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6173\SiteAdv.exe
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: ActivClient Middleware Service (accoca) - ActivIdentity - c:\Program Files\ActivIdentity\ActivClient\accoca.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: EngineServer - McAfee, Inc. - C:\PROGRA~1\McAfee\MANAGE~1\VScan\ENGINE~1.EXE
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\windows\system32\Hpservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McShield - McAfee, Inc. - C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Virus and Spyware Protection Service (myAgtSvc) - McAfee, Inc. - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: rpcnetp - Unknown owner - C:\windows\System32\rpcnetp.exe (file missing)
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6173\SAService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
End of file - 14040 bytes

======Scheduled tasks folder======

C:\windows\tasks\User_Feed_Synchronization-{7B780B48-2074-446D-8864-2E018D9F0FAC}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{089FD14D-132B-48FC-8861-0048AE113215}]
C:\Program Files\SiteAdvisor\6173\SiteAdv.dll [2007-08-28 910624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
BHO_Startup Class - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll [2008-05-02 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-16 259696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-06-21 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-06-16 470512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2008-05-21 58128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0} - McAfee SiteAdvisor - C:\Program Files\SiteAdvisor\6173\SiteAdv.dll [2007-08-28 910624]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-16 259696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-04-18 178712]
""= []
"accrdsub"=c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2007-05-16 293168]
"PTHOSTTR"=c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2008-05-08 238984]
"CognizanceTS"=c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [2008-05-21 24848]
"PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2008-05-12 318488]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-27 1045800]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-04-15 70912]
"MVS Splash"=C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe [2008-05-05 550208]
"McAfee Managed Services Tray"=C:\Program Files\McAfee\Managed VirusScan\Agent\StartMyAgtTry.Exe [2008-05-05 91456]
"SiteAdvisor"=C:\Program Files\SiteAdvisor\6173\SiteAdv.exe [2007-08-28 36640]
"File Sanitizer"=C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2008-05-02 10244096]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe [2008-03-25 144784]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-05-14 177456]
"WatchDog"=C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2008-05-24 197904]
"HP Software Update"=c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-09 54840]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-04-04 1314816]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [2008-03-19 3842048]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-03-18 2289664]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-06-21 39408]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="APSHook.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\windows\System32\Notepad.exe %1
.js - open - C:\windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-06-23 20:32:25 ----D---- C:\rsit
2009-06-23 19:29:04 ----A---- C:\lopR.txt
2009-06-23 19:28:21 ----D---- C:\Lop SD
2009-06-22 06:35:58 ----A---- C:\windows\system32\wininet.dll
2009-06-22 06:35:58 ----A---- C:\windows\system32\ieui.dll
2009-06-22 06:35:58 ----A---- C:\windows\system32\iesetup.dll
2009-06-22 06:35:58 ----A---- C:\windows\system32\iertutil.dll
2009-06-22 06:35:58 ----A---- C:\windows\system32\iernonce.dll
2009-06-22 06:35:58 ----A---- C:\windows\system32\ie4uinit.exe
2009-06-22 06:35:57 ----A---- C:\windows\system32\urlmon.dll
2009-06-22 06:35:57 ----A---- C:\windows\system32\jsproxy.dll
2009-06-22 06:35:57 ----A---- C:\windows\system32\iedkcs32.dll
2009-06-22 06:35:56 ----A---- C:\windows\system32\ieframe.dll
2009-06-22 06:35:55 ----A---- C:\windows\system32\mshtml.dll
2009-06-22 06:34:15 ----A---- C:\windows\system32\mshtmled.dll
2009-06-22 06:34:14 ----A---- C:\windows\system32\mshtmler.dll
2009-06-22 06:34:14 ----A---- C:\windows\system32\icardie.dll
2009-06-22 06:34:14 ----A---- C:\windows\system32\admparse.dll
2009-06-22 06:34:12 ----A---- C:\windows\system32\msls31.dll
2009-06-22 06:34:12 ----A---- C:\windows\system32\corpol.dll
2009-06-22 06:34:11 ----A---- C:\windows\system32\imgutil.dll
