[Résolu] Ouverture de fenêtres intempestives

Bonjour !

j'ai un problème des fenêtres qui s'ouvre de façon infini.

Est-que quelqu'un peut m'aider? Par où dois-je commencer pour résoudre le problème?

Merci beaucoup!

Bonjour !


voici le contenu du log :

Logfile of random's system information tool 1.05 (written by random/random)
Run by Admin at 2009-02-28 13:19:04
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 231 MB (2%) free of 11 GB
Total RAM: 511 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:19:38, on 2009-02-28
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\TCAUDIAG.exe
C:\WINDOWS\system32\sstray.exe
G:\Programmes\WinFast\WFTVFM\WFWIZ.exe
G:\Programmes\logitech\iTouch\iTouch.exe
G:\PROGRA~1\logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
G:\Programmes\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
G:\Programmes\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
C:\Program Files\E-Color\True Internet Color\TICIcon.exe
G:\Programmes\Nikon\PictureProject\NkbMonitor.exe
G:\Programmes\PhotoWise\quicklnk.exe
G:\Programmes\WLAN\802.11 Wireless LAN\WlanMonitor.exe
G:\Programmes\iPod\bin\iPodService.exe
G:\Programmes\HP\Digital Imaging\bin\hpqgalry.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Admin\Bureau\RSIT (1).exe
C:\Program Files\trend micro\Admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchAssistant = http://www.google.ca
R1 - HKCU\Software\Microsoft\Internet Explorer,CustomizeSearch = http://www.google.ca
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.ca
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.ca
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://www.google.ca
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: FCToolbarURLSearchHook Class - {85c1dd6e-1181-41f2-9ab2-79d5f46f491b} - C:\Program Files\La barre d'outils AIR MILES\Helper.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - G:\Programmes\eBay\eBay Toolbar2\eBayTB.dll (file missing)
O2 - BHO: {1a5d21dd-1a33-79f8-1904-bde51aaa5d95} - {59d5aaa1-5edb-4091-8f97-33a1dd12d5a1} - C:\WINDOWS\system32\sqtmiv.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: FCTBPos00Pos - {76A20DB7-AAD4-4EFD-AE21-57811E5E49E4} - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: (no name) - {b7f1a9bf-e277-4b95-9e21-89cd4f87fd03} - C:\WINDOWS\system32\gopikobi.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - G:\Programmes\eBay\eBay Toolbar2\eBayTB.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: La barre d'outils AIR MILES - {DC7A75BF-581D-4675-BDCB-D1B35116EB49} - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on
O4 - HKLM\..\Run: [nForce Tray Options] "sstray.exe" /r
O4 - HKLM\..\Run: [WinFast2KLoadDefault] "rundll32.exe" wf2kcpl.dll,DllLoadDefaultSettings
O4 - HKLM\..\Run: [WinFast Schedule] G:\Programmes\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [zBrowser Launcher] G:\Programmes\logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [EM_EXEC] G:\PROGRA~1\logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [HP Software Update] "G:\Programmes\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [UVS10 Preload] G:\Programmes\Ulead Systems\Ulead VideoStudio 10\uvPL.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "G:\Programmes\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [hagunipego] Rundll32.exe "C:\WINDOWS\system32\jotogeni.dll",s
O4 - HKLM\..\Run: [2c29155d] rundll32.exe "C:\WINDOWS\system32\zulagovi.dll",b
O4 - HKLM\..\Run: [CPM2f1a26c1] Rundll32.exe "c:\windows\system32\wesokaru.dll",a
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [hagunipego] Rundll32.exe "C:\WINDOWS\system32\jotogeni.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Startup: PhotoWise QuickLink.lnk = G:\Programmes\PhotoWise\quicklnk.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Startup: Configuration & Monitor Utility.lnk = ?
O4 - Global Startup: SATARaid.lnk = ?
O4 - Global Startup: True Internet Color Icon.lnk = C:\Program Files\E-Color\True Internet Color\TICIcon.exe
O4 - Global Startup: NkbMonitor.exe.lnk = G:\Programmes\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = G:\Programmes\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = G:\Programmes\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &eBay Search - res://G:\Programmes\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.antimalwareguard.com
O15 - Trusted Zone: *.gomyhit.com
O15 - Trusted Zone: *.antimalwareguard.com (HKLM)
O15 - Trusted Zone: *.gomyhit.com (HKLM)
O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) - http://www.miniclip.com/igloader/igloader.CAB
O18 - Protocol: intu-ir2007 - {52BAEC6B-9405-46F9-A131-6D50720A3CC4} - G:\Programmes\ImpotRapide 2007\ic2007pp.dll
O20 - AppInit_DLLs: sqtmiv.dll c:\windows\system32\wesokaru.dll,C:\WINDOWS\system32\ranolobi.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\wesokaru.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\wesokaru.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - G:\Programmes\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe

--
End of file - 9787 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1417001333-839522115-1010.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22D8E815-4A5E-4DFB-845E-AAB64207F5BD}]
eBay Toolbar Helper - G:\Programmes\eBay\eBay Toolbar2\eBayTB.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59d5aaa1-5edb-4091-8f97-33a1dd12d5a1}]
C:\WINDOWS\system32\sqtmiv.dll [2009-02-24 129024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{76A20DB7-AAD4-4EFD-AE21-57811E5E49E4}]
FCTBPos00Pos Class - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll [2009-02-15 1256960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-08-14 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-10-04 737776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b7f1a9bf-e277-4b95-9e21-89cd4f87fd03}]
C:\WINDOWS\system32\gopikobi.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-10 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{92085AD4-F48A-450D-BD93-B28CC7DF67CE} - eBay Toolbar - G:\Programmes\eBay\eBay Toolbar2\eBayTB.dll []
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-08-14 2403392]
{DC7A75BF-581D-4675-BDCB-D1B35116EB49} - La barre d'outils AIR MILES - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll [2009-02-15 1256960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TCASUTIEXE"=TCAUDIAG.exe -on []
"nForce Tray Options"=sstray.exe /r []
"WinFast2KLoadDefault"=C:\WINDOWS\system32\wf2kcpl.dll [2003-02-13 626176]
"WinFast Schedule"=G:\Programmes\WinFast\WFTVFM\WFWIZ.exe [2003-03-27 159744]
"zBrowser Launcher"=G:\Programmes\logitech\iTouch\iTouch.exe [2004-03-18 892928]
"EM_EXEC"=G:\PROGRA~1\logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE [2002-07-09 28672]
"HP Software Update"=G:\Programmes\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
"UVS10 Preload"=G:\Programmes\Ulead Systems\Ulead VideoStudio 10\uvPL.exe [2006-03-07 36864]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"iTunesHelper"=G:\Programmes\iTunes\iTunesHelper.exe [2008-10-01 289576]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600]
"hagunipego"=C:\WINDOWS\system32\jotogeni.dll []
"2c29155d"=C:\WINDOWS\system32\zulagovi.dll [2009-02-24 79872]
"CPM2f1a26c1"=c:\windows\system32\wesokaru.dll [2009-02-24 84992]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-15 68856]
"Google Update"=C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-24 133104]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2008-12-19 342848]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]

C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage
SATARaid.lnk - C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
True Internet Color Icon.lnk - C:\Program Files\E-Color\True Internet Color\TICIcon.exe
NkbMonitor.exe.lnk - G:\Programmes\Nikon\PictureProject\NkbMonitor.exe
HP Image Zone Fast Start.lnk - G:\Programmes\HP\Digital Imaging\bin\hpqthb08.exe
HP Digital Imaging Monitor.lnk - G:\Programmes\HP\Digital Imaging\bin\hpqtra08.exe

C:\Documents and Settings\Admin\Menu Démarrer\Programmes\Démarrage
PhotoWise QuickLink.lnk - G:\Programmes\PhotoWise\quicklnk.exe
PowerReg Scheduler.exe
Configuration & Monitor Utility.lnk - G:\Programmes\WLAN\802.11 Wireless LAN\WlanMonitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="sqtmiv.dll c:\windows\system32\wesokaru.dll,C:\WINDOWS\system32\ranolobi.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\wesokaru.dll [2009-02-24 84992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\wesokaru.dll [2009-02-24 84992]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\WINDOWS\system32\ranolobi.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=32

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:EnabledNA"
"G:\Programmes\BitTorrent\bittorrent.exe"="G:\Programmes\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"G:\Programmes\iTunes\iTunes.exe"="G:\Programmes\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\WINDOWS\Explorer.EXE"="C:\WINDOWS\Explorer.EXE:*:Enabled:Explorer"
"C:\WINDOWS\System32\logonui.exe"="C:\WINDOWS\System32\logonui.exe:*:Enabled:logonui"
"C:\WINDOWS\System32\winlogon.exe"="C:\WINDOWS\System32\winlogon.exe:*:Enabled:winlogon"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\O]
shell\AutoRun\command - O:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b26a2c5-0555-11db-af6d-0012c9310d21}]
shell\AutoRun\command - O:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3cd8438c-d142-11dc-8ac4-0012c9310d21}]
shell\AutoRun\command - F:\Autorun.exe /s


