Infection trojan Bifrose.LA [Résolu]

Personne pour me venir en aide?

Salut Patou57,

Attend de voir comment ça se passe chez Zebulon ...
http://forum.zebulon.fr/infecte-par-bifrosela-t149249.html

ok merci

...

Bizarre parce que ce virus est répertorié chez Antivir !

Malwarebytes devrait pourtant le localiser et en venir à bout.

Scanne en ligne ...
http://forum.pcastuces.com/sujet.asp?f=25&s=31584&page=1 ... pour voir.

Poste (copie-colle) le rapport dans ton prochain message.

BitDefender Online Scanner







Rapport d'analyse généré à: Tue, Aug 12, 2008 - 23:52:46









Voie d'analyse: C:\;D:\;E:\;















Statistiques

Temps


01:24:51

Fichiers


167605

Directoires


18920

Secteurs de boot


3

Archives


2591

Paquets programmes


13740







Résultats

Virus identifiés


0

Fichiers infectés


0

Fichiers suspects


0

Avertissements


0

Désinfectés


0

Fichiers effacés


0







Info sur les moteurs

Définition virus


1439576

Version des moteurs


AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Analyse des plugins


16

Archive des plugins


43

Unpack des plugins


7

E-mail plugins


6

Système plugins


5







Paramètres d'analyse

Première action


Désinfecté

Seconde Action


Supprimé

Heuristique


Oui

Acceptez les avertissements


Oui

Extensions analysées


exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;

Excludez les extensions




Analyse d'emails


Oui

Analyse des Archives


Oui

Analyser paquets programmes


Oui

Analyse des fichiers


Oui

Analyse de boot


Oui








Fichier analysé


Statut

Aucun virus trouvé.

...

Et maintenant chez Kaspersky ...

Sous IE, scanne en ligne : http://www.n9ws.com/webscanner/kavwebscan.html

En bas de page, clique sur > Accept.
Laisse faire les définitions, mises à jour et installation d' ActiveX.
Puis, clique sur Next (suivant) > My Computer (Poste de travail).
Le scan commence. Patiente ...
Une fois le scan achevé, clique sur > Save report (enregistrer rapport sous …)
et enregistre-le quelque part (ex. bureau ou « mes documents »).

Poste-le dans ta prochaine réponse.

NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée",
va dans Ajout/Suppres… de progr., puis désinstalle [i]On-Line Scanner/i.
Ensuite, reconnecte-toi sur le site de Kaspersky pour retenter le scan en ligne.

Bonjour;

J'ai au moins essayé dix fois, mais impossible de faire un scan avec Kaspersky.
Je reçois le message "La licence de Kaspersky On-line Scanner est périmée" à chaque tentative

Bonjour kduc ;

Étant donné que tu poursuis les recherches malgré ta proposition d'attendre les résultats de la procédure déjà en cours sur Zébulon, je vais suggérer au helper là-bas de cesser les démarches. Deux helpers qui aident en stéréo, c'est une perte de temps et ça peut être dangeureux...

Petite note additionnelle : Bifrose est une grande famille d'infection qui porte plusieurs noms selon les éditeurs d'antivirus ; un antivirus peut connaître certaines variantes mais pas toutes. Un Bifrose actif présente une composante rootkit (Service), une ou des clés Run actives et plusieurs fichiers. Bifrose contamine les clés qui permettent le mode Sans Échec ; ce dernier est entièrement bloqué (sous XP). Si tu regardes bien la détection de SpyBot, ne vois-tu pas qu'une seule clé de registre et pas de fichiers ? Avast!, AntiVir, MBAM et BitDefender ne voient rien. Il reste Kaspersky, mais le lien que tu as fourni pointe vers le scanneur ActiveX qui ne fonctionne plus depuis plusieurs jours maintenant (message "Licence périmée...") ; fais-en l'essai chez toi si non convaincu. De plus, cette version du scanneur tournait mal sous Vista.

Avec ces quelques pistes, je vous souhaite bonne chasse.

@++

Plus personne pour continuer la recherche de mon problème?

Salut


Voila le rapport VundoFix


VundoFix V7.0.6

Scan started at 19:57:21 14/08/2008

Listing files found while scanning....

No infected files were found.


VundoFix V7.0.6

Scan started at 20:42:31 14/08/2008

Listing files found while scanning....

No infected files were found.


Beginning removal...

VundoFix V7.0.6

Scan started at 21:16:40 14/08/2008

Listing files found while scanning....

No infected files were found.


Et le rapport VirtumondeBegone


[08/14/2008, 21:34:29] - VirtumundoBeGone v1.5 ( "C:\Users\Patrice CATTELAIN\Desktop\VirtumundoBeGone.exe" )
[08/14/2008, 21:34:47] - User choose NOT to continue. Exiting...

[08/14/2008, 21:52:39] - VirtumundoBeGone v1.5 ( "C:\Users\Patrice CATTELAIN\Desktop\VirtumundoBeGone.exe" )
[08/14/2008, 21:52:41] - Detected System Information:
[08/14/2008, 21:52:41] - Windows Version: 6.0.6001, Service Pack 1
[08/14/2008, 21:52:41] - Current Username: Patrice CATTELAIN (Admin)
[08/14/2008, 21:52:41] - Windows is in NORMAL mode.
[08/14/2008, 21:52:41] - Searching for Browser Helper Objects:
[08/14/2008, 21:52:41] - BHO 1: {02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
[08/14/2008, 21:52:41] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[08/14/2008, 21:52:41] - BHO 3: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
[08/14/2008, 21:52:41] - BHO 4: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[08/14/2008, 21:52:41] - BHO 5: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
[08/14/2008, 21:52:41] - BHO 6: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[08/14/2008, 21:52:41] - Finished Searching Browser Helper Objects
[08/14/2008, 21:52:41] - Finishing up...
[08/14/2008, 21:52:41] - Nothing found! Exiting...

[08/14/2008, 21:53:21] - VirtumundoBeGone v1.5 ( "C:\Users\Patrice CATTELAIN\Desktop\VirtumundoBeGone.exe" )
[08/14/2008, 21:53:29] - Detected System Information:
[08/14/2008, 21:53:29] - Windows Version: 6.0.6001, Service Pack 1
[08/14/2008, 21:53:29] - Current Username: Patrice CATTELAIN (Admin)
[08/14/2008, 21:53:29] - Windows is in NORMAL mode.
[08/14/2008, 21:53:29] - Searching for Browser Helper Objects:
[08/14/2008, 21:53:29] - BHO 1: {02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
[08/14/2008, 21:53:29] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[08/14/2008, 21:53:29] - BHO 3: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
[08/14/2008, 21:53:29] - BHO 4: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[08/14/2008, 21:53:29] - BHO 5: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
[08/14/2008, 21:53:29] - BHO 6: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[08/14/2008, 21:53:29] - Finished Searching Browser Helper Objects
[08/14/2008, 21:53:29] - Finishing up...
[08/14/2008, 21:53:29] - Nothing found! Exiting...


Je fais maintenant un scan avec Malwarebytes, et je le poste quand fini

A plus

Et voila le rapport Malwarebytes


Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1045
Windows 6.0.6001 Service Pack 1

22:16:47 14/08/2008
mbam-log-8-14-2008 (22-16-47).txt

Type de recherche: Examen rapide
Eléments examinés: 36986
Temps écoulé: 6 minute(s), 16 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Salut

Si tu l' opportunité d' effectuer un scan avec
Kaspersky : http://www.kaspersky.com/virusscanner

Il faut que tu cliques sur Kaspersky Online Scanner pour démarrer le scan.
Puis, clique sur Accept, Scan, My computer, etc ...

A la fin, sauvegarde le rapport (Save Report ou scan Report) et copie/colle dans
ta réponse.