2009-06-22 06:34:11 ----A---- C:\windows\system32\ieakeng.dll
2009-06-22 06:34:11 ----A---- C:\windows\system32\dxtrans.dll
2009-06-22 06:34:11 ----A---- C:\windows\system32\dxtmsft.dll
2009-06-22 06:34:10 ----A---- C:\windows\system32\occache.dll
2009-06-22 06:34:10 ----A---- C:\windows\system32\msrating.dll
2009-06-22 06:34:10 ----A---- C:\windows\system32\msfeedsbs.dll
2009-06-22 06:34:10 ----A---- C:\windows\system32\licmgr10.dll
2009-06-22 06:34:10 ----A---- C:\windows\system32\inseng.dll
2009-06-22 06:34:10 ----A---- C:\windows\system32\iepeers.dll
2009-06-22 06:34:10 ----A---- C:\windows\system32\ieaksie.dll
2009-06-22 06:34:09 ----A---- C:\windows\system32\WinFXDocObj.exe
2009-06-22 06:34:09 ----A---- C:\windows\system32\wextract.exe
2009-06-22 06:34:09 ----A---- C:\windows\system32\webcheck.dll
2009-06-22 06:34:09 ----A---- C:\windows\system32\mstime.dll
2009-06-22 06:34:09 ----A---- C:\windows\system32\msfeedssync.exe
2009-06-22 06:34:09 ----A---- C:\windows\system32\msfeeds.dll
2009-06-22 06:34:09 ----A---- C:\windows\system32\ieakui.dll
2009-06-22 06:34:09 ----A---- C:\windows\system32\advpack.dll
2009-06-22 06:34:08 ----A---- C:\windows\system32\vbscript.dll
2009-06-22 06:34:08 ----A---- C:\windows\system32\url.dll
2009-06-22 06:34:08 ----A---- C:\windows\system32\pngfilt.dll
2009-06-22 06:34:08 ----A---- C:\windows\system32\jscript.dll
2009-06-22 06:34:08 ----A---- C:\windows\system32\ieapfltr.dll
2009-06-22 06:34:06 ----A---- C:\windows\system32\SetIEInstalledDate.exe
2009-06-22 06:34:06 ----A---- C:\windows\system32\SetDepNx.exe
2009-06-22 06:34:06 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2009-06-22 06:34:06 ----A---- C:\windows\system32\PDMSetup.exe
2009-06-22 06:34:06 ----A---- C:\windows\system32\mshta.exe
2009-06-22 06:34:06 ----A---- C:\windows\system32\iexpress.exe
2009-06-22 06:34:06 ----A---- C:\windows\system32\ieUnatt.exe
2009-06-22 06:34:06 ----A---- C:\windows\system32\iesysprep.dll
2009-06-21 23:20:19 ----D---- C:\Users\Yohann\AppData\Roaming\Malwarebytes
2009-06-21 23:20:10 ----D---- C:\ProgramData\Malwarebytes
2009-06-21 23:20:09 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-06-21 23:12:59 ----D---- C:\Program Files\Trend Micro
2009-06-21 18:38:01 ----D---- C:\windows\Minidump
2009-06-21 17:17:22 ----A---- C:\windows\ntbtlog.txt
2009-06-21 16:29:42 ----D---- C:\ProgramData\LightScribe
2009-06-20 10:23:54 ----A---- C:\windows\system32\LCT16vO.vbs
2009-06-20 09:19:03 ----D---- C:\Users\Yohann\AppData\Roaming\Mozilla
2009-06-20 09:15:53 ----D---- C:\Users\Yohann\AppData\Roaming\LimeWire
2009-06-20 09:15:13 ----D---- C:\Program Files\LimeWire
2009-06-17 23:33:19 ----D---- C:\Users\Yohann\AppData\Roaming\InterVideo
2009-06-17 22:46:42 ----D---- C:\ProgramData\Messenger Plus!
2009-06-17 11:07:33 ----A---- C:\windows\system32\xactengine2_8.dll
2009-06-17 11:07:33 ----A---- C:\windows\system32\x3daudio1_2.dll
2009-06-17 11:07:33 ----A---- C:\windows\system32\d3dx9_34.dll
2009-06-17 11:07:33 ----A---- C:\windows\system32\d3dx10_34.dll
2009-06-17 11:07:33 ----A---- C:\windows\system32\D3DCompiler_34.dll
2009-06-17 11:07:32 ----A---- C:\windows\system32\d3dx10_33.dll
2009-06-17 11:07:32 ----A---- C:\windows\system32\D3DCompiler_33.dll
2009-06-17 11:07:31 ----A---- C:\windows\system32\d3dx10.dll
2009-06-17 11:06:52 ----A---- C:\Users\Yohann\AppData\Roaming\PnkBstrB.exe
2009-06-17 11:06:46 ----A---- C:\windows\system32\PnkBstrB.exe
2009-06-17 11:06:41 ----A---- C:\windows\system32\PnkBstrA.exe
2009-06-17 11:06:40 ----A---- C:\windows\game.ini
2009-06-17 10:52:27 ----D---- C:\Program Files\Activision
2009-06-17 09:50:26 ----D---- C:\ProgramData\Eq Anti Fork Live
2009-06-17 09:49:59 ----D---- C:\ProgramData\KnobExtra
2009-06-17 09:49:42 ----D---- C:\Program Files\Cicle Developement
2009-06-17 09:49:41 ----D---- C:\Program Files\Messenger Plus! Live
2009-06-17 02:13:25 ----D---- C:\Program Files\Microsoft Silverlight
2009-06-17 02:12:19 ----D---- C:\Program Files\Microsoft Office Outlook Connector
2009-06-17 02:11:14 ----DC---- C:\windows\system32\DRVSTORE
2009-06-17 02:10:36 ----D---- C:\Program Files\Microsoft Sync Framework
2009-06-17 02:08:00 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-06-17 02:05:52 ----D---- C:\Program Files\Microsoft
2009-06-17 02:05:34 ----D---- C:\Program Files\Windows Live SkyDrive
2009-06-17 00:28:59 ----D---- C:\Program Files\Common Files\Windows Live
2009-06-17 00:13:03 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2009-06-17 00:12:50 ----D---- C:\Program Files\Windows Live
2009-06-17 00:12:30 ----D---- C:\ProgramData\WLInstaller
2009-06-16 20:24:51 ----D---- C:\windows\SoftwareDistribution
2009-06-16 20:20:01 ----D---- C:\windows\Prefetch
2009-06-16 18:47:16 ----D---- C:\ProgramData\Adobe