======List of files/folders created in the last 1 months======

2009-02-28 13:17:39 ----D---- C:\rsit
2009-02-28 12:46:44 ----A---- C:\WINDOWS\IE4 Error Log.txt
2009-02-26 11:04:09 ----A---- C:\rollback.ini
2009-02-26 10:52:35 ----D---- C:\Documents and Settings\Admin\Application Data\MailFrontier
2009-02-25 10:31:18 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-02-25 07:39:29 ----D---- C:\WINDOWS\CSC
2009-02-24 23:28:20 ----SH---- C:\WINDOWS\system32\ivogaluz.ini
2009-02-24 23:28:16 ----ASH---- C:\WINDOWS\system32\wesokaru.dll
2009-02-24 23:28:16 ----ASH---- C:\WINDOWS\system32\sqtmiv.dll
2009-02-24 23:28:15 ----ASH---- C:\WINDOWS\system32\zulagovi.dll
2009-02-24 23:28:15 ----ASH---- C:\WINDOWS\system32\rogahefa.dll
2009-02-24 11:28:25 ----SH---- C:\WINDOWS\system32\edefenoj.ini
2009-02-24 11:28:22 ----ASH---- C:\WINDOWS\system32\bulawasi.dll
2009-02-24 11:28:12 ----ASH---- C:\WINDOWS\system32\lysimm.dll
2009-02-24 11:28:10 ----ASH---- C:\WINDOWS\system32\siruguhu.dll
2009-02-24 11:28:09 ----N---- C:\WINDOWS\system32\jonefede.dll
2009-02-23 23:08:29 ----SH---- C:\WINDOWS\system32\umedetun.ini
2009-02-23 23:08:15 ----ASH---- C:\WINDOWS\system32\ynizqm.dll
2009-02-23 23:08:14 ----ASH---- C:\WINDOWS\system32\bubufibo.dll
2009-02-23 23:08:13 ----ASH---- C:\WINDOWS\system32\nutedemu.dll
2009-02-23 23:08:13 ----ASH---- C:\WINDOWS\system32\fugajezu.dll
2009-02-23 11:08:28 ----SH---- C:\WINDOWS\system32\ebaweraw.ini
2009-02-23 11:08:11 ----ASH---- C:\WINDOWS\system32\yzyyxq.dll
2009-02-23 11:08:11 ----ASH---- C:\WINDOWS\system32\loyayono.dll
2009-02-23 11:08:09 ----ASH---- C:\WINDOWS\system32\fusigoka.dll
2009-02-22 23:07:19 ----SH---- C:\WINDOWS\system32\uwidipig.ini
2009-02-22 23:07:13 ----ASH---- C:\WINDOWS\system32\buelct.dll
2009-02-22 23:07:12 ----ASH---- C:\WINDOWS\system32\dajifuji.dll
2009-02-22 23:07:11 ----ASH---- C:\WINDOWS\system32\kenahapu.dll
2009-02-22 11:07:07 ----SH---- C:\WINDOWS\system32\epalobat.ini
2009-02-22 11:07:04 ----ASH---- C:\WINDOWS\system32\yubihimo.dll
2009-02-22 11:07:04 ----ASH---- C:\WINDOWS\system32\eberry.dll
2009-02-22 11:07:03 ----ASH---- C:\WINDOWS\system32\vikikeme.dll
2009-02-21 23:08:14 ----SH---- C:\WINDOWS\system32\imozemuz.ini
2009-02-21 23:07:44 ----ASH---- C:\WINDOWS\system32\nukinihe.dll
2009-02-21 23:07:44 ----ASH---- C:\WINDOWS\system32\nbrfvu.dll
2009-02-21 23:07:43 ----ASH---- C:\WINDOWS\system32\yibamaka.dll
2009-02-21 11:06:42 ----ASH---- C:\WINDOWS\system32\xirvsm.dll
2009-02-21 11:06:42 ----ASH---- C:\WINDOWS\system32\sujigewi.dll
2009-02-21 11:06:41 ----ASH---- C:\WINDOWS\system32\kakinahu.dll
2009-02-15 00:07:11 ----D---- C:\Program Files\La barre d'outils AIR MILES
2009-02-04 11:14:25 ----A---- C:\WINDOWS\system32\javaws.exe
2009-02-04 11:14:24 ----A---- C:\WINDOWS\system32\javaw.exe
2009-02-04 11:14:24 ----A---- C:\WINDOWS\system32\java.exe
2009-01-31 12:39:57 ----A---- C:\WINDOWS\KA.INI
2009-01-31 12:39:56 ----D---- C:\KA

======List of files/folders modified in the last 1 months======

2009-02-28 11:09:56 ----A---- C:\errlgr.txt
2009-02-27 23:11:16 ----N---- C:\WINDOWS\ModemLog_U.S. Robotics 56K Voice Host Int.txt
2009-02-20 19:13:16 ----A---- C:\WINDOWS\win.ini
2009-02-19 17:06:58 ----A---- C:\WINDOWS\u3dedit3.INI
2009-02-19 17:05:52 ----A---- C:\WINDOWS\ULead32.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-19 41600]
R1 incdrm;InCD EasyWrite Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2002-10-08 7582]
R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2006-08-16 225664]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952]
R2 aslm75;aslm75; \??\C:\WINDOWS\system32\drivers\aslm75.sys []
R2 Fallback;Fallback; C:\WINDOWS\System32\DRIVERS\HSF_FALL.sys [2001-08-17 289887]
R2 Fsks;Fsks; C:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys [2001-08-17 115807]
R2 K56;K56; C:\WINDOWS\System32\DRIVERS\HSF_K56K.sys [2001-08-17 391199]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2004-08-04 11868]
R2 nvcap;nVidia WDM Video Capture (universal); C:\WINDOWS\System32\DRIVERS\nvcap.sys [2003-04-03 118220]
R2 nvTUNEP;nVidia WDM TVTuner; C:\WINDOWS\System32\DRIVERS\nvtunep.sys [2003-04-03 15968]
R2 nvtvSND;nVidia WDM TVAudio Crossbar; C:\WINDOWS\System32\DRIVERS\nvtvsnd.sys [2003-04-03 45216]
R2 NVXBAR;nVidia WDM A/V Crossbar; C:\WINDOWS\System32\DRIVERS\NVxbar.sys [2003-04-03 10942]
R2 SoftFax;SoftFax; C:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys [2001-08-17 199711]
R2 SpeakerPhone;SpeakerPhone; C:\WINDOWS\System32\DRIVERS\HSF_SPKP.sys [2001-08-17 73279]
R2 tcaicchg;tcaicchg; \??\C:\WINDOWS\System32\tcaicchg.sys []
R2 TCAITDI;TCAITDI Protocol; C:\WINDOWS\System32\DRIVERS\TCAITDI.sys [2001-09-03 19534]
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R2 Tones;Tones; C:\WINDOWS\System32\DRIVERS\HSF_TONE.sys [2001-08-17 50751]
R2 V124;V124; C:\WINDOWS\System32\DRIVERS\HSF_V124.sys [2001-08-17 488383]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 EL90Xbc;3Com 3C90X-BC Family PCI EtherLink Adapter; C:\WINDOWS\System32\DRIVERS\el90Xbc5.SYS [2002-08-13 74338]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSFDPSP2.sys [2004-08-04 1041536]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFBS2S2.sys [2004-08-04 220032]
R3 itchfltr;iTouch Keyboard Filter; C:\WINDOWS\system32\DRIVERS\itchfltr.sys [2004-03-10 12953]
R3 l8042pr2;Logitech PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042Pr2.sys [2002-07-09 50862]
R3 LKbdFlt2;Logitech Keyboard Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LKbdFlt2.sys [2002-07-09 6030]
R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFlt2.sys [2002-07-09 70382]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2002-12-05 13056]
R3 NVENET;NVIDIA nForce MCP Networking Adapter Driver; C:\WINDOWS\System32\DRIVERS\NVENET.sys [2002-09-22 80896]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2002-12-05 241664]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368]
R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-04 12416]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2004-08-04 17024]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 15104]
R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSFCXTS2.sys [2004-08-04 685056]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2005-04-12 10144]
R3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2005-04-12 22240]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2005-04-12 45504]
R4 WINFOXIO;WINFOXIO; \??\C:\WINDOWS\system32\Drivers\WINFOXIO.SYS []
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [2004-08-04 48128]
S3 Avc;Périphérique AVC; C:\WINDOWS\System32\DRIVERS\avc.sys [2004-08-04 38912]
S3 basic2;basic2; C:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys [2001-08-17 67167]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 hsf_msft;hsf_msft; C:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys [2001-08-17 542879]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\System32\DRIVERS\msdv.sys [2004-08-04 51328]
S3 msgame;Activateur de port HID vers manette de jeu Sidewinder; C:\WINDOWS\system32\DRIVERS\msgame.sys [2001-08-17 35200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 ndiscm;Motorola SurfBoard USB Cable Modem Windows Driver; C:\WINDOWS\system32\DRIVERS\NetMotCM.sys [2002-02-25 15400]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 Rksample;Rksample; C:\WINDOWS\System32\DRIVERS\HSF_SAMP.sys [2001-08-17 57471]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 WBHWDOCT;Winbond GPIO Driver1; C:\WINDOWS\System32\drivers\WBHWDOCT.sys [2002-09-09 7312]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2005-04-12 5600]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-19 268800]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-10 152984]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZONELABS\vsmon.exe [2008-07-09 75304]
R3 iPod Service;Service de l’iPod; G:\Programmes\iPod\bin\iPodService.exe [2008-10-01 536872]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-25 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]