J'ai effectué un scan avec kaspersky, mais il n'y a rien du tout dans le rapport (scan Report)

Bonjour;

Personne ne peut m'aider a résoudre mon problème?

Salut

Fais un scan HijackThis ...
http://forum.telecharger.01net.com/... ... et poste le rapport.

Salut voila le rapport du scan Hijack This

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:52:05, on 18/08/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Sidebar\SideBar.exe
C:\Program Files\Windows Sidebar\SideBar.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\PhotoScreensaver.scr
C:\Windows\system32\PhotoScreensaver.scr
C:\PROGRA~1\MICROS~3\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Users\Patrice CATTELAIN\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Event Reminder.lnk = C:\Program Files\Broderbund\PrintMaster\PMremind.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O13 - Gopher Prefix:
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/OnlineScanner.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

...

Désinstalle Ad-Aware car inutile et rentre en conflit avec Spybot S&D :
http://www.commentcamarche.net/faq/sujet 7382 desinstaller ad aware se

http://forum.malekal.com/viewtopic.php?f=45&t=4650

Désinstalle aussi complétement Norton ...
http://service1.symantec.com/...

Fais la manip deux fois si nécessaire.

(si ce n’ est déjà fait) Télécharge CCleaner ...
http://www.filehippo.com/download_ccleaner.html
("Download Latest Version", sur la droite) et laisse-toi guider.

Avant de cliquer sur le bouton "Installer", décoche toutes les "options supplémentaires".
Puis, clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers,
du dossier Temp de Windows, plus vieux que 48 heures".
Par la suite, laisse-le avec ses réglages par défaut. C'est tout.

Ensuite, ferme toutes les fenêtres et applications.

Lance CCleaner ...
Clique sur > Analyse > Lancer le nettoyage, puis sur OK dans la fenêtre qui s' affiche.
(re)Lance le nettoyage et (re)confirme par OK.

Mets à jour Malwarebytes et faire un examen COMPLET (et pas rapide) de tous les lecteurs
du PC et en mode sans échec !
http://www.pcastuces.com/pratique/windows/mode_sans_echec/page2.htm
(méthode F8 de préférence)

Supprime tout ce Malwarebytes peut trouver.
Redémarre le PC et poste le dernier rapport de Malwarebytes + un nouvel hijackthis ...

Salut voila le rapport Malwarebytes


Malwarebytes' Anti-Malware 1.25
Version de la base de données: 1062
Windows 6.0.6001 Service Pack 1

17:55:30 19/08/2008
mbam-log-08-19-2008 (17-55-30).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 170755
Temps écoulé: 41 minute(s), 4 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\SwSetup\MMFlash\Setup.exe (BHO.Baidu) -> Quarantined and deleted successfully.


Et le rapport Hijack This

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:07:19, on 19/08/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Patrice CATTELAIN\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Event Reminder.lnk = C:\Program Files\Broderbund\PrintMaster\PMremind.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O13 - Gopher Prefix:
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/OnlineScanner.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

Salut Patour57,

Relance un scan Spybot et poste le rapport, stp.

Salut

Voila le résultat avec Spybot



--- Search result list ---
Le conseil du jour: Cliquez sur la barre située à droite pour voir plus d'informations! ()


Win32.Bifrose.LA: [SBI $44EDC9AF] Réglages (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Cn911


--- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---

2008-07-07 blindman.exe (1.0.0.8)
2008-07-07 SDFiles.exe (1.6.0.4)
2008-07-07 SDMain.exe (1.0.0.6)
2008-07-07 SDShred.exe (1.0.2.3)
2008-07-07 SDUpdate.exe (1.6.0.8)
2008-07-07 SDWinSec.exe (1.0.0.12)
2008-07-07 SpybotSD.exe (1.6.0.30)
2008-08-18 TeaTimer.exe (1.6.2.23)
2008-08-09 unins000.exe (51.49.0.0)
2008-08-12 unins001.exe (51.49.0.0)
2008-07-07 Update.exe (1.6.0.7)
2008-07-07 advcheck.dll (1.6.1.12)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-07-07 SDHelper.dll (1.6.0.12)
2008-06-19 sqlite3.dll
2008-07-07 Tools.dll (2.1.5.7)
2008-08-05 Includes\Adware.sbi (*)
2008-08-19 Includes\AdwareC.sbi (*)
2008-06-03 Includes\Cookies.sbi (*)
2008-06-03 Includes\Dialer.sbi (*)
2008-08-05 Includes\DialerC.sbi (*)
2008-07-23 Includes\HeavyDuty.sbi (*)
2008-08-19 Includes\Hijackers.sbi (*)
2008-08-19 Includes\HijackersC.sbi (*)
2008-08-05 Includes\Keyloggers.sbi (*)
2008-08-12 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2008-08-20 Includes\Malware.sbi (*)
2008-08-19 Includes\MalwareC.sbi (*)
2008-08-05 Includes\PUPS.sbi (*)
2008-08-19 Includes\PUPSC.sbi (*)
2007-11-07 Includes\Revision.sbi (*)
2008-06-18 Includes\Security.sbi (*)
2008-08-19 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2008-08-12 Includes\Spyware.sbi (*)
2008-08-12 Includes\SpywareC.sbi (*)
2008-06-03 Includes\Tracks.uti
2008-08-05 Includes\Trojans.sbi (*)
2008-08-20 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll



--- System information ---
Windows Vista (Build: 6001) Service Pack 1 (6.0.6001)
/ MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
/ MSXML4SP2: Security update for MSXML4 SP2 (KB936181)
/ MSXML4SP2: Security update for MSXML4 SP2 (KB941833)


--- Startup entries list ---
Located: HK_LM:Run, !AVG Anti-Spyware
command: "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
file: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
size: 6731312
MD5: CC6BC45DD5A58158645E7FB2953604FE

Located: HK_LM:Run, ArcSoft Connection Service
command: C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
file: C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
size: 31232
MD5: 464C9D3EB01BB20968493C68B1511159

Located: HK_LM:Run, avgnt
command: "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
file: C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
size: 266497
MD5: 6E812818306D460D62B4ABEA9FDC6679

Located: HK_LM:Run, hpWirelessAssistant
command: %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
file: C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
size: 472800
MD5: F3C9ADCBF74090552EDC76F81A553D81

Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
file: C:\Windows\system32\NvCpl.dll
size: 13535776
MD5: 7522597DD61F651A95A471D798E08304

Located: HK_LM:Run, SynTPEnh
command: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
file: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
size: 1033512
MD5: 19D93154C82FE39A99B269CED1056A92

Located: HK_LM:Run, WAWifiMessage
command: %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
file: C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
size: 317152
MD5: 6006C370B18A345203D26038518F5F86

Located: HK_LM:Run, Windows Defender
command: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
file: C:\Program Files\Windows Defender\MSASCui.exe
size: 1008184
MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E

Located: HK_LM:Run, Windows Mobile-based device management
command: %windir%\WindowsMobile\wmdSync.exe
file: C:\Windows\WindowsMobile\wmdSync.exe
size: 215552
MD5: 4AB05041D5C922B9A7A5D9059F5538CD

Located: HK_LM:Run, !AVG Anti-Spyware (DISABLED)
command: "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
file: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
size: 6731312
MD5: CC6BC45DD5A58158645E7FB2953604FE

Located: HK_LM:Run, Adobe Reader Speed Launcher (DISABLED)
command: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
file: C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
size: 39792
MD5: 8B9145D229D4E89D15ACB820D4A3A90F

Located: HK_LM:Run, HP Health Check Scheduler (DISABLED)
command: C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
file: C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
size: 46704
MD5: 58EC2A2D7B7211F568A75C8D30C68257