2009-06-16 18:47:12 ----D---- C:\Program Files\Common Files\Adobe
2009-06-16 18:47:12 ----D---- C:\Program Files\Adobe
2009-06-16 18:24:34 ----A---- C:\windows\system32\msshooks.dll
2009-06-16 18:24:34 ----A---- C:\windows\system32\msscb.dll
2009-06-16 18:24:33 ----A---- C:\windows\system32\wsepno.dll
2009-06-16 18:24:33 ----A---- C:\windows\system32\thawbrkr.dll
2009-06-16 18:24:33 ----A---- C:\windows\system32\srchadmin.dll
2009-06-16 18:24:33 ----A---- C:\windows\system32\SearchFilterHost.exe
2009-06-16 18:24:33 ----A---- C:\windows\system32\rtffilt.dll
2009-06-16 18:24:33 ----A---- C:\windows\system32\propsys.dll
2009-06-16 18:24:33 ----A---- C:\windows\system32\propdefs.dll
2009-06-16 18:24:33 ----A---- C:\windows\system32\msstrc.dll
2009-06-16 18:24:33 ----A---- C:\windows\system32\mssprxy.dll
2009-06-16 18:24:33 ----A---- C:\windows\system32\mssitlb.dll
2009-06-16 18:24:33 ----A---- C:\windows\system32\msshsq.dll
2009-06-16 18:24:33 ----A---- C:\windows\system32\mimefilt.dll
2009-06-16 18:24:33 ----A---- C:\windows\system32\korwbrkr.dll
2009-06-16 18:24:32 ----A---- C:\windows\system32\xmlfilter.dll
2009-06-16 18:24:32 ----A---- C:\windows\system32\tquery.dll
2009-06-16 18:24:32 ----A---- C:\windows\system32\SearchProtocolHost.exe
2009-06-16 18:24:32 ----A---- C:\windows\system32\SearchIndexer.exe
2009-06-16 18:24:32 ----A---- C:\windows\system32\offfilt.dll
2009-06-16 18:24:32 ----A---- C:\windows\system32\nlhtml.dll
2009-06-16 18:24:32 ----A---- C:\windows\system32\mssvp.dll
2009-06-16 18:24:32 ----A---- C:\windows\system32\mssrch.dll
2009-06-16 18:24:32 ----A---- C:\windows\system32\mssphtb.dll
2009-06-16 18:24:32 ----A---- C:\windows\system32\mssph.dll
2009-06-16 18:24:32 ----A---- C:\windows\system32\msscntrs.dll
2009-06-16 18:24:32 ----A---- C:\windows\system32\chtbrkr.dll
2009-06-16 18:24:32 ----A---- C:\windows\system32\chsbrkr.dll
2009-06-16 18:23:21 ----A---- C:\windows\system32\tzres.dll
2009-06-16 18:00:34 ----A---- C:\windows\system32\PresentationHostProxy.dll
2009-06-16 18:00:34 ----A---- C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-06-16 18:00:34 ----A---- C:\windows\system32\infocardapi.dll
2009-06-16 18:00:34 ----A---- C:\windows\system32\icardres.dll
2009-06-16 18:00:34 ----A---- C:\windows\system32\icardagt.exe
2009-06-16 18:00:33 ----A---- C:\windows\system32\PresentationNative_v0300.dll
2009-06-16 18:00:31 ----A---- C:\windows\system32\PresentationHost.exe
2009-06-16 17:56:14 ----A---- C:\windows\system32\dfshim.dll
2009-06-16 17:55:52 ----A---- C:\windows\system32\mscoree.dll
2009-06-16 17:55:45 ----A---- C:\windows\system32\netfxperf.dll
2009-06-16 17:54:33 ----A---- C:\windows\system32\mscorier.dll
2009-06-16 17:54:11 ----A---- C:\windows\system32\mscories.dll
2009-06-16 17:51:34 ----D---- C:\Program Files\MSXML 4.0
2009-06-16 17:48:26 ----A---- C:\windows\system32\EncDec.dll
2009-06-16 17:48:20 ----A---- C:\windows\system32\psisdecd.dll
2009-06-16 17:47:05 ----A---- C:\windows\system32\NlsLexicons0007.dll
2009-06-16 17:47:03 ----A---- C:\windows\system32\NlsLexicons0009.dll
2009-06-16 17:46:49 ----A---- C:\windows\system32\NaturalLanguage6.dll
2009-06-16 17:44:13 ----A---- C:\windows\system32\shell32.dll
2009-06-16 17:43:43 ----A---- C:\windows\system32\Apphlpdm.dll
2009-06-16 17:43:40 ----A---- C:\windows\system32\GameUXLegacyGDFs.dll
2009-06-16 17:43:40 ----A---- C:\windows\system32\gameux.dll
2009-06-16 17:43:34 ----A---- C:\windows\system32\rpcss.dll
2009-06-16 17:43:34 ----A---- C:\windows\system32\ntoskrnl.exe
2009-06-16 17:43:33 ----A---- C:\windows\system32\ntkrnlpa.exe
2009-06-16 17:43:31 ----A---- C:\windows\system32\printfilterpipelinesvc.exe
2009-06-16 17:43:30 ----A---- C:\windows\system32\sdohlp.dll
2009-06-16 17:43:30 ----A---- C:\windows\system32\printfilterpipelineprxy.dll
2009-06-16 17:43:30 ----A---- C:\windows\system32\iasrecst.dll
2009-06-16 17:43:28 ----A---- C:\windows\system32\iashost.exe
2009-06-16 17:43:28 ----A---- C:\windows\system32\iasdatastore.dll
2009-06-16 17:43:28 ----A---- C:\windows\system32\iasads.dll
2009-06-16 17:43:26 ----A---- C:\windows\system32\winhttp.dll
2009-06-16 17:43:23 ----A---- C:\windows\system32\wmp.dll
2009-06-16 17:43:20 ----A---- C:\windows\system32\spwmp.dll
2009-06-16 17:43:19 ----A---- C:\windows\system32\dxmasf.dll
2009-06-16 17:43:18 ----A---- C:\windows\system32\wmploc.DLL
2009-06-16 17:43:16 ----A---- C:\windows\explorer.exe
2009-06-16 17:43:15 ----A---- C:\windows\system32\msxml3.dll
2009-06-16 17:43:11 ----A---- C:\windows\system32\lsasrv.dll
2009-06-16 17:43:11 ----A---- C:\windows\system32\kernel32.dll
2009-06-16 17:43:08 ----A---- C:\windows\system32\secur32.dll
2009-06-16 17:43:08 ----A---- C:\windows\system32\apilogen.dll
2009-06-16 17:43:08 ----A---- C:\windows\system32\amxread.dll