-----------------EOF-----------------


et le contenu de info :

info.txt logfile of random's system information tool 1.05 2009-02-28 13:18:31

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
3Com NIC Diagnostics-->un3cdiag.exe /remove
802.11 Wireless LAN-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /M{8F3F7032-E5FB-42B4-8443-A569F381726C} /l1033
Adobe Download Manager 2.0 (Supprimer uniquement)-->"C:\Program Files\Fichiers communs\Adobe\ESD\uninst.exe"
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0.5 Language Support-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-7050000000A7}
Adobe Reader 7.0.8 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70000000000}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Ahead InCD EasyWrite Reader-->C:\WINDOWS\UNMrw.exe /UNINSTALL
Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft Software Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE7C3A14-1D20-49F6-B903-491561076F0F}\SETUP.EXE" -l0x9
ASUS Probe V2.19.07-->C:\WINDOWS\uninst.exe -f"C:\Program Files\ASUS\Probe\DeIsL1.isu" -c"C:\Program Files\ASUS\Probe\probunis.dll"
Audio-Video Software -->C:\Program Files\Video Add-on\uninst.exe
Battleship SURFACE THUNDER-->C:\WINDOWS\IsUninst.exe -f"o:\jeux\Hasbro Interactive\Battleship SURFACE THUNDER\Uninst.isu"
Big Mutha Truckers-->MsiExec.exe /I{7AD106E2-A9B2-4BD8-A8D5-331DC0957A3E}
Blade Runner-->g:\programmes\WESTWOOD\BLADE\UNINSTBR.EXE C:\WINDOWS\UNIN040C.EXE -fg:\PROGRA~1\WESTWOOD\BLADE\DeIsL1.isu
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
CCleaner (remove only)-->"G:\Programmes\CCleaner\uninst.exe"
Correctif Windows XP - KB834707-->C:\WINDOWS\$NtUninstallKB834707$\spuninst\spuninst.exe
Correctif Windows XP - KB867282-->C:\WINDOWS\$NtUninstallKB867282$\spuninst\spuninst.exe
Correctif Windows XP - KB873333-->C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
Correctif Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Correctif Windows XP - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Correctif Windows XP - KB885884-->C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
Correctif Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Correctif Windows XP - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Correctif Windows XP - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
Correctif Windows XP - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Correctif Windows XP - KB890047-->C:\WINDOWS\$NtUninstallKB890047$\spuninst\spuninst.exe
Correctif Windows XP - KB890175-->C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Correctif Windows XP - KB890923-->"C:\WINDOWS\$NtUninstallKB890923$\spuninst\spuninst.exe"
Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Correctif Windows XP - KB893066-->"C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
Correctif Windows XP - KB893086-->"C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe"
Coup de Pouce CE 1 v1.0-->C:\WINDOWS\unin040c.exe -fC:\KA\CPCE1\DeIsL1.isu
DivX Player-->G:\Programmes\DivX\DivXPlayerUninstall.exe /PLAYER
DivX-->G:\Programmes\DivX\DivXCodecUninstall.exe /CODEC
eMule-->"G:\Programmes\eMule\Uninstall.exe"
Fête & Maths-->C:\WINDOWS\edmkuni2.exe "g:\Programmes\Edmark\FETE & MATHS "
Google Earth-->MsiExec.exe /I{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}
Google SketchUp 6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x40c -removeonly
Google SketchUp 6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x40c -removeonly
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
HijackThis 2.0.0-->"C:\Documents and Settings\Admin\Bureau\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
hp deskjet 5550 series-->rundll32 hpzcon05.dll,VendorJettison hp deskjet 5550 series
HP Image Zone 4.0-->G:\Programmes\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Scanjet 4070-->G:\Programmes\HP\Digital Imaging\{7DB9BF65-46AC-4803-82AA-14EFCA927789}\setup\hpzscr01.exe -datfile hpgscr01.dat
HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
HP Software Update-->MsiExec.exe /X{457791C5-D702-4143-A7B2-2744BE9573F2}
ImpôtRapide 2005-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{740DC926-B248-41DF-A38A-0675749E4361}\isetup.ex_" -l0xc0c -uninst
ImpôtRapide 2006-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{287E1968-462A-40EB-BA11-A557C5D64F12}\isetup.ex_" -l0xc0c -uninst
ImpôtRapide 2007-->MsiExec.exe /X{3156B2FD-5C1D-4649-9FE3-EB6E77320266}
iPod for Windows 2005-11-17-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{8338BA06-E527-491B-9400-F51708FEE695} /l1036
iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
La barre d'outils AIR MILES 1.438-->C:\Program Files\La barre d'outils AIR MILES\Uninst.exe
Leadtek WinFastDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C1939820-A945-11D4-86F6-0001031E5712}\setup.exe" REMOVEALL
LEGO Star Wars II-->C:\Program Files\InstallShield Installation Information\{578FA426-47C0-4A3F-98A4-01ACD26B7556}\setup.exe -runfromtemp -l0x040c
LEGO® Indiana Jones™-->C:\Program Files\InstallShield Installation Information\{A14C40E7-F7E5-498D-B8BD-A3EAE942EED0}\setup.exe -runfromtemp -l0x040c
Lic Client-->C:\WINDOWS\unvise32.exe g:\programmes\LIC\uninstal.log
Logiciel iTouch de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{036AA4D4-6D32-11D4-9875-00105ACE7734}\Setup.exe" -l0x40c UNINSTALL
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\setup.exe" -l0x40c UNINSTALL
Logitech Gaming Software-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C1DA723-24FC-48AD-93BA-925695C3EF26}\setup.exe" -l0x40c -removeonly
Logitech MouseWare 9.71 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\setup.exe" -l0x40c -l040c UNINSTALL
LucasArts' The Infernal Machine-->C:\WINDOWS\uninst.exe -f"g:\programmes\LucasArts\The Infernal Machine\Install\DeIsL1.isu" -c"g:\programmes\LucasArts\The Infernal Machine\Install\LecSetup.dll"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Data Access Components KB870669-->C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Flight Simulator 98-->O:\Microsoft Games\Flight Simulator\Uninstal.exe /uninstall
Microsoft Motocross Madness-->"M:\Microsoft Games\Motocross Madness\Uninstal.exe" /runtemp
Microsoft Office XP Media Content-->MsiExec.exe /I{9030040C-6000-11D3-8CFE-0050048383C9}
Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB883939)-->"C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896688)-->"C:\WINDOWS\$NtUninstallKB896688$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899588)-->"C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899589)-->"C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB903235)-->"C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905915)-->"C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB912812)-->"C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913446)-->"C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB916281)-->"C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917159)-->"C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918899)-->"C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920214)-->"C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921398)-->"C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921883)-->"C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922616)-->"C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925486)-->"C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB896727)-->"C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Nero - Burning Rom-->MsiExec.exe /X{A4D7B764-4140-11D4-88EB-0050DA3579C0}
NetObjects Fusion 8-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1C59303F-FCC1-484C-A40E-52C2AD4B17F8}\setup.exe" -l0x9 anything -uninst
Nikon Message Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}\Setup.exe" -l0x9 UNINSTALL
NVIDIA nForce Utilities-->C:\WINDOWS\System32\rundll32.exe setupapi,InstallHinfSection Remove_SSUtilsNT 132 C:\WINDOWS\INF\nvautlml.inf
NVIDIA WDM Drivers-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B023185F-F1EF-4F97-B0BD-AE6D802226D1}\SETUP.EXE"
overland-->MsiExec.exe /I{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}
Photosynth 2.0.1519.16-->MsiExec.exe /X{366E24C6-9097-4F63-BF42-3F3EF356A960}
PhotoWise-->C:\WINDOWS\unin040c.exe -fg:\programmes\PhotoWise\DeIsL1.isu
Picasa 2-->"G:\Programmes\Picasa2\Uninstall.exe"
PictureProject-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF3999BE-1A7B-4738-88AA-97BF14094A4A}\Setup.exe" -l0x9 UNINSTALL
Pilotes NVIDIA nForce pour Windows 2000/XP-->rundll32.exe C:\WINDOWS\System32\NVNFINST.DLL,NvUninstallCrush
PowerQuest PartitionMagic 8.0-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
SATARaid-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{91649626-E343-11D5-BCEF-005004748D87}\Setup.exe" -l0x9
Shockwave-->C:\WINDOWS\system32\MACROMED\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\MACROMED\SHOCKW~1\Install.log
Star Wars Galactic Battlegrounds: Saga-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{10133CDD-50B9-4783-B336-8B48F3653715}\Setup.exe" -l0x9
Tom Clancy's Splinter Cell-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A174402A-2EE6-4B86-A930-7BC85A9933BD}\setup.exe" -l0x40c
True Internet Color-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\E-Color\True Internet Color\Uninst.isu" -c"C:\Program Files\E-Color\True Internet Color\TICUninstall.dll"
Turbo Lister 2-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{69640730-B830-4C24-BB5C-222DA1260548}
Tux Paint 0.9.16-->"G:\Programmes\TuxPaint\unins001.exe"
Tux Paint Stamps 2006-10-21-->"G:\Programmes\TuxPaint\unins000.exe"
Ulead COOL 3D 3.0-->C:\WINDOWS\Ulead.dat\uninstall\setup.exe
Ulead VideoStudio 10-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E188D820-1218-4E28-8BCA-91134C3664C2}\Setup.exe" -l0x40c
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format 9 Series SDK-->MsiExec.exe /X{EEE0F0A7-6B7D-4D1E-9498-43D9D012DDF7}
Windows XP Service Pack 2-->C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe
WinFast(R) Display Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44BAC2DD-0574-4047-B736-A7687401C1CD}\setup.exe"
WinFast(R) PVR (Application)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D7273CE1-F0B8-4B3C-B41E-F289E0835B43}\setup.exe"
WinFox Setup-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Leadtek Research Inc.\WinFox Setup\Uninst.isu" -c"C:\WINDOWS\System32\WinFox\WinFoxUT.dll"
ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

