Virus qui se diffuse par msn

Bonjour,

Supprime le lien infecté de ton premier message.

J'analyse ton rapport et je te réponds.

Re,

Tu es sous XP, Vista, etc ?

***

Cette procédure doit être imprimée pour que tu puisses l’avoir sous les yeux lorsque tu seras en mode sans échec.

Ton infection utilise le social engineering comme vecteur de propagation.
Pour en savoir plus sur les infections se propageant via MSN, clique **ICI**.

Télécharge MSNFix (de !aur3n7) sur ton Bureau :

Dézippe-le sur C:\ et redémarre en mode sans échec :
Redémarre l'ordinateur et dès qu'il commence à charger appuie continuellement sur la touche F8. Un menu devrait apparaitre où tu auras la possibilité de choisir le mode sans échec.

Note 1 : Si tu es sous Windows Vista, fais un clic droit sur le programme et choisis Exécuter en tant qu'Administrateur.

• Ouvre le dossier MSNFix puis double-clique sur MSNFix.bat (L’extension bat peut ne pas apparaître).
• Exécute l'option R.
• Si l'infection est détectée, presse une touche pour lancer le nettoyage (N).
• Si tu dois redémarrer l’ordinateur fais le manuellement.
• Poste le rapport situé dans le dossier MSNFix.

Note 2 : Le nom du rapport correspond à l'heure de sa création : date_heure.log

Note 3 : Si tu obtiens un fichier zip d’upload sur ton bureau, fais ceci.

Aide : Comment utiliser MSNFix.

Re,

C'est un processus légitime, il appartient à SpyBot Search and Destroy

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

• Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
• Afin de lancer la recherche, clic sur"Rechercher".
• Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.

AIDE : Tuto en images sur MBAM

Cela ira très bien

Re,

Si tu comptes formater, préviens-moi à l'avance que je ne perde pas mon temps à te préparer une procédure que tu n'appliqueras pas.

On va regarder plus en profondeur :

Télécharge Deckard's System Scanner (DSS) (ou DSS) sur ton Bureau.
NB : Tu dois être connecté avec des droits d'Administrateur.

• ferme toutes les applications et fenêtres
• double-clique sur dss.exe pour le lancer et suis les instructions ci-dessous

Attention, il est conseillé de stopper temporairement les logiciels résidents de protection (pare-feu, antivirus, etc.)

• s'il s'agit d'une première utilisation ou d'une nouvelle version de DSS :
• tu devras cliquer 2 fois sur le OK des boîtes de dialogue

Attention, si tu tardes trop, la réponse Abandon sera automatiquement validée

• quand le traitement est terminé (clique sur OK), deux fichiers texte s'affichent :

main.txt <- ouvert en premier plan et en plein écran
extra.txt <- ouvert en second plan et en fenêtré (regarde la barre des taches)
S'il s'agit d'une utilisation supplémentaire de DSS :

• tu n'auras pas de boîte de dialogue (pas de OK)
• quand le traitement est terminé, un fichier texte s'affiche :

main.txt <- ouvert en premier plan et en plein écran

• copie (Ctrl+A puis Ctrl+C) et colle (Ctrl+V) le contenu de main.txt dans ton prochain post
• copie de même le contenu de extra.txt dans ton prochain post, si tu as ce fichier (première utilisation)
• n'oublie pas de réactiver les protections si elles ont été stoppées.

Ce que fait DSS :

• crée un point de restauration dans Windows XP et Vista
• nettoie les fichiers temporaires, DPF-Downloaded Program Files et le Cache Internet, vide la Corbeille de tous les lecteurs
• vérifie quelques zones importantes de ton système et établit un rapport pour examen par ton conseiller en sécurité. DSS lance automatiquement HijackThis pour toi; il va aussi créer un raccourci HijackThis sur ton Bureau si tu n'as pas déjà HijackThis d'installé.

Voici le Main.txt :

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
5: 2008-08-07 17:56:07 UTC - RP5 - Deckard's System Scanner Restore Point
4: 2008-08-07 14:16:49 UTC - RP4 - Installé Nero 8
3: 2008-08-07 14:14:29 UTC - RP3 - DirectX est installé
2: 2008-08-06 13:50:12 UTC - RP2 - Point de vérification système
1: 2008-08-05 00:24:02 UTC - RP1 - Point de vérification système


Backed up registry hives.
Performed disk cleanup.

[color=red]System Drive C: has 12.22 GiB (less than 15%) free.[/color]


-- HijackThis (run as GoT - Emi.exe) -------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:57:23, on 07/08/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\RemoteControlService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Raxco\PerfectDisk\PDSched.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS WLAN Adapter\ACU.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\backup\connectiv32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\GoT - Emi\Mes documents\dss.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\DOCUME~1\GOT-EM~1\Bureau\GoT - Emi.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Explorer Ubuntu By LiiVED
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [ACU] "C:\Program Files\ASUS WLAN Adapter\ACU.exe" -nogui
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TweakDUN] C:\Program Files\TweakDUN\tweakdun.exe splash
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [connectiv32] C:\backup\connectiv32.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\RunOnce: [NeroHomeFirstStart] "C:\Program Files\Fichiers communs\Nero\Lib\NMFirstStart.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (HKCU)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/re [...] oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wi [...] 6842964031
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com [...] _0_3_0.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{79C945D7-5DF8-419E-9458-9CF0C419A04F}: NameServer = 212.27.54.252,212.27.53.252
O23 - Service: Service de configuration ASUS (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ITE Remote Control Service (ITECIRService) - ITE Tech. Inc. - C:\WINDOWS\system32\RemoteControlService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 11188 bytes