2009-06-16 17:43:05 ----A---- C:\windows\system32\wmpeffects.dll
2009-06-16 17:43:04 ----A---- C:\windows\system32\mf.dll
2009-06-16 17:43:03 ----A---- C:\windows\system32\WMVCORE.DLL
2009-06-16 17:43:01 ----A---- C:\windows\system32\WMNetMgr.dll
2009-06-16 17:43:01 ----A---- C:\windows\system32\logagent.exe
2009-06-16 17:42:58 ----A---- C:\windows\system32\localspl.dll
2009-06-16 17:42:54 ----A---- C:\windows\system32\rpcrt4.dll
2009-06-16 17:42:52 ----A---- C:\windows\system32\PhotoMetadataHandler.dll
2009-06-16 17:42:51 ----A---- C:\windows\system32\WindowsCodecsExt.dll
2009-06-16 17:42:51 ----A---- C:\windows\system32\WindowsCodecs.dll
2009-06-16 17:42:48 ----A---- C:\windows\system32\pacerprf.dll
2009-06-16 17:42:46 ----A---- C:\windows\system32\netapi32.dll
2009-06-16 17:42:44 ----A---- C:\windows\system32\schannel.dll
2009-06-16 17:42:42 ----A---- C:\windows\system32\xolehlp.dll
2009-06-16 17:42:42 ----A---- C:\windows\system32\msdtcprx.dll
2009-06-16 17:42:39 ----A---- C:\windows\system32\win32spl.dll
2009-06-16 17:42:35 ----A---- C:\windows\system32\PortableDeviceApi.dll
2009-06-16 17:42:34 ----A---- C:\windows\system32\es.dll
2009-06-16 17:42:32 ----A---- C:\windows\system32\wersvc.dll
2009-06-16 17:42:32 ----A---- C:\windows\system32\Faultrep.dll
2009-06-16 17:42:29 ----A---- C:\windows\system32\IPSECSVC.DLL
2009-06-16 17:42:26 ----A---- C:\windows\system32\wshext.dll
2009-06-16 17:42:25 ----A---- C:\windows\system32\wscript.exe
2009-06-16 17:42:25 ----A---- C:\windows\system32\scrrun.dll
2009-06-16 17:42:25 ----A---- C:\windows\system32\scrobj.dll
2009-06-16 17:42:25 ----A---- C:\windows\system32\cscript.exe
2009-06-16 17:42:23 ----A---- C:\windows\system32\gdi32.dll
2009-06-16 17:42:22 ----A---- C:\windows\system32\connect.dll
2009-06-16 17:42:19 ----A---- C:\windows\system32\emdmgmt.dll
2009-06-16 17:42:18 ----A---- C:\windows\system32\dataclen.dll
2009-06-16 17:42:18 ----A---- C:\windows\system32\cdd.dll
2009-06-16 17:39:41 ----A---- C:\windows\system32\inetcomm.dll
2009-06-16 17:39:12 ----A---- C:\windows\system32\quartz.dll
2009-06-16 17:28:02 ----A---- C:\windows\system32\msxml6.dll
2009-06-16 17:24:25 ----D---- C:\Users\Yohann\AppData\Roaming\Google
2009-06-16 17:24:17 ----D---- C:\ProgramData\NOS
2009-06-16 17:24:17 ----D---- C:\Program Files\NOS
2009-06-16 17:23:38 ----D---- C:\ProgramData\Google
2009-06-16 17:23:33 ----D---- C:\Program Files\Google
2009-06-16 17:18:12 ----A---- C:\windows\system32\wups2.dll
2009-06-16 17:18:12 ----A---- C:\windows\system32\wucltux.dll
2009-06-16 17:18:12 ----A---- C:\windows\system32\wuaueng.dll
2009-06-16 17:18:12 ----A---- C:\windows\system32\wuauclt.exe
2009-06-16 17:17:15 ----A---- C:\windows\system32\wups.dll
2009-06-16 17:17:15 ----A---- C:\windows\system32\wudriver.dll
2009-06-16 17:17:14 ----A---- C:\windows\system32\wuapi.dll
2009-06-16 17:17:00 ----A---- C:\windows\system32\wuwebv.dll
2009-06-16 17:17:00 ----A---- C:\windows\system32\wuapp.exe
2009-06-16 17:02:20 ----D---- C:\Users\Yohann\AppData\Roaming\ATI
2009-06-16 17:02:20 ----D---- C:\ProgramData\ATI
2009-06-16 17:02:10 ----D---- C:\Users\Yohann\AppData\Roaming\HPQLOG
2009-06-16 17:01:58 ----D---- C:\Users\Yohann\AppData\Roaming\SiteAdvisor
2009-06-16 17:01:32 ----D---- C:\Users\Yohann\AppData\Roaming\Identities
2009-06-16 16:52:27 ----D---- C:\Users\Yohann\AppData\Roaming\Macromedia
2009-06-16 16:52:15 ----D---- C:\Users\Yohann\AppData\Roaming\Adobe
2009-06-16 16:52:11 ----D---- C:\Users\Yohann\AppData\Roaming\Hewlett-Packard
2009-06-16 16:49:48 ----D---- C:\Program Files\HP Webcam Application
2009-06-16 16:48:58 ----A---- C:\windows\system32\rsnp2uvc.dll
2009-06-16 16:48:57 ----D---- C:\Program Files\Common Files\SNP2UVC
2009-06-16 16:48:57 ----A---- C:\windows\system32\csnp2uvc.dll
2009-06-16 16:48:57 ----A---- C:\windows\snp2uvc.ini
2009-06-16 16:48:04 ----D---- C:\windows\Hewlett-Packard
2009-06-16 16:47:01 ----A---- C:\windows\system32\BtwRSupport.dll
2009-06-16 16:46:53 ----D---- C:\windows\system32\es-MX
2009-06-16 16:46:53 ----D---- C:\windows\system32\es-AR
2009-06-16 16:46:47 ----D---- C:\Program Files\WIDCOMM
2009-06-16 16:42:39 ----D---- C:\Program Files\ATI Technologies
2009-06-16 16:42:10 ----D---- C:\Program Files\ATI
2009-06-16 16:41:09 ----D---- C:\Users\Yohann\AppData\Roaming\InstallShield
2009-06-16 16:40:46 ----SD---- C:\Users\Yohann\AppData\Roaming\Microsoft
2009-06-16 16:40:46 ----D---- C:\Users\Yohann\AppData\Roaming\Media Center Programs
2009-06-16 16:32:34 ----SHD---- C:\ProgramData\Modèles
2009-06-16 16:32:34 ----SHD---- C:\ProgramData\Menu Démarrer
2009-06-16 16:32:34 ----SHD---- C:\Program Files\Fichiers communs
2009-06-16 16:32:33 ----SHD---- C:\ProgramData\Favoris
2009-06-16 16:32:33 ----SHD---- C:\ProgramData\Bureau