Located: HK_LM:Run, HP Software Update (DISABLED)
command: C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
file: C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
size: 49152
MD5: 821F73B833C4DAEBC33C1A9A4B16BB5A

Located: HK_LM:Run, hpqSRMon (DISABLED)
command: C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe
file: C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe
size: 80896
MD5: 941A08CBDEEDF16B6C986B6BA7C9A5D0

Located: HK_LM:Run, NvMediaCenter (DISABLED)
command: RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
file: C:\Windows\system32\NvMcTray.dll
size: 92704
MD5: C1E17F8DF7524B454E57A0C887307403

Located: HK_LM:Run, NvSvc (DISABLED)
command: RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
file: C:\Windows\system32\nvsvc.dll
size: 526880
MD5: B88B306A3DD3B470A8747B15B7C00703

Located: HK_LM:Run, QlbCtrl (DISABLED)
command: %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
file: C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
size: 159744
MD5: 20321CA0F49D143FDB4CEF926A05E10A

Located: HK_LM:Run, QPService (DISABLED)
command: "C:\Program Files\HP\QuickPlay\QPService.exe"
file: C:\Program Files\HP\QuickPlay\QPService.exe
size: 167936
MD5: 9F8F1BA3941DAD9325FFC166E76DFADB

Located: HK_LM:Run, QuickTime Task (DISABLED)
command: "C:\Program Files\VistaCodecPack\QT\QTTask.exe" -atboottime
file: C:\Program Files\VistaCodecPack\QT\QTTask.exe
size: 286720
MD5: 49CCFBE5D5225B9D3CC78C09DEE147D0

Located: HK_LM:Run, SunJavaUpdateSched (DISABLED)
command: "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
file: C:\Program Files\Java\jre1.6.0\bin\jusched.exe
size: 77824
MD5: 8F5E772B91A10AC97415B760FF21A94F

Located: HK_LM:Run, SynTPStart (DISABLED)
command: C:\Program Files\Synaptics\SynTP\SynTPStart.exe
file: C:\Program Files\Synaptics\SynTP\SynTPStart.exe
size: 102400
MD5: A3418E4D4A5EE636D44922DC2567FA18

Located: HK_LM:Run, Windows Mobile Device Center (DISABLED)
command: %windir%\WindowsMobile\wmdc.exe
file: C:\Windows\WindowsMobile\wmdc.exe
size: 648072
MD5: 96B3C4E20F02CA16AA1E3E425BFFCC8B

Located: HK_LM:Run, Windows Mobile-based device management (DISABLED)
command: %windir%\WindowsMobile\wmdSync.exe
file: C:\Windows\WindowsMobile\wmdSync.exe
size: 215552
MD5: 4AB05041D5C922B9A7A5D9059F5538CD

Located: HK_CU:Run, Sidebar
where: S-1-5-19...
command: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
file: C:\Program Files\Windows Sidebar\Sidebar.exe
size: 1233920
MD5: FD278E51A7D6F52D22FCE6C67E037AD6

Located: HK_CU:Run, WindowsWelcomeCenter
where: S-1-5-19...
command: rundll32.exe oobefldr.dll,ShowWelcomeCenter
file: C:\Windows\system32\oobefldr.dll
size: 2153472
MD5: 83E4A5435B0FA6AD0166722621A04725

Located: HK_CU:Run, Sidebar
where: S-1-5-20...
command: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
file: C:\Program Files\Windows Sidebar\Sidebar.exe
size: 1233920
MD5: FD278E51A7D6F52D22FCE6C67E037AD6

Located: HK_CU:Run, WindowsWelcomeCenter
where: S-1-5-20...
command: rundll32.exe oobefldr.dll,ShowWelcomeCenter
file: C:\Windows\system32\oobefldr.dll
size: 2153472
MD5: 83E4A5435B0FA6AD0166722621A04725

Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-3858235561-3552012657-3696386842-1000...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 1832272
MD5: FFB5BAC9C29303904365640A2E2A6D0C

Located: HK_CU:Run, WMPNSCFG
where: S-1-5-21-3858235561-3552012657-3696386842-1000...
command: C:\Program Files\Windows Media Player\WMPNSCFG.exe
file: C:\Program Files\Windows Media Player\WMPNSCFG.exe
size: 202240
MD5: 35937EAD711207544E219C2A19A78A7D

Located: HK_CU:Run, ehTray.exe (DISABLED)
where: S-1-5-21-3858235561-3552012657-3696386842-1000...
command: C:\Windows\ehome\ehTray.exe
file: C:\Windows\ehome\ehTray.exe
size: 125952
MD5: BF08674925F151BD4537B89A493E3E0C

Located: HK_CU:Run, Sidebar (DISABLED)
where: S-1-5-21-3858235561-3552012657-3696386842-1000...
command: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
file: C:\Program Files\Windows Sidebar\sidebar.exe
size: 1233920
MD5: FD278E51A7D6F52D22FCE6C67E037AD6

Located: Démarrage (tous utilisateurs), Event Reminder.lnk
where: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup...
command: C:\Program Files\Broderbund\PrintMaster\PMremind.exe
file: C:\Program Files\Broderbund\PrintMaster\PMremind.exe
size: 323584
MD5: BBCC597AB4227C13540849865952017D



--- Browser helper object list ---
{9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Programme d'aide de l'Assistant de connexion Windows Live
Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live\
Long name: WindowsLiveLogin.dll
Short name: WINDOW~1.DLL
Date (created): 20/09/2007 11:30:18
Date (last access): 11/11/2007 21:05:48
Date (last write): 20/09/2007 11:30:18
Filesize: 328752
Attributes: archive
MD5: 59CF5BF6684AFCF906CADAD39B4214DE
CRC32: C363813C
Version: 4.200.520.1

{AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Google Toolbar Helper
description: Google toolbar
classification: Open for discussion
known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll
info link: http://toolbar.google.com/
info source: TonyKlein
Path: c:\program files\google\
Long name: GoogleToolbar2.dll
Short name: GOOGLE~2.DLL
Date (created): 17/05/2007 21:52:40
Date (last access): 17/05/2007 21:52:40
Date (last write): 17/05/2007 21:52:40
Filesize: 2436160
Attributes: readonly archive
MD5: 6D44E0C3B43D27484FBB355E470C4188
CRC32: 2DE875CD
Version: 4.0.1601.4978



--- ActiveX list ---
{56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control)
DPF name:
CLSID name: OnlineScanner Control
Installer: C:\Windows\Downloaded Program Files\OnlineScanner.inf
Codebase: http://www.eset.eu/OnlineScanner.cab
Path: C:\Windows\system32\
Long name: OnlineScanner.ocx
Short name: ONLINE~1.OCX
Date (created): 06/08/2007 13:18:16
Date (last access): 06/08/2007 13:18:16
Date (last write): 06/08/2007 13:18:16
Filesize: 2707456
Attributes: archive
MD5: 41B8A44F69C6C5C2F9DAFEA1ED184D20
CRC32: E1F281AC
Version: 1.0.0.337

{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control)
DPF name:
CLSID name: BDSCANONLINE Control
Installer: C:\Windows\Downloaded Program Files\oscan8.inf
Codebase: http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
description:
classification: Legitimate
known filename: oscan8.ocx
info link:
info source: Safer Networking Ltd.
Path: C:\Windows\DOWNLO~1\
Long name: oscan8.ocx
Short name:
Date (created): 25/10/2007 16:54:18
Date (last access): 25/10/2007 16:54:18
Date (last write): 25/10/2007 16:54:18
Filesize: 471040
Attributes: archive
MD5: BC4E154A06C9208EF36669B1B9E5FDAD
CRC32: DF08A08D
Version: 1.0.0.1

{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ()
DPF name:
CLSID name:
Installer: C:\Windows\Downloaded Program Files\erma.inf
Codebase: http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
description:
classification: Open for discussion
known filename:
info link:
info source: Safer Networking Ltd.