-- File Associations -----------------------------------------------------------

[COLOR=red].cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*[/COLOR]
[COLOR=red].cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*[/COLOR]
[COLOR=red].reg - regfile - shell\open\command - regedit.exe "%1" %*[/COLOR]
[COLOR=red].scr - scrfile - shell\open\command - "%1" %*[/COLOR]


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 StarOpen - c:\windows\system32\drivers\staropen.sys
R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.4.10.0) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.4.10.0>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 ACS (Service de configuration ASUS) - c:\windows\system32\acs.exe
R2 Bonjour Service (Service Bonjour) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>
R2 ITECIRService (ITE Remote Control Service) - c:\windows\system32\remotecontrolservice.exe <Not Verified; ITE Tech. Inc.; >
R2 PDSched (PDScheduler) - "c:\program files\raxco\perfectdisk\pdsched.exe" <Not Verified; Raxco Software, Inc.; PDSched Module>

S2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-08-07 14:39:12 430 --ah----- C:\WINDOWS\Tasks\User_Feed_Synchronization-{496CADE9-9E27-4322-B5EC-C2E628EEBBFD}.job
2008-08-06 22:50:03 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2008-08-04 19:01:54 402 --a------ C:\WINDOWS\Tasks\Maintenance en 1 clic.job


-- Files created between 2008-07-07 and 2008-08-07 -----------------------------

2008-08-07 16:21:47 0 d-------- C:\Documents and Settings\GoT - Emi\Application Data\Nero
2008-08-07 16:17:02 0 d-------- C:\Program Files\Nero
2008-08-07 16:17:02 0 d-------- C:\Program Files\Fichiers communs\Nero
2008-08-07 16:17:02 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-08-07 16:14:33 0 d-------- C:\WINDOWS\LastGood
2008-08-07 12:22:05 0 d-------- C:\Documents and Settings\GoT - Emi\Application Data\Malwarebytes
2008-08-07 12:22:00 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-07 12:22:00 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-07 02:27:48 0 d-------- C:\MSNFix
2008-08-07 02:15:28 0 d-------- C:\Documents and Settings\GoT - Emi\Application Data\vlc
2008-08-07 02:11:42 0 d-------- C:\Program Files\VideoLAN
2008-08-05 20:12:56 0 d-------- C:\Program Files\TweakDUN
2008-08-05 17:07:08 6852 --a------ C:\WINDOWS\system32\drivers\Vcs.sys
2008-08-05 13:08:09 0 d-------- C:\Documents and Settings\GoT - Emi\Application Data\Help
2008-08-05 02:46:59 0 d-------- C:\Program Files\iPod
2008-08-05 02:46:54 0 d-------- C:\Program Files\iTunes
2008-08-05 01:53:15 0 d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-08-05 01:48:12 0 d--hs--c- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-08-05 01:47:56 0 d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-08-05 01:45:33 0 d-------- C:\WINDOWS\BDOSCAN8
2008-08-05 01:30:56 2330880 --a------ C:\WINDOWS\system32\TUKernel.exe <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>
2008-08-05 01:15:45 0 d--h----- C:\WINDOWS\PIF
2008-08-04 19:01:44 0 d-------- C:\Documents and Settings\GoT - Emi\Application Data\TuneUp Software
2008-08-04 19:01:12 0 d-------- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-08-04 19:00:59 0 d-------- C:\Program Files\TuneUp Utilities 2008
2008-08-04 19:00:29 0 d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-08-04 17:14:37 0 d-------- C:\backup
2008-08-04 14:17:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Codemasters
2008-08-03 21:02:51 0 d-------- C:\Program Files\Teamspeak2_RC2
2008-08-03 13:47:21 0 d-------- C:\Documents and Settings\Invité\Application Data\Macromedia
2008-08-03 13:46:44 0 d-------- C:\Documents and Settings\Invité\Application Data\Adobe
2008-08-03 13:34:17 0 d-------- C:\Documents and Settings\Invité\Application Data\Identities
2008-08-03 13:34:02 0 d--h----- C:\Documents and Settings\Invité\Voisinage réseau
2008-08-03 13:34:02 0 d--h----- C:\Documents and Settings\Invité\Voisinage d'impression
2008-08-03 13:34:02 0 dr-h----- C:\Documents and Settings\Invité\SendTo
2008-08-03 13:34:02 0 dr-h----- C:\Documents and Settings\Invité\Recent
2008-08-03 13:34:02 0 d--h----- C:\Documents and Settings\Invité\Modèles
2008-08-03 13:34:02 0 dr------- C:\Documents and Settings\Invité\Mes documents
2008-08-03 13:34:02 0 dr------- C:\Documents and Settings\Invité\Menu Démarrer
2008-08-03 13:34:02 0 d--h----- C:\Documents and Settings\Invité\Local Settings
2008-08-03 13:34:02 0 dr------- C:\Documents and Settings\Invité\Favoris
2008-08-03 13:34:02 0 d--hs---- C:\Documents and Settings\Invité\Cookies
2008-08-03 13:34:02 0 d-------- C:\Documents and Settings\Invité\Bureau
2008-08-03 13:34:02 0 dr-h----- C:\Documents and Settings\Invité\Application Data
2008-08-03 13:34:02 0 d---s---- C:\Documents and Settings\Invité\Application Data\Microsoft
2008-08-03 13:34:02 0 d-------- C:\Documents and Settings\Invité\Application Data\Apple Computer
2008-08-03 13:34:01 3407872 --ah----- C:\Documents and Settings\Invité\NTUSER.DAT
2008-08-02 21:17:25 0 d-------- C:\Documents and Settings\All Users\Application Data\Raxco