======List of files/folders modified in the last 1 months======

2009-06-23 20:32:28 ----D---- C:\windows\Temp
2009-06-23 19:43:21 ----HD---- C:\ProgramData
2009-06-23 19:35:43 ----D---- C:\windows\rescache
2009-06-23 19:24:57 ----D---- C:\windows\System32
2009-06-23 19:24:57 ----D---- C:\windows\inf
2009-06-23 19:24:57 ----A---- C:\windows\system32\PerfStringBackup.INI
2009-06-23 19:24:41 ----D---- C:\windows\system32\catroot2
2009-06-23 19:24:41 ----D---- C:\windows\system32\catroot
2009-06-23 19:24:39 ----D---- C:\windows\winsxs
2009-06-23 19:19:41 ----D---- C:\ProgramData\hpqLog
2009-06-22 19:35:52 ----D---- C:\windows\system32\NDF
2009-06-22 19:15:59 ----A---- C:\windows\system32\rpcnetp.dll
2009-06-22 19:00:07 ----SHD---- C:\System Volume Information
2009-06-22 18:49:18 ----D---- C:\windows\system32\migration
2009-06-22 18:49:18 ----D---- C:\Program Files\Internet Explorer
2009-06-22 18:49:17 ----AD---- C:\windows\system32\fr-FR
2009-06-22 18:49:15 ----D---- C:\windows\system32\en-US
2009-06-22 18:49:15 ----D---- C:\windows\PolicyDefinitions
2009-06-22 06:32:56 ----D---- C:\Windows
2009-06-22 00:56:51 ----RD---- C:\Program Files
2009-06-22 00:56:51 ----D---- C:\windows\system32\drivers
2009-06-21 22:25:46 ----D---- C:\windows\Debug
2009-06-21 17:03:42 ----D---- C:\windows\system32\WDI
2009-06-21 15:15:08 ----AD---- C:\windows\system32\nl-NL
2009-06-21 15:13:06 ----SHD---- C:\windows\Installer
2009-06-19 03:03:26 ----D---- C:\ProgramData\Microsoft Help
2009-06-19 03:02:09 ----RSD---- C:\windows\assembly
2009-06-18 21:21:15 ----D---- C:\windows\system32\Tasks
2009-06-18 03:07:27 ----RSD---- C:\windows\Fonts
2009-06-18 03:07:04 ----D---- C:\Program Files\Common Files\microsoft shared
2009-06-18 03:06:33 ----D---- C:\Program Files\Microsoft Works
2009-06-18 03:05:21 ----A---- C:\windows\win.ini
2009-06-17 20:08:04 ----RD---- C:\Users
2009-06-17 11:06:41 ----D---- C:\windows\system32\LogFiles
2009-06-17 11:06:38 ----HD---- C:\Program Files\InstallShield Installation Information
2009-06-17 02:14:28 ----D---- C:\windows\Microsoft.NET
2009-06-17 02:12:22 ----D---- C:\Program Files\Common Files\System
2009-06-17 02:10:28 ----SD---- C:\ProgramData\Microsoft
2009-06-17 00:28:59 ----D---- C:\Program Files\Common Files
2009-06-16 20:36:14 ----D---- C:\windows\Logs
2009-06-16 20:25:33 ----D---- C:\windows\Registration
2009-06-16 19:09:06 ----D---- C:\windows\Tasks
2009-06-16 18:57:33 ----SD---- C:\windows\Downloaded Program Files
2009-06-16 18:52:14 ----AD---- C:\windows\system32\it-IT
2009-06-16 18:52:14 ----AD---- C:\windows\system32\de-DE
2009-06-16 18:52:13 ----D---- C:\windows\ehome
2009-06-16 18:52:10 ----D---- C:\windows\AppPatch
2009-06-16 18:52:01 ----D---- C:\Program Files\Windows Media Player
2009-06-16 18:51:58 ----D---- C:\windows\system32\wbem
2009-06-16 18:51:58 ----D---- C:\Program Files\Windows Mail
2009-06-16 18:51:56 ----D---- C:\windows\system32\manifeststore
2009-06-16 18:51:25 ----D---- C:\windows\system32\XPSViewer
2009-06-16 17:20:02 ----D---- C:\windows\system32\Macromed
2009-06-16 17:01:51 ----SHD---- C:\$Recycle.Bin
2009-06-16 17:01:22 ----D---- C:\windows\system
2009-06-16 16:52:02 ----D---- C:\ProgramData\Hewlett-Packard
2009-06-16 16:51:54 ----HD---- C:\System.sav
2009-06-16 16:51:54 ----D---- C:\Swsetup
2009-06-16 16:49:18 ----D---- C:\windows\twain_32
2009-06-16 16:46:53 ----D---- C:\windows\system32\zh-TW
2009-06-16 16:46:53 ----D---- C:\windows\system32\zh-CN
2009-06-16 16:46:53 ----D---- C:\windows\system32\sv-SE
2009-06-16 16:46:53 ----D---- C:\windows\system32\ru-RU
2009-06-16 16:46:53 ----D---- C:\windows\system32\pt-BR
2009-06-16 16:46:53 ----D---- C:\windows\system32\pl-PL
2009-06-16 16:46:53 ----D---- C:\windows\system32\nb-NO
2009-06-16 16:46:53 ----D---- C:\windows\system32\ko-KR
2009-06-16 16:46:53 ----D---- C:\windows\system32\ja-JP
2009-06-16 16:46:53 ----D---- C:\windows\system32\fi-FI
2009-06-16 16:46:53 ----D---- C:\windows\system32\es-ES
2009-06-16 16:46:53 ----D---- C:\windows\system32\da-DK
2009-06-16 16:45:48 ----D---- C:\windows\Panther
2009-06-16 16:41:29 ----D---- C:\Program Files\Analog Devices
2009-06-16 16:41:24 ----D---- C:\ProgramData\SonicFocus
2009-06-16 16:41:14 ----D---- C:\windows\system32\restore
2009-06-16 16:32:34 ----D---- C:\Program Files\Windows NT
2009-06-01 09:51:14 ----A---- C:\windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [2008-04-29 205608]
R1 mfetdik;McAfee Inc. mfetdik; C:\windows\system32\drivers\mfetdik.sys [2008-04-29 55112]