--- Process list ---
PID: 1808 (1172) C:\Windows\system32\Dwm.exe
size: 81920
MD5: 59903071D7ACE6A02093C47E9E38AF97
PID: 1816 (1784) C:\Windows\Explorer.EXE
size: 2927104
MD5: FFA764631CB70A30065C12EF8E174F9F
PID: 1288 (1192) C:\Windows\system32\taskeng.exe
size: 169472
MD5: 5F109032CE46B7184ED9E50F9FE8489E
PID: 1644 (1816) C:\Program Files\Windows Defender\MSASCui.exe
size: 1008184
MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E
PID: 1764 (1816) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
size: 1033512
MD5: 19D93154C82FE39A99B269CED1056A92
PID: 876 (1816) C:\Windows\WindowsMobile\wmdSync.exe
size: 215552
MD5: 4AB05041D5C922B9A7A5D9059F5538CD
PID: 1528 (1816) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
size: 31232
MD5: 464C9D3EB01BB20968493C68B1511159
PID: 1700 (1816) C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
size: 266497
MD5: 6E812818306D460D62B4ABEA9FDC6679
PID: 1080 (1816) C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
size: 6731312
MD5: CC6BC45DD5A58158645E7FB2953604FE
PID: 1108 (1816) C:\Program Files\Windows Media Player\wmpnscfg.exe
size: 202240
MD5: 35937EAD711207544E219C2A19A78A7D
PID: 3768 (1764) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
size: 95528
MD5: 892699A6AEB910C58B726BD70BEA4F4B
PID: 2792 ( 892) C:\Windows\system32\wbem\unsecapp.exe
size: 37888
MD5: 25873356E52849C3F5B3F1B02317E8C8
PID: 1604 (1816) C:\Program Files\Mozilla Firefox\firefox.exe
size: 7667312
MD5: 8FD9724777C5DA9665ADB7B554F746BC
PID: 3312 (3936) C:\Windows\system32\conime.exe
size: 69120
MD5: F96EBC5A624349D81DCC7600A3C5DC43
PID: 3356 (3936) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4891472
MD5: 3B1B5D09D3C9C4CD39D4DB06ED7A0855
PID: 0 ( 0) [System Process]
PID: 4 ( 0) System
PID: 480 ( 4) smss.exe
size: 64000
PID: 584 ( 572) csrss.exe
size: 6144
PID: 636 ( 572) wininit.exe
size: 96768
PID: 648 ( 628) csrss.exe
size: 6144
PID: 684 ( 636) services.exe
size: 279040
PID: 700 ( 636) lsass.exe
size: 9728
PID: 708 ( 636) lsm.exe
size: 229888
PID: 784 ( 628) winlogon.exe
size: 314880
PID: 892 ( 684) svchost.exe
size: 21504
PID: 944 ( 684) nvvsvc.exe
size: 118784
PID: 972 ( 684) svchost.exe
size: 21504
PID: 1012 ( 684) svchost.exe
size: 21504
PID: 1124 ( 684) svchost.exe
size: 21504
PID: 1172 ( 684) svchost.exe
size: 21504
PID: 1192 ( 684) svchost.exe
size: 21504
PID: 1256 (1124) audiodg.exe
size: 88064
PID: 1300 ( 684) SLsvc.exe
size: 2623488
PID: 1324 ( 684) svchost.exe
size: 21504
PID: 1392 ( 944) rundll32.exe
size: 44544
PID: 1588 ( 684) svchost.exe
size: 21504
PID: 1900 ( 684) spoolsv.exe
size: 125952
PID: 1940 ( 684) sched.exe
PID: 1960 ( 684) svchost.exe
size: 21504
PID: 1968 (1172) wlanext.exe
size: 74240
PID: 424 (1192) taskeng.exe
size: 169472
PID: 2284 ( 684) a2service.exe
PID: 2316 ( 684) ACService.exe
PID: 2352 ( 684) avguard.exe
PID: 2380 ( 684) guard.exe
PID: 2392 ( 684) svchost.exe
size: 21504
PID: 2412 ( 684) CLCapSvc.exe
PID: 2460 ( 684) LSSrvc.exe
PID: 2500 ( 684) MDM.EXE
PID: 2564 ( 684) svchost.exe
size: 21504
PID: 2640 ( 684) svchost.exe
size: 21504
PID: 2704 ( 684) svchost.exe
size: 21504
PID: 2748 ( 684) SearchIndexer.exe
size: 302080
PID: 2784 ( 684) XAudio.exe
PID: 2976 ( 684) nSvcAppFlt.exe
PID: 3224 ( 684) hpqwmiex.exe
PID: 3276 ( 684) nSvcIp.exe
PID: 3364 ( 684) CLSched.exe
PID: 3440 ( 684) SDWinSec.exe
size: 809296
MD5: 55C1E4FDFD62A48FB5A2CE25F3AA8AE8
PID: 3868 ( 684) svchost.exe
size: 21504
PID: 4020 ( 684) wmpnetwk.exe
PID: 4060 ( 684) alg.exe
size: 59392
PID: 2100 ( 892) WmiPrvSE.exe
PID: 3896 ( 684) HPHC_Service.exe


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 21/08/2008 16:40:42

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\Windows\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://recherche.neuf.fr/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://recherche.neuf.fr/ie/default.html
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://home.neuf.fr/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/fr/srchasst/srchasst.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://home.microsoft.com/access/autosearch.asp?p=%s
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://ie.redirect.hp.com/...
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://ie.redirect.hp.com/...
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://recherche.neuf.fr/
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://recherche.neuf.fr/ie/default.html


--- Winsock Layered Service Provider list ---
Protocol 0: NVIDIA App Filter over [MSAFD Tcpip [TCP/IP]]
GUID: {9D84A3BB-54AB-451E-9D02-4C4EDEC0DAC4}
Filename: %SYSTEMROOT%\system32\nvLsp.dll

Protocol 1: NVIDIA App Filter over [MSAFD Tcpip [UDP/IP]]
GUID: {9D84A3BB-54AB-451E-9D02-4C4EDEC0DAC4}
Filename: %SYSTEMROOT%\system32\nvLsp.dll

Protocol 2: NVIDIA App Filter over [MSAFD Tcpip [RAW/IP]]
GUID: {9D84A3BB-54AB-451E-9D02-4C4EDEC0DAC4}
Filename: %SYSTEMROOT%\system32\nvLsp.dll

Protocol 3: NVIDIA App Filter over [MSAFD Tcpip [TCP/IPv6]]
GUID: {9D84A3BB-54AB-451E-9D02-4C4EDEC0DAC4}
Filename: %SYSTEMROOT%\system32\nvLsp.dll

Protocol 4: NVIDIA App Filter over [MSAFD Tcpip [UDP/IPv6]]
GUID: {9D84A3BB-54AB-451E-9D02-4C4EDEC0DAC4}
Filename: %SYSTEMROOT%\system32\nvLsp.dll

Protocol 5: NVIDIA App Filter over [MSAFD Tcpip [RAW/IPv6]]
GUID: {9D84A3BB-54AB-451E-9D02-4C4EDEC0DAC4}
Filename: %SYSTEMROOT%\system32\nvLsp.dll

Protocol 32: NVIDIA App Filter
GUID: {561A1E9F-D78B-40E3-866D-4CE5CF6BB83F}
Filename: %SYSTEMROOT%\system32\nvLsp.dll

Namespace Provider 1: Fournisseur Shim d'affectation de noms de messagerie
GUID: {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE}
Filename:

Namespace Provider 2: Fournisseur d'espace de noms du nuage PNRP
GUID: {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D}
Filename:

Namespace Provider 3: Fournisseur d'espace de noms du nom PNRP
GUID: {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D}
Filename:



--- Uninstall list ---
Adobe Flash Player ActiveX 9.0.115.0 (Adobe Flash Player ActiveX)
uninstall cmd: C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
publisher: Adobe Systems Incorporated
help link: http://www.adobe.com/go/flashplayer_support/

Adobe Flash Player Plugin 9.0.124.0 (Adobe Flash Player Plugin)
uninstall cmd: C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
publisher: Adobe Systems Incorporated

Avira AntiVir Personal - Free Antivirus (AntiVir PersonalEdition Classic)
uninstall cmd: C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
publisher: Avira GmbH
help link: http://www.avira.com/classic-support

AVG Anti-Spyware 7.5 (AVGAntiSpyware75)
install location: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5
uninstall cmd: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
publisher: Grisoft Ltd.
help link: http://www.grisoft.com

Broadcom 802.11 Wireless LAN Adapter 4.102.15.61 (Broadcom 802.11b Network Adapter)
uninstall cmd: "C:\Program Files\Broadcom\Broadcom 802.11\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11\Driver"
publisher: Broadcom Corporation

CamStudio 2.02 Fr (CamStudio 2.02 Fr_is1)
uninstall cmd: "C:\Program Files\CamStudio\unins000.exe"

Canon Inkjet Printer Driver Add-On Module (CANONIJINBOXADDON100)
uninstall cmd: C:\Program Files\Common Files\Canon\IJ\InboxPrnV100\SETUP.EXE -R

CCleaner (remove only) (CCleaner)
uninstall cmd: "C:\Program Files\CCleaner\uninst.exe"

CD Jaquette 5.0 (CD Jaquette)
uninstall cmd: "C:\JSAL Software\CD Jaquette\uninstall.exe"

Conexant HD Audio (CNXT_HDAUDIO)
uninstall cmd: C:\Program Files\CONEXANT\CNXT_HDAUDIO\UIU32a.exe -U -IwisR30B7.INF

HDAUDIO Soft Data Fax Modem with SmartCP (CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045&SUBSYS_103C30B7)
uninstall cmd: C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045&SUBSYS_103C30B7\UIU32m.EXE -U -IwqcVenz.inf

HDAUDIO Soft Data Fax Modem with SmartCP (CNXT_MODEM_HDA_HSF)
uninstall cmd: C:\Program Files\CONEXANT\CNXT_MODEM_HDA_HSF\UIU32m.exe -U -IwqcVenz.inf

(Connection Manager)

devolo dLAN - Assistant de configuration 11.0.0.0 (dlanconf)
uninstall cmd: C:\Program Files\devolo\setup.exe /remove:dlanconf
publisher: devolo AG
help link: www.devolo.com

devolo Informer 17.0.0.0 (dslmon)
uninstall cmd: C:\Program Files\devolo\setup.exe /remove:dslmon
publisher: devolo AG
help link: www.devolo.com

Canon Utilities Easy-PhotoPrint (Easy-PhotoPrint)
uninstall cmd: C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini

Easy-WebPrint (Easy-WebPrint)
uninstall cmd: C:\Windows\IsUn040c.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu"

devolo EasyClean 3.0.0.0 (easyclean)
uninstall cmd: C:\Program Files\devolo\setup.exe /remove:easyclean
publisher: devolo AG
help link: www.devolo.com

devolo EasyShare 4.0.0.0 (easyshare)
uninstall cmd: C:\Program Files\devolo\setup.exe /remove:easyshare
publisher: devolo AG
help link: www.devolo.com

eMule (eMule)
uninstall cmd: "C:\Program Files\eMule\Uninstall.exe"

EVEREST Ultimate Edition v4.50 4.50 (EVEREST Ultimate Edition_is1)
install location: C:\Program Files\Lavalys\EVEREST Ultimate Edition\
uninstall cmd: "C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
publisher: Lavalys, Inc.
help link: http://www.lavalys.com

HijackThis 2.0.2 2.0.2 (HijackThis)
uninstall cmd: "C:\Users\Patrice CATTELAIN\Desktop\HijackThis.exe" /uninstall
publisher: TrendMicro

(InstallShield Uninstall Information)

NVIDIA ForceWare Network Access Manager 1.00.6781 (InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD})
version: 16783997
version (major): 1
estimated size: 40358
install date: 20080813
install location: C:\Program Files\NVIDIA Corporation\NetworkAccessManager\
install source: C:\Users\PATRIC~1\AppData\Local\Temp\{A37C9AAA-0183-4D00-AECB-9075B4A73964}\
uninstall cmd: "C:\Program Files\InstallShield Installation Information\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}\setup.exe" -runfromtemp -l0x040c -removeonly
publisher: NVIDIA Corporation

jv16 PowerTools 1.3 (jv16 PowerTools_is1)
uninstall cmd: "C:\Program Files\jv16 PowerTools\unins000.exe"

K-Lite Codec Pack 3.6.5 Full 3.6.5 (KLiteCodecPack_is1)
install date: 20080111
install location: C:\Program Files\K-Lite Codec Pack\
uninstall cmd: "C:\Program Files\K-Lite Codec Pack\unins000.exe"

LimeWire 4.16.6 4.16.6 (LimeWire)
uninstall cmd: "C:\Program Files\LimeWire\uninstall.exe"
publisher: Lime Wire, LLC
help link: http://www.limewire.com/support

LM 2.5 (LM 2.5)
uninstall cmd: C:\Program Files\LM Version-2.5-F\Désintallation de la Lanterne Magique.exe

Malwarebytes' Anti-Malware (Malwarebytes' Anti-Malware_is1)
install date: 20080819
install location: C:\Program Files\Malwarebytes' Anti-Malware\
uninstall cmd: "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
publisher: Malwarebytes Corporation
help link: http://www.malwarebytes.org

Media Player Classic 6.4.8.3 6.4.8.3 (Media Player Classic)
uninstall cmd: C:\Program Files\Media Player Classic\mpc_uninst.exe
publisher: Gabest

Mozilla Firefox (2.0.0.16) 2.0.0.16 (fr) (Mozilla Firefox (2.0.0.16))
install location: C:\Program Files\Mozilla Firefox
uninstall cmd: C:\Program Files\Mozilla Firefox\uninstall\helper.exe
publisher: Mozilla
comments: Mozilla Firefox

Canon MP Navigator 2.0 (MP Navigator 2.0)
install location: C:\Program Files\Canon\MP Navigator 2.0
uninstall cmd: "C:\Program Files\Canon\MP Navigator 2.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator 2.0\uninst.ini

Barre d'outils MSN (MSN Toolbar)
uninstall cmd: C:\Program Files\MSN Toolbar\01.01.2607.0\fr\mtbs.exe c

Neuf - Kit de connexion 7.11.22.4 (Neuf_Kit)
uninstall cmd: C:\Program Files\Neuf\Kit\uninstall.exe
publisher: Neuf
help link: http://abonnes.neuf.fr
help telephone: 0892 222 109

Neuf - Media Center 7.12.5.0 (Neuf_Media Center)
uninstall cmd: C:\Program Files\Neuf\Media Center\uninstall.exe
publisher: Neuf
help link: http://abonnes.neuf.fr
help telephone: 0892 79 00 09

NVIDIA Drivers (NVIDIA Drivers)
uninstall cmd: C:\Windows\system32\NVUNINST.EXE UninstallGUI

Picasa 2 2.0 (Picasa2)
uninstall cmd: "C:\Program Files\Picasa2\Uninstall.exe"
publisher: Google, Inc.
help link: http://www.picasa.com/