2008-08-02 21:15:41 0 d-------- C:\Program Files\Fichiers communs\Raxco
2008-08-02 21:15:03 0 d-------- C:\Program Files\Raxco
2008-08-01 18:48:53 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-01 18:34:36 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-01 12:58:52 0 d-------- C:\Program Files\StuffPlug3
2008-08-01 00:20:06 0 d-------- C:\vcs5BGEffects
2008-08-01 00:19:55 0 d-------- C:\vcs5core
2008-08-01 00:19:55 0 d-------- C:\AV_LOGS
2008-07-31 01:32:12 0 d-------- C:\Program Files\NeoTracePro
2008-07-30 03:00:55 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-07-29 10:00:09 0 d-------- C:\Program Files\Safari
2008-07-29 08:49:52 0 d-------- C:\Program Files\Bonjour
2008-07-29 08:49:14 0 d-------- C:\Program Files\QuickTime
2008-07-29 08:47:49 0 d-------- C:\Program Files\Fichiers communs\Apple
2008-07-28 21:56:02 0 d-------- C:\Program Files\Yahoo!
2008-07-28 19:40:55 0 d-------- C:\Documents and Settings\Default User\Application Data\Apple Computer
2008-07-28 19:14:05 0 d-------- C:\Program Files\Norton Internet Security
2008-07-28 19:11:18 0 d-------- C:\Program Files\Symantec
2008-07-28 19:11:14 0 d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2008-07-28 19:10:49 0 d-------- C:\Program Files\Fichiers communs\Symantec Shared
2008-07-27 17:25:31 0 d-------- C:\WINDOWS\Sun
2008-07-27 16:11:18 0 d-------- C:\Documents and Settings\GoT - Emi\Application Data\OtakuSoftware
2008-07-27 16:08:55 0 d-------- C:\Program Files\DeskSpace
2008-07-27 15:38:02 0 d-------- C:\Documents and Settings\GoT - Emi\Application Data\SoundSpectrum
2008-07-27 15:37:24 0 d-------- C:\Program Files\SoundSpectrum
2008-07-27 10:56:41 0 d-------- C:\Program Files\mIRC
2008-07-27 10:56:41 0 d-------- C:\Documents and Settings\GoT - Emi\Application Data\mIRC
2008-07-27 00:41:46 0 d-------- C:\Program Files\Fichiers communs\Adobe
2008-07-26 21:13:20 0 d-------- C:\Documents and Settings\GoT - Emi\Application Data\Windows Search
2008-07-26 21:08:22 0 d-------- C:\Documents and Settings\GoT - Emi\Application Data\Windows Desktop Search
2008-07-26 21:07:55 0 d-------- C:\WINDOWS\system32\GroupPolicy
2008-07-26 21:07:55 0 d-------- C:\Program Files\Windows Desktop Search
2008-07-26 21:07:17 0 d-------- C:\Program Files\Microsoft Silverlight
2008-07-26 21:05:14 0 d-------- C:\WINDOWS\system32\URTTEMP
2008-07-26 17:21:21 0 d-------- C:\Logs
2008-07-25 11:12:55 0 d-------- C:\WINDOWS\pss
2008-07-25 10:59:11 0 d-------- C:\WINDOWS\Prefetch
2008-07-25 10:53:15 0 d-------- C:\WINDOWS\system32\fr
2008-07-25 10:53:15 0 d-------- C:\WINDOWS\l2schemas
2008-07-25 10:53:14 0 d-------- C:\WINDOWS\system32\bits
2008-07-25 10:50:29 0 d-------- C:\WINDOWS\ServicePackFiles
2008-07-25 10:21:54 0 d-------- C:\Program Files\MSXML 4.0
2008-07-24 23:54:46 0 d-------- C:\Program Files\Windows Media Connect 2
2008-07-24 23:53:13 0 d-------- C:\WINDOWS\system32\LogFiles
2008-07-24 23:53:13 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2008-07-24 23:52:31 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-07-24 23:51:22 0 d-------- C:\Program Files\SLD Codec Pack
2008-07-24 23:46:15 0 d-------- C:\Program Files\RegCleaner
2008-07-24 23:46:02 0 d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-07-24 23:45:24 0 d-------- C:\Program Files\Windows Live
2008-07-24 23:45:23 0 d-------- C:\Program Files\Messenger Plus! Live
2008-07-24 23:34:31 0 d-------- C:\Program Files\Sun
2008-07-24 23:32:33 0 d-------- C:\Program Files\Java
2008-07-24 23:32:28 0 d-------- C:\Program Files\Fichiers communs\Java
2008-07-24 23:32:02 0 d-------- C:\Documents and Settings\GoT - Emi\Application Data\Sun
2008-07-24 23:26:40 0 d-------- C:\WINDOWS\system32\fr-fr
2008-07-24 23:22:58 0 d-------- C:\WINDOWS\network diagnostic
2008-07-24 23:20:22 0 d-------- C:\Program Files\HLSW
2008-07-24 23:18:57 0 d-------- C:\Program Files\FileZilla
2008-07-24 23:18:29 0 d-------- C:\Documents and Settings\GoT - Emi\Application Data\eMule
2008-07-24 23:18:26 0 d-------- C:\Program Files\eMule
2008-07-24 22:47:11 0 d-------- C:\Documents and Settings\GoT - Emi\Application Data\Samsung
2008-07-24 22:42:41 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-07-24 22:40:49 174592 --a------ C:\WINDOWS\system32\framedyn.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-24 22:40:21 0 d-------- C:\WINDOWS\system32\Samsung_USB_Drivers
2008-07-24 22:40:05 5632 --a------ C:\WINDOWS\system32\drivers\StarOpen.sys
2008-07-24 22:39:51 0 d-------- C:\Program Files\Samsung
2008-07-24 22:31:32 0 d-------- C:\Program Files\Microsoft Works
2008-07-24 22:31:18 0 d-------- C:\Program Files\MSBuild
2008-07-24 22:29:47 0 d-------- C:\Program Files\Microsoft.NET
2008-07-24 22:27:06 0 d-------- C:\Program Files\Microsoft Visual Studio 8
2008-07-24 22:26:19 0 d-------- C:\WINDOWS\SHELLNEW
2008-07-24 22:25:30 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-07-24 22:25:10 0 dr-h----- C:\MSOCache
2008-07-24 22:24:31 0 d-------- C:\WINDOWS\system32\appmgmt
2008-07-24 17:02:34 0 d-------- C:\Program Files\SuperCopier2
2008-07-24 16:01:34 0 d-------- C:\Program Files\Steam