R1 MPFP;MPFP; C:\windows\System32\Drivers\Mpfp.sys [2007-03-02 120360]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2008-05-14 12496]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2008-04-07 34664]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\ADIHdAud.sys [2008-04-11 382464]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2008-02-29 1202560]
R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2008-05-08 3552256]
R3 BthEnum;Pilote de bloc de demande Bluetooth; C:\windows\system32\DRIVERS\BthEnum.sys [2008-04-17 23040]
R3 BthPan;Périphérique Bluetooth (réseau personnel); C:\windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
R3 BTHUSB;Pilote USB radio Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2008-04-17 30208]
R3 btwaudio;Périphérique audio Bluetooth; C:\windows\system32\drivers\btwaudio.sys [2008-02-01 80424]
R3 btwavdt;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys [2008-02-01 80936]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2008-02-01 16168]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 HBtnKey;HBtnKey; C:\windows\system32\DRIVERS\cpqbttn.sys [2008-04-14 9344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-19 16768]
R3 MfeAVFK;McAfee Inc. MfeAVFK; C:\windows\system32\drivers\MfeAVFK.sys [2008-04-29 79560]
R3 MfeBOPK;McAfee Inc. MfeBOPK; C:\windows\system32\drivers\MfeBOPK.sys [2008-04-29 35240]
R3 NETw5v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits ; C:\windows\system32\DRIVERS\NETw5v32.sys [2008-04-28 3658752]
R3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\windows\system32\DRIVERS\rfcomm.sys [2008-04-17 149504]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2008-04-10 1804160]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2008-03-27 199472]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\windows\system32\DRIVERS\yk60x86.sys [2008-01-17 298496]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 BTHPORT;Pilote de port Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2008-04-17 507904]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2009-02-06 55280]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MfeRKDK;McAfee Inc. MfeRKDK; C:\windows\system32\drivers\MfeRKDK.sys [2008-04-29 34088]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2008-01-21 45624]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 accoca;ActivClient Middleware Service; c:\Program Files\ActivIdentity\ActivClient\accoca.exe [2007-05-16 182576]
R2 AEADIFilters;Andrea ADI Filters Service; C:\windows\system32\AEADISRV.EXE [2007-10-19 86016]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2007-12-11 12800]
R2 ASBroker;Logon Session Broker; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 ASChannel;Local Communication Channel; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 Ati External Event Utility;Ati External Event Utility; C:\windows\system32\Ati2evxx.exe [2008-05-08 671744]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\windows\system32\svchost.exe [2008-01-21 21504]
R2 EngineServer;EngineServer; C:\PROGRA~1\McAfee\MANAGE~1\VScan\ENGINE~1.EXE [2008-04-29 13632]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-04-15 94208]
R2 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-05-14 34184]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-05-14 256512]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2008-05-02 77824]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2008-04-07 24936]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-04-18 354840]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-03-18 73728]
R2 McAfee HackerWatch Service;McAfee HackerWatch Service; C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe [2007-02-13 540776]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2007-05-24 841256]
R2 myAgtSvc;McAfee Virus and Spyware Protection Service; C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe [2008-05-05 202048]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2008-05-12 576024]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 PnkBstrA;PnkBstrA; C:\windows\system32\PnkBstrA.exe [2009-06-17 66872]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 SiteAdvisor Service;SiteAdvisor Service; C:\Program Files\SiteAdvisor\6173\SAService.exe [2008-06-18 341280]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe [2008-04-16 165192]
R3 McShield;McShield; C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe [2008-04-29 144704]
S2 rpcnetp;rpcnetp; C:\windows\System32\rpcnetp.exe []
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-27 34312]
S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-21 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB10;RoxMediaDB10; c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-04-08 1112560]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2008-03-24 74384]