=====HijackThis Backups=====

O18 - Protocol: bwl0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O4 - Global Startup: HP Image Zone Fast Start.lnk = G:\Programmes\HP\Digital Imaging\bin\hpqthb08.exe
O18 - Protocol: bw50s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0 - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {82FBA1EA-F575-48DD-A824-04418FA63C66} - G:\Programmes\logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/ac [...] 0-3-36.cab
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/p [...] r37380.cab
O16 - DPF: {CA8A9780-280D-11CF-A24D-444553540000} (Adobe PDF Reader) - http://activex.microsoft.com/objects/ocget.dll
O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/Act [...] uncher.cab
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O4 - Global Startup: HP Digital Imaging Monitor.lnk = G:\Programmes\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = G:\Programmes\logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = G:\Programmes\msoffice\Office10\OSA.EXE
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8
O4 - HKLM\..\Run: [QuickTime Task] "G:\programmes\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [vsbylqxi.exe] C:\Documents and Settings\All Users.WINDOWS\Application Data\vsbylqxi.exe
O2 - BHO: (no name) - {2B8D11C6-9417-B296-AA79-09C2093684ED} - C:\WINDOWS\system32\nwfiqjk.dll (file missing)
O2 - BHO: (no name) - {5baaa4ba-1dd2-11b2-ada1-a63effca8258} - C:\WINDOWS\system32\5F5cKO5H.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [HP Software Update] "G:\Programmes\HP\HP Software Update\HPWuSchd2.exe"
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

======Hosts File======

127.0.0.1 localhost

======Security center information======

AV: ZoneAlarm Security Suite Antivirus
FW: ZoneAlarm Security Suite Firewall

System event log

Computer Name: DANIEL
Event Code: 7036
Message: Le service Carte de performance WMI est entré dans l'état : arrêté.

Record

Infection Vundo.

/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\

• Télécharge ComboFix (sUBs) sur ton Bureau.
• Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
• Il va te demander d'installer la console de récupération : accepte.
• Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix

Re-bonjour !

de plus, au départ de Combofix :


j'avais le message suivant :

The following files were trying to attach to Combofix. They sahll be disabled.

c:windows/system32/sqtmiv.dll

c:windows/system32/wesokaru.dll

Pour votre info, des fenêtres ont continué de s'ouvrir.


Merci encore!

Bonjour !

voici le rapport MBAM avant de rebooter j'avais le message suivant :

Impossible de supprimer certains éléments. Les premiers sont affichés ci-dessous. Tous les éléments qui n'ont pas pu être supprimés ont été ajoutés à la liste des suppressions au démarrage.

soit :

C:\WINDOWS\system32\zulagovi.dll
c:\WINDOWS\system32\wesokaru.dll

le rapport :


Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1813
Windows 5.1.2600 Service Pack 2

2009-02-28 14:58:12
mbam-log-2009-02-28 (14-58-12).txt

Type de recherche: Examen rapide
Eléments examinés: 127933
Temps écoulé: 8 minute(s), 9 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\zulagovi.dll (Trojan.Vundo.H) -> Delete on reboot.
c:\WINDOWS\system32\wesokaru.dll (Trojan.Vundo.H) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Audio-Video Software (Trojan.Zlob) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\2c29155d (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpm2f1a26c1 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.Vundo.H) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\wesokaru.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\wesokaru.dll -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\system32\zulagovi.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\ivogaluz.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\wesokaru.dll (Trojan.Vundo.H) -> Delete on reboot.

Bonjour !

voici le rapport RSIT :

Logfile of random's system information tool 1.05 (written by random/random)
Run by Admin at 2009-02-28 15:50:20
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 465 MB (4%) free of 11 GB
Total RAM: 511 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:50:28, on 2009-02-28
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\TCAUDIAG.exe
C:\WINDOWS\system32\sstray.exe
G:\Programmes\WinFast\WFTVFM\WFWIZ.exe
G:\Programmes\logitech\iTouch\iTouch.exe
G:\PROGRA~1\logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
G:\Programmes\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
G:\Programmes\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\E-Color\True Internet Color\TICIcon.exe
G:\Programmes\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\System32\svchost.exe
G:\Programmes\PhotoWise\quicklnk.exe
G:\Programmes\WLAN\802.11 Wireless LAN\WlanMonitor.exe
C:\WINDOWS\system32\fxssvc.exe
G:\Programmes\HP\Digital Imaging\bin\hpqgalry.exe
G:\Programmes\iPod\bin\iPodService.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Documents and Settings\Admin\Bureau\RSIT (1).exe
C:\Program Files\trend micro\Admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchAssistant = http://www.google.ca
R1 - HKCU\Software\Microsoft\Internet Explorer,CustomizeSearch = http://www.google.ca
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.ca
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://www.google.ca
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: FCToolbarURLSearchHook Class - {85c1dd6e-1181-41f2-9ab2-79d5f46f491b} - C:\Program Files\La barre d'outils AIR MILES\Helper.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - G:\Programmes\eBay\eBay Toolbar2\eBayTB.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: FCTBPos00Pos - {76A20DB7-AAD4-4EFD-AE21-57811E5E49E4} - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - G:\Programmes\eBay\eBay Toolbar2\eBayTB.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: La barre d'outils AIR MILES - {DC7A75BF-581D-4675-BDCB-D1B35116EB49} - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on
O4 - HKLM\..\Run: [nForce Tray Options] "sstray.exe" /r
O4 - HKLM\..\Run: [WinFast2KLoadDefault] "rundll32.exe" wf2kcpl.dll,DllLoadDefaultSettings
O4 - HKLM\..\Run: [WinFast Schedule] G:\Programmes\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [zBrowser Launcher] G:\Programmes\logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [EM_EXEC] G:\PROGRA~1\logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [HP Software Update] "G:\Programmes\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [UVS10 Preload] G:\Programmes\Ulead Systems\Ulead VideoStudio 10\uvPL.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "G:\Programmes\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] G:\Programmes\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Startup: PhotoWise QuickLink.lnk = G:\Programmes\PhotoWise\quicklnk.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Startup: Configuration & Monitor Utility.lnk = ?
O4 - Global Startup: SATARaid.lnk = ?
O4 - Global Startup: True Internet Color Icon.lnk = C:\Program Files\E-Color\True Internet Color\TICIcon.exe
O4 - Global Startup: NkbMonitor.exe.lnk = G:\Programmes\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = G:\Programmes\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = G:\Programmes\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &eBay Search - res://G:\Programmes\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.antimalwareguard.com
O15 - Trusted Zone: *.gomyhit.com
O15 - Trusted Zone: *.antimalwareguard.com (HKLM)
O15 - Trusted Zone: *.gomyhit.com (HKLM)
O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) - http://www.miniclip.com/igloader/igloader.CAB
O18 - Protocol: intu-ir2007 - {52BAEC6B-9405-46F9-A131-6D50720A3CC4} - G:\Programmes\ImpotRapide 2007\ic2007pp.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - G:\Programmes\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe

--
End of file - 8615 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1417001333-839522115-1010.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22D8E815-4A5E-4DFB-845E-AAB64207F5BD}]
eBay Toolbar Helper - G:\Programmes\eBay\eBay Toolbar2\eBayTB.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{76A20DB7-AAD4-4EFD-AE21-57811E5E49E4}]
FCTBPos00Pos Class - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll [2009-02-15 1256960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-08-14 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-10-04 737776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-10 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{92085AD4-F48A-450D-BD93-B28CC7DF67CE} - eBay Toolbar - G:\Programmes\eBay\eBay Toolbar2\eBayTB.dll []
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-08-14 2403392]
{DC7A75BF-581D-4675-BDCB-D1B35116EB49} - La barre d'outils AIR MILES - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll [2009-02-15 1256960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TCASUTIEXE"=TCAUDIAG.exe -on []
"nForce Tray Options"=sstray.exe /r []
"WinFast2KLoadDefault"=C:\WINDOWS\system32\wf2kcpl.dll [2003-02-13 626176]
"WinFast Schedule"=G:\Programmes\WinFast\WFTVFM\WFWIZ.exe [2003-03-27 159744]
"zBrowser Launcher"=G:\Programmes\logitech\iTouch\iTouch.exe [2004-03-18 892928]
"EM_EXEC"=G:\PROGRA~1\logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE [2002-07-09 28672]
"HP Software Update"=G:\Programmes\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
"UVS10 Preload"=G:\Programmes\Ulead Systems\Ulead VideoStudio 10\uvPL.exe [2006-03-07 36864]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"iTunesHelper"=G:\Programmes\iTunes\iTunesHelper.exe [2008-10-01 289576]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-15 68856]
"Google Update"=C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-24 133104]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2008-12-19 342848]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]

C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage
SATARaid.lnk - C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
True Internet Color Icon.lnk - C:\Program Files\E-Color\True Internet Color\TICIcon.exe
NkbMonitor.exe.lnk - G:\Programmes\Nikon\PictureProject\NkbMonitor.exe
HP Image Zone Fast Start.lnk - G:\Programmes\HP\Digital Imaging\bin\hpqthb08.exe
HP Digital Imaging Monitor.lnk - G:\Programmes\HP\Digital Imaging\bin\hpqtra08.exe

C:\Documents and Settings\Admin\Menu Démarrer\Programmes\Démarrage
PhotoWise QuickLink.lnk - G:\Programmes\PhotoWise\quicklnk.exe
PowerReg Scheduler.exe
Configuration & Monitor Utility.lnk - G:\Programmes\WLAN\802.11 Wireless LAN\WlanMonitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:EnabledNA"
"G:\Programmes\BitTorrent\bittorrent.exe"="G:\Programmes\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"G:\Programmes\iTunes\iTunes.exe"="G:\Programmes\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3cd8438c-d142-11dc-8ac4-0012c9310d21}]
shell\AutoRun\command - F:\Autorun.exe /s


======List of files/folders created in the last 1 months======

2009-02-28 14:43:44 ----D---- C:\Documents and Settings\Admin\Application Data\Malwarebytes
2009-02-28 14:43:30 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-02-28 14:43:29 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-28 14:16:19 ----A---- C:\ComboFix.txt
2009-02-28 14:06:07 ----A---- C:\WINDOWS\zip.exe
2009-02-28 14:06:07 ----A---- C:\WINDOWS\VFIND.exe
2009-02-28 14:06:07 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-02-28 14:06:07 ----A---- C:\WINDOWS\SWSC.exe
2009-02-28 14:06:07 ----A---- C:\WINDOWS\SWREG.exe
2009-02-28 14:06:07 ----A---- C:\WINDOWS\sed.exe
2009-02-28 14:06:07 ----A---- C:\WINDOWS\NIRCMD.exe
2009-02-28 14:06:07 ----A---- C:\WINDOWS\grep.exe
2009-02-28 14:06:07 ----A---- C:\WINDOWS\fdsv.exe
2009-02-28 14:03:50 ----D---- C:\WINDOWS\ERDNT
2009-02-28 14:03:50 ----D---- C:\Qoobox
2009-02-28 13:17:39 ----D---- C:\rsit
2009-02-26 11:04:09 ----A---- C:\rollback.ini
2009-02-26 10:52:35 ----D---- C:\Documents and Settings\Admin\Application Data\MailFrontier
2009-02-25 10:31:18 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-25 07:39:29 ----D---- C:\WINDOWS\CSC
2009-02-15 00:07:11 ----D---- C:\Program Files\La barre d'outils AIR MILES
2009-02-04 11:14:25 ----A---- C:\WINDOWS\system32\javaws.exe
2009-02-04 11:14:24 ----A---- C:\WINDOWS\system32\javaw.exe
2009-02-04 11:14:24 ----A---- C:\WINDOWS\system32\java.exe
2009-01-31 12:39:57 ----A---- C:\WINDOWS\KA.INI
2009-01-31 12:39:56 ----D---- C:\KA

======List of files/folders modified in the last 1 months======

2009-02-28 15:05:00 ----A---- C:\errlgr.txt
2009-02-28 15:03:02 ----N---- C:\WINDOWS\ModemLog_U.S. Robotics 56K Voice Host Int.txt
2009-02-28 14:13:58 ----A---- C:\WINDOWS\system.ini
2009-02-20 19:13:16 ----A---- C:\WINDOWS\win.ini
2009-02-19 17:06:58 ----A---- C:\WINDOWS\u3dedit3.INI
2009-02-19 17:05:52 ----A---- C:\WINDOWS\ULead32.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-19 41600]
R1 incdrm;InCD EasyWrite Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2002-10-08 7582]
R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2006-08-16 225664]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952]
R2 aslm75;aslm75; \??\C:\WINDOWS\system32\drivers\aslm75.sys []
R2 Fallback;Fallback; C:\WINDOWS\System32\DRIVERS\HSF_FALL.sys [2001-08-17 289887]
R2 Fsks;Fsks; C:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys [2001-08-17 115807]
R2 K56;K56; C:\WINDOWS\System32\DRIVERS\HSF_K56K.sys [2001-08-17 391199]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2004-08-04 11868]
R2 nvcap;nVidia WDM Video Capture (universal); C:\WINDOWS\System32\DRIVERS\nvcap.sys [2003-04-03 118220]
R2 nvTUNEP;nVidia WDM TVTuner; C:\WINDOWS\System32\DRIVERS\nvtunep.sys [2003-04-03 15968]
R2 nvtvSND;nVidia WDM TVAudio Crossbar; C:\WINDOWS\System32\DRIVERS\nvtvsnd.sys [2003-04-03 45216]
R2 NVXBAR;nVidia WDM A/V Crossbar; C:\WINDOWS\System32\DRIVERS\NVxbar.sys [2003-04-03 10942]
R2 SoftFax;SoftFax; C:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys [2001-08-17 199711]
R2 SpeakerPhone;SpeakerPhone; C:\WINDOWS\System32\DRIVERS\HSF_SPKP.sys [2001-08-17 73279]
R2 tcaicchg;tcaicchg; \??\C:\WINDOWS\System32\tcaicchg.sys []
R2 TCAITDI;TCAITDI Protocol; C:\WINDOWS\System32\DRIVERS\TCAITDI.sys [2001-09-03 19534]
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R2 Tones;Tones; C:\WINDOWS\System32\DRIVERS\HSF_TONE.sys [2001-08-17 50751]
R2 V124;V124; C:\WINDOWS\System32\DRIVERS\HSF_V124.sys [2001-08-17 488383]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 EL90Xbc;3Com 3C90X-BC Family PCI EtherLink Adapter; C:\WINDOWS\System32\DRIVERS\el90Xbc5.SYS [2002-08-13 74338]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSFDPSP2.sys [2004-08-04 1041536]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFBS2S2.sys [2004-08-04 220032]
R3 itchfltr;iTouch Keyboard Filter; C:\WINDOWS\system32\DRIVERS\itchfltr.sys [2004-03-10 12953]
R3 l8042pr2;Logitech PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042Pr2.sys [2002-07-09 50862]
R3 LKbdFlt2;Logitech Keyboard Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LKbdFlt2.sys [2002-07-09 6030]
R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFlt2.sys [2002-07-09 70382]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2002-12-05 13056]
R3 NVENET;NVIDIA nForce MCP Networking Adapter Driver; C:\WINDOWS\System32\DRIVERS\NVENET.sys [2002-09-22 80896]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2002-12-05 241664]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368]
R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-04 12416]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2004-08-04 17024]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 15104]
R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSFCXTS2.sys [2004-08-04 685056]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2005-04-12 10144]
R3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2005-04-12 22240]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2005-04-12 45504]
R4 WINFOXIO;WINFOXIO; \??\C:\WINDOWS\system32\Drivers\WINFOXIO.SYS []
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [2004-08-04 48128]
S3 Avc;Périphérique AVC; C:\WINDOWS\System32\DRIVERS\avc.sys [2004-08-04 38912]
S3 basic2;basic2; C:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys [2001-08-17 67167]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 hsf_msft;hsf_msft; C:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys [2001-08-17 542879]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\System32\DRIVERS\msdv.sys [2004-08-04 51328]
S3 msgame;Activateur de port HID vers manette de jeu Sidewinder; C:\WINDOWS\system32\DRIVERS\msgame.sys [2001-08-17 35200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 ndiscm;Motorola SurfBoard USB Cable Modem Windows Driver; C:\WINDOWS\system32\DRIVERS\NetMotCM.sys [2002-02-25 15400]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 Rksample;Rksample; C:\WINDOWS\System32\DRIVERS\HSF_SAMP.sys [2001-08-17 57471]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 WBHWDOCT;Winbond GPIO Driver1; C:\WINDOWS\System32\drivers\WBHWDOCT.sys [2002-09-09 7312]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2005-04-12 5600]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-19 268800]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-10 152984]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZONELABS\vsmon.exe [2008-07-09 75304]
R3 iPod Service;Service de l’iPod; G:\Programmes\iPod\bin\iPodService.exe [2008-10-01 536872]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-25 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]