2008-07-24 16:00:06 0 d-------- C:\Program Files\MSECache
2008-07-24 00:02:08 0 d-------- C:\WINDOWS\system32\PreInstall
2008-07-24 00:02:06 0 d--h----- C:\WINDOWS\$hf_mig$
2008-07-24 00:01:32 0 d-------- C:\Program Files\ma-config.com
2008-07-24 00:01:32 0 d-------- C:\Documents and Settings\All Users\Application Data\ma-config.com
2008-07-23 23:52:11 0 d-------- C:\WINDOWS\STK1125-A3
2008-07-23 23:45:27 0 d-------- C:\Documents and Settings\GoT - Emi\Application Data\teamspeak2
2008-07-23 23:45:22 0 d-------- C:\Program Files\TeamSpeak3
2008-07-23 22:18:21 0 d-------- C:\Documents and Settings\GoT - Emi\Application Data\Macromedia
2008-07-23 21:57:00 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-07-23 21:55:43 0 d--hs---- C:\Documents and Settings\GoT - Emi\UserData
2008-07-23 21:50:50 0 d-------- C:\Documents and Settings\GoT - Emi\Application Data\Adobe
2008-07-23 21:41:39 0 d-------- C:\Documents and Settings\GoT - Emi\Contacts
2008-07-23 21:41:34 0 d-------- C:\Documents and Settings\GoT - Emi\Application Data\Apple Computer
2008-07-23 21:40:46 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-07-23 21:40:34 0 d-------- C:\Program Files\Apple Software Update
2008-07-23 21:40:33 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-07-23 21:40:25 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-07-23 21:40:17 0 d-------- C:\Program Files\MSN Messenger
2008-07-23 21:22:53 0 d--hs---- C:\WINDOWS\Installer
2008-07-23 21:22:52 0 d-------- C:\Program Files\Fichiers communs\ODBC
2008-07-23 21:22:49 0 d-------- C:\Program Files
2008-07-23 21:22:49 0 d-------- C:\Program Files\Fichiers communs
2008-07-23 21:22:49 0 d-------- C:\Program Files\Fichiers communs\SpeechEngines
2008-07-23 21:22:23 0 d--h----- C:\Documents and Settings\Default User\Voisinage réseau
2008-07-23 21:22:23 0 d--h----- C:\Documents and Settings\Default User\Voisinage d'impression
2008-07-23 21:22:23 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2008-07-23 21:22:23 0 d--h----- C:\Documents and Settings\Default User\Recent
2008-07-23 21:22:23 0 d--h----- C:\Documents and Settings\Default User\Modèles
2008-07-23 21:22:23 0 d-------- C:\Documents and Settings\Default User\Mes documents
2008-07-23 21:22:23 0 dr------- C:\Documents and Settings\Default User\Menu Démarrer
2008-07-23 21:22:23 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2008-07-23 21:22:23 0 d-------- C:\Documents and Settings\Default User\Favoris
2008-07-23 21:22:23 0 d---s---- C:\Documents and Settings\Default User\Cookies
2008-07-23 21:22:23 0 d-------- C:\Documents and Settings\Default User\Bureau
2008-07-23 21:22:23 0 d--h----- C:\Documents and Settings\All Users\Modèles
2008-07-23 21:22:23 0 d-------- C:\Documents and Settings\All Users\Menu Démarrer
2008-07-23 21:22:23 0 d-------- C:\Documents and Settings\All Users\Favoris
2008-07-23 21:22:23 0 dr------- C:\Documents and Settings\All Users\Documents
2008-07-23 21:22:23 0 d-------- C:\Documents and Settings\All Users\Bureau
2008-07-23 21:22:11 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-07-23 21:22:11 0 d-------- C:\WINDOWS\system32\CatRoot
2008-07-23 21:22:05 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-07-23 21:22:05 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2008-07-23 21:22:05 0 d--h----- C:\Documents and Settings\All Users\Application Data
2008-07-23 21:22:05 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-07-23 21:21:45 0 d-------- C:\Documents and Settings
2008-07-23 21:21:44 0 d--hs---- C:\System Volume Information
2008-07-23 21:20:04 0 d-------- C:\Program Files\Alwil Software
2008-07-23 21:18:52 0 d-------- C:\Program Files\CONEXANT
2008-07-23 21:16:58 0 d-------- C:\WINDOWS
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\WinSxS
2008-07-23 21:16:58 0 dr------- C:\WINDOWS\Web
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\twain_32
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\wins
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\wbem
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\usmt
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\spool
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\ShellExt
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\Setup
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\ras
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\oobe
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\npp
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\mui
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\inetsrv
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\IME
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\icsxml
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\ias
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\export
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\drivers
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\drivers\etc
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\drivers\disdn
2008-07-23 21:16:58 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\dhcp
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\config