-----------------EOF-----------------

Info.txt logfile of random's system information tool 1.06 2009-06-23 20:32:47

======Uninstall list======

-->C:\Program Files\Common Files\McAfee\Installer\mcinst.exe "C:\Program Files\McAfee\MPF\mpfapi.inf" /uninstall
-->C:\Program Files\InstallShield Installation Information\{69333A04-5134-40A5-A055-9166A7AA1EC8}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\windows\system32\Macromed\Flash\uninstall_plugin.exe
2007 Microsoft Office system-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}
ActivClient 6.1 x86-->MsiExec.exe /I{AC194855-F7AC-4D04-B4C9-07BA46FCB697}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}
Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
Agere Systems HDA Modem-->agrsmdel
AOL Toolbar 5.0-->"C:\Program Files\AOL\AOL Toolbar 5.0\uninstall.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
BIOS Configuration for HP ProtectTools-->MsiExec.exe /X{A1410161-F615-4B91-A019-FA33833EF00D}
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x040c
Catalyst Control Center - Branding-->MsiExec.exe /I{30BF4E6C-D866-46F7-A4F6-81A45E97706E}
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Credential Manager for HP ProtectTools-->rundll32.exe "c:\Program Files\Hewlett-Packard\IAM\Bin\SetupHelper.dll",ExecMain /Uninstall {0F98662A-EA83-414F-8766-3FCE46A32641}
Drive Encryption for HP ProtectTools-->MsiExec.exe /I{9DBD8BEE-B3EC-4D82-A81C-0F6250176DCC}
ESU for Microsoft Vista SP1-->MsiExec.exe /I{BC1DC565-8B34-4B29-9DB2-BF281C2FB56E}
File Sanitizer For HP ProtectTools-->C:\Program Files\InstallShield Installation Information\{789C97CE-9E17-4126-BDF4-11FF458BF705}\setup.exe -runfromtemp -l0x0009 -removeonly
Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_9DE96A29E721D90A.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Hewlett-Packard Active Check for Health Check-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Hewlett-Packard Asset Agent for Health Check-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP 3D DriveGuard-->MsiExec.exe /X{4C203E35-B5C7-4E35-9834-619668C0FFEE}
HP Active Support Library-->C:\Program Files\InstallShield Installation Information\{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}\setup.exe -runfromtemp -l0x0409
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{420BBA1D-B275-4891-838C-EA88FE87A632}\setup.exe" -l0x9 -removeonly
HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8BB128BE-2670-485D-A221-B00715BCEBCF}\setup.exe" -l0x9 -removeonly
HP Help and Support-->MsiExec.exe /X{E333CA5F-00ED-4EEF-90E5-6A33A8FE969F}
HP Integrated Module with Bluetooth wireless technology 6.0.1.6200-->MsiExec.exe /X{03D1988F-469F-4843-8E6E-E5FE9D17889D}
HP JavaCard for HP ProtectTools-->MsiExec.exe /I{2086797F-A4BA-4CD3-8104-09B8D39DA5D8}
HP ProtectTools Security Manager Suite-->C:\Windows\Installer\HPPTSuiteInstallEngine.exe /uninstall=C:\Windows\Installer\16403010.msi
HP ProtectTools Security Manager-->MsiExec.exe /I{926F4D5F-C8FC-4FB7-8E09-BCB8A997D1C7}
HP Quick Launch Buttons 6.40 E1-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0009 -removeonly uninst
HP Software Setup 5.00.A.7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{70CEFEBA-F757-4DBE-8A21-027C326137CE}\SETUP.EXE" -l0x9
HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
HP User Guides 0108-->MsiExec.exe /I{B79DB290-9F72-4B20-9776-848D7832705B}
HP Wallpaper-->MsiExec.exe /I{F173C2B3-296F-458C-98FF-1676A42EBA02}
HP Webcam Application-->C:\Program Files\InstallShield Installation Information\{154E4F71-DFC0-4B31-8D99-F97615031B02}\setup.exe -runfromtemp -l0x040c -removeonly
HP Webcam-->C:\Program Files\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe -runfromtemp -l0x040c -removeonly
HP Wireless Assistant-->MsiExec.exe /I{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}
HPNetworkAssistant-->MsiExec.exe /I{228C6B46-64E2-404E-898A-EF0830603EF4}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Intel® Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall
InterVideo DVD Check-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5D97A4A7-C274-4B63-86D9-07A33435F505}\setup.exe" REMOVEALL
InterVideo WinDVD-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
LightScribe System Software 1.12.37.1-->MsiExec.exe /X{004C5DA2-2051-4D25-94BA-51CF810C91EB}
LimeWire 5.1.3-->"C:\Program Files\LimeWire\uninstall.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
McAfee Browser Protection Service-->C:\Program Files\McAfee\Managed VirusScan\Agent\myInx.exe /Script=C:\Program Files\McAfee\Managed VirusScan\BrowseProtection\BrowseProtection.inx /Section=DefaultUninstall
McAfee Firewall Protection Service-->C:\Program Files\McAfee\Managed VirusScan\Agent\myinx /Script=C:\Program Files\McAfee\Managed VirusScan\Firewall\mvsFirewall.Inx /Section=DefaultUninstall
McAfee Virus and Spyware Protection Service-->C:\Program Files\McAfee\Managed VirusScan\Agent\myinx /Script=C:\Program Files\McAfee\Managed VirusScan\VScan\vsasap.inx /Section=DefaultUninstall
Messenger Plus! Live & Sponsor (CiD)-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 Hotfix (KB929729)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0410-0000-0000000FF1CE} /uninstall {0A75DA12-55CB-4DE5-8B6A-74D97847204E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {89C8E56A-90D8-4598-B0E6-EB28F6270E07}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Access MUI (German) 2007-->MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}
Microsoft Office Access MUI (Italian) 2007-->MsiExec.exe /X{90120000-0015-0410-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Excel 2007 Help - Aggiornamento (KB963678)-->msiexec /package {90120000-0016-0410-0000-0000000FF1CE} /uninstall {9F57BDED-B51B-4D2F-B360-5B4EFAAF0F1A}
Microsoft Office Excel MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office Excel MUI (Italian) 2007-->MsiExec.exe /X{90120000-0016-0410-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677)-->msiexec /package {90120000-001A-0410-0000-0000000FF1CE} /uninstall {2278E02A-AB15-4BF7-B2B4-5C0EEB4B7EEB}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0120-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Italian) 2007-->MsiExec.exe /X{90120000-001A-0410-0000-0000000FF1CE}
Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669)-->msiexec /package {90120000-0018-0410-0000-0000000FF1CE} /uninstall {C76C02F1-B07F-4974-876A-A18DEC9887C8}
Microsoft Office PowerPoint MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Italian) 2007-->MsiExec.exe /X{90120000-0018-0410-0000-0000000FF1CE}
Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (Dutch) 2007-->MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Proofing (Italian) 2007-->MsiExec.exe /X{90120000-002C-0410-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {322296D4-1EAE-4030-9FBC-D2787EB25FA2}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (German) 2007-->MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Italian) 2007-->MsiExec.exe /X{90120000-0019-0410-0000-0000000FF1CE}
Microsoft Office Shared MUI (Dutch) 2007-->MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
Microsoft Office Shared MUI (Italian) 2007-->MsiExec.exe /X{90120000-006E-0410-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
Microsoft Office Word 2007 Help - Aggiornamento (KB963665)-->msiexec /package {90120000-001B-0410-0000-0000000FF1CE} /uninstall {E5B82DB3-DD7D-4C45-BC5E-09864B26F9BC}
Microsoft Office Word MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft Office Word MUI (Italian) 2007-->MsiExec.exe /X{90120000-001B-0410-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PDF Complete-->C:\Program Files\PDF Complete\uninstall.exe
Roxio Activation Module-->MsiExec.exe /I{EC877639-07AB-495C-BFD1-D63AF9140810}
Roxio Creator Audio-->MsiExec.exe /I{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}
Roxio Creator Business v10-->MsiExec.exe /I{ED439A64-F018-4DD4-8BA5-328D85AB09AB}
Roxio Creator Business-->C:\ProgramData\Uninstall\{537BF16E-7412-448C-95D8-846E85A1D817}\setup.exe /x {537BF16E-7412-448C-95D8-846E85A1D817}
Roxio Creator Copy-->MsiExec.exe /I{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}
Roxio Creator Data-->MsiExec.exe /I{08E81ABD-79F7-49C2-881F-FD6CB0975693}
Roxio Creator Tools-->MsiExec.exe /I{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}
Roxio Express Labeler 3-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio MyDVD-->MsiExec.exe /I{30A2A953-DEB1-466A-B660-F4399C7C6B9D}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73}
Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
Sonic CinePlayer Decoder Pack-->MsiExec.exe /I{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}
SoundMAX-->C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe -runfromtemp -l0x040c -removeonly
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office Outlook 2007 (KB969907)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {74F98B24-AFBD-4800-9BD6-87D349B5C462}
Update for Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
Update for Outlook 2007 Junk Email Filter (kb970012)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {DC4A962B-9EC2-469C-BC9C-87312ADAEE81}
Update für Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}
Update für Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {F6828576-6F79-470D-AB50-69D1BBADBD30}
Update für Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {EA160DA3-E9B5-4D03-A518-21D306665B96}
Update für Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {38472199-D7B6-4833-A949-10E4EE6365A1}
Update voor Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {5CF7002F-6F49-4482-9564-5614FBE560FA}
Update voor Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}
Update voor Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {A66AE6A1-8D8C-4102-BC18-38CBDE40F809}
Vista Default Settings-->MsiExec.exe /I{207A8D54-51C9-48B6-80E6-CBA5403B3ED4}
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}