-----------------EOF-----------------

Bonjour !

1)

je n'arrive pas localiser dans la section Ajouter ou supprimer des programmes :

Audio-Video Software

pour le Java 6, il est dans la liste. Je pourrai le supprimer.

Où pourrais-je le retrouver?

Merci!

Bonjour !

je n'ai pu mettre à jour Internet Explorer.

Le scan s'est arrêté au lecteur F: et rien ne fonctionnait par la suite

voici le rapport :

Avira AntiVir Personal
Report file date: 1 mars 2009 20:04

Scanning for 1272232 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: DANIEL

Version information:
BUILD.DAT : 8.2.0.337 16934 Bytes 2008-11-18 13:05:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 2008-11-18 14:21:28
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 13:56:42
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 18:44:20
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 13:58:54
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 2008-10-27 17:30:38
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 2009-02-11 01:01:10
ANTIVIR2.VDF : 7.1.2.55 248832 Bytes 2009-02-20 01:01:12
ANTIVIR3.VDF : 7.1.2.98 201216 Bytes 2009-03-01 01:01:14
Engineversion : 8.2.0.98
AEVDF.DLL : 8.1.1.0 106868 Bytes 2009-03-02 01:01:30
AESCRIPT.DLL : 8.1.1.56 352634 Bytes 2009-03-02 01:01:26
AESCN.DLL : 8.1.1.7 127347 Bytes 2009-03-02 01:01:24
AERDL.DLL : 8.1.1.3 438645 Bytes 2008-11-04 19:58:40
AEPACK.DLL : 8.1.3.8 397684 Bytes 2009-03-02 01:01:24
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 2009-03-02 01:01:22
AEHEUR.DLL : 8.1.0.100 1618295 Bytes 2009-03-02 01:01:20
AEHELP.DLL : 8.1.2.2 119158 Bytes 2009-03-02 01:01:18
AEGEN.DLL : 8.1.1.22 336245 Bytes 2009-03-02 01:01:16
AEEMU.DLL : 8.1.0.9 393588 Bytes 2008-10-14 16:05:58
AECORE.DLL : 8.1.6.6 176501 Bytes 2009-03-02 01:01:16
AEBB.DLL : 8.1.0.3 53618 Bytes 2008-10-14 16:05:58
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 14:40:06
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 15:28:02
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-07-31 18:02:16
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 17:26:42
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 14:29:24
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 18:27:50
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 23:28:04
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 18:49:42
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 18:05:12
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 19:48:08
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 19:34:38

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, F:, G:, H:, I:, J:, K:, L:, M:, N:, O:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 1 mars 2009 20:04

Starting search for hidden objects.
Error in ARK lib

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'mantispm.exe' - '1' Module(s) have been scanned
Scan process 'hpqgalry.exe' - '1' Module(s) have been scanned
Scan process 'WlanMonitor.exe' - '1' Module(s) have been scanned
Scan process 'quicklnk.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'NkbMonitor.exe' - '1' Module(s) have been scanned
Scan process 'TICIcon.exe' - '1' Module(s) have been scanned
Scan process 'SATARaid.exe' - '1' Module(s) have been scanned
Scan process 'btdna.exe' - '1' Module(s) have been scanned
Scan process 'GoogleUpdate.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'zlclient.exe' - '0' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'hpcmpmgr.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'EM_EXEC.EXE' - '1' Module(s) have been scanned
Scan process 'iTouch.exe' - '1' Module(s) have been scanned
Scan process 'WFWIZ.exe' - '1' Module(s) have been scanned
Scan process 'sstray.exe' - '1' Module(s) have been scanned
Scan process 'TCAUDIAG.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'fxssvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'mdm.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
Scan process 'vsmon.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
45 processes with 45 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'F:\'
[INFO] No virus was found!
Boot sector 'G:\'
[INFO] No virus was found!
Boot sector 'H:\'
[INFO] No virus was found!
Boot sector 'I:\'
[INFO] No virus was found!
Boot sector 'J:\'
[INFO] No virus was found!
Boot sector 'K:\'
[INFO] No virus was found!
Boot sector 'L:\'
[INFO] No virus was found!
Boot sector 'M:\'
[INFO] No virus was found!
Boot sector 'N:\'
[INFO] No virus was found!
Boot sector 'O:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '68' files ).


Starting the file scan:

Begin scan in 'C:\' <SYSTEM>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Admin\igLoader Files\supergerball\supergerball.dll
[DETECTION] Is the TR/Banker.FTI Trojan
[NOTE] The file was moved to '4a1b344f.qua'!
C:\System Volume Information\_restore{3CFE6652-47C3-474E-AC6D-29A293473512}\RP1879\A0319121.dll
[DETECTION] Is the TR/Banker.FTI Trojan
[NOTE] The file was moved to '49de34d2.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\bubufibo.dll.vir
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0d363a.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\buelct.dll.vir
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a10363f.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\bulawasi.dll.vir
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a173644.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\dajifuji.dll.vir
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a153638.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\eberry.dll.vir
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4b93ec40.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\fugajezu.dll.vir
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a123653.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\fusigoka.dll.vir
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1e3653.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\jonefede.dll.vir
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a19364d.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\kakinahu.dll.vir
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a16363f.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\kenahapu.dll.vir
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a193644.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\loyayono.dll.vir
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a24364e.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\lysimm.dll.vir
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1e3658.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\nbrfvu.dll.vir
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1d3641.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\nukinihe.dll.vir
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a163655.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\nutedemu.dll.vir
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1f3655.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\rogahefa.dll.vir
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a12364f.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\siruguhu.dll.vir
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1d3649.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\sqtmiv.dll.vir.vir
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1f3652.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\sujigewi.dll.vir
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a153656.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\vikikeme.dll.vir
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a16364a.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\xirvsm.dll.vir
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1d364b.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\yibamaka.dll.vir
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0d364b.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\ynizqm.dll.vir
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a143650.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\yubihimo.dll.vir
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0d3657.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\yzyyxq.dll.vir
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a24365d.qua'!
Begin scan in 'F:\'


End of the scan: 1 mars 2009 20:39
Used time: 35:00 Minute(s)

The scan has been canceled!

7249 Scanning directories
198427 Files were scanned
27 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
27 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
198398 Files not concerned
2780 Archives were scanned
2 Warnings
27 Notes
40752 Objects were scanned with rootkit scan
1 Hidden objects were found

Bonjour !