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\3com_dmi
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\3076
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\2052
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\1054
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\1042
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\1041
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\1037
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\1036
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\1033
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\1031
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\1028
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system32\1025
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\system
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\security
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\Resources
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\repair
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\Provisioning
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\PeerNet
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\pchealth
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\mui
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\msapps
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\msagent
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\Media
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\java
2008-07-23 21:16:58 0 d--h----- C:\WINDOWS\inf
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\ime
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\Help
2008-07-23 21:16:58 0 dr--s---- C:\WINDOWS\Fonts
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\ehome
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\Driver Cache
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\Debug
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\Cursors
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\Connection Wizard
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\Config
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\AppPatch
2008-07-23 21:16:58 0 d-------- C:\WINDOWS\addins
2008-07-23 21:12:19 0 d-------- C:\WINDOWS\system32\Lang
2008-07-23 21:09:21 0 d-------- C:\NVIDIA
2008-07-23 21:08:58 36864 --a------ C:\WINDOWS\system32\acs.exe
2008-07-23 21:08:54 21275 --a------ C:\WINDOWS\system32\drivers\AegisP.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.4.10.0>
2008-07-23 21:08:53 61440 --a------ C:\WINDOWS\system32\wgapiloc.dll <Not Verified; Atheros; Atheros GUI API Localized Library>
2008-07-23 21:08:53 233472 --a------ C:\WINDOWS\system32\wgapi.dll <Not Verified; Atheros; Atheros GUI API Library>
2008-07-23 21:08:53 233472 --a------ C:\WINDOWS\system32\wcapi.dll <Not Verified; Atheros; Atheros Client API Library>
2008-07-23 21:08:53 81920 --a------ C:\WINDOWS\system32\athcfg11resloc.dll <Not Verified; Atheros Communications, Inc.; Atheros Configuration API Res Localized Dynamic Link Library>
2008-07-23 21:08:53 77824 --a------ C:\WINDOWS\system32\athcfg11res.dll <Not Verified; Atheros Communications, Inc.; Atheros Configuration API Res Dynamic Link Library>
2008-07-23 21:08:53 372736 --a------ C:\WINDOWS\system32\athcfg11.dll <Not Verified; Atheros; Atheros Configuration API Dynamic Link Library>
2008-07-23 21:08:53 315392 --a------ C:\WINDOWS\system32\AegisI5.exe <Not Verified; ; AegisInstall Application>
2008-07-23 21:08:53 1396835 --a------ C:\WINDOWS\system32\AegisE5.dll <Not Verified; Meetinghouse Data Communications; AEGIS Client API>
2008-07-23 21:08:51 0 d-------- C:\Program Files\ASUS WLAN Adapter
2008-07-23 21:08:24 0 d-------- C:\temp
2008-07-23 21:08:02 987136 --a------ C:\WINDOWS\system32\wcourier.exe <Not Verified; ; Wireless Console 2>
2008-07-23 21:08:02 0 d-------- C:\Program Files\Wireless Console 2
2008-07-23 21:06:35 0 d-------- C:\WINDOWS\nview
2008-07-23 21:05:09 0 d-------- C:\Program Files\Synaptics
2008-07-23 21:04:52 155648 --a------ C:\WINDOWS\system32\ACEngSvr.exe <Not Verified; ASUSTeK; ACEngSvr Module>
2008-07-23 21:03:24 0 d-------- C:\WINDOWS\system32\NtmsData
2008-07-23 21:01:12 0 d-------- C:\Documents and Settings\GoT - Emi\Application Data\InstallShield
2008-07-23 21:00:31 0 d-------- C:\WINDOWS\OPTIONS
2008-07-23 21:00:17 39 --a------ C:\WINDOWS\system32\uninst.bat
2008-07-23 21:00:17 656384 --a------ C:\WINDOWS\system32\RemoteControlService.exe <Not Verified; ITE Tech. Inc.; >
2008-07-23 21:00:17 37 --a------ C:\WINDOWS\system32\inst.bat
2008-07-23 21:00:17 50176 --a------ C:\WINDOWS\StopITEService.exe
2008-07-23 21:00:17 33787 --a------ C:\WINDOWS\remove.exe <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
2008-07-23 20:55:54 0 d-------- C:\WINDOWS\system32\RTCOM
2008-07-23 20:55:54 49152 --a------ C:\WINDOWS\system32\ChCfg.exe
2008-07-23 20:55:46 0 d-------- C:\Program Files\Realtek
2008-07-23 20:55:36 499712 --a------ C:\WINDOWS\RtlExUpd.dll <Not Verified; Realtek Semiconductor Corp.; RtlExUpd Dynamic Link Library>
2008-07-23 20:54:52 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2008-07-23 20:53:34 0 d-------- C:\WINDOWS\ATK0100