======Security center information======

AV: Total Protection
FW: Total Protection
AS: Total Protection
AS: Windows Defender

======System event log======

Computer Name: PC-de-Yohann
Event Code: 1001
Message: L’initialisation de l’application a échoué. Dernière erreur : 0x80070032
Record Number: 34695
Source Name: Microsoft-Windows-LanguagePackSetup
Time Written: 20090623172016.282242-000
Event Type: Erreur
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-Yohann
Event Code: 7000
Message: Le service Parallel port driver n'a pas pu démarrer en raison de l'erreur :
Le service ne peut pas être démarré parce qu'il est désactivé ou qu'aucun périphérique activé ne lui est associé.
Record Number: 34737
Source Name: Service Control Manager
Time Written: 20090623172021.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-Yohann
Event Code: 7000
Message: Le service rpcnetp n'a pas pu démarrer en raison de l'erreur :
Le fichier spécifié est introuvable.
Record Number: 34762
Source Name: Service Control Manager
Time Written: 20090623172021.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-Yohann
Event Code: 3004
Message: L’agent de protection en temps réel Windows Defender a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. Windows Defender ne peut pas annuler les modifications que vous autorisez.
Pour plus d’informations, consultez les données suivantes :
Non applicable
ID d’analyse : {39C30DB7-5F2D-4395-A702-D04A95CEC1C3}
Utilisateur : PC-de-Yohann\Yohann
Nom : Unknown
ID :
ID de gravité :
ID de catégorie :
Chemin d’accès trouvé : file:C:\windows\system32\drivers\etc\hosts
Type d’alerte : Logiciel non classifié
Type de détection :
Record Number: 34828
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20090623174324.000000-000
Event Type: Avertissement
User:

Computer Name: PC-de-Yohann
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.
Record Number: 34830
Source Name: Tcpip
Time Written: 20090623174600.182042-000
Event Type: Avertissement
User:

=====Application event log=====

Computer Name: PC-de-Yohann
Event Code: 513
Message: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service rpcnetp since QueryServiceConfig API failed

System Error:
Le fichier spécifié est introuvable.
.
Record Number: 1353
Source Name: Microsoft-Windows-CAPI2
Time Written: 20090622043236.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-Yohann
Event Code: 513
Message: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service rpcnetp since QueryServiceConfig API failed

System Error:
Le fichier spécifié est introuvable.
.
Record Number: 1356
Source Name: Microsoft-Windows-CAPI2
Time Written: 20090622043344.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-Yohann
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 1388
Source Name: Microsoft-Windows-WMI
Time Written: 20090622165043.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-Yohann
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 1435
Source Name: Microsoft-Windows-WMI
Time Written: 20090622171639.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-Yohann
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 1494
Source Name: Microsoft-Windows-WMI
Time Written: 20090623172021.000000-000
Event Type: Erreur
User:

=====Security event log=====

Computer Name: PC-de-Yohann
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 3504
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090623183241.446042-000
Event Type: Échec de l'audit
User:

Computer Name: PC-de-Yohann
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 3505
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090623183241.475042-000
Event Type: Échec de l'audit
User:

Computer Name: PC-de-Yohann
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 3506
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090623183241.505042-000
Event Type: Échec de l'audit
User:

Computer Name: PC-de-Yohann
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 3507
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090623183241.535042-000
Event Type: Échec de l'audit
User:

Computer Name: PC-de-Yohann
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 3508
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090623183241.566042-000
Event Type: Échec de l'audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Program Files\ActivIdentity\ActivClient\;c:\Program Files\Hewlett-Packard\IAM\bin;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\10.0\DLLShared\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"OnlineServices"=Online Services
"Platform"=BNB
"RoxioCentral"=c:\Program Files\Common Files\Roxio Shared\10.0\Roxio Central36\
"EMC_AUTOPLAY"=c:\Program Files\Common Files\Roxio Shared\

-----------------EOF-----------------

---> Désactive ton antivirus le temps de la manipulation car OTM est détecté comme une infection à tort.

---> Télécharge OTM (OldTimer) sur ton Bureau.

---> Clique droit sur OTM.exe et choisis Exécuter en tant qu'administrateur.

---> Copie (Ctrl+C) le texte suivant ci-dessous :





:processes
explorer.exe

:services
rpcnetp

:files
C:\ProgramData\Eq Anti Fork Live
C:\ProgramData\KnobExtra
C:\Program Files\Cicle Developement

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

:commands
[purity]
[emptytemp]
[reboot]





---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTM.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

ça a fait redémarré l'ordinateur c'est normal?

Oui.

Excuse moi je me suis trompé en fait ça a fait planté explorer et j'ai du faire redemaré

Va chercher combofix http://www.bleepingcomputer.com/combofix/how-to-use-combofix­
ce programme fait un hijack et detecte seul les problemes
ca evitera de le faire manuellement