Internet Explorer : l'installation s'arrête à moitié et je ne comprends pas pourquoi.

voici le rapport RSIT :

Logfile of random's system information tool 1.05 (written by random/random)
Run by Admin at 2009-03-11 19:43:11
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 2 GB (16%) free of 11 GB
Total RAM: 511 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:43:30, on 2009-03-11
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\TCAUDIAG.exe
C:\WINDOWS\system32\sstray.exe
G:\Programmes\WinFast\WFTVFM\WFWIZ.exe
G:\Programmes\logitech\iTouch\iTouch.exe
G:\PROGRA~1\logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
G:\Programmes\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
G:\Programmes\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
C:\Program Files\E-Color\True Internet Color\TICIcon.exe
G:\Programmes\iPod\bin\iPodService.exe
G:\Programmes\PhotoWise\quicklnk.exe
G:\Programmes\WLAN\802.11 Wireless LAN\WlanMonitor.exe
G:\Programmes\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\Documents and Settings\Admin\Bureau\RSIT (1).exe
C:\Program Files\trend micro\Admin.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchAssistant = http://www.google.ca
R1 - HKCU\Software\Microsoft\Internet Explorer,CustomizeSearch = http://www.google.ca
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.ca
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://www.google.ca
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: FCToolbarURLSearchHook Class - {85c1dd6e-1181-41f2-9ab2-79d5f46f491b} - C:\Program Files\La barre d'outils AIR MILES\Helper.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - G:\Programmes\eBay\eBay Toolbar2\eBayTB.dll (file missing)
O2 - BHO: FCTBPos00Pos - {76A20DB7-AAD4-4EFD-AE21-57811E5E49E4} - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - G:\Programmes\eBay\eBay Toolbar2\eBayTB.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: La barre d'outils AIR MILES - {DC7A75BF-581D-4675-BDCB-D1B35116EB49} - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on
O4 - HKLM\..\Run: [nForce Tray Options] "sstray.exe" /r
O4 - HKLM\..\Run: [WinFast2KLoadDefault] "rundll32.exe" wf2kcpl.dll,DllLoadDefaultSettings
O4 - HKLM\..\Run: [WinFast Schedule] G:\Programmes\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [zBrowser Launcher] G:\Programmes\logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [EM_EXEC] G:\PROGRA~1\logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [HP Software Update] "G:\Programmes\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [UVS10 Preload] G:\Programmes\Ulead Systems\Ulead VideoStudio 10\uvPL.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "G:\Programmes\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-725345543-1417001333-839522115-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-725345543-1417001333-839522115-1003.bak\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - S-1-5-21-725345543-1417001333-839522115-1003.bak Startup: PhotoWise QuickLink.lnk = G:\Programmes\PhotoWise\quicklnk.exe (User '?')
O4 - S-1-5-21-725345543-1417001333-839522115-1003.bak Startup: PowerReg Scheduler.exe (User '?')
O4 - S-1-5-21-725345543-1417001333-839522115-1003.bak Startup: News Interceptor 3.lnk = G:\Programmes\News Interceptor 3\NewsInterceptor3.exe (User '?')
O4 - Startup: PhotoWise QuickLink.lnk = G:\Programmes\PhotoWise\quicklnk.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Startup: Configuration & Monitor Utility.lnk = ?
O4 - Global Startup: SATARaid.lnk = ?
O4 - Global Startup: True Internet Color Icon.lnk = C:\Program Files\E-Color\True Internet Color\TICIcon.exe
O4 - Global Startup: NkbMonitor.exe.lnk = G:\Programmes\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = G:\Programmes\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = G:\Programmes\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &eBay Search - res://G:\Programmes\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.antimalwareguard.com
O15 - Trusted Zone: *.gomyhit.com
O15 - Trusted Zone: *.antimalwareguard.com (HKLM)
O15 - Trusted Zone: *.gomyhit.com (HKLM)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/down [...] leId=27986
O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) - http://www.miniclip.com/igloader/igloader.CAB
O18 - Protocol: intu-ir2007 - {52BAEC6B-9405-46F9-A131-6D50720A3CC4} - G:\Programmes\ImpotRapide 2007\ic2007pp.dll
O18 - Protocol: intu-ir2008 - {729D3592-92E7-4CBC-8E44-3C22B3F457B3} - G:\Programmes\ImpotRapide 2008\ic2008pp.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - G:\Programmes\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe

--
End of file - 10455 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1417001333-839522115-1010.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22D8E815-4A5E-4DFB-845E-AAB64207F5BD}]
eBay Toolbar Helper - G:\Programmes\eBay\eBay Toolbar2\eBayTB.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{76A20DB7-AAD4-4EFD-AE21-57811E5E49E4}]
FCTBPos00Pos Class - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll [2009-02-15 1256960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-08-14 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-10-04 737776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-28 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-28 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{92085AD4-F48A-450D-BD93-B28CC7DF67CE} - eBay Toolbar - G:\Programmes\eBay\eBay Toolbar2\eBayTB.dll []
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-08-14 2403392]
{DC7A75BF-581D-4675-BDCB-D1B35116EB49} - La barre d'outils AIR MILES - C:\Program Files\La barre d'outils AIR MILES\Toolbar.dll [2009-02-15 1256960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TCASUTIEXE"=TCAUDIAG.exe -on []
"nForce Tray Options"=sstray.exe /r []
"WinFast2KLoadDefault"=C:\WINDOWS\system32\wf2kcpl.dll [2003-02-13 626176]
"WinFast Schedule"=G:\Programmes\WinFast\WFTVFM\WFWIZ.exe [2003-03-27 159744]
"zBrowser Launcher"=G:\Programmes\logitech\iTouch\iTouch.exe [2004-03-18 892928]
"EM_EXEC"=G:\PROGRA~1\logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE [2002-07-09 28672]
"HP Software Update"=G:\Programmes\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
"UVS10 Preload"=G:\Programmes\Ulead Systems\Ulead VideoStudio 10\uvPL.exe [2006-03-07 36864]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"iTunesHelper"=G:\Programmes\iTunes\iTunesHelper.exe [2008-10-01 289576]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-02-28 148888]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-15 68856]
"Google Update"=C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-24 133104]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2008-12-19 342848]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]

C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage
SATARaid.lnk - C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
True Internet Color Icon.lnk - C:\Program Files\E-Color\True Internet Color\TICIcon.exe
NkbMonitor.exe.lnk - G:\Programmes\Nikon\PictureProject\NkbMonitor.exe
HP Image Zone Fast Start.lnk - G:\Programmes\HP\Digital Imaging\bin\hpqthb08.exe
HP Digital Imaging Monitor.lnk - G:\Programmes\HP\Digital Imaging\bin\hpqtra08.exe

C:\Documents and Settings\Admin\Menu Démarrer\Programmes\Démarrage
PhotoWise QuickLink.lnk - G:\Programmes\PhotoWise\quicklnk.exe
PowerReg Scheduler.exe
Configuration & Monitor Utility.lnk - G:\Programmes\WLAN\802.11 Wireless LAN\WlanMonitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:EnabledNA"
"G:\Programmes\BitTorrent\bittorrent.exe"="G:\Programmes\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"G:\Programmes\iTunes\iTunes.exe"="G:\Programmes\iTunes\iTunes.exe:*:Enabled:iTunes"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3cd8438c-d142-11dc-8ac4-0012c9310d21}]
shell\AutoRun\command - F:\Autorun.exe /s

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dc01a0b8-7116-11db-80d1-0012c9310d21}]
shell\AutoRun\command - P:\setupSNK.exe


======List of files/folders created in the last 1 months======

2009-03-11 19:39:49 ----A---- C:\ComboFix.txt
2009-03-11 19:30:34 ----A---- C:\Boot.bak
2009-03-11 19:30:31 ----RASHD---- C:\cmdcons
2009-03-01 19:54:27 ----D---- C:\Program Files\Avira
2009-03-01 19:54:27 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
2009-03-01 18:19:25 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-03-01 16:56:30 ----HD---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2009-03-01 16:56:03 ----HD---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2009-03-01 16:55:11 ----HD---- C:\WINDOWS\$NtUninstallKB915865$
2009-03-01 16:55:08 ----N---- C:\WINDOWS\system32\xmllite.dll
2009-03-01 16:52:20 ----A---- C:\WINDOWS\system32\MRT.exe
2009-03-01 16:52:15 ----D---- C:\WINDOWS\network diagnostic
2009-03-01 16:52:14 ----HD---- C:\WINDOWS\$NtUninstallKB914440$
2009-03-01 16:52:05 ----HD---- C:\WINDOWS\$NtUninstallKB904942$
2009-03-01 16:50:57 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-28 19:58:59 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\NOS
2009-02-28 19:58:58 ----D---- C:\Program Files\NOS
2009-02-28 19:55:57 ----A---- C:\WINDOWS\system32\javaws.exe
2009-02-28 19:55:57 ----A---- C:\WINDOWS\system32\javaw.exe
2009-02-28 19:55:56 ----A---- C:\WINDOWS\system32\java.exe
2009-02-28 19:55:29 ----D---- C:\Program Files\Java
2009-02-28 14:43:44 ----D---- C:\Documents and Settings\Admin\Application Data\Malwarebytes
2009-02-28 14:43:30 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-02-28 14:43:29 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-28 14:03:50 ----D---- C:\WINDOWS\ERDNT
2009-02-28 13:17:39 ----D---- C:\rsit
2009-02-26 11:04:09 ----A---- C:\rollback.ini
2009-02-26 10:52:35 ----D---- C:\Documents and Settings\Admin\Application Data\MailFrontier
2009-02-25 10:31:18 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-25 07:39:29 ----D---- C:\WINDOWS\CSC
2009-02-15 00:07:11 ----D---- C:\Program Files\La barre d'outils AIR MILES

======List of files/folders modified in the last 1 months======

2009-03-11 19:38:22 ----A---- C:\WINDOWS\system.ini
2009-03-11 19:30:36 ----RASH---- C:\boot.ini
2009-03-11 06:53:00 ----A---- C:\errlgr.txt
2009-03-10 21:09:14 ----N---- C:\WINDOWS\ModemLog_U.S. Robotics 56K Voice Host Int.txt
2009-03-10 16:09:40 ----A---- C:\WINDOWS\hpqgrcpy.INI
2009-03-08 16:55:56 ----A---- C:\WINDOWS\win.ini
2009-03-02 21:04:12 ----A---- C:\WINDOWS\system32\ssnvfx.ini
2009-02-28 19:55:36 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-02-19 17:06:58 ----A---- C:\WINDOWS\u3dedit3.INI
2009-02-19 17:05:52 ----A---- C:\WINDOWS\ULead32.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-19 41600]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
R1 incdrm;InCD EasyWrite Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2002-10-08 7582]
R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2006-08-16 225664]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952]
R2 aslm75;aslm75; \??\C:\WINDOWS\system32\drivers\aslm75.sys []
R2 Fallback;Fallback; C:\WINDOWS\System32\DRIVERS\HSF_FALL.sys [2001-08-17 289887]
R2 Fsks;Fsks; C:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys [2001-08-17 115807]
R2 K56;K56; C:\WINDOWS\System32\DRIVERS\HSF_K56K.sys [2001-08-17 391199]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2004-08-04 11868]
R2 nvcap;nVidia WDM Video Capture (universal); C:\WINDOWS\System32\DRIVERS\nvcap.sys [2003-04-03 118220]
R2 nvTUNEP;nVidia WDM TVTuner; C:\WINDOWS\System32\DRIVERS\nvtunep.sys [2003-04-03 15968]
R2 nvtvSND;nVidia WDM TVAudio Crossbar; C:\WINDOWS\System32\DRIVERS\nvtvsnd.sys [2003-04-03 45216]
R2 NVXBAR;nVidia WDM A/V Crossbar; C:\WINDOWS\System32\DRIVERS\NVxbar.sys [2003-04-03 10942]
R2 SoftFax;SoftFax; C:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys [2001-08-17 199711]
R2 SpeakerPhone;SpeakerPhone; C:\WINDOWS\System32\DRIVERS\HSF_SPKP.sys [2001-08-17 73279]
R2 tcaicchg;tcaicchg; \??\C:\WINDOWS\System32\tcaicchg.sys []
R2 TCAITDI;TCAITDI Protocol; C:\WINDOWS\System32\DRIVERS\TCAITDI.sys [2001-09-03 19534]
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R2 Tones;Tones; C:\WINDOWS\System32\DRIVERS\HSF_TONE.sys [2001-08-17 50751]
R2 V124;V124; C:\WINDOWS\System32\DRIVERS\HSF_V124.sys [2001-08-17 488383]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 EL90Xbc;3Com 3C90X-BC Family PCI EtherLink Adapter; C:\WINDOWS\System32\DRIVERS\el90Xbc5.SYS [2002-08-13 74338]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSFDPSP2.sys [2004-08-04 1041536]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFBS2S2.sys [2004-08-04 220032]
R3 itchfltr;iTouch Keyboard Filter; C:\WINDOWS\system32\DRIVERS\itchfltr.sys [2004-03-10 12953]
R3 l8042pr2;Logitech PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042Pr2.sys [2002-07-09 50862]
R3 LKbdFlt2;Logitech Keyboard Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LKbdFlt2.sys [2002-07-09 6030]
R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFlt2.sys [2002-07-09 70382]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2002-12-05 13056]
R3 NVENET;NVIDIA nForce MCP Networking Adapter Driver; C:\WINDOWS\System32\DRIVERS\NVENET.sys [2002-09-22 80896]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2002-12-05 241664]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368]
R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-04 12416]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2004-08-04 17024]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 15104]
R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSFCXTS2.sys [2004-08-04 685056]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2005-04-12 10144]
R3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2005-04-12 22240]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2005-04-12 45504]
R4 WINFOXIO;WINFOXIO; \??\C:\WINDOWS\system32\Drivers\WINFOXIO.SYS []
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [2004-08-04 48128]
S3 Avc;Périphérique AVC; C:\WINDOWS\System32\DRIVERS\avc.sys [2004-08-04 38912]
S3 basic2;basic2; C:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys [2001-08-17 67167]
S3 catchme;catchme; \??\C:\DOCUME~1\Admin\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 hsf_msft;hsf_msft; C:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys [2001-08-17 542879]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\System32\DRIVERS\msdv.sys [2004-08-04 51328]
S3 msgame;Activateur de port HID vers manette de jeu Sidewinder; C:\WINDOWS\system32\DRIVERS\msgame.sys [2001-08-17 35200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 ndiscm;Motorola SurfBoard USB Cable Modem Windows Driver; C:\WINDOWS\system32\DRIVERS\NetMotCM.sys [2002-02-25 15400]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 Rksample;Rksample; C:\WINDOWS\System32\DRIVERS\HSF_SAMP.sys [2001-08-17 57471]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 WBHWDOCT;Winbond GPIO Driver1; C:\WINDOWS\System32\drivers\WBHWDOCT.sys [2002-09-09 7312]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2005-04-12 5600]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-19 268800]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-28 152984]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZONELABS\vsmon.exe [2008-07-09 75304]
R3 iPod Service;Service de l’iPod; G:\Programmes\iPod\bin\iPodService.exe [2008-10-01 536872]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-25 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]

-----------------EOF-----------------

Ton PC va bien ?

• Installe Internet Explorer 8.
• Cherche ce fichier : C:\Program Files\trend micro\Admin.exe
• Double-clique sur ce fichier.
• Choisis Do a system scan only.
• Coche les cases qui sont devant les lignes suivantes :

• Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.
• Ferme HijackThis.

• Refais un scan RSIT et poste le rapport log.

1/

• Désinstalle HijackThis.
• Menu Démarrer > Exécuter > Tape combofix /u et valide.

• Télécharge ToolsCleaner2 sur ton Bureau.
• Double-clique sur ToolsCleaner2.exe pour le lancer.
• Clique sur Recherche et laisse le scan agir.
• Clique sur Suppression pour finaliser.
• Tu peux, si tu le souhaites, te servir des Options Facultatives.
• Clique sur Quitter pour obtenir le rapport.
• Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

2/

• Télécharge et installe CCleaner Slim.
• Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
• Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
• Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs (Sauvegarde la base de registre).

3/

• Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.

• Je te conseille de créer un point de restauration que tu pourras utiliser plus tard si tu as un problème.

==Prévention==

Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

Comme navigateur, utilise plutôt Mozilla Firefox qu'Internet Explorer. Tu peux utiliser l'extension NoScript pour plus de sécurité.

Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, onglet Mises à jour automatiques).

Tu peux aussi modifier le fichier Hosts pour améliorer la sécurité de ton PC : Lien

Par rapport au P2P : Lien

Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


==Problème résolu ?==

Si tu estimes que ton problème est résolu :

---> Ajoute maintenant [Résolu] au titre. Pour cela :

• Clique, dans ton premier message, sur le bouton Editer .
• Rajoute la mention [Résolu] devant le titre.
• Clique ensuite sur Valider votre message.

Sois plus vigilant(e) sur Internet

Tu peux supprimer ToolsCleaner.

---> Oui.

---> Je ne sais pas.