SAMSUNG CDMA Modem Driver Set (SAMSUNG CDMA Modem)
uninstall cmd: C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe

SAMSUNG Mobile USB Modem Software (SAMSUNG Mobile USB Modem)
uninstall cmd: C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe

SAMSUNG Mobile USB Modem 1.0 Software (SAMSUNG Mobile USB Modem 1.0)
uninstall cmd: C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe

Smart Data Recovery v3.1 3.1 (Smart Data Recovery_is1)
install location: C:\Program Files\Smart Data Recovery\
uninstall cmd: "C:\Program Files\Smart Data Recovery\unins001.exe"
publisher: Smart PC Solutions, LLC
help link: http://www.smartpctools.com

Synaptics Pointing Device Driver 10.2.4.0 (SynTPDeinstKey)
uninstall cmd: rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
publisher: Synaptics

System Requirements Lab (SystemRequirementsLab)
uninstall cmd: C:\Program Files\SystemRequirementsLab\Uninstall.exe

VivilProject SpeedTest v4.02 version Francaise (VivilProject SpeedTest_is1)
install date: 20080427
install location: C:\VivilProject SpeedTest\
uninstall cmd: "C:\VivilProject SpeedTest\unins000.exe"
publisher: Sebastien WILLEMIJNS
help link: http://80.247.230.136/speedtest

VideoLAN VLC media player 0.8.6i 0.8.6i (VLC media player)
uninstall cmd: C:\Program Files\VideoLAN\VLC\uninstall.exe
publisher: VideoLAN Team

Vodafone WCDMA Composite Device Drive Software (Vodafone WCDMA Composite Device Drive)
uninstall cmd: C:\Windows\system32\Samsung_USB_Drivers\4\SSVDUninstall.exe

GIMP 2.4.6 (WinGimp-2.0_is1)
install date: 20080606
install location: C:\Program Files\GIMP-2.0\
uninstall cmd: "C:\Program Files\GIMP-2.0\setup\unins000.exe"
help link: http://groups.yahoo.com/group/gimpwin-users/

Archiveur WinRAR (WinRAR archiver)
uninstall cmd: C:\Program Files\WinRAR\uninstall.exe

Yahoo! Toolbar avec bloqueur de fenêtres pop-up (Yahoo! Companion)
uninstall cmd: C:\PROGRA~1\Yahoo!\Common\unyt.exe

HP Wireless Assistant 3.00 B2 ({02F33FB0-F7D5-4C0A-B4AD-8CE5CE230BBE})
version: 50331650
version (major): 3
estimated size: 3847
install date: 20070330
install location: C:\Program Files\Hewlett-Packard\HP Wireless Assistant\
install source: C:\Swsetup\WLASST\disk1\
uninstall cmd: MsiExec.exe /I{02F33FB0-F7D5-4C0A-B4AD-8CE5CE230BBE}
publisher: Hewlett-Packard
comments: HP Wireless Assistant
help link: http://www.hp.com

Roxio Creator Tools 3.3.0 ({0394CDC8-FABD-4ed8-B104-03393876DFDF})
version: 50528256
version (major): 3
version (minor): 3
estimated size: 345
install date: 20070330
install source: C:\SWSETUP\RoxioCB9\RCP_TOOLS_33\
uninstall cmd: MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
publisher: Roxio
help link: http://support.sonic.com/

Roxio Creator Data 3.3.0 ({0D397393-9B50-4c52-84D5-77E344289F87})
version: 50528256
version (major): 3
version (minor): 3
estimated size: 892
install date: 20070330
install source: C:\SWSETUP\RoxioCB9\RCP_DATA_33\
uninstall cmd: MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
publisher: Roxio
help link: http://support.sonic.com/

Security Update for CAPICOM (KB931906) 2.1.0.2 ({0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A})
version: 33619968
version (major): 2
version (minor): 1
estimated size: 770
install date: 20071111
install source: C:\Windows\TEMP\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
publisher: Microsoft Corporation

Roxio Creator EasyArchive 3.3.0 ({11F93B4B-48F0-4A4E-AE77-DFA96A99664B})
version: 50528256
version (major): 3
version (minor): 3
estimated size: 1690
install date: 20070330
install source: C:\SWSETUP\RoxioCB9\RCP_EASYARCHIVE_33\
uninstall cmd: MsiExec.exe /I{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
publisher: Roxio
help link: http://support.sonic.com/

HPPhotoSmartPhotobookWebPack1 1.00.0000 ({12A76360-388E-4B27-ABEB-D5FC5378DD2A})
version: 16777216
version (major): 1
estimated size: 1821
install date: 20080407
install source: C:\Users\PATRIC~1\AppData\Local\Temp\7zSA535.tmp\setup\HPPhotoSmartPhotobookWebPack1\
publisher: Hewlett-Packard

HP Active Support Library 1.0.21 ({21E62565-8639-457C-B64C-A3FF0A8B4D80})
version: 16777237
version (major): 1
estimated size: 11184
install date: 20070330
install location: C:\Program Files\Hewlett-Packard\HP Health Check\
install source: C:\Users\ADMINI~1\AppData\Local\Temp\{359098A0-743B-4349-8C7E-11F521CC5DBC}\
uninstall cmd: C:\Program Files\InstallShield Installation Information\{21E62565-8639-457C-B64C-A3FF0A8B4D80}\setup.exe -runfromtemp -l0x0409
publisher: Hewlett-Packard

Hewlett-Packard Active Check 1.1.4.0 ({254C37AA-6B72-4300-84F6-98A82419187E})
version: 16842756
version (major): 1
version (minor): 1
estimated size: 530
install date: 20070330
install source: C:\Users\ADMINI~1\AppData\Local\Temp\
uninstall cmd: MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
publisher: Hewlett-Packard

Java(TM) SE Runtime Environment 6 1.6.0.0 ({3248F0A8-6813-11D6-A77B-00B0D0160000})
version: 17170432
version (major): 1
version (minor): 6
estimated size: 117374
install date: 20070330
install source: C:\Users\Administrateur\AppData\LocalLow\Sun\Java\jre1.6.0\
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.6.0\README.txt

Roxio MyDVD Basic v9 9.0.114 ({33C65B6A-5D73-4E3E-A1F9-127C27BD3F72})
version: 150995058
version (major): 9
estimated size: 306791
install date: 20070330
install location: C:\Program Files\Roxio\Roxio MyDVD Basic v9\
install source: C:\SWSETUP\RoxioCB9\EMC_90\
uninstall cmd: MsiExec.exe /I{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}
publisher: Roxio
comments: Digital Media Suite - Programme d'installation
contact: http://support.roxio.com
help link: http://support.roxio.com
readme: C:\Program Files\Roxio\Roxio MyDVD Basic v9\ReadMe.htm

PSSWCORE 2.02.0000 ({34BFB099-07B2-4E95-A673-7362D60866A2})
version: 33685504
version (major): 2
version (minor): 2
estimated size: 30949
install date: 20080407
install source: C:\Users\PATRIC~1\AppData\Local\Temp\7zSA535.tmp\setup\HPPhotoSmartCore\
publisher: Hewlett-Packard

HP Quick Launch Buttons 6.10 B9 6.10 B9 ({34D2AB40-150D-475D-AE32-BD23FB5EE355})
version: 101318865
install date: 20070330
install location: C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons
install source: C:\SWSETUP\QLB\Disk1\
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -l0x40c uninst
publisher: Hewlett-Packard
help link: http://www.hp.com

Sonic Activation Module 1.0 ({35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0})
version: 16777216
version (major): 1
estimated size: 8214
install date: 20070330
install source: C:\SWSETUP\RoxioCB9\ACTIVATION_103\
uninstall cmd: MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
publisher: Sonic Solutions