2008-07-23 20:53:13 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-07-23 20:53:13 0 d-------- C:\Program Files\ASUS
2008-07-23 20:53:09 0 d-------- C:\Program Files\Fichiers communs\InstallShield
2008-07-23 19:52:47 0 d-------- C:\Documents and Settings\Administrateur\Favoris
2008-07-23 19:52:47 0 d---s---- C:\Documents and Settings\Administrateur\Cookies
2008-07-23 19:52:47 0 d-------- C:\Documents and Settings\Administrateur\Bureau
2008-07-23 19:52:47 0 dr-h----- C:\Documents and Settings\Administrateur\Application Data
2008-07-23 19:52:47 0 d---s---- C:\Documents and Settings\Administrateur\Application Data\Microsoft
2008-07-23 19:52:46 0 d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
2008-07-23 19:52:46 0 d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-07-23 19:52:46 0 dr-h----- C:\Documents and Settings\Administrateur\SendTo
2008-07-23 19:52:46 0 d--h----- C:\Documents and Settings\Administrateur\Recent
2008-07-23 19:52:46 3145728 --ah----- C:\Documents and Settings\Administrateur\NTUSER.DAT
2008-07-23 19:52:46 0 d--h----- C:\Documents and Settings\Administrateur\Modèles
2008-07-23 19:52:46 0 d-------- C:\Documents and Settings\Administrateur\Mes documents
2008-07-23 19:52:46 0 dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-07-23 19:52:46 0 d--h----- C:\Documents and Settings\Administrateur\Local Settings
2008-07-23 19:46:26 0 d-------- C:\Documents and Settings\GoT - Emi\Application Data\Identities
2008-07-23 19:46:21 0 d--h----- C:\Documents and Settings\GoT - Emi\Voisinage réseau
2008-07-23 19:46:21 0 d--h----- C:\Documents and Settings\GoT - Emi\Voisinage d'impression
2008-07-23 19:46:21 0 dr-h----- C:\Documents and Settings\GoT - Emi\SendTo
2008-07-23 19:46:21 0 dr-h----- C:\Documents and Settings\GoT - Emi\Recent
2008-07-23 19:46:21 7340032 --ah----- C:\Documents and Settings\GoT - Emi\NTUSER.DAT
2008-07-23 19:46:21 0 d--h----- C:\Documents and Settings\GoT - Emi\Modèles
2008-07-23 19:46:21 0 dr------- C:\Documents and Settings\GoT - Emi\Mes documents
2008-07-23 19:46:21 0 d-------- C:\Documents and Settings\GoT - Emi\Menu Démarrer
2008-07-23 19:46:21 0 d--h----- C:\Documents and Settings\GoT - Emi\Local Settings
2008-07-23 19:46:21 0 dr------- C:\Documents and Settings\GoT - Emi\Favoris
2008-07-23 19:46:21 0 d--hs---- C:\Documents and Settings\GoT - Emi\Cookies
2008-07-23 19:46:21 0 d-------- C:\Documents and Settings\GoT - Emi\Bureau
2008-07-23 19:46:21 0 d--h----- C:\Documents and Settings\GoT - Emi\Application Data
2008-07-23 19:45:37 0 d-------- C:\WINDOWS\SoftwareDistribution
2008-07-23 19:45:36 0 d---s---- C:\WINDOWS\system32\Microsoft
2008-07-23 19:45:35 229376 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2008-07-23 19:45:35 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2008-07-23 19:45:35 0 d--hs---- C:\Documents and Settings\LocalService\Cookies
2008-07-23 19:45:35 0 d-------- C:\Documents and Settings\LocalService\Application Data
2008-07-23 19:45:35 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2008-07-23 19:34:39 229376 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2008-07-23 19:34:39 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2008-07-23 19:34:39 0 d--hs---- C:\Documents and Settings\NetworkService\Cookies
2008-07-23 19:34:39 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2008-07-23 19:34:39 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-07-23 19:31:45 0 d-------- C:\WINDOWS\system32\xircom
2008-07-23 19:31:45 0 d-------- C:\Program Files\microsoft frontpage
2008-07-23 19:31:34 262144 --ah----- C:\Documents and Settings\Default User\NTUSER.DAT
2008-07-23 19:31:30 0 -rahs---- C:\MSDOS.SYS
2008-07-23 19:31:30 0 -rahs---- C:\IO.SYS
2008-07-23 19:31:30 0 --a------ C:\CONFIG.SYS
2008-07-23 19:31:30 0 --a------ C:\AUTOEXEC.BAT
2008-07-23 19:30:38 0 d--hs---- C:\Documents and Settings\All Users\DRM
2008-07-23 19:30:30 0 dr------- C:\WINDOWS\Offline Web Pages
2008-07-23 19:30:29 0 d---s---- C:\WINDOWS\Downloaded Program Files
2008-07-23 19:30:20 0 d--h----- C:\Program Files\WindowsUpdate
2008-07-23 19:30:17 0 d-------- C:\Program Files\Services en ligne
2008-07-23 19:30:01 0 d-------- C:\WINDOWS\system32\DirectX
2008-07-23 19:29:24 0 d---s---- C:\WINDOWS\Tasks
2008-07-23 19:29:23 0 d-------- C:\Program Files\Fichiers communs\MSSoap
2008-07-23 19:29:19 0 d-------- C:\WINDOWS\srchasst
2008-07-23 19:29:18 0 d-------- C:\WINDOWS\system32\Macromed
2008-07-23 19:29:09 0 d-------- C:\Program Files\Movie Maker
2008-07-23 19:29:01 0 d-------- C:\WINDOWS\system32\Restore
2008-07-23 19:28:20 21892 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-07-23 19:28:08 0 d-------- C:\WINDOWS\Registration
2008-07-23 19:28:02 0 d-------- C:\Program Files\Online Services
2008-07-23 19:27:57 0 d-------- C:\Program Files\Messenger
2008-07-23 19:27:53 0 d-------- C:\Program Files\MSN Gaming Zone
2008-07-23 19:27:12 0 d-------- C:\Program Files\Windows NT
2008-07-23 19:27:09 0 d-------- C:\WINDOWS\system32\MsDtc
2008-07-23 19:27:07 0 d-------- C:\WINDOWS\system32\Com


-- Find3M Report ---------------------------------------------------------------

2008-08-04 18:29:08 493118 --a------ C:\WINDOWS\system32\perfh00C.dat
2008-08-04 18:29:08 85654 --a------ C:\WINDOWS\system32\perfc00C.dat
2008-07-23 21:22:23 62 --ahs---- C:\Documents and Settings\GoT - Emi\Application Data\desktop.ini


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATKMEDIA"="C:\Program Files\ASUS\ATK Media\DMEDIA.EXE" [15/02/2006 10:38]
"HControl"="C:\WINDOWS\ATK0100\HControl.exe" [21/05/2008 19:03]
"ACMON"="C:\Program Files\ASUS\Splendid\ACMON.exe" [30/05/2006 10:28]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [18/05/2008 12:06]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [04/10/2007 17:14]
"nwiz"="nwiz.exe" [04/10/2007 17:14 C:\WINDOWS\system32\nwiz.exe]
"Wireless Console 2"="C:\Program Files\Wireless Console 2\wcourier.exe" [17/10/2005 17:09]
"ACU"="C:\Program Files\ASUS WLAN Adapter\ACU.exe" [27/04/2006 14:47]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [04/10/2007 17:14]
"RTHDCPL"="RTHDCPL.EXE" [18/05/2008 11:46 C:\WINDOWS\RTHDCPL.exe]
"Alcmtr"="ALCMTR.EXE" [18/05/2008 11:46 C:\WINDOWS\Alcmtr.exe]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [19/07/2008 16:38]
"AppleSyncNotifier"="C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [10/07/2008 09:47]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [27/05/2008 10:50]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [30/07/2008 10:47]
"TweakDUN"="C:\Program Files\TweakDUN\tweakdun.exe" [19/09/2001 23:29]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [01/03/2007 15:57]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [08/08/2007 09:25]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [14/04/2008 04:33]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [18/10/2007 11:34]
"Steam"="c:\program files\steam\steam.exe" [24/07/2008 16:02]
"SuperCopier2.exe"="C:\Program Files\SuperCopier2\SuperCopier2.exe" [07/07/2006 18:45]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [07/07/2008 09:42]
"connectiv32"="C:\backup\connectiv32.exe" [01/08/2008 15:17]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" [03/08/2007 12:51]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]
"NeroHomeFirstStart"="C:\Program Files\Fichiers communs\Nero\Lib\NMFirstStart.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ClearRecentDocsOnExit"=0 (0x0)
"StartMenuLogOff"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [26/05/2008 22:19 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Search.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Search.lnk
backup=C:\WINDOWS\pss\Windows Search.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeskSpace]
C:\Program Files\DeskSpace\deskspace.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
SkyTel.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
napagent
hkmsvc

*Newly Created Service* - NMINDEXINGSERVICE



-- Hosts -----------------------------------------------------------------------

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

8940 more entries in hosts file.



Et le Extra.txt :

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professionnel (build 2600) SP 3.0
Architecture: X86; Language: French

CPU 0: Mobile AMD Sempron(tm) Processor 3500+
Percentage of Memory in Use: 44%
Physical Memory (total/avail): 895.3 MiB / 495.18 MiB
Pagefile Memory (total/avail): 2171.82 MiB / 1664.91 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1909.12 MiB

C: is Fixed (NTFS) - 111.79 GiB total, 12.22 GiB free.
D: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - ST9120821AS - 111.79 GiB - 1 partition
\PARTITION0 (bootable) - Système de fichiers installable - 111.79 GiB - C:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\GoT - Emi\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Fichiers communs
COMPUTERNAME=GOT-4415D062F30
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\GoT - Emi
LOGONSERVER=\\GOT-4415D062F30
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Samsung\Samsung PC Studio 3\;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 76 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=4c02
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\GOT-EM~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\GOT-EM~1\LOCALS~1\Temp
USERDOMAIN=GOT-4415D062F30
USERNAME=GoT - Emi
USERPROFILE=C:\Documents and Settings\GoT - Emi
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI


-- User Profiles ---------------------------------------------------------------

GoT - Emi [I](admin)[/I]
Administrateur [I](new local, admin)[/I]
Invité [I](new local, guest)[/I]