MSXML 4.0 SP2 (KB927978) 4.20.9841.0 ({37477865-A3F1-4772-AD43-AAFC6BCFF99F})
version: 68429425
version (major): 4
version (minor): 20
estimated size: 1269
install date: 20070518
install source: c:\a6c4c6168ed6c8b212f23e91df4c34\
uninstall cmd: MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/927978

HP Easy Setup - Frontend 5.00.0000 ({40F7AED3-0C7D-4582-99F6-484A515C73F2})
version: 83886080
install date: 20070330
install location: C:\Program Files\Hewlett-Packard\HP Easy Setup - Frontend
install source: c:\HP\tmp\src\
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9 -removeonly
publisher: Hewlett-Packard

HP QuickPlay 3.0 ({45D707E9-F3C4-11D9-A373-0050BAE317E1})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\setup.exe" -uninstall

ArcSoft Software Suite ({497A1721-088F-41EF-8876-B43C9DA5528B})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{497A1721-088F-41EF-8876-B43C9DA5528B}\Setup.exe" -l0x40c
publisher: ArcSoft

Cards_Calendar_OrderGift_DoMorePlugout 1.00.0000 ({4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6})
version: 16777216
version (major): 1
estimated size: 1888
install date: 20080407
install source: C:\Users\PATRIC~1\AppData\Local\Temp\7zSA535.tmp\setup\Cards_Calendar_Ordergift_Domore_Plugout\
publisher: Hewlett-Packard

HP Pavilion Webcam Driver for Vista v061.001.00005 061.001.00005 ({5CA81D12-9EC2-4082-972B-43ECA63F41F2})
version: 1023475717
install date: 20070517
install location: C:\SWSETUP\MISC5\
install source: C:\SWSetup\WCAM1\Setup.exe
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CA81D12-9EC2-4082-972B-43ECA63F41F2}\setup.exe" -l0x40c -removeonly
publisher: Chicony

Roxio Creator Copy 3.3.0 ({619CDD8A-14B6-43a1-AB6C-0F4EE48CE048})
version: 50528256
version (major): 3
version (minor): 3
estimated size: 648
install date: 20070330
install source: C:\SWSETUP\RoxioCB9\RCP_COPY_33\
uninstall cmd: MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
publisher: Roxio
help link: http://support.sonic.com/

Roxio Express Labeler 3 2.1.0 ({6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA})
version: 33619968
version (major): 2
version (minor): 1
estimated size: 16612
install date: 20070330
install source: C:\SWSETUP\RoxioCB9\EXPRESSLABELER_31\
uninstall cmd: MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
publisher: Roxio

Hewlett-Packard Asset Agent 2.0.55.0 ({669D4A35-146B-4314-89F1-1AC3D7B88367})
version: 33554487
version (major): 2
estimated size: 849
install date: 20070330
install source: C:\Users\ADMINI~1\AppData\Local\Temp\
uninstall cmd: MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
publisher: HP

Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) 8.1.2 ({6846389C-BAC0-4374-808E-B120F86AF5D7})
version: 134283266
version (major): 8
version (minor): 1
estimated size: 8180
install date: 20080707
install location: C:\Program Files\Adobe\Security Update\
install source: C:\Users\Patrice CATTELAIN\AppData\Local\Adobe\Updater5\Install\reader8rdr-fr_FR\
uninstall cmd: MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
publisher: Adobe Systems, Inc
comments: Your Comments
contact: Customer Support Department
help link: http://www.Adobe.com
help telephone: 1-555-555-4505

Windows Media Player Firefox Plugin 1.0.0.8 ({69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4})
version: 16777216
version (major): 1
estimated size: 296
install date: 20080410
install source: C:\Users\PATRIC~1\AppData\Local\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
publisher: Microsoft Corp

Microsoft Works 08.05.0822 ({6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C})
version: 134546230
version (major): 8
version (minor): 5
estimated size: 276579
install date: 20070330
install source: C:\swsetup\MSWorks\FR\
uninstall cmd: MsiExec.exe /I{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}
publisher: Microsoft Corporation
comments: Microsoft Works 8.0 installation.
help link: http://go.microsoft.com/fwlink/?LinkId=6831
help telephone:

Apple Software Update 2.0.0.21 ({74EC78BC-B379-4E29-9006-8F161DCAABA6})
version: 33554432
version (major): 2
estimated size: 2204
install date: 20080628
install location: C:\Program Files\Apple Software Update\
install source: C:\Users\PATRIC~1\AppData\Local\Temp\IXP316.TMP\
uninstall cmd: MsiExec.exe /I{74EC78BC-B379-4E29-9006-8F161DCAABA6}
publisher: Apple Inc.
contact: Assistance AppleCare
help link: http://www.apple.com/fr/support/
help telephone: 0825 888 024

6.5.1 ({7585478E9D9B42108671C12F8714CEFE})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
publisher: DivX, Inc.

Samsung Samples Installer 1.00.0000 ({7AC15160-A49B-4A89-B181-D4619C025FFF})
version: 16777216
install date: 20080510
install location: C:\Program Files\Samsung\Samsung PC Studio 3
install source: C:\Users\PATRIC~1\AppData\Local\Temp\byeE9C0.tmp\Disk1\
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AC15160-A49B-4A89-B181-D4619C025FFF}\setup.exe" -l0x40c -removeonly
publisher: Samsung Electronics Co., Ltd.

NVIDIA ForceWare Network Access Manager 1.00.6781 ({7CFA46E3-CC2F-4355-82AE-6012DC3633FD})
version: 16783997
version (major): 1
estimated size: 40358
install date: 20080813
install location: C:\Program Files\NVIDIA Corporation\NetworkAccessManager\
install source: C:\Users\PATRIC~1\AppData\Local\Temp\{A37C9AAA-0183-4D00-AECB-9075B4A73964}\
uninstall cmd: MsiExec.exe /I{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
publisher: NVIDIA Corporation

Roxio Creator Audio 3.3.0 ({83FFCFC7-88C6-41c6-8752-958A45325C82})
version: 50528256
version (major): 3
version (minor): 3
estimated size: 1110
install date: 20070330
install source: C:\SWSETUP\RoxioCB9\RCP_AUDIO_33\
uninstall cmd: MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
publisher: Roxio
help link: http://support.sonic.com/

ArcSoft PhotoStudio 5.5 ({85309D89-7BE9-4094-BB17-24999C6118FC})
version (major): 5
version (minor): 5
install location: C:\Program Files\ArcSoft\PhotoStudio 5.5
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\SETUP.EXE" -l0x40c
publisher: ArcSoft

VSO CopyToDVD 4 4.0.5 ({870F1750-BA89-11DA-A94D-0800200C9A66}_is1)
install date: 20080218
install location: C:\Program Files\VSO\
uninstall cmd: "C:\Program Files\VSO\unins000.exe"
publisher: VSO Software

Microsoft Silverlight 1.0.30716.0 ({89F4137D-6C26-4A84-BDB8-2E5A4BB71E00})
version: 16807932
version (major): 1
estimated size: 1186
install date: 20080820
install source: c:\temp\ext8202\
uninstall cmd: MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkID=91955

3.0.7.009 ({8ADC27DB-E2C8-446C-A576-166C05C2DD24})
version: 50331655
version (major): 3
estimated size: 192
install date: 20070330
install source: C:\SwSetup\HPUpdate\
publisher: Hewlett-Packard

DivX Player 6.6.0 ({8ADFC4160D694100B5B8A22DE9DCABD9})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER

HP Update 4.000.005.007 ({8C6027FD-53DC-446D-BB75-CACD7028A134})
version: 67108869
version (major): 4
estimated size: 3654
install date: 20070330
install source: C:\SwSetup\HPUpdate\
uninstall cmd: MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
publisher: Hewlett-Packard
contact: http://www.hp.com/support

PrintMaster ({8DD144C1-5EAD-4D55-80A1-ACAF893A4FFE})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8DD144C1-5EAD-4D55-80A1-ACAF893A4FFE}\setup.exe" anything

Microsoft Office Professional Edition 2003 11.0.8173.0 ({9011040C-6000-11D3-8CFE-0150048383C9})
version: 184557549
version (major): 11
estimated size: 864359
install date: 20080815
uninstall cmd: MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\OFFICE11\1036\OFREADME.HTM

Microsoft Office FrontPage 2003 11.0.8173.0 ({9017040C-6000-11D3-8CFE-0150048383C9})
version: 184557549
version (major): 11
estimated size: 553058
install date: 20080815
install source: C:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\
uninstall cmd: MsiExec.exe /I{9017040C-6000-11D3-8CFE-0150048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\OFFICE11\1036\OFREADME.HTM

Microsoft Office Project Professional 2003 11.0.8173.0 ({903B040C-6000-11D3-8CFE-0150048383C9})
version: 184557549
version (major): 11
estimated size: 378371
install date: 20080815
install source: C:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\
uninstall cmd: MsiExec.exe /I{903B040C-6000-11D3-8CFE-0150048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\OFFICE11\1036\PJREADME.HTM

Gestionnaire pour appareils Windows Mobile 6.1.6965.0 ({904CCF62-818D-4675-BC76-D37EB399F917})
version: 100735797
version (major): 6
version (minor): 1
estimated size: 28165
install date: 20080316
install source: C:\Windows\WindowsMobile\
uninstall cmd: MsiExec.exe /X{904CCF62-818D-4675-BC76-D37EB399F917}
publisher: Microsoft Corporation

Microsoft Office Visio Professional 2003 11.0.8173.0 ({9051040C-6000-11D3-8CFE-0150048383C9})
version: 184557549
version (major): 11
estimated size: 449531
install date: 20080409
install source: C:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\
uninstall cmd: MsiExec.exe /I{9051040C-6000-11D3-8CFE-0150048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\Visio11\1036\VIREADME.HTM

Microsoft Office OneNote 2003 11.0.8173.0 ({90A1040C-6000-11D3-8CFE-0150048383C9})
version: 184557549
version (major): 11
estimated size: 297457
install date: 20080815
install source: C:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\
uninstall cmd: MsiExec.exe /I{90A1040C-6000-11D3-8CFE-0150048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support
readme: C:\Program Files\Microsoft Office\OFFICE11\1036\OFREADME.HTM

Microsoft Office PowerPoint Viewer 2003 11.0.8164.0 ({90AF040C-6000-11D3-8CFE-0150048383C9})
version: 184555834
version (major): 11
estimated size: 4111
install date: 20080315
install location: C:\Program Files\Microsoft Office\
install source: C:\Users\PATRIC~1\AppData\Local\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
publisher: Microsoft Corporation
help link: http://www.microsoft.com/support

Canon MP170 ({91175441-4E5D-4e13-B116-828FD352CDB2})
uninstall cmd: "C:\Windows\system32\CanonIJ Uninstaller Information\{91175441-4E5D-4e13-B116-828FD352CDB2}\DelDrv.exe" /U:{91175441-4E5D-4e13-B116-828FD352CDB2} /L0x0009

QuickTime 7.2.0.240 ({95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC})
version: 117571584
version (major): 7
version (minor): 2
estimated size: 75788
install date: 20080628
install location: C:\Program Files\VistaCodecPack\QT\
install source: C:\Users\PATRIC~1\AppData\Local\Temp\IXP316.TMP\
uninstall cmd: MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
publisher: Apple Inc.
contact: Assistance AppleCare
help link: http://www.apple.com/fr/support/
help telephone: (33) 0825 888 024

PHOTOfunSTUDIO -viewer- 2.00.000 ({9A9DBEBC-C800-4776-A970-D76D6AA405B1})
version: 33554432
install date: 20080628
install location: C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-
install source: E:\PHOTOFUN\Setup\
uninstall cmd: C:\Program Files\InstallShield Installation Information\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}\setup.exe -runfromtemp -l0x040c -z"Uninstall" -removeonly
publisher: Panasonic

Private folder 1.00.0000 ({A3D7D9D7-9A65-4F7D-B660-CBD4105129CF})
version: 16777216
version (major): 1
estimated size: 2078
install date: 20071114
install location: C:\Program Files\Private folder\My Product Name\
install source: C:\Windows\Downloaded Installations\{81098DCE-9FAC-4204-8890-06EF3B89C358}\
uninstall cmd: MsiExec.exe /I{A3D7D9D7-9A65-4F7D-B660-CBD4105129CF}
publisher: Your Company Name

Galerie de photos Windows Live 12.0.1347.0718 ({A70FA218-6598-4AC9-813D-63597C5DD068})
version: 201327939
version (major): 12
estimated size: 21445
install date: 20080807
install source: C:\Windows\SoftwareDistribution\Download\3a0ec7b3c737fb664542cf342f6fe212\img\
uninstall cmd: MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
publisher: Microsoft Corporation
help link: http://photogallery.live.com/

HP Customer Experience Enhancements 1.00.0000 ({AB5E289E-76BF-4251-9F3F-9B763F681AE0})
version: 16777216
install date: 20070330
install location: C:\Program Files\Hewlett-Packard\HP Customer Experience Enhancements
install source: c:\HP\tmp\src\
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9 -removeonly
publisher: Hewlett-Packard

Adobe Reader 8.1.2 - Français 8.1.2 ({AC76BA86-7AD7-1036-7B44-A81200000003})
version: 134283266
version (major): 8
version (minor): 1
estimated size: 147922
install date: 20080316
install location: C:\Program Files\Adobe\Reader 8.0\Reader\
install source: C:\Users\PATRIC~1\AppData\Local\Temp\Adobe Reader 8\
uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
publisher: Adobe Systems Incorporated
comments:
contact: Support clientèle
help link: http://www.adobe.fr/support/main.html
readme: C:\Program Files\Adobe\Reader 8.0\Reader\Lisezmoi.htm

Assistant de connexion Windows Live 4.200.520.1 ({AFA4E5FD-ED70-4D92-99D0-162FD56DC986})
version: 80216584
version (major): 4
version (minor): 200
estimated size: 1333
install date: 20071111
install source: C:\Program Files\Common Files\WindowsLiveInstaller\MsiSources\
uninstall cmd: MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
publisher: Microsoft Corporation

DivX Converter 6.5.1 ({B13A7C41581B411290FBC0395694E2A9})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
publisher: DivX, Inc.

HP Image Zone Express 1.1.002.037 ({B314F1F2-49DF-41DD-A1B4-DC4192EC1021})
version: 16842754
version (major): 1
version (minor): 1
estimated size: 7818
install date: 20080416
install location: C:\Program Files\HP\
install source: C:\Users\PATRIC~1\AppData\Local\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /X{B314F1F2-49DF-41DD-A1B4-DC4192EC1021}
publisher: Hewlett-Packard
help link: http://www.hp.com

Spybot - Search & Destroy 1.6.0 ({B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1)
install date: 20080812
install location: C:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins001.exe"
publisher: Safer Networking Limited
help link: http://www.safer-networking.org/index.php?page=support

DivX Web Player 1.4.0 ({B7050CBDB2504B34BC2A9CA0A692CC29})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
publisher: DivX,Inc.

HP Photosmart Essential 2.5 1.02.0000 ({BAD0FA60-09CF-4411-AE6A-C2844C