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E47302B-8081-46D3-9FEA-BEB2E5F5C3EC}\setup.exe" -l0x40c anything
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
688(I) Hunter-Killer --> "C:\Program Files\Steam\steam.exe" steam://uninstall/2900
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) --> MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Apple Mobile Device Support --> MsiExec.exe /I{49C88E44-1B38-4FC6-824E-2BDA3063B0E3}
Apple Software Update --> MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR --> C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
ASUS Splendid Video Enhancement Technology --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C0FC1C14-4824-4A73-87A6-9E888C9C3102}\setup.exe" -l0x9 -removeonly
ASUS VideoSecurity Online --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{169E414A-37C7-434E-9021-27A03AE087CD}
ATK Media --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}\Setup.exe" -l0x9
ATK0100 ACPI UTILITY --> C:\WINDOWS\ATK0100\XPunin.exe
avast! Antivirus --> C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Bonjour --> MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
Call of Duty 4: Modern Warfare --> "C:\Program Files\Steam\steam.exe" steam://uninstall/7940
ccCommon --> MsiExec.exe /I{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}
Condition Zero --> "C:\Program Files\Steam\steam.exe" steam://uninstall/80
Condition Zero Deleted Scenes --> "C:\Program Files\Steam\steam.exe" steam://uninstall/100
Counter-Strike --> "C:\Program Files\Steam\steam.exe" steam://uninstall/10
Counter-Strike: Source --> "C:\Program Files\Steam\steam.exe" steam://uninstall/240
Dawn of War Gold --> "C:\Program Files\Steam\steam.exe" steam://uninstall/4570
Dawn of War Gold: Winter Assault --> "C:\Program Files\Steam\steam.exe" steam://uninstall/9310
Dawn of War: Dark Crusade --> "C:\Program Files\Steam\steam.exe" steam://uninstall/4580
Deathmatch Classic --> "C:\Program Files\Steam\steam.exe" steam://uninstall/40
eMule --> "C:\Program Files\eMule\Uninstall.exe"
eMulev0.49a.-MorphXTv11.0 --> "C:\Program Files\eMule\unins000.exe"
FileZilla (remove only) --> "C:\Program Files\FileZilla\uninstall.exe"
Fleet Command --> "C:\Program Files\Steam\steam.exe" steam://uninstall/2910
Half-Life 2 --> "C:\Program Files\Steam\steam.exe" steam://uninstall/220
Half-Life 2: Deathmatch --> "C:\Program Files\Steam\steam.exe" steam://uninstall/320
Half-Life 2: Episode One --> "C:\Program Files\Steam\steam.exe" steam://uninstall/380
Half-Life 2: Episode Two --> "C:\Program Files\Steam\steam.exe" steam://uninstall/420
Half-Life 2: Lost Coast --> "C:\Program Files\Steam\steam.exe" steam://uninstall/340
HDAUDIO Soft Spkerphone Modem with SmartSP --> C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10431126\HXFSETUP.EXE -U -IA3EAZL5.inf
High Definition Audio - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2 --> "C:\Documents and Settings\GoT - Emi\Bureau\HijackThis.exe" /uninstall
Hitman 2: Silent Assassin --> "C:\Program Files\Steam\steam.exe" steam://uninstall/6850
Hitman: Blood Money --> "C:\Program Files\Steam\steam.exe" steam://uninstall/6860
HLSW v1.1.4 --> "C:\Program Files\HLSW\unins000.exe"
iTunes --> MsiExec.exe /I{3DE0053C-FD9A-483E-B7C9-B06E4392206E}
Java DB 10.2.2.0 --> MsiExec.exe /X{0ECB59D5-A3FC-4D61-AD3B-6CE679B3F852}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 7 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Development Kit 6 Update 3 --> MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160030}
Ma-Config.com --> MsiExec.exe /X{CFF24C43-9C46-4044-9C54-A4D98A3A25FB}
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007 --> MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007 --> MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007 --> MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1) --> msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office Outlook MUI (French) 2007 --> MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007 --> MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2003 --> MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Plus 2007 --> "C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007 --> MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007 --> MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007 --> MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007 --> MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007 --> MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007 --> MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007 --> MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007 --> MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU] --> MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
mIRC --> C:\Program Files\mIRC\uninstall.exe _?=C:\Program Files\mIRC
Mise à jour de sécurité pour Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950759) --> "C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760) --> "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762) --> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2) --> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698) --> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748) --> "C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978) --> "C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
MSRedist --> MsiExec.exe /I{B7C61755-DB48-4003-948F-3D34DB8EAF69}
NeoTrace Pro 3.25 --> C:\PROGRA~1\NEOTRA~1\UNWISE.EXE C:\PROGRA~1\NEOTRA~1\INSTALL.LOG
Nero 8 --> MsiExec.exe /X{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1036}
Norton Internet Security --> MsiExec.exe /I{48185814-A224-447a-81DA-71BD20580E1B}
Norton Internet Security --> MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}
Norton Internet Security (Symantec Corporation) --> "C:\Program Files\Fichiers communs\Symantec Shared\SymSetup\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}_10_0_1_86\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}.exe" /X
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
PerfectDisk --> MsiExec.exe /I{C190CB55-817E-4713-84F4-0BBB8961CED9}
Programme d'installation ASUS Client --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe" -l0x40c -removeonly
QuickTime --> MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
REALTEK GbE & FE Ethernet PCI NIC Driver --> C:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\setup.exe -runfromtemp -l0x040c -removeonly
REALTEK Gigabit and Fast Ethernet NIC Driver --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\Setup.exe" -l0x40c REMOVE
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
Remote Controller --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2B802EBE-CDAD-477C-9AD4-069615D377EB}\Setup.exe" -l0x9
Safari --> MsiExec.exe /I{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Excel 2007 (KB946974) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}
Security Update for Microsoft Office Publisher 2007 (KB950114) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB951808) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office Word 2007 (KB950113) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Security Update for Office 2007 (KB947801) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}
SLD Codec Pack --> C:\Program Files\SLD Codec Pack\uninstall.exe
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Steam(TM) --> C:\PROGRA~1\Steam\UNWISE.EXE C:\PROGRA~1\Steam\INSTALL.LOG
StuffPlug 3 --> C:\Program Files\StuffPlug3\Uninstall.exe
Sub Command --> "C:\Program Files\Steam\steam.exe" steam://uninstall/2920
SuperCopier2 --> "C:\Program Files\SuperCopier2\SC2Uninst.exe"
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TeamSpeak 2 RC2 --> "C:\Program Files\Teamspeak2_RC2\unins000.exe"
TeamSpeak Client --> "C:\Program Files\TeamSpeak3\unins000.exe"
TuneUp Utilities 2008 --> MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
TweakDUN v3.0 --> C:\PROGRA~1\TweakDUN\UNWISE.EXE C:\PROGRA~1\TweakDUN\INSTALL.LOG
Update for Microsoft Office Outlook 2007 (KB952142) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB946691) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb953463) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {1B78D541-9FF1-4330-ADD8-CED14F0C1E8E}
USB2.0 1.3M Web Cam --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A87869D7-B133-498C-A347-D9BE109FF6C8}\Setup.exe" -l0x40c
VideoLAN VLC media player 0.8.6b --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live installer --> MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger --> MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Search 4.0 --> "C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP Service Pack 3 --> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinFlash --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE10AB76-4756-4913-BE25-55D1C1051F9A}\Setup.exe" -l0x9
Wireless Console 2 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSet