[Résolu] Cheval de troie
Dernière réponse : dans Sécurité
Mon anti virus a détecté comme cheval de troie : PSW.lineage.BKS qui se trouverai dans un doosier appelé
C:\program files\asksbar\bar\1bin\asksbar.DLL
que dois je faire ?
C:\program files\asksbar\bar\1bin\asksbar.DLL
que dois je faire ?
Autres pages sur : resolu cheval troie
Lassé par la pub ? Créez un compte
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:25:15, on 15/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Saxo\Saxo.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\documents and settings\benhassaine\local settings\application data\ckqsioe.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\benhassaine\Bureau\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.speedbit.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
R3 - URLSearchHook: PHPNukeFR Toolbar - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - C:\Program Files\PHPNukeFR\tbPHP0.dll
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: PHPNukeFR Toolbar - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - C:\Program Files\PHPNukeFR\tbPHP0.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: (no name) - {a4dfb26d-6dde-44c6-ad4d-2d0fbb4389c1} - C:\WINDOWS\system32\jotogeni.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: GamesBarBHO Class - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files\GamesBar\oberontb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (file missing)
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: PHPNukeFR Toolbar - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - C:\Program Files\PHPNukeFR\tbPHP0.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Roxio\MyDVD\MyDVD\DetectorApp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Love default global mess] C:\Documents and Settings\All Users.WINDOWS\Application Data\great coal love default\bend tray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [bumipejehe] Rundll32.exe "C:\WINDOWS\system32\vufurajo.dll",s
O4 - HKLM\..\Run: [CPM97cf6a06] Rundll32.exe "c:\windows\system32\fifitali.dll",a
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [System Guards] C:\Program Files\SystemGuards.com\SystemGuards\SysGuards.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Saxo] C:\Program Files\Saxo\Saxo.exe regstart
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent
O4 - HKCU\..\Run: [Active Dvd] C:\DOCUME~1\BENHAS~1\APPLIC~1\HTMLES~1\math team exit.exe
O4 - HKCU\..\Run: [ckqsioe] "c:\documents and settings\benhassaine\local settings\application data\ckqsioe.exe" ckqsioe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O9 - Extra 'Tools' menuitem: &Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://mafiakabyle.spaces.live.com/PhotoUpload/MsnPUpld...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\pivumuwe.dll,c:\windows\system32\fifitali.dll,avgrsstx.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\fifitali.dll (file missing)
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\fifitali.dll (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 16159 bytes
Scan saved at 15:25:15, on 15/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Saxo\Saxo.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\documents and settings\benhassaine\local settings\application data\ckqsioe.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\benhassaine\Bureau\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.speedbit.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
R3 - URLSearchHook: PHPNukeFR Toolbar - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - C:\Program Files\PHPNukeFR\tbPHP0.dll
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: PHPNukeFR Toolbar - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - C:\Program Files\PHPNukeFR\tbPHP0.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: (no name) - {a4dfb26d-6dde-44c6-ad4d-2d0fbb4389c1} - C:\WINDOWS\system32\jotogeni.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: GamesBarBHO Class - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files\GamesBar\oberontb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (file missing)
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: PHPNukeFR Toolbar - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - C:\Program Files\PHPNukeFR\tbPHP0.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Roxio\MyDVD\MyDVD\DetectorApp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Love default global mess] C:\Documents and Settings\All Users.WINDOWS\Application Data\great coal love default\bend tray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [bumipejehe] Rundll32.exe "C:\WINDOWS\system32\vufurajo.dll",s
O4 - HKLM\..\Run: [CPM97cf6a06] Rundll32.exe "c:\windows\system32\fifitali.dll",a
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [System Guards] C:\Program Files\SystemGuards.com\SystemGuards\SysGuards.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Saxo] C:\Program Files\Saxo\Saxo.exe regstart
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent
O4 - HKCU\..\Run: [Active Dvd] C:\DOCUME~1\BENHAS~1\APPLIC~1\HTMLES~1\math team exit.exe
O4 - HKCU\..\Run: [ckqsioe] "c:\documents and settings\benhassaine\local settings\application data\ckqsioe.exe" ckqsioe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O9 - Extra 'Tools' menuitem: &Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://mafiakabyle.spaces.live.com/PhotoUpload/MsnPUpld...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\pivumuwe.dll,c:\windows\system32\fifitali.dll,avgrsstx.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\fifitali.dll (file missing)
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\fifitali.dll (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 16159 bytes
Salut,
Tu es infecté par Lop, Navipromo, Vundo et bien d'autres...
Télécharge Lop S&D sur ton Bureau.
Double-clique dessus pour lancer l'installation.
Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau.
Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche) .
Patiente jusqu'à la fin du scan.
Poste le rapport généré (C:\lopR.txt).
Tu es infecté par Lop, Navipromo, Vundo et bien d'autres...
voilà le rapport généré
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2800+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : benhassaine ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:144 Go (Free:36 Go)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (CD or DVD)
I:\ (CD or DVD) - CDFS - Total:3 Go (Free:0 Go)
J:\ (USB)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 15/01/2009|16:13 )
--------------------\\ Listing des dossiers dans APPLIC~1
[23/12/2006|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[15/02/2009|23:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar
[26/11/2006|10:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[26/11/2006|11:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[26/11/2006|11:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[24/12/2006|12:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[26/12/2006|11:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nfo
[26/11/2006|11:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[24/12/2006|11:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vidmon
[05/01/2009|20:37] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[05/01/2009|19:17] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ableton
[15/03/2009|21:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe
[22/07/2007|19:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AOL
[22/07/2007|17:54] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AOL Downloads
[22/07/2007|17:55] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AOL OCP
[05/01/2009|20:25] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple
[05/01/2009|20:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
[23/12/2008|11:38] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Avg8
[18/01/2008|00:02] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AVS4YOU
[20/05/2008|18:44] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\ENJOY Plus!
[15/01/2009|14:02] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar
[05/08/2007|13:04] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[11/03/2009|18:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\great coal love default
[03/06/2008|18:33] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Hewlett-Packard
[06/06/2008|10:38] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\IM
[06/06/2008|10:37] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\IncrediMail
[28/12/2006|11:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\InstallShield
[15/03/2009|23:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Lavasoft
[13/02/2009|21:15] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Messenger Plus!
[03/02/2009|01:31] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[14/02/2009|12:05] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Help
[21/02/2008|16:53] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Nero
[23/12/2008|11:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Norton
[15/03/2009|23:06] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\NortonInstaller
[13/01/2007|01:58] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\QuickTime
[25/03/2007|12:39] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Sony Ericsson
[06/01/2009|21:17] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\SpeedBit
[11/03/2009|20:32] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spybot - Search & Destroy
[15/12/2008|12:40] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Symantec
[25/03/2007|12:39] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Teleca
[06/01/2009|21:16] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TEMP
[22/07/2007|17:55] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Viewpoint
[27/12/2006|18:51] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[28/12/2006|11:53] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Live Toolbar
[03/06/2008|20:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WLInstaller
[05/01/2009|19:17] C:\DOCUME~1\BENHAS~1\APPLIC~1\Ableton
[21/08/2008|10:31] C:\DOCUME~1\BENHAS~1\APPLIC~1\Adobe
[05/01/2009|20:39] C:\DOCUME~1\BENHAS~1\APPLIC~1\Apple Computer
[04/02/2009|22:57] C:\DOCUME~1\BENHAS~1\APPLIC~1\Atari
[13/01/2009|18:41] C:\DOCUME~1\BENHAS~1\APPLIC~1\AVGTOOLBAR
[18/01/2008|00:04] C:\DOCUME~1\BENHAS~1\APPLIC~1\AVSMedia
[25/03/2008|19:29] C:\DOCUME~1\BENHAS~1\APPLIC~1\Creative
[04/01/2007|20:09] C:\DOCUME~1\BENHAS~1\APPLIC~1\DivX
[04/07/2007|01:50] C:\DOCUME~1\BENHAS~1\APPLIC~1\DriveCleaner Free
[20/05/2008|18:43] C:\DOCUME~1\BENHAS~1\APPLIC~1\ENJOY Plus!
[28/12/2006|11:30] C:\DOCUME~1\BENHAS~1\APPLIC~1\FotoWire
[04/01/2007|19:57] C:\DOCUME~1\BENHAS~1\APPLIC~1\FUJIFILM
[03/01/2007|20:59] C:\DOCUME~1\BENHAS~1\APPLIC~1\Google
[30/12/2007|14:02] C:\DOCUME~1\BENHAS~1\APPLIC~1\gtk-2.0
[07/02/2007|20:59] C:\DOCUME~1\BENHAS~1\APPLIC~1\Help
[11/03/2009|18:46] C:\DOCUME~1\BENHAS~1\APPLIC~1\Htm less
[27/12/2006|18:29] C:\DOCUME~1\BENHAS~1\APPLIC~1\Identities
[24/06/2007|13:34] C:\DOCUME~1\BENHAS~1\APPLIC~1\InstallShield
[29/06/2007|16:24] C:\DOCUME~1\BENHAS~1\APPLIC~1\Leadertech
[16/02/2009|23:37] C:\DOCUME~1\BENHAS~1\APPLIC~1\LimeWire
[13/06/2007|16:54] C:\DOCUME~1\BENHAS~1\APPLIC~1\Logitech
[27/12/2006|19:44] C:\DOCUME~1\BENHAS~1\APPLIC~1\Macromedia
[23/12/2008|11:37] C:\DOCUME~1\BENHAS~1\APPLIC~1\Microsoft
[31/08/2008|12:16] C:\DOCUME~1\BENHAS~1\APPLIC~1\Mozilla
[04/02/2008|00:39] C:\DOCUME~1\BENHAS~1\APPLIC~1\Nero
[14/02/2009|13:05] C:\DOCUME~1\BENHAS~1\APPLIC~1\PowerChallenge
[13/08/2007|22:01] C:\DOCUME~1\BENHAS~1\APPLIC~1\RegistrySmart
[13/06/2007|22:26] C:\DOCUME~1\BENHAS~1\APPLIC~1\SecuROM
[05/02/2008|22:23] C:\DOCUME~1\BENHAS~1\APPLIC~1\SMov
[01/06/2007|21:47] C:\DOCUME~1\BENHAS~1\APPLIC~1\SopCast
[04/01/2007|22:05] C:\DOCUME~1\BENHAS~1\APPLIC~1\Sun
[27/12/2006|18:39] C:\DOCUME~1\BENHAS~1\APPLIC~1\Talkback
[25/03/2007|12:42] C:\DOCUME~1\BENHAS~1\APPLIC~1\Teleca
[26/02/2009|09:32] C:\DOCUME~1\BENHAS~1\APPLIC~1\temp
[26/11/2006|10:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[27/12/2006|18:21] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[26/11/2006|10:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[23/12/2008|11:37] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[26/11/2006|10:05] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[23/12/2008|11:37] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
[23/12/2006|20:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[24/12/2006|13:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead
[26/11/2006|11:20] C:\DOCUME~1\PROPRI~1\APPLIC~1\FotoWire
[26/11/2006|10:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[26/11/2006|10:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[30/11/2006|20:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[26/11/2006|11:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[09/12/2006|19:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\SecuROM
[15/12/2006|13:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[26/11/2006|11:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\Talkback
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[15/01/2009 16:00][--ah-----] C:\WINDOWS\tasks\AF62BCD99189324D.job
[13/01/2009 16:18][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[10/01/2009 03:30][--a------] C:\WINDOWS\tasks\RegistrySmart Scheduled Scan.job
[15/01/2009 12:49][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/03/2006 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( AF62BCD99189324D.job )=( c:\docume~1\benhas~1\applic~1\htmles~1\drivedupemode.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[29/08/2008|22:25] C:\Program Files\1964
[25/06/2007|12:31] C:\Program Files\7-Zip
[05/01/2009|19:10] C:\Program Files\Ableton
[15/03/2009|21:14] C:\Program Files\Adobe
[05/01/2009|20:27] C:\Program Files\Apple Software Update
[05/01/2009|20:17] C:\Program Files\Ashampoo
[30/12/2008|00:38] C:\Program Files\AskSBar
[15/02/2008|19:04] C:\Program Files\AskTBar
[29/12/2008|00:32] C:\Program Files\Audacity
[23/12/2008|11:38] C:\Program Files\AVG
[15/05/2007|20:17] C:\Program Files\AviSynth 2.5
[17/01/2008|23:59] C:\Program Files\AVSMedia
[05/01/2009|20:34] C:\Program Files\Bonjour
[28/12/2006|11:11] C:\Program Files\Canon
[05/03/2009|15:43] C:\Program Files\Cheat Engine
[03/02/2008|23:54] C:\Program Files\Code-it Software
[29/12/2008|01:42] C:\Program Files\Conduit
[13/06/2007|16:54] C:\Program Files\Creative
[13/06/2007|16:47] C:\Program Files\Creative Installation Information
[07/01/2009|17:06] C:\Program Files\DAP
[29/09/2007|21:27] C:\Program Files\Dictionnaire
[21/04/2007|14:50] C:\Program Files\directx
[27/12/2006|22:57] C:\Program Files\DivX
[29/12/2008|01:08] C:\Program Files\DJ Mix Pro
[04/02/2009|22:56] C:\Program Files\DkZ Studio
[04/02/2009|22:57] C:\Program Files\DkZ Update
[14/01/2009|22:37] C:\Program Files\EA GAMES
[12/09/2008|01:26] C:\Program Files\EA SPORTS
[15/03/2009|22:36] C:\Program Files\Eidos
[05/01/2009|18:53] C:\Program Files\eMule
[20/05/2008|18:43] C:\Program Files\ENJOY Plus!
[22/07/2007|12:09] C:\Program Files\eRightSoft
[06/03/2009|19:36] C:\Program Files\Extreme Solutions
[05/01/2009|20:25] C:\Program Files\Fichiers communs
[15/02/2009|23:51] C:\Program Files\Gamenext
[15/02/2009|23:52] C:\Program Files\GamesBar
[30/12/2007|13:26] C:\Program Files\GIMP-2.0
[06/08/2007|11:56] C:\Program Files\Google
[12/01/2007|20:29] C:\Program Files\GT Interactive
[29/11/2006|19:36] C:\Program Files\HardwareDetection
[28/12/2006|10:54] C:\Program Files\Hewlett-Packard
[29/07/2007|02:48] C:\Program Files\honestech Video Editor 7.0 Trial
[03/06/2008|18:33] C:\Program Files\HP
[03/06/2008|20:16] C:\Program Files\Image-Line
[14/01/2009|17:21] C:\Program Files\InstallShield Installation Information
[15/01/2009|12:35] C:\Program Files\Internet Explorer
[05/01/2009|20:36] C:\Program Files\iPod
[22/12/2008|15:45] C:\Program Files\ipwins
[05/01/2009|20:37] C:\Program Files\iTunes
[07/03/2009|21:22] C:\Program Files\IZArc
[15/01/2009|13:25] C:\Program Files\Java
[13/06/2007|20:45] C:\Program Files\KONAMI
[23/12/2008|12:27] C:\Program Files\Larousse
[23/06/2008|23:29] C:\Program Files\LimeWire
[13/06/2007|16:35] C:\Program Files\Logitech
[20/02/2008|13:31] C:\Program Files\Macrogaming
[17/08/2008|17:30] C:\Program Files\Messenger
[13/01/2009|18:32] C:\Program Files\Messenger Plus! Live
[21/04/2007|14:49] C:\Program Files\Micro Application
[02/02/2009|03:11] C:\Program Files\Microsoft
[09/05/2007|19:26] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[26/11/2006|10:05] C:\Program Files\microsoft frontpage
[26/06/2007|13:10] C:\Program Files\Microsoft Office
[03/06/2008|20:21] C:\Program Files\Microsoft SQL Server Compact Edition
[26/06/2007|13:10] C:\Program Files\Microsoft Works
[26/06/2007|13:09] C:\Program Files\Microsoft.NET
[11/06/2008|10:56] C:\Program Files\Mindscape
[14/06/2008|11:19] C:\Program Files\Movie Maker
[15/01/2009|14:26] C:\Program Files\Mozilla Firefox
[14/06/2008|11:19] C:\Program Files\msn
[04/02/2009|15:56] C:\Program Files\MSN Content Plus Inc
[26/11/2006|10:01] C:\Program Files\MSN Gaming Zone
[13/01/2009|18:32] C:\Program Files\MSN Messenger
[06/03/2009|19:25] C:\Program Files\MSN Spy 2004
[14/02/2009|12:03] C:\Program Files\MSXML 4.0
[29/08/2008|22:43] C:\Program Files\mupen64 0.5
[28/12/2008|23:51] C:\Program Files\MyXOFT
[14/06/2008|11:14] C:\Program Files\NetMeeting
[22/12/2007|17:02] C:\Program Files\Neuf
[15/02/2009|23:51] C:\Program Files\Oberon Media
[02/06/2008|13:43] C:\Program Files\ONES Trial (F)
[26/11/2006|10:02] C:\Program Files\Online Services
[27/12/2006|21:00] C:\Program Files\outlook
[14/06/2008|11:14] C:\Program Files\Outlook Express
[05/01/2007|10:47] C:\Program Files\Overland
[29/12/2008|01:47] C:\Program Files\PHPNukeFR
[03/09/2008|02:18] C:\Program Files\Project64 1.6
[05/01/2009|20:33] C:\Program Files\QuickTime
[29/12/2008|01:15] C:\Program Files\Real dj system
[16/08/2007|12:22] C:\Program Files\RegistrySmart
[04/01/2007|19:20] C:\Program Files\REGSHAVE
[28/12/2006|11:16] C:\Program Files\Roxio
[15/01/2009|12:51] C:\Program Files\Saxo
[26/11/2006|10:03] C:\Program Files\Services en ligne
[30/12/2008|00:52] C:\Program Files\SoftwareDepo
[29/12/2008|01:35] C:\Program Files\Sony
[25/03/2007|12:39] C:\Program Files\Sony Ericsson
[29/12/2008|01:32] C:\Program Files\Sony Setup
[09/02/2008|13:46] C:\Program Files\SopCast
[25/03/2007|16:28] C:\Program Files\SpicyTools
[25/03/2007|16:28] C:\Program Files\SpicyTools Video Converter 1.0
[12/01/2009|20:23] C:\Program Files\Spider
[30/12/2008|15:12] C:\Program Files\StuffPlug3
[14/02/2007|20:24] C:\Program Files\SUDOKU - LE GRAND DEFI
[18/08/2008|12:18] C:\Program Files\Sun
[30/12/2008|00:50] C:\Program Files\SystemGuards.com
[26/03/2007|13:49] C:\Program Files\Total Video Converter
[26/11/2006|10:12] C:\Program Files\Uninstall Information
[22/07/2007|17:55] C:\Program Files\Viewpoint
[05/01/2009|18:35] C:\Program Files\VirtualDJ
[23/12/2008|12:39] C:\Program Files\Votre sant‚ au quotidien
[29/12/2008|01:36] C:\Program Files\VstPlugins
[05/03/2009|15:52] C:\Program Files\Windows Live
[23/12/2007|12:50] C:\Program Files\Windows Live Favorites
[02/02/2009|03:15] C:\Program Files\Windows Live Toolbar
[13/03/2007|19:34] C:\Program Files\Windows Media Connect 2
[14/06/2008|11:14] C:\Program Files\Windows Media Player
[14/06/2008|11:14] C:\Program Files\Windows NT
[26/11/2006|10:03] C:\Program Files\WindowsUpdate
[26/11/2006|10:05] C:\Program Files\xerox
[27/12/2006|21:15] C:\Program Files\?icrosoft.NET
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[28/12/2006|09:24] C:\Program Files\Fichiers communs\{34FC5935-0829-1036-1002-040408230021}
[27/12/2006|20:56] C:\Program Files\Fichiers communs\{94FC5935-0829-1036-1002-040408230021}
[11/06/2008|18:57] C:\Program Files\Fichiers communs\Adobe
[21/08/2008|10:31] C:\Program Files\Fichiers communs\Adobe AIR
[24/12/2006|12:48] C:\Program Files\Fichiers communs\Ahead
[05/01/2009|20:32] C:\Program Files\Fichiers communs\Apple
[18/01/2008|00:02] C:\Program Files\Fichiers communs\AVSMedia
[13/06/2007|16:47] C:\Program Files\Fichiers communs\Creative
[26/06/2007|13:10] C:\Program Files\Fichiers communs\DESIGNER
[28/12/2006|11:30] C:\Program Files\Fichiers communs\FotoWire
[26/11/2006|10:57] C:\Program Files\Fichiers communs\Hewlett-Packard
[26/11/2006|10:59] C:\Program Files\Fichiers communs\HP
[26/11/2006|11:19] C:\Program Files\Fichiers communs\InstallShield
[29/11/2006|12:30] C:\Program Files\Fichiers communs\Java
[13/06/2007|16:34] C:\Program Files\Fichiers communs\Logitech
[03/02/2009|01:24] C:\Program Files\Fichiers communs\Microsoft Shared
[26/11/2006|10:03] C:\Program Files\Fichiers communs\MSSoap
[15/02/2009|23:51] C:\Program Files\Fichiers communs\Oberon Media
[26/11/2006|10:55] C:\Program Files\Fichiers communs\ODBC
[26/11/2006|10:03] C:\Program Files\Fichiers communs\Services
[26/11/2006|10:55] C:\Program Files\Fichiers communs\SpeechEngines
[14/02/2007|20:29] C:\Program Files\Fichiers communs\SWF Studio
[14/06/2008|11:14] C:\Program Files\Fichiers communs\System
[25/03/2007|12:39] C:\Program Files\Fichiers communs\Teleca Shared
[26/11/2006|11:14] C:\Program Files\Fichiers communs\TiVo Shared
[18/07/2008|12:23] C:\Program Files\Fichiers communs\Uninstall Information
[02/02/2009|03:06] C:\Program Files\Fichiers communs\Windows Live
[03/06/2008|20:21] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 55 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\great coal love default
C:\DOCUME~1\BENHAS~1\APPLIC~1\htmles~1
C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_0207.tmp
C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_1186.tmp
C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_53c2.tmp
C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_78be.tmp
C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_7d60.tmp
C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_7f55.tmp
C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_8edc.tmp
C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_dc27.tmp
C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\nsf141.tmp
C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\nsr43A.tmp
C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\status.txt
C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@adex.bigpoint[1].txt
C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@bigpoint[1].txt
C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@fr.xblaster.bigpoint[1].txt
C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@cotedazurpalace[2].txt
C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@www.cotedazurpalace[1].txt
C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@vegas-millions[1].txt
C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@2xmoinscher[2].txt
C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@www.2xmoinscher[1].txt
C:\WINDOWS\Tasks\AF62BCD99189324D.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Active Dvd"="C:\\DOCUME~1\\BENHAS~1\\APPLIC~1\\HTMLES~1\\math team exit.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Love default global mess"="C:\\Documents and Settings\\All Users.WINDOWS\\Application Data\\great coal love default\\bend tray.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts MODIFIE
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD
-> 9942 [ 70 ## added by CiD ]
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-15 16:15:02
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\DOCUME~1\BENHAS~1\LOCALS~1\APPLIC~1\Microsoft\Windows\GameExplorer\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}\PlayTasks\1\Les Sims™ 2 : Boit@Look.lnk 1087 bytes hidden from API
scan completed successfully
hidden processes: 0
hidden files: 26
--------------------\\ Recherche d'autres infections
C:\DOCUME~1\BENHAS~1\LOCALS~1\APPLIC~1\ckqsioe.dat
C:\DOCUME~1\BENHAS~1\LOCALS~1\APPLIC~1\ckqsioe.exe
C:\DOCUME~1\BENHAS~1\LOCALS~1\APPLIC~1\ckqsioe_nav.dat
C:\DOCUME~1\BENHAS~1\LOCALS~1\APPLIC~1\ckqsioe_navps.dat
==> EGDACCESS <==
--------------------\\ ROGUES ..
C:\DOCUME~1\BENHAS~1\APPLIC~1\DriveCleaner Free
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\BENHAS~1\Shared\dossier instru\fat joe- crack house.mp3
C:\DOCUME~1\BENHAS~1\Shared\explicit liric\_ALPHA_5_20_-_CRACK_SAISON_.MP3
[F:1531][D:372]-> C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp
[F:553][D:0]-> C:\DOCUME~1\BENHAS~1\Cookies
[F:13086][D:57]-> C:\DOCUME~1\BENHAS~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 15/01/2009|16:19 - Option : [1]
--------------------\\ Fin du rapport a 16:19:52
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2800+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : benhassaine ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:144 Go (Free:36 Go)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (CD or DVD)
I:\ (CD or DVD) - CDFS - Total:3 Go (Free:0 Go)
J:\ (USB)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 15/01/2009|16:13 )
--------------------\\ Listing des dossiers dans APPLIC~1
[23/12/2006|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[15/02/2009|23:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar
[26/11/2006|10:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[26/11/2006|11:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[26/11/2006|11:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[24/12/2006|12:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[26/12/2006|11:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nfo
[26/11/2006|11:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[24/12/2006|11:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vidmon
[05/01/2009|20:37] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[05/01/2009|19:17] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ableton
[15/03/2009|21:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe
[22/07/2007|19:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AOL
[22/07/2007|17:54] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AOL Downloads
[22/07/2007|17:55] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AOL OCP
[05/01/2009|20:25] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple
[05/01/2009|20:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
[23/12/2008|11:38] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Avg8
[18/01/2008|00:02] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AVS4YOU
[20/05/2008|18:44] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\ENJOY Plus!
[15/01/2009|14:02] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar
[05/08/2007|13:04] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[11/03/2009|18:46] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\great coal love default
[03/06/2008|18:33] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Hewlett-Packard
[06/06/2008|10:38] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\IM
[06/06/2008|10:37] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\IncrediMail
[28/12/2006|11:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\InstallShield
[15/03/2009|23:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Lavasoft
[13/02/2009|21:15] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Messenger Plus!
[03/02/2009|01:31] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[14/02/2009|12:05] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Help
[21/02/2008|16:53] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Nero
[23/12/2008|11:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Norton
[15/03/2009|23:06] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\NortonInstaller
[13/01/2007|01:58] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\QuickTime
[25/03/2007|12:39] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Sony Ericsson
[06/01/2009|21:17] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\SpeedBit
[11/03/2009|20:32] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spybot - Search & Destroy
[15/12/2008|12:40] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Symantec
[25/03/2007|12:39] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Teleca
[06/01/2009|21:16] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TEMP
[22/07/2007|17:55] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Viewpoint
[27/12/2006|18:51] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[28/12/2006|11:53] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Live Toolbar
[03/06/2008|20:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WLInstaller
[05/01/2009|19:17] C:\DOCUME~1\BENHAS~1\APPLIC~1\Ableton
[21/08/2008|10:31] C:\DOCUME~1\BENHAS~1\APPLIC~1\Adobe
[05/01/2009|20:39] C:\DOCUME~1\BENHAS~1\APPLIC~1\Apple Computer
[04/02/2009|22:57] C:\DOCUME~1\BENHAS~1\APPLIC~1\Atari
[13/01/2009|18:41] C:\DOCUME~1\BENHAS~1\APPLIC~1\AVGTOOLBAR
[18/01/2008|00:04] C:\DOCUME~1\BENHAS~1\APPLIC~1\AVSMedia
[25/03/2008|19:29] C:\DOCUME~1\BENHAS~1\APPLIC~1\Creative
[04/01/2007|20:09] C:\DOCUME~1\BENHAS~1\APPLIC~1\DivX
[04/07/2007|01:50] C:\DOCUME~1\BENHAS~1\APPLIC~1\DriveCleaner Free
[20/05/2008|18:43] C:\DOCUME~1\BENHAS~1\APPLIC~1\ENJOY Plus!
[28/12/2006|11:30] C:\DOCUME~1\BENHAS~1\APPLIC~1\FotoWire
[04/01/2007|19:57] C:\DOCUME~1\BENHAS~1\APPLIC~1\FUJIFILM
[03/01/2007|20:59] C:\DOCUME~1\BENHAS~1\APPLIC~1\Google
[30/12/2007|14:02] C:\DOCUME~1\BENHAS~1\APPLIC~1\gtk-2.0
[07/02/2007|20:59] C:\DOCUME~1\BENHAS~1\APPLIC~1\Help
[11/03/2009|18:46] C:\DOCUME~1\BENHAS~1\APPLIC~1\Htm less
[27/12/2006|18:29] C:\DOCUME~1\BENHAS~1\APPLIC~1\Identities
[24/06/2007|13:34] C:\DOCUME~1\BENHAS~1\APPLIC~1\InstallShield
[29/06/2007|16:24] C:\DOCUME~1\BENHAS~1\APPLIC~1\Leadertech
[16/02/2009|23:37] C:\DOCUME~1\BENHAS~1\APPLIC~1\LimeWire
[13/06/2007|16:54] C:\DOCUME~1\BENHAS~1\APPLIC~1\Logitech
[27/12/2006|19:44] C:\DOCUME~1\BENHAS~1\APPLIC~1\Macromedia
[23/12/2008|11:37] C:\DOCUME~1\BENHAS~1\APPLIC~1\Microsoft
[31/08/2008|12:16] C:\DOCUME~1\BENHAS~1\APPLIC~1\Mozilla
[04/02/2008|00:39] C:\DOCUME~1\BENHAS~1\APPLIC~1\Nero
[14/02/2009|13:05] C:\DOCUME~1\BENHAS~1\APPLIC~1\PowerChallenge
[13/08/2007|22:01] C:\DOCUME~1\BENHAS~1\APPLIC~1\RegistrySmart
[13/06/2007|22:26] C:\DOCUME~1\BENHAS~1\APPLIC~1\SecuROM
[05/02/2008|22:23] C:\DOCUME~1\BENHAS~1\APPLIC~1\SMov
[01/06/2007|21:47] C:\DOCUME~1\BENHAS~1\APPLIC~1\SopCast
[04/01/2007|22:05] C:\DOCUME~1\BENHAS~1\APPLIC~1\Sun
[27/12/2006|18:39] C:\DOCUME~1\BENHAS~1\APPLIC~1\Talkback
[25/03/2007|12:42] C:\DOCUME~1\BENHAS~1\APPLIC~1\Teleca
[26/02/2009|09:32] C:\DOCUME~1\BENHAS~1\APPLIC~1\temp
[26/11/2006|10:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[27/12/2006|18:21] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[26/11/2006|10:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[23/12/2008|11:37] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[26/11/2006|10:05] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[23/12/2008|11:37] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
[23/12/2006|20:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[24/12/2006|13:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead
[26/11/2006|11:20] C:\DOCUME~1\PROPRI~1\APPLIC~1\FotoWire
[26/11/2006|10:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[26/11/2006|10:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[30/11/2006|20:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[26/11/2006|11:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[09/12/2006|19:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\SecuROM
[15/12/2006|13:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[26/11/2006|11:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\Talkback
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[15/01/2009 16:00][--ah-----] C:\WINDOWS\tasks\AF62BCD99189324D.job
[13/01/2009 16:18][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[10/01/2009 03:30][--a------] C:\WINDOWS\tasks\RegistrySmart Scheduled Scan.job
[15/01/2009 12:49][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/03/2006 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( AF62BCD99189324D.job )=( c:\docume~1\benhas~1\applic~1\htmles~1\drivedupemode.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[29/08/2008|22:25] C:\Program Files\1964
[25/06/2007|12:31] C:\Program Files\7-Zip
[05/01/2009|19:10] C:\Program Files\Ableton
[15/03/2009|21:14] C:\Program Files\Adobe
[05/01/2009|20:27] C:\Program Files\Apple Software Update
[05/01/2009|20:17] C:\Program Files\Ashampoo
[30/12/2008|00:38] C:\Program Files\AskSBar
[15/02/2008|19:04] C:\Program Files\AskTBar
[29/12/2008|00:32] C:\Program Files\Audacity
[23/12/2008|11:38] C:\Program Files\AVG
[15/05/2007|20:17] C:\Program Files\AviSynth 2.5
[17/01/2008|23:59] C:\Program Files\AVSMedia
[05/01/2009|20:34] C:\Program Files\Bonjour
[28/12/2006|11:11] C:\Program Files\Canon
[05/03/2009|15:43] C:\Program Files\Cheat Engine
[03/02/2008|23:54] C:\Program Files\Code-it Software
[29/12/2008|01:42] C:\Program Files\Conduit
[13/06/2007|16:54] C:\Program Files\Creative
[13/06/2007|16:47] C:\Program Files\Creative Installation Information
[07/01/2009|17:06] C:\Program Files\DAP
[29/09/2007|21:27] C:\Program Files\Dictionnaire
[21/04/2007|14:50] C:\Program Files\directx
[27/12/2006|22:57] C:\Program Files\DivX
[29/12/2008|01:08] C:\Program Files\DJ Mix Pro
[04/02/2009|22:56] C:\Program Files\DkZ Studio
[04/02/2009|22:57] C:\Program Files\DkZ Update
[14/01/2009|22:37] C:\Program Files\EA GAMES
[12/09/2008|01:26] C:\Program Files\EA SPORTS
[15/03/2009|22:36] C:\Program Files\Eidos
[05/01/2009|18:53] C:\Program Files\eMule
[20/05/2008|18:43] C:\Program Files\ENJOY Plus!
[22/07/2007|12:09] C:\Program Files\eRightSoft
[06/03/2009|19:36] C:\Program Files\Extreme Solutions
[05/01/2009|20:25] C:\Program Files\Fichiers communs
[15/02/2009|23:51] C:\Program Files\Gamenext
[15/02/2009|23:52] C:\Program Files\GamesBar
[30/12/2007|13:26] C:\Program Files\GIMP-2.0
[06/08/2007|11:56] C:\Program Files\Google
[12/01/2007|20:29] C:\Program Files\GT Interactive
[29/11/2006|19:36] C:\Program Files\HardwareDetection
[28/12/2006|10:54] C:\Program Files\Hewlett-Packard
[29/07/2007|02:48] C:\Program Files\honestech Video Editor 7.0 Trial
[03/06/2008|18:33] C:\Program Files\HP
[03/06/2008|20:16] C:\Program Files\Image-Line
[14/01/2009|17:21] C:\Program Files\InstallShield Installation Information
[15/01/2009|12:35] C:\Program Files\Internet Explorer
[05/01/2009|20:36] C:\Program Files\iPod
[22/12/2008|15:45] C:\Program Files\ipwins
[05/01/2009|20:37] C:\Program Files\iTunes
[07/03/2009|21:22] C:\Program Files\IZArc
[15/01/2009|13:25] C:\Program Files\Java
[13/06/2007|20:45] C:\Program Files\KONAMI
[23/12/2008|12:27] C:\Program Files\Larousse
[23/06/2008|23:29] C:\Program Files\LimeWire
[13/06/2007|16:35] C:\Program Files\Logitech
[20/02/2008|13:31] C:\Program Files\Macrogaming
[17/08/2008|17:30] C:\Program Files\Messenger
[13/01/2009|18:32] C:\Program Files\Messenger Plus! Live
[21/04/2007|14:49] C:\Program Files\Micro Application
[02/02/2009|03:11] C:\Program Files\Microsoft
[09/05/2007|19:26] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[26/11/2006|10:05] C:\Program Files\microsoft frontpage
[26/06/2007|13:10] C:\Program Files\Microsoft Office
[03/06/2008|20:21] C:\Program Files\Microsoft SQL Server Compact Edition
[26/06/2007|13:10] C:\Program Files\Microsoft Works
[26/06/2007|13:09] C:\Program Files\Microsoft.NET
[11/06/2008|10:56] C:\Program Files\Mindscape
[14/06/2008|11:19] C:\Program Files\Movie Maker
[15/01/2009|14:26] C:\Program Files\Mozilla Firefox
[14/06/2008|11:19] C:\Program Files\msn
[04/02/2009|15:56] C:\Program Files\MSN Content Plus Inc
[26/11/2006|10:01] C:\Program Files\MSN Gaming Zone
[13/01/2009|18:32] C:\Program Files\MSN Messenger
[06/03/2009|19:25] C:\Program Files\MSN Spy 2004
[14/02/2009|12:03] C:\Program Files\MSXML 4.0
[29/08/2008|22:43] C:\Program Files\mupen64 0.5
[28/12/2008|23:51] C:\Program Files\MyXOFT
[14/06/2008|11:14] C:\Program Files\NetMeeting
[22/12/2007|17:02] C:\Program Files\Neuf
[15/02/2009|23:51] C:\Program Files\Oberon Media
[02/06/2008|13:43] C:\Program Files\ONES Trial (F)
[26/11/2006|10:02] C:\Program Files\Online Services
[27/12/2006|21:00] C:\Program Files\outlook
[14/06/2008|11:14] C:\Program Files\Outlook Express
[05/01/2007|10:47] C:\Program Files\Overland
[29/12/2008|01:47] C:\Program Files\PHPNukeFR
[03/09/2008|02:18] C:\Program Files\Project64 1.6
[05/01/2009|20:33] C:\Program Files\QuickTime
[29/12/2008|01:15] C:\Program Files\Real dj system
[16/08/2007|12:22] C:\Program Files\RegistrySmart
[04/01/2007|19:20] C:\Program Files\REGSHAVE
[28/12/2006|11:16] C:\Program Files\Roxio
[15/01/2009|12:51] C:\Program Files\Saxo
[26/11/2006|10:03] C:\Program Files\Services en ligne
[30/12/2008|00:52] C:\Program Files\SoftwareDepo
[29/12/2008|01:35] C:\Program Files\Sony
[25/03/2007|12:39] C:\Program Files\Sony Ericsson
[29/12/2008|01:32] C:\Program Files\Sony Setup
[09/02/2008|13:46] C:\Program Files\SopCast
[25/03/2007|16:28] C:\Program Files\SpicyTools
[25/03/2007|16:28] C:\Program Files\SpicyTools Video Converter 1.0
[12/01/2009|20:23] C:\Program Files\Spider
[30/12/2008|15:12] C:\Program Files\StuffPlug3
[14/02/2007|20:24] C:\Program Files\SUDOKU - LE GRAND DEFI
[18/08/2008|12:18] C:\Program Files\Sun
[30/12/2008|00:50] C:\Program Files\SystemGuards.com
[26/03/2007|13:49] C:\Program Files\Total Video Converter
[26/11/2006|10:12] C:\Program Files\Uninstall Information
[22/07/2007|17:55] C:\Program Files\Viewpoint
[05/01/2009|18:35] C:\Program Files\VirtualDJ
[23/12/2008|12:39] C:\Program Files\Votre sant‚ au quotidien
[29/12/2008|01:36] C:\Program Files\VstPlugins
[05/03/2009|15:52] C:\Program Files\Windows Live
[23/12/2007|12:50] C:\Program Files\Windows Live Favorites
[02/02/2009|03:15] C:\Program Files\Windows Live Toolbar
[13/03/2007|19:34] C:\Program Files\Windows Media Connect 2
[14/06/2008|11:14] C:\Program Files\Windows Media Player
[14/06/2008|11:14] C:\Program Files\Windows NT
[26/11/2006|10:03] C:\Program Files\WindowsUpdate
[26/11/2006|10:05] C:\Program Files\xerox
[27/12/2006|21:15] C:\Program Files\?icrosoft.NET
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[28/12/2006|09:24] C:\Program Files\Fichiers communs\{34FC5935-0829-1036-1002-040408230021}
[27/12/2006|20:56] C:\Program Files\Fichiers communs\{94FC5935-0829-1036-1002-040408230021}
[11/06/2008|18:57] C:\Program Files\Fichiers communs\Adobe
[21/08/2008|10:31] C:\Program Files\Fichiers communs\Adobe AIR
[24/12/2006|12:48] C:\Program Files\Fichiers communs\Ahead
[05/01/2009|20:32] C:\Program Files\Fichiers communs\Apple
[18/01/2008|00:02] C:\Program Files\Fichiers communs\AVSMedia
[13/06/2007|16:47] C:\Program Files\Fichiers communs\Creative
[26/06/2007|13:10] C:\Program Files\Fichiers communs\DESIGNER
[28/12/2006|11:30] C:\Program Files\Fichiers communs\FotoWire
[26/11/2006|10:57] C:\Program Files\Fichiers communs\Hewlett-Packard
[26/11/2006|10:59] C:\Program Files\Fichiers communs\HP
[26/11/2006|11:19] C:\Program Files\Fichiers communs\InstallShield
[29/11/2006|12:30] C:\Program Files\Fichiers communs\Java
[13/06/2007|16:34] C:\Program Files\Fichiers communs\Logitech
[03/02/2009|01:24] C:\Program Files\Fichiers communs\Microsoft Shared
[26/11/2006|10:03] C:\Program Files\Fichiers communs\MSSoap
[15/02/2009|23:51] C:\Program Files\Fichiers communs\Oberon Media
[26/11/2006|10:55] C:\Program Files\Fichiers communs\ODBC
[26/11/2006|10:03] C:\Program Files\Fichiers communs\Services
[26/11/2006|10:55] C:\Program Files\Fichiers communs\SpeechEngines
[14/02/2007|20:29] C:\Program Files\Fichiers communs\SWF Studio
[14/06/2008|11:14] C:\Program Files\Fichiers communs\System
[25/03/2007|12:39] C:\Program Files\Fichiers communs\Teleca Shared
[26/11/2006|11:14] C:\Program Files\Fichiers communs\TiVo Shared
[18/07/2008|12:23] C:\Program Files\Fichiers communs\Uninstall Information
[02/02/2009|03:06] C:\Program Files\Fichiers communs\Windows Live
[03/06/2008|20:21] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 55 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\great coal love default
C:\DOCUME~1\BENHAS~1\APPLIC~1\htmles~1
C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_0207.tmp
C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_1186.tmp
C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_53c2.tmp
C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_78be.tmp
C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_7d60.tmp
C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_7f55.tmp
C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_8edc.tmp
C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_dc27.tmp
C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\nsf141.tmp
C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\nsr43A.tmp
C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\status.txt
C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@adex.bigpoint[1].txt
C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@bigpoint[1].txt
C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@fr.xblaster.bigpoint[1].txt
C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@cotedazurpalace[2].txt
C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@www.cotedazurpalace[1].txt
C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@vegas-millions[1].txt
C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@2xmoinscher[2].txt
C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@www.2xmoinscher[1].txt
C:\WINDOWS\Tasks\AF62BCD99189324D.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Active Dvd"="C:\\DOCUME~1\\BENHAS~1\\APPLIC~1\\HTMLES~1\\math team exit.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Love default global mess"="C:\\Documents and Settings\\All Users.WINDOWS\\Application Data\\great coal love default\\bend tray.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts MODIFIE
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD
-> 9942 [ 70 ## added by CiD ]
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-15 16:15:02
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\DOCUME~1\BENHAS~1\LOCALS~1\APPLIC~1\Microsoft\Windows\GameExplorer\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}\PlayTasks\1\Les Sims™ 2 : Boit@Look.lnk 1087 bytes hidden from API
scan completed successfully
hidden processes: 0
hidden files: 26
--------------------\\ Recherche d'autres infections
C:\DOCUME~1\BENHAS~1\LOCALS~1\APPLIC~1\ckqsioe.dat
C:\DOCUME~1\BENHAS~1\LOCALS~1\APPLIC~1\ckqsioe.exe
C:\DOCUME~1\BENHAS~1\LOCALS~1\APPLIC~1\ckqsioe_nav.dat
C:\DOCUME~1\BENHAS~1\LOCALS~1\APPLIC~1\ckqsioe_navps.dat
==> EGDACCESS <==
--------------------\\ ROGUES ..
C:\DOCUME~1\BENHAS~1\APPLIC~1\DriveCleaner Free
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\BENHAS~1\Shared\dossier instru\fat joe- crack house.mp3
C:\DOCUME~1\BENHAS~1\Shared\explicit liric\_ALPHA_5_20_-_CRACK_SAISON_.MP3
[F:1531][D:372]-> C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp
[F:553][D:0]-> C:\DOCUME~1\BENHAS~1\Cookies
[F:13086][D:57]-> C:\DOCUME~1\BENHAS~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 15/01/2009|16:19 - Option : [1]
--------------------\\ Fin du rapport a 16:19:52
voilà le nouveau rapport
Supprime! - C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_0207.tmp
Supprime! - C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_1186.tmp
Supprime! - C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_53c2.tmp
Supprime! - C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_78be.tmp
Supprime! - C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_7d60.tmp
Supprime! - C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_7f55.tmp
Supprime! - C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_8edc.tmp
Supprime! - C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_dc27.tmp
Supprime! - C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\nsf141.tmp
Supprime! - C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\nsr43A.tmp
Supprime! - C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\status.txt
Supprime! - C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@adex.bigpoint[1].txt
Supprime! - C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@bigpoint[1].txt
Supprime! - C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@fr.xblaster.bigpoint[1].txt
Supprime! - C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@www.cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@vegas-millions[1].txt
Supprime! - C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@2xmoinscher[2].txt
Supprime! - C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@www.2xmoinscher[1].txt
Supprime! - C:\WINDOWS\Tasks\AF62BCD99189324D.job
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\great coal love default
Supprime! - C:\DOCUME~1\BENHAS~1\APPLIC~1\htmles~1
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
Supprime! - C:\Program Files\Viewpoint
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Viewpoint
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[23/12/2006|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[15/02/2009|23:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar
[26/11/2006|10:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[26/11/2006|11:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[26/11/2006|11:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[24/12/2006|12:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[26/12/2006|11:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nfo
[26/11/2006|11:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[24/12/2006|11:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vidmon
[05/01/2009|20:37] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[05/01/2009|19:17] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ableton
[15/03/2009|21:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe
[22/07/2007|19:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AOL
[22/07/2007|17:54] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AOL Downloads
[22/07/2007|17:55] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AOL OCP
[05/01/2009|20:25] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple
[05/01/2009|20:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
[23/12/2008|11:38] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Avg8
[18/01/2008|00:02] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AVS4YOU
[20/05/2008|18:44] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\ENJOY Plus!
[15/01/2009|14:02] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar
[05/08/2007|13:04] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[03/06/2008|18:33] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Hewlett-Packard
[06/06/2008|10:38] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\IM
[06/06/2008|10:37] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\IncrediMail
[28/12/2006|11:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\InstallShield
[15/03/2009|23:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Lavasoft
[13/02/2009|21:15] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Messenger Plus!
[03/02/2009|01:31] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[14/02/2009|12:05] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Help
[21/02/2008|16:53] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Nero
[23/12/2008|11:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Norton
[15/03/2009|23:06] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\NortonInstaller
[13/01/2007|01:58] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\QuickTime
[25/03/2007|12:39] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Sony Ericsson
[06/01/2009|21:17] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\SpeedBit
[11/03/2009|20:32] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spybot - Search & Destroy
[15/12/2008|12:40] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Symantec
[25/03/2007|12:39] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Teleca
[06/01/2009|21:16] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TEMP
[27/12/2006|18:51] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[28/12/2006|11:53] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Live Toolbar
[03/06/2008|20:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WLInstaller
[05/01/2009|19:17] C:\DOCUME~1\BENHAS~1\APPLIC~1\Ableton
[21/08/2008|10:31] C:\DOCUME~1\BENHAS~1\APPLIC~1\Adobe
[05/01/2009|20:39] C:\DOCUME~1\BENHAS~1\APPLIC~1\Apple Computer
[04/02/2009|22:57] C:\DOCUME~1\BENHAS~1\APPLIC~1\Atari
[13/01/2009|18:41] C:\DOCUME~1\BENHAS~1\APPLIC~1\AVGTOOLBAR
[18/01/2008|00:04] C:\DOCUME~1\BENHAS~1\APPLIC~1\AVSMedia
[25/03/2008|19:29] C:\DOCUME~1\BENHAS~1\APPLIC~1\Creative
[04/01/2007|20:09] C:\DOCUME~1\BENHAS~1\APPLIC~1\DivX
[04/07/2007|01:50] C:\DOCUME~1\BENHAS~1\APPLIC~1\DriveCleaner Free
[20/05/2008|18:43] C:\DOCUME~1\BENHAS~1\APPLIC~1\ENJOY Plus!
[28/12/2006|11:30] C:\DOCUME~1\BENHAS~1\APPLIC~1\FotoWire
[04/01/2007|19:57] C:\DOCUME~1\BENHAS~1\APPLIC~1\FUJIFILM
[03/01/2007|20:59] C:\DOCUME~1\BENHAS~1\APPLIC~1\Google
[30/12/2007|14:02] C:\DOCUME~1\BENHAS~1\APPLIC~1\gtk-2.0
[07/02/2007|20:59] C:\DOCUME~1\BENHAS~1\APPLIC~1\Help
[27/12/2006|18:29] C:\DOCUME~1\BENHAS~1\APPLIC~1\Identities
[24/06/2007|13:34] C:\DOCUME~1\BENHAS~1\APPLIC~1\InstallShield
[29/06/2007|16:24] C:\DOCUME~1\BENHAS~1\APPLIC~1\Leadertech
[16/02/2009|23:37] C:\DOCUME~1\BENHAS~1\APPLIC~1\LimeWire
[13/06/2007|16:54] C:\DOCUME~1\BENHAS~1\APPLIC~1\Logitech
[27/12/2006|19:44] C:\DOCUME~1\BENHAS~1\APPLIC~1\Macromedia
[23/12/2008|11:37] C:\DOCUME~1\BENHAS~1\APPLIC~1\Microsoft
[31/08/2008|12:16] C:\DOCUME~1\BENHAS~1\APPLIC~1\Mozilla
[04/02/2008|00:39] C:\DOCUME~1\BENHAS~1\APPLIC~1\Nero
[14/02/2009|13:05] C:\DOCUME~1\BENHAS~1\APPLIC~1\PowerChallenge
[13/08/2007|22:01] C:\DOCUME~1\BENHAS~1\APPLIC~1\RegistrySmart
[13/06/2007|22:26] C:\DOCUME~1\BENHAS~1\APPLIC~1\SecuROM
[05/02/2008|22:23] C:\DOCUME~1\BENHAS~1\APPLIC~1\SMov
[01/06/2007|21:47] C:\DOCUME~1\BENHAS~1\APPLIC~1\SopCast
[04/01/2007|22:05] C:\DOCUME~1\BENHAS~1\APPLIC~1\Sun
[27/12/2006|18:39] C:\DOCUME~1\BENHAS~1\APPLIC~1\Talkback
[25/03/2007|12:42] C:\DOCUME~1\BENHAS~1\APPLIC~1\Teleca
[26/02/2009|09:32] C:\DOCUME~1\BENHAS~1\APPLIC~1\temp
[26/11/2006|10:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[27/12/2006|18:21] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[26/11/2006|10:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[23/12/2008|11:37] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[26/11/2006|10:05] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[23/12/2008|11:37] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
[23/12/2006|20:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[24/12/2006|13:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead
[26/11/2006|11:20] C:\DOCUME~1\PROPRI~1\APPLIC~1\FotoWire
[26/11/2006|10:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[26/11/2006|10:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[30/11/2006|20:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[26/11/2006|11:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[09/12/2006|19:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\SecuROM
[15/12/2006|13:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[26/11/2006|11:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\Talkback
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[13/01/2009 16:18][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[10/01/2009 03:30][--a------] C:\WINDOWS\tasks\RegistrySmart Scheduled Scan.job
[15/01/2009 12:49][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/03/2006 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[29/08/2008|22:25] C:\Program Files\1964
[25/06/2007|12:31] C:\Program Files\7-Zip
[05/01/2009|19:10] C:\Program Files\Ableton
[15/03/2009|21:14] C:\Program Files\Adobe
[05/01/2009|20:27] C:\Program Files\Apple Software Update
[05/01/2009|20:17] C:\Program Files\Ashampoo
[30/12/2008|00:38] C:\Program Files\AskSBar
[15/02/2008|19:04] C:\Program Files\AskTBar
[29/12/2008|00:32] C:\Program Files\Audacity
[23/12/2008|11:38] C:\Program Files\AVG
[15/05/2007|20:17] C:\Program Files\AviSynth 2.5
[17/01/2008|23:59] C:\Program Files\AVSMedia
[05/01/2009|20:34] C:\Program Files\Bonjour
[28/12/2006|11:11] C:\Program Files\Canon
[05/03/2009|15:43] C:\Program Files\Cheat Engine
[03/02/2008|23:54] C:\Program Files\Code-it Software
[29/12/2008|01:42] C:\Program Files\Conduit
[13/06/2007|16:54] C:\Program Files\Creative
[13/06/2007|16:47] C:\Program Files\Creative Installation Information
[07/01/2009|17:06] C:\Program Files\DAP
[29/09/2007|21:27] C:\Program Files\Dictionnaire
[21/04/2007|14:50] C:\Program Files\directx
[27/12/2006|22:57] C:\Program Files\DivX
[29/12/2008|01:08] C:\Program Files\DJ Mix Pro
[04/02/2009|22:56] C:\Program Files\DkZ Studio
[04/02/2009|22:57] C:\Program Files\DkZ Update
[14/01/2009|22:37] C:\Program Files\EA GAMES
[12/09/2008|01:26] C:\Program Files\EA SPORTS
[15/03/2009|22:36] C:\Program Files\Eidos
[05/01/2009|18:53] C:\Program Files\eMule
[20/05/2008|18:43] C:\Program Files\ENJOY Plus!
[22/07/2007|12:09] C:\Program Files\eRightSoft
[06/03/2009|19:36] C:\Program Files\Extreme Solutions
[15/01/2009|15:58] C:\Program Files\Fichiers communs
[15/02/2009|23:51] C:\Program Files\Gamenext
[15/02/2009|23:52] C:\Program Files\GamesBar
[30/12/2007|13:26] C:\Program Files\GIMP-2.0
[06/08/2007|11:56] C:\Program Files\Google
[12/01/2007|20:29] C:\Program Files\GT Interactive
[29/11/2006|19:36] C:\Program Files\HardwareDetection
[28/12/2006|10:54] C:\Program Files\Hewlett-Packard
[29/07/2007|02:48] C:\Program Files\honestech Video Editor 7.0 Trial
[03/06/2008|18:33] C:\Program Files\HP
[03/06/2008|20:16] C:\Program Files\Image-Line
[14/01/2009|17:21] C:\Program Files\InstallShield Installation Information
[15/01/2009|12:35] C:\Program Files\Internet Explorer
[05/01/2009|20:36] C:\Program Files\iPod
[22/12/2008|15:45] C:\Program Files\ipwins
[05/01/2009|20:37] C:\Program Files\iTunes
[07/03/2009|21:22] C:\Program Files\IZArc
[15/01/2009|13:25] C:\Program Files\Java
[13/06/2007|20:45] C:\Program Files\KONAMI
[23/12/2008|12:27] C:\Program Files\Larousse
[23/06/2008|23:29] C:\Program Files\LimeWire
[13/06/2007|16:35] C:\Program Files\Logitech
[20/02/2008|13:31] C:\Program Files\Macrogaming
[17/08/2008|17:30] C:\Program Files\Messenger
[13/01/2009|18:32] C:\Program Files\Messenger Plus! Live
[21/04/2007|14:49] C:\Program Files\Micro Application
[02/02/2009|03:11] C:\Program Files\Microsoft
[09/05/2007|19:26] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[26/11/2006|10:05] C:\Program Files\microsoft frontpage
[26/06/2007|13:10] C:\Program Files\Microsoft Office
[03/06/2008|20:21] C:\Program Files\Microsoft SQL Server Compact Edition
[26/06/2007|13:10] C:\Program Files\Microsoft Works
[26/06/2007|13:09] C:\Program Files\Microsoft.NET
[11/06/2008|10:56] C:\Program Files\Mindscape
[14/06/2008|11:19] C:\Program Files\Movie Maker
[15/01/2009|14:26] C:\Program Files\Mozilla Firefox
[14/06/2008|11:19] C:\Program Files\msn
[04/02/2009|15:56] C:\Program Files\MSN Content Plus Inc
[26/11/2006|10:01] C:\Program Files\MSN Gaming Zone
[13/01/2009|18:32] C:\Program Files\MSN Messenger
[06/03/2009|19:25] C:\Program Files\MSN Spy 2004
[14/02/2009|12:03] C:\Program Files\MSXML 4.0
[29/08/2008|22:43] C:\Program Files\mupen64 0.5
[28/12/2008|23:51] C:\Program Files\MyXOFT
[14/06/2008|11:14] C:\Program Files\NetMeeting
[22/12/2007|17:02] C:\Program Files\Neuf
[15/02/2009|23:51] C:\Program Files\Oberon Media
[02/06/2008|13:43] C:\Program Files\ONES Trial (F)
[26/11/2006|10:02] C:\Program Files\Online Services
[27/12/2006|21:00] C:\Program Files\outlook
[14/06/2008|11:14] C:\Program Files\Outlook Express
[05/01/2007|10:47] C:\Program Files\Overland
[29/12/2008|01:47] C:\Program Files\PHPNukeFR
[03/09/2008|02:18] C:\Program Files\Project64 1.6
[05/01/2009|20:33] C:\Program Files\QuickTime
[29/12/2008|01:15] C:\Program Files\Real dj system
[16/08/2007|12:22] C:\Program Files\RegistrySmart
[04/01/2007|19:20] C:\Program Files\REGSHAVE
[28/12/2006|11:16] C:\Program Files\Roxio
[15/01/2009|12:51] C:\Program Files\Saxo
[26/11/2006|10:03] C:\Program Files\Services en ligne
[30/12/2008|00:52] C:\Program Files\SoftwareDepo
[29/12/2008|01:35] C:\Program Files\Sony
[25/03/2007|12:39] C:\Program Files\Sony Ericsson
[29/12/2008|01:32] C:\Program Files\Sony Setup
[09/02/2008|13:46] C:\Program Files\SopCast
[25/03/2007|16:28] C:\Program Files\SpicyTools
[25/03/2007|16:28] C:\Program Files\SpicyTools Video Converter 1.0
[12/01/2009|20:23] C:\Program Files\Spider
[30/12/2008|15:12] C:\Program Files\StuffPlug3
[14/02/2007|20:24] C:\Program Files\SUDOKU - LE GRAND DEFI
[18/08/2008|12:18] C:\Program Files\Sun
[30/12/2008|00:50] C:\Program Files\SystemGuards.com
[26/03/2007|13:49] C:\Program Files\Total Video Converter
[26/11/2006|10:12] C:\Program Files\Uninstall Information
[05/01/2009|18:35] C:\Program Files\VirtualDJ
[23/12/2008|12:39] C:\Program Files\Votre sant‚ au quotidien
[29/12/2008|01:36] C:\Program Files\VstPlugins
[05/03/2009|15:52] C:\Program Files\Windows Live
[23/12/2007|12:50] C:\Program Files\Windows Live Favorites
[02/02/2009|03:15] C:\Program Files\Windows Live Toolbar
[13/03/2007|19:34] C:\Program Files\Windows Media Connect 2
[14/06/2008|11:14] C:\Program Files\Windows Media Player
[14/06/2008|11:14] C:\Program Files\Windows NT
[26/11/2006|10:03] C:\Program Files\WindowsUpdate
[26/11/2006|10:05] C:\Program Files\xerox
[27/12/2006|21:15] C:\Program Files\?icrosoft.NET
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[28/12/2006|09:24] C:\Program Files\Fichiers communs\{34FC5935-0829-1036-1002-040408230021}
[27/12/2006|20:56] C:\Program Files\Fichiers communs\{94FC5935-0829-1036-1002-040408230021}
[11/06/2008|18:57] C:\Program Files\Fichiers communs\Adobe
[21/08/2008|10:31] C:\Program Files\Fichiers communs\Adobe AIR
[24/12/2006|12:48] C:\Program Files\Fichiers communs\Ahead
[05/01/2009|20:32] C:\Program Files\Fichiers communs\Apple
[18/01/2008|00:02] C:\Program Files\Fichiers communs\AVSMedia
[13/06/2007|16:47] C:\Program Files\Fichiers communs\Creative
[26/06/2007|13:10] C:\Program Files\Fichiers communs\DESIGNER
[28/12/2006|11:30] C:\Program Files\Fichiers communs\FotoWire
[26/11/2006|10:57] C:\Program Files\Fichiers communs\Hewlett-Packard
[26/11/2006|10:59] C:\Program Files\Fichiers communs\HP
[26/11/2006|11:19] C:\Program Files\Fichiers communs\InstallShield
[29/11/2006|12:30] C:\Program Files\Fichiers communs\Java
[13/06/2007|16:34] C:\Program Files\Fichiers communs\Logitech
[03/02/2009|01:24] C:\Program Files\Fichiers communs\Microsoft Shared
[26/11/2006|10:03] C:\Program Files\Fichiers communs\MSSoap
[15/02/2009|23:51] C:\Program Files\Fichiers communs\Oberon Media
[26/11/2006|10:55] C:\Program Files\Fichiers communs\ODBC
[26/11/2006|10:03] C:\Program Files\Fichiers communs\Services
[26/11/2006|10:55] C:\Program Files\Fichiers communs\SpeechEngines
[14/02/2007|20:29] C:\Program Files\Fichiers communs\SWF Studio
[14/06/2008|11:14] C:\Program Files\Fichiers communs\System
[25/03/2007|12:39] C:\Program Files\Fichiers communs\Teleca Shared
[26/11/2006|11:14] C:\Program Files\Fichiers communs\TiVo Shared
[18/07/2008|12:23] C:\Program Files\Fichiers communs\Uninstall Information
[02/02/2009|03:06] C:\Program Files\Fichiers communs\Windows Live
[03/06/2008|20:21] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 54 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-15 16:47:09
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\DOCUME~1\BENHAS~1\LOCALS~1\APPLIC~1\Microsoft\Windows\GameExplorer\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}\PlayTasks\1\Les Sims™ 2 : Boit@Look.lnk 1087 bytes hidden from API
scan completed successfully
hidden processes: 0
hidden files: 26
--------------------\\ Recherche d'autres infections
C:\DOCUME~1\BENHAS~1\LOCALS~1\APPLIC~1\ckqsioe.dat
C:\DOCUME~1\BENHAS~1\LOCALS~1\APPLIC~1\ckqsioe.exe
C:\DOCUME~1\BENHAS~1\LOCALS~1\APPLIC~1\ckqsioe_nav.dat
C:\DOCUME~1\BENHAS~1\LOCALS~1\APPLIC~1\ckqsioe_navps.dat
==> EGDACCESS <==
--------------------\\ ROGUES ..
C:\DOCUME~1\BENHAS~1\APPLIC~1\DriveCleaner Free
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\BENHAS~1\Shared\dossier instru\fat joe- crack house.mp3
C:\DOCUME~1\BENHAS~1\Shared\explicit liric\_ALPHA_5_20_-_CRACK_SAISON_.MP3
[F:1502][D:363]-> C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp
[F:545][D:0]-> C:\DOCUME~1\BENHAS~1\Cookies
[F:13104][D:57]-> C:\DOCUME~1\BENHAS~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 15/01/2009|16:19 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 15/01/2009|16:49 - Option : [2]
--------------------\\ Fin du rapport a 16:49:56
Supprime! - C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_0207.tmp
Supprime! - C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_1186.tmp
Supprime! - C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_53c2.tmp
Supprime! - C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_78be.tmp
Supprime! - C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_7d60.tmp
Supprime! - C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_7f55.tmp
Supprime! - C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_8edc.tmp
Supprime! - C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\msgpl_dc27.tmp
Supprime! - C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\nsf141.tmp
Supprime! - C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\nsr43A.tmp
Supprime! - C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\status.txt
Supprime! - C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@adex.bigpoint[1].txt
Supprime! - C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@bigpoint[1].txt
Supprime! - C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@fr.xblaster.bigpoint[1].txt
Supprime! - C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@www.cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@vegas-millions[1].txt
Supprime! - C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@2xmoinscher[2].txt
Supprime! - C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@www.2xmoinscher[1].txt
Supprime! - C:\WINDOWS\Tasks\AF62BCD99189324D.job
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\great coal love default
Supprime! - C:\DOCUME~1\BENHAS~1\APPLIC~1\htmles~1
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
Supprime! - C:\Program Files\Viewpoint
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Viewpoint
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[23/12/2006|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[15/02/2009|23:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar
[26/11/2006|10:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[26/11/2006|11:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[26/11/2006|11:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[24/12/2006|12:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[26/12/2006|11:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nfo
[26/11/2006|11:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[24/12/2006|11:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vidmon
[05/01/2009|20:37] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[05/01/2009|19:17] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ableton
[15/03/2009|21:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe
[22/07/2007|19:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AOL
[22/07/2007|17:54] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AOL Downloads
[22/07/2007|17:55] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AOL OCP
[05/01/2009|20:25] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple
[05/01/2009|20:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
[23/12/2008|11:38] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Avg8
[18/01/2008|00:02] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AVS4YOU
[20/05/2008|18:44] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\ENJOY Plus!
[15/01/2009|14:02] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar
[05/08/2007|13:04] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[03/06/2008|18:33] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Hewlett-Packard
[06/06/2008|10:38] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\IM
[06/06/2008|10:37] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\IncrediMail
[28/12/2006|11:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\InstallShield
[15/03/2009|23:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Lavasoft
[13/02/2009|21:15] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Messenger Plus!
[03/02/2009|01:31] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[14/02/2009|12:05] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Help
[21/02/2008|16:53] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Nero
[23/12/2008|11:14] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Norton
[15/03/2009|23:06] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\NortonInstaller
[13/01/2007|01:58] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\QuickTime
[25/03/2007|12:39] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Sony Ericsson
[06/01/2009|21:17] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\SpeedBit
[11/03/2009|20:32] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spybot - Search & Destroy
[15/12/2008|12:40] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Symantec
[25/03/2007|12:39] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Teleca
[06/01/2009|21:16] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TEMP
[27/12/2006|18:51] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[28/12/2006|11:53] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Live Toolbar
[03/06/2008|20:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WLInstaller
[05/01/2009|19:17] C:\DOCUME~1\BENHAS~1\APPLIC~1\Ableton
[21/08/2008|10:31] C:\DOCUME~1\BENHAS~1\APPLIC~1\Adobe
[05/01/2009|20:39] C:\DOCUME~1\BENHAS~1\APPLIC~1\Apple Computer
[04/02/2009|22:57] C:\DOCUME~1\BENHAS~1\APPLIC~1\Atari
[13/01/2009|18:41] C:\DOCUME~1\BENHAS~1\APPLIC~1\AVGTOOLBAR
[18/01/2008|00:04] C:\DOCUME~1\BENHAS~1\APPLIC~1\AVSMedia
[25/03/2008|19:29] C:\DOCUME~1\BENHAS~1\APPLIC~1\Creative
[04/01/2007|20:09] C:\DOCUME~1\BENHAS~1\APPLIC~1\DivX
[04/07/2007|01:50] C:\DOCUME~1\BENHAS~1\APPLIC~1\DriveCleaner Free
[20/05/2008|18:43] C:\DOCUME~1\BENHAS~1\APPLIC~1\ENJOY Plus!
[28/12/2006|11:30] C:\DOCUME~1\BENHAS~1\APPLIC~1\FotoWire
[04/01/2007|19:57] C:\DOCUME~1\BENHAS~1\APPLIC~1\FUJIFILM
[03/01/2007|20:59] C:\DOCUME~1\BENHAS~1\APPLIC~1\Google
[30/12/2007|14:02] C:\DOCUME~1\BENHAS~1\APPLIC~1\gtk-2.0
[07/02/2007|20:59] C:\DOCUME~1\BENHAS~1\APPLIC~1\Help
[27/12/2006|18:29] C:\DOCUME~1\BENHAS~1\APPLIC~1\Identities
[24/06/2007|13:34] C:\DOCUME~1\BENHAS~1\APPLIC~1\InstallShield
[29/06/2007|16:24] C:\DOCUME~1\BENHAS~1\APPLIC~1\Leadertech
[16/02/2009|23:37] C:\DOCUME~1\BENHAS~1\APPLIC~1\LimeWire
[13/06/2007|16:54] C:\DOCUME~1\BENHAS~1\APPLIC~1\Logitech
[27/12/2006|19:44] C:\DOCUME~1\BENHAS~1\APPLIC~1\Macromedia
[23/12/2008|11:37] C:\DOCUME~1\BENHAS~1\APPLIC~1\Microsoft
[31/08/2008|12:16] C:\DOCUME~1\BENHAS~1\APPLIC~1\Mozilla
[04/02/2008|00:39] C:\DOCUME~1\BENHAS~1\APPLIC~1\Nero
[14/02/2009|13:05] C:\DOCUME~1\BENHAS~1\APPLIC~1\PowerChallenge
[13/08/2007|22:01] C:\DOCUME~1\BENHAS~1\APPLIC~1\RegistrySmart
[13/06/2007|22:26] C:\DOCUME~1\BENHAS~1\APPLIC~1\SecuROM
[05/02/2008|22:23] C:\DOCUME~1\BENHAS~1\APPLIC~1\SMov
[01/06/2007|21:47] C:\DOCUME~1\BENHAS~1\APPLIC~1\SopCast
[04/01/2007|22:05] C:\DOCUME~1\BENHAS~1\APPLIC~1\Sun
[27/12/2006|18:39] C:\DOCUME~1\BENHAS~1\APPLIC~1\Talkback
[25/03/2007|12:42] C:\DOCUME~1\BENHAS~1\APPLIC~1\Teleca
[26/02/2009|09:32] C:\DOCUME~1\BENHAS~1\APPLIC~1\temp
[26/11/2006|10:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[27/12/2006|18:21] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[26/11/2006|10:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[23/12/2008|11:37] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[26/11/2006|10:05] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[23/12/2008|11:37] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
[23/12/2006|20:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[24/12/2006|13:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead
[26/11/2006|11:20] C:\DOCUME~1\PROPRI~1\APPLIC~1\FotoWire
[26/11/2006|10:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[26/11/2006|10:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[30/11/2006|20:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[26/11/2006|11:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[09/12/2006|19:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\SecuROM
[15/12/2006|13:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[26/11/2006|11:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\Talkback
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[13/01/2009 16:18][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[10/01/2009 03:30][--a------] C:\WINDOWS\tasks\RegistrySmart Scheduled Scan.job
[15/01/2009 12:49][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/03/2006 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[29/08/2008|22:25] C:\Program Files\1964
[25/06/2007|12:31] C:\Program Files\7-Zip
[05/01/2009|19:10] C:\Program Files\Ableton
[15/03/2009|21:14] C:\Program Files\Adobe
[05/01/2009|20:27] C:\Program Files\Apple Software Update
[05/01/2009|20:17] C:\Program Files\Ashampoo
[30/12/2008|00:38] C:\Program Files\AskSBar
[15/02/2008|19:04] C:\Program Files\AskTBar
[29/12/2008|00:32] C:\Program Files\Audacity
[23/12/2008|11:38] C:\Program Files\AVG
[15/05/2007|20:17] C:\Program Files\AviSynth 2.5
[17/01/2008|23:59] C:\Program Files\AVSMedia
[05/01/2009|20:34] C:\Program Files\Bonjour
[28/12/2006|11:11] C:\Program Files\Canon
[05/03/2009|15:43] C:\Program Files\Cheat Engine
[03/02/2008|23:54] C:\Program Files\Code-it Software
[29/12/2008|01:42] C:\Program Files\Conduit
[13/06/2007|16:54] C:\Program Files\Creative
[13/06/2007|16:47] C:\Program Files\Creative Installation Information
[07/01/2009|17:06] C:\Program Files\DAP
[29/09/2007|21:27] C:\Program Files\Dictionnaire
[21/04/2007|14:50] C:\Program Files\directx
[27/12/2006|22:57] C:\Program Files\DivX
[29/12/2008|01:08] C:\Program Files\DJ Mix Pro
[04/02/2009|22:56] C:\Program Files\DkZ Studio
[04/02/2009|22:57] C:\Program Files\DkZ Update
[14/01/2009|22:37] C:\Program Files\EA GAMES
[12/09/2008|01:26] C:\Program Files\EA SPORTS
[15/03/2009|22:36] C:\Program Files\Eidos
[05/01/2009|18:53] C:\Program Files\eMule
[20/05/2008|18:43] C:\Program Files\ENJOY Plus!
[22/07/2007|12:09] C:\Program Files\eRightSoft
[06/03/2009|19:36] C:\Program Files\Extreme Solutions
[15/01/2009|15:58] C:\Program Files\Fichiers communs
[15/02/2009|23:51] C:\Program Files\Gamenext
[15/02/2009|23:52] C:\Program Files\GamesBar
[30/12/2007|13:26] C:\Program Files\GIMP-2.0
[06/08/2007|11:56] C:\Program Files\Google
[12/01/2007|20:29] C:\Program Files\GT Interactive
[29/11/2006|19:36] C:\Program Files\HardwareDetection
[28/12/2006|10:54] C:\Program Files\Hewlett-Packard
[29/07/2007|02:48] C:\Program Files\honestech Video Editor 7.0 Trial
[03/06/2008|18:33] C:\Program Files\HP
[03/06/2008|20:16] C:\Program Files\Image-Line
[14/01/2009|17:21] C:\Program Files\InstallShield Installation Information
[15/01/2009|12:35] C:\Program Files\Internet Explorer
[05/01/2009|20:36] C:\Program Files\iPod
[22/12/2008|15:45] C:\Program Files\ipwins
[05/01/2009|20:37] C:\Program Files\iTunes
[07/03/2009|21:22] C:\Program Files\IZArc
[15/01/2009|13:25] C:\Program Files\Java
[13/06/2007|20:45] C:\Program Files\KONAMI
[23/12/2008|12:27] C:\Program Files\Larousse
[23/06/2008|23:29] C:\Program Files\LimeWire
[13/06/2007|16:35] C:\Program Files\Logitech
[20/02/2008|13:31] C:\Program Files\Macrogaming
[17/08/2008|17:30] C:\Program Files\Messenger
[13/01/2009|18:32] C:\Program Files\Messenger Plus! Live
[21/04/2007|14:49] C:\Program Files\Micro Application
[02/02/2009|03:11] C:\Program Files\Microsoft
[09/05/2007|19:26] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[26/11/2006|10:05] C:\Program Files\microsoft frontpage
[26/06/2007|13:10] C:\Program Files\Microsoft Office
[03/06/2008|20:21] C:\Program Files\Microsoft SQL Server Compact Edition
[26/06/2007|13:10] C:\Program Files\Microsoft Works
[26/06/2007|13:09] C:\Program Files\Microsoft.NET
[11/06/2008|10:56] C:\Program Files\Mindscape
[14/06/2008|11:19] C:\Program Files\Movie Maker
[15/01/2009|14:26] C:\Program Files\Mozilla Firefox
[14/06/2008|11:19] C:\Program Files\msn
[04/02/2009|15:56] C:\Program Files\MSN Content Plus Inc
[26/11/2006|10:01] C:\Program Files\MSN Gaming Zone
[13/01/2009|18:32] C:\Program Files\MSN Messenger
[06/03/2009|19:25] C:\Program Files\MSN Spy 2004
[14/02/2009|12:03] C:\Program Files\MSXML 4.0
[29/08/2008|22:43] C:\Program Files\mupen64 0.5
[28/12/2008|23:51] C:\Program Files\MyXOFT
[14/06/2008|11:14] C:\Program Files\NetMeeting
[22/12/2007|17:02] C:\Program Files\Neuf
[15/02/2009|23:51] C:\Program Files\Oberon Media
[02/06/2008|13:43] C:\Program Files\ONES Trial (F)
[26/11/2006|10:02] C:\Program Files\Online Services
[27/12/2006|21:00] C:\Program Files\outlook
[14/06/2008|11:14] C:\Program Files\Outlook Express
[05/01/2007|10:47] C:\Program Files\Overland
[29/12/2008|01:47] C:\Program Files\PHPNukeFR
[03/09/2008|02:18] C:\Program Files\Project64 1.6
[05/01/2009|20:33] C:\Program Files\QuickTime
[29/12/2008|01:15] C:\Program Files\Real dj system
[16/08/2007|12:22] C:\Program Files\RegistrySmart
[04/01/2007|19:20] C:\Program Files\REGSHAVE
[28/12/2006|11:16] C:\Program Files\Roxio
[15/01/2009|12:51] C:\Program Files\Saxo
[26/11/2006|10:03] C:\Program Files\Services en ligne
[30/12/2008|00:52] C:\Program Files\SoftwareDepo
[29/12/2008|01:35] C:\Program Files\Sony
[25/03/2007|12:39] C:\Program Files\Sony Ericsson
[29/12/2008|01:32] C:\Program Files\Sony Setup
[09/02/2008|13:46] C:\Program Files\SopCast
[25/03/2007|16:28] C:\Program Files\SpicyTools
[25/03/2007|16:28] C:\Program Files\SpicyTools Video Converter 1.0
[12/01/2009|20:23] C:\Program Files\Spider
[30/12/2008|15:12] C:\Program Files\StuffPlug3
[14/02/2007|20:24] C:\Program Files\SUDOKU - LE GRAND DEFI
[18/08/2008|12:18] C:\Program Files\Sun
[30/12/2008|00:50] C:\Program Files\SystemGuards.com
[26/03/2007|13:49] C:\Program Files\Total Video Converter
[26/11/2006|10:12] C:\Program Files\Uninstall Information
[05/01/2009|18:35] C:\Program Files\VirtualDJ
[23/12/2008|12:39] C:\Program Files\Votre sant‚ au quotidien
[29/12/2008|01:36] C:\Program Files\VstPlugins
[05/03/2009|15:52] C:\Program Files\Windows Live
[23/12/2007|12:50] C:\Program Files\Windows Live Favorites
[02/02/2009|03:15] C:\Program Files\Windows Live Toolbar
[13/03/2007|19:34] C:\Program Files\Windows Media Connect 2
[14/06/2008|11:14] C:\Program Files\Windows Media Player
[14/06/2008|11:14] C:\Program Files\Windows NT
[26/11/2006|10:03] C:\Program Files\WindowsUpdate
[26/11/2006|10:05] C:\Program Files\xerox
[27/12/2006|21:15] C:\Program Files\?icrosoft.NET
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[28/12/2006|09:24] C:\Program Files\Fichiers communs\{34FC5935-0829-1036-1002-040408230021}
[27/12/2006|20:56] C:\Program Files\Fichiers communs\{94FC5935-0829-1036-1002-040408230021}
[11/06/2008|18:57] C:\Program Files\Fichiers communs\Adobe
[21/08/2008|10:31] C:\Program Files\Fichiers communs\Adobe AIR
[24/12/2006|12:48] C:\Program Files\Fichiers communs\Ahead
[05/01/2009|20:32] C:\Program Files\Fichiers communs\Apple
[18/01/2008|00:02] C:\Program Files\Fichiers communs\AVSMedia
[13/06/2007|16:47] C:\Program Files\Fichiers communs\Creative
[26/06/2007|13:10] C:\Program Files\Fichiers communs\DESIGNER
[28/12/2006|11:30] C:\Program Files\Fichiers communs\FotoWire
[26/11/2006|10:57] C:\Program Files\Fichiers communs\Hewlett-Packard
[26/11/2006|10:59] C:\Program Files\Fichiers communs\HP
[26/11/2006|11:19] C:\Program Files\Fichiers communs\InstallShield
[29/11/2006|12:30] C:\Program Files\Fichiers communs\Java
[13/06/2007|16:34] C:\Program Files\Fichiers communs\Logitech
[03/02/2009|01:24] C:\Program Files\Fichiers communs\Microsoft Shared
[26/11/2006|10:03] C:\Program Files\Fichiers communs\MSSoap
[15/02/2009|23:51] C:\Program Files\Fichiers communs\Oberon Media
[26/11/2006|10:55] C:\Program Files\Fichiers communs\ODBC
[26/11/2006|10:03] C:\Program Files\Fichiers communs\Services
[26/11/2006|10:55] C:\Program Files\Fichiers communs\SpeechEngines
[14/02/2007|20:29] C:\Program Files\Fichiers communs\SWF Studio
[14/06/2008|11:14] C:\Program Files\Fichiers communs\System
[25/03/2007|12:39] C:\Program Files\Fichiers communs\Teleca Shared
[26/11/2006|11:14] C:\Program Files\Fichiers communs\TiVo Shared
[18/07/2008|12:23] C:\Program Files\Fichiers communs\Uninstall Information
[02/02/2009|03:06] C:\Program Files\Fichiers communs\Windows Live
[03/06/2008|20:21] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 54 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-15 16:47:09
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\DOCUME~1\BENHAS~1\LOCALS~1\APPLIC~1\Microsoft\Windows\GameExplorer\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}\PlayTasks\1\Les Sims™ 2 : Boit@Look.lnk 1087 bytes hidden from API
scan completed successfully
hidden processes: 0
hidden files: 26
--------------------\\ Recherche d'autres infections
C:\DOCUME~1\BENHAS~1\LOCALS~1\APPLIC~1\ckqsioe.dat
C:\DOCUME~1\BENHAS~1\LOCALS~1\APPLIC~1\ckqsioe.exe
C:\DOCUME~1\BENHAS~1\LOCALS~1\APPLIC~1\ckqsioe_nav.dat
C:\DOCUME~1\BENHAS~1\LOCALS~1\APPLIC~1\ckqsioe_navps.dat
==> EGDACCESS <==
--------------------\\ ROGUES ..
C:\DOCUME~1\BENHAS~1\APPLIC~1\DriveCleaner Free
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\BENHAS~1\Shared\dossier instru\fat joe- crack house.mp3
C:\DOCUME~1\BENHAS~1\Shared\explicit liric\_ALPHA_5_20_-_CRACK_SAISON_.MP3
[F:1502][D:363]-> C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp
[F:545][D:0]-> C:\DOCUME~1\BENHAS~1\Cookies
[F:13104][D:57]-> C:\DOCUME~1\BENHAS~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 15/01/2009|16:19 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 15/01/2009|16:49 - Option : [2]
--------------------\\ Fin du rapport a 16:49:56
N'utilise pas l'option 2, 3 et 4 sans notre accord, des fichiers légitimes peuvent être inclus dans ce scan.
voici le résultat du scan
Search Navipromo version 3.7.1 commencé le 15/01/2009 à 17:17:28,92
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 02.01.2009 à 19h00 par IL-MAFIOSO
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2800+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : benhassaine ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:144 Go (Free:36 Go)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (CD or DVD)
I:\ (CD or DVD) - CDFS - Total:3 Go (Free:0 Go)
J:\ (USB)
Recherche executé en mode normal
*** Recherche Programmes installés ***
Favorit
*** Recherche dossiers dans "C:\WINDOWS" ***
*** Recherche dossiers dans "C:\Program Files" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users.WINDOWS\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users.WINDOWS\menudm~1" ***
*** Recherche dossiers dans "c:\docume~1\alluse~1.win\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\benhassaine\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\PROPRI~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\benhassaine\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\benhassaine\menudm~1\progra~1" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\WINDOWS\system32" *
* Recherche dans "C:\Documents and Settings\benhassaine\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!
HKEY_CURRENT_USER\Software\Lanconfig
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ckqsioe"="\"c:\\documents and settings\\benhassaine\\local settings\\application data\\ckqsioe.exe\" ckqsioe"
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\WINDOWS\system32" :
* Dans "C:\Documents and Settings\benhassaine\locals~1\applic~1" :
ckqsioe.exe trouvé !
ckqsioe.dat trouvé !
ckqsioe_nav.dat trouvé !
ckqsioe_navps.dat trouvé !
* Dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" :
3)Recherche Certificats :
Certificat Egroup trouvé !
Certificat Electronic-Group trouvé !
Certificat Montorgueil absent !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche autres dossiers et fichiers connus :
*** Analyse terminée le 15/01/2009 à 17:33:10,98 ***
Search Navipromo version 3.7.1 commencé le 15/01/2009 à 17:17:28,92
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 02.01.2009 à 19h00 par IL-MAFIOSO
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2800+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : benhassaine ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:144 Go (Free:36 Go)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (CD or DVD)
I:\ (CD or DVD) - CDFS - Total:3 Go (Free:0 Go)
J:\ (USB)
Recherche executé en mode normal
*** Recherche Programmes installés ***
Favorit
*** Recherche dossiers dans "C:\WINDOWS" ***
*** Recherche dossiers dans "C:\Program Files" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users.WINDOWS\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users.WINDOWS\menudm~1" ***
*** Recherche dossiers dans "c:\docume~1\alluse~1.win\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\benhassaine\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\PROPRI~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\benhassaine\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\benhassaine\menudm~1\progra~1" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\WINDOWS\system32" *
* Recherche dans "C:\Documents and Settings\benhassaine\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!
HKEY_CURRENT_USER\Software\Lanconfig
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ckqsioe"="\"c:\\documents and settings\\benhassaine\\local settings\\application data\\ckqsioe.exe\" ckqsioe"
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\WINDOWS\system32" :
* Dans "C:\Documents and Settings\benhassaine\locals~1\applic~1" :
ckqsioe.exe trouvé !
ckqsioe.dat trouvé !
ckqsioe_nav.dat trouvé !
ckqsioe_navps.dat trouvé !
* Dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" :
3)Recherche Certificats :
Certificat Egroup trouvé !
Certificat Electronic-Group trouvé !
Certificat Montorgueil absent !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche autres dossiers et fichiers connus :
*** Analyse terminée le 15/01/2009 à 17:33:10,98 ***
voilà le rapport
Clean Navipromo version 3.7.1 commencé le 15/01/2009 à 18:32:44,25
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 02.01.2009 à 19h00 par IL-MAFIOSO
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2800+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : benhassaine ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:144 Go (Free:36 Go)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (CD or DVD)
I:\ (CD or DVD) - CDFS - Total:3 Go (Free:0 Go)
J:\ (USB)
Mode suppression automatique
avec prise en charge résultats Catchme et GNS
Nettoyage exécuté au redémarrage de l'ordinateur
*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)
*** Suppression avec sauvegardes résultats GenericNaviSearch ***
* Suppression dans "C:\WINDOWS\System32" *
* Suppression dans "C:\Documents and Settings\benhassaine\locals~1\applic~1" *
* Suppression dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" *
*** Suppression dossiers dans "C:\WINDOWS" ***
*** Suppression dossiers dans "C:\Program Files" ***
*** Suppression dossiers dans "C:\Documents and Settings\All Users.WINDOWS\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\All Users.WINDOWS\menudm~1" ***
*** Suppression dossiers dans "c:\docume~1\alluse~1.win\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\benhassaine\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\PROPRI~1\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\benhassaine\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\benhassaine\menudm~1\progra~1" ***
*** Suppression fichiers ***
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\benhassaine\locals~1\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Suppression avec sauvegardes nouveaux fichiers Instant Access :
2)Recherche, création sauvegardes et suppression Heuristique :
* Dans "C:\WINDOWS\system32" *
C:\WINDOWS\prefetch\ckqsioe*.pf trouvé !
Copie C:\WINDOWS\prefetch\ckqsioe*.pf réalisée avec succès !
C:\WINDOWS\prefetch\ckqsioe*.pf supprimé !
* Dans "C:\Documents and Settings\benhassaine\locals~1\applic~1" *
ckqsioe.exe trouvé !
Copie ckqsioe.exe réalisée avec succès !
ckqsioe.exe supprimé !
ckqsioe.dat trouvé !
Copie ckqsioe.dat réalisée avec succès !
ckqsioe.dat supprimé !
ckqsioe_nav.dat trouvé !
Copie ckqsioe_nav.dat réalisée avec succès !
ckqsioe_nav.dat supprimé !
ckqsioe_navps.dat trouvé !
Copie ckqsioe_navps.dat réalisée avec succès !
ckqsioe_navps.dat supprimé !
* Dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" *
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat Montorgueil absent !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !
*** Recherche autres dossiers et fichiers connus ***
*** Nettoyage terminé le 15/01/2009 à 18:38:31,43 ***
Clean Navipromo version 3.7.1 commencé le 15/01/2009 à 18:32:44,25
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 02.01.2009 à 19h00 par IL-MAFIOSO
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2800+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : benhassaine ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:144 Go (Free:36 Go)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (CD or DVD)
I:\ (CD or DVD) - CDFS - Total:3 Go (Free:0 Go)
J:\ (USB)
Mode suppression automatique
avec prise en charge résultats Catchme et GNS
Nettoyage exécuté au redémarrage de l'ordinateur
*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)
*** Suppression avec sauvegardes résultats GenericNaviSearch ***
* Suppression dans "C:\WINDOWS\System32" *
* Suppression dans "C:\Documents and Settings\benhassaine\locals~1\applic~1" *
* Suppression dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" *
*** Suppression dossiers dans "C:\WINDOWS" ***
*** Suppression dossiers dans "C:\Program Files" ***
*** Suppression dossiers dans "C:\Documents and Settings\All Users.WINDOWS\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\All Users.WINDOWS\menudm~1" ***
*** Suppression dossiers dans "c:\docume~1\alluse~1.win\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\benhassaine\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\PROPRI~1\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\benhassaine\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\benhassaine\menudm~1\progra~1" ***
*** Suppression fichiers ***
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\benhassaine\locals~1\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Suppression avec sauvegardes nouveaux fichiers Instant Access :
2)Recherche, création sauvegardes et suppression Heuristique :
* Dans "C:\WINDOWS\system32" *
C:\WINDOWS\prefetch\ckqsioe*.pf trouvé !
Copie C:\WINDOWS\prefetch\ckqsioe*.pf réalisée avec succès !
C:\WINDOWS\prefetch\ckqsioe*.pf supprimé !
* Dans "C:\Documents and Settings\benhassaine\locals~1\applic~1" *
ckqsioe.exe trouvé !
Copie ckqsioe.exe réalisée avec succès !
ckqsioe.exe supprimé !
ckqsioe.dat trouvé !
Copie ckqsioe.dat réalisée avec succès !
ckqsioe.dat supprimé !
ckqsioe_nav.dat trouvé !
Copie ckqsioe_nav.dat réalisée avec succès !
ckqsioe_nav.dat supprimé !
ckqsioe_navps.dat trouvé !
Copie ckqsioe_navps.dat réalisée avec succès !
ckqsioe_navps.dat supprimé !
* Dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" *
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat Montorgueil absent !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !
*** Recherche autres dossiers et fichiers connus ***
*** Nettoyage terminé le 15/01/2009 à 18:38:31,43 ***
nouveau rapport
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2800+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : benhassaine ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:144 Go (Free:36 Go)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (CD or DVD)
I:\ (CD or DVD) - CDFS - Total:3 Go (Free:0 Go)
J:\ (USB)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 15/01/2009|18:57 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@bananalotto[1].txt
C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@www.bananalotto[2].txt
C:\Program Files\AskSBar
C:\Program Files\AskSBar\bar
C:\Program Files\AskSBar\SrchAstt
C:\Program Files\AskSBar\bar\1.bin
C:\Program Files\AskSBar\bar\Cache
C:\Program Files\AskSBar\bar\History
C:\Program Files\AskSBar\bar\Settings
C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.JAR
C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.MANIFEST
C:\Program Files\AskSBar\bar\1.bin\A2HIGHIN.EXE
C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.JAR
C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.MANIFEST
C:\Program Files\AskSBar\bar\1.bin\A2PLUGIN.DLL
C:\Program Files\AskSBar\bar\1.bin\NPASKSBR.DLL
C:\Program Files\AskSBar\bar\Cache\07EA1D2E
C:\Program Files\AskSBar\bar\Cache\07EA3D1A.bin
C:\Program Files\AskSBar\bar\Cache\07EA3F3D.bin
C:\Program Files\AskSBar\bar\Cache\07EA41DC.bin
C:\Program Files\AskSBar\bar\Cache\files.ini
C:\Program Files\AskSBar\bar\History\search2
C:\Program Files\AskSBar\bar\Settings\prevcfg2.htm
C:\Program Files\AskSBar\SrchAstt\1.bin
C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
C:\Program Files\AskTBar
C:\Program Files\AskTBar\bar
C:\Program Files\AskTBar\PopSwatr
C:\Program Files\AskTBar\SrchAstt
C:\Program Files\AskTBar\bar\1.bin
C:\Program Files\AskTBar\bar\Cache
C:\Program Files\AskTBar\bar\History
C:\Program Files\AskTBar\bar\Settings
C:\Program Files\AskTBar\bar\1.bin\A5POPSWT.DLL
C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
C:\Program Files\AskTBar\bar\Cache\000B3E99
C:\Program Files\AskTBar\bar\Cache\0144BA5F.bin
C:\Program Files\AskTBar\bar\Cache\0144E026.bin
C:\Program Files\AskTBar\bar\Cache\0144E2A7.bin
C:\Program Files\AskTBar\bar\Cache\048FEFC2
C:\Program Files\AskTBar\bar\Cache\files.ini
C:\Program Files\AskTBar\bar\History\search2
C:\Program Files\AskTBar\bar\Settings\prevcfg2.htm
C:\Program Files\AskTBar\PopSwatr\History
C:\Program Files\AskTBar\PopSwatr\History\allowed
C:\Program Files\AskTBar\PopSwatr\History\notallow
C:\Program Files\AskTBar\SrchAstt\1.bin
C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\onload
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\onload\loading.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\09-02-16-00-00-46
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\09-02-16-00-00-46.xm_
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\about.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\action.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\annas_ice_cream16x16.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\arcade.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\around_the_world_in_80_days16x16.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\buy.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\cards.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\chicken_invaders_3_xmas16x16.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\deals.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\download.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\farm_frenzy_216x16.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\feedback.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\help.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\highlight.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\jigsaw.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\mahjong.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\multiplayer.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\mygames.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\mystery_stories_island_of_hope16x16.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\newGames.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\oberonconfig.xm_
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\partner.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\peggle_nights16x16.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\piggly_christmas_edition16x16.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\puzzle.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\search.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\search_yahoo.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\season_match_216x16.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\sendafriend.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\sports.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\trial.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\uninstall.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\update.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\webgame.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\09-02-16-00-00-46\about.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\09-02-16-00-00-46\partner.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\09-02-16-00-00-46\sendafriend.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\09-02-16-00-00-46\update.gif
C:\Program Files\GamesBar
C:\Program Files\GamesBar\Localization2-French.ini
C:\Program Files\GamesBar\oberontb.dll
C:\Program Files\GamesBar\uninst.exe
C:\DOCUME~1\ALLUSE~1.WIN\MENUDM~1\PROGRA~1\GamesBar
C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@mysearch[2].txt
C:\Program Files\Mozilla Firefox\plugins\NPAskSBr.dll
-----------\\ Extensions
(benhassaine) - {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68} => imagezoom
(benhassaine) - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} => phpnukefr
(benhassaine) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(benhassaine) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
(benhassaine) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper
(Propri‚taire) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://search.speedbit.com/"
"Search Page"="http://recherche.neuf.fr/"
"Search Bar"="http://recherche.neuf.fr/ie/default.html"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Search Bar"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
--------------------\\ Recherche d'autres infections
--------------------\\ ROGUES ..
C:\DOCUME~1\BENHAS~1\APPLIC~1\DriveCleaner Free
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\BENHAS~1\Shared\dossier instru\fat joe- crack house.mp3
C:\DOCUME~1\BENHAS~1\Shared\explicit liric\_ALPHA_5_20_-_CRACK_SAISON_.MP3
1 - "C:\ToolBar SD\TB_1.txt" - 15/01/2009|14:39 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 15/01/2009|19:00 - Option : [1]
-----------\\ Fin du rapport a 19:00:19,15
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2800+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : benhassaine ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:144 Go (Free:36 Go)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (CD or DVD)
I:\ (CD or DVD) - CDFS - Total:3 Go (Free:0 Go)
J:\ (USB)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 15/01/2009|18:57 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@bananalotto[1].txt
C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@www.bananalotto[2].txt
C:\Program Files\AskSBar
C:\Program Files\AskSBar\bar
C:\Program Files\AskSBar\SrchAstt
C:\Program Files\AskSBar\bar\1.bin
C:\Program Files\AskSBar\bar\Cache
C:\Program Files\AskSBar\bar\History
C:\Program Files\AskSBar\bar\Settings
C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.JAR
C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.MANIFEST
C:\Program Files\AskSBar\bar\1.bin\A2HIGHIN.EXE
C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.JAR
C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.MANIFEST
C:\Program Files\AskSBar\bar\1.bin\A2PLUGIN.DLL
C:\Program Files\AskSBar\bar\1.bin\NPASKSBR.DLL
C:\Program Files\AskSBar\bar\Cache\07EA1D2E
C:\Program Files\AskSBar\bar\Cache\07EA3D1A.bin
C:\Program Files\AskSBar\bar\Cache\07EA3F3D.bin
C:\Program Files\AskSBar\bar\Cache\07EA41DC.bin
C:\Program Files\AskSBar\bar\Cache\files.ini
C:\Program Files\AskSBar\bar\History\search2
C:\Program Files\AskSBar\bar\Settings\prevcfg2.htm
C:\Program Files\AskSBar\SrchAstt\1.bin
C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
C:\Program Files\AskTBar
C:\Program Files\AskTBar\bar
C:\Program Files\AskTBar\PopSwatr
C:\Program Files\AskTBar\SrchAstt
C:\Program Files\AskTBar\bar\1.bin
C:\Program Files\AskTBar\bar\Cache
C:\Program Files\AskTBar\bar\History
C:\Program Files\AskTBar\bar\Settings
C:\Program Files\AskTBar\bar\1.bin\A5POPSWT.DLL
C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
C:\Program Files\AskTBar\bar\Cache\000B3E99
C:\Program Files\AskTBar\bar\Cache\0144BA5F.bin
C:\Program Files\AskTBar\bar\Cache\0144E026.bin
C:\Program Files\AskTBar\bar\Cache\0144E2A7.bin
C:\Program Files\AskTBar\bar\Cache\048FEFC2
C:\Program Files\AskTBar\bar\Cache\files.ini
C:\Program Files\AskTBar\bar\History\search2
C:\Program Files\AskTBar\bar\Settings\prevcfg2.htm
C:\Program Files\AskTBar\PopSwatr\History
C:\Program Files\AskTBar\PopSwatr\History\allowed
C:\Program Files\AskTBar\PopSwatr\History\notallow
C:\Program Files\AskTBar\SrchAstt\1.bin
C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\onload
C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\onload\loading.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\09-02-16-00-00-46
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\09-02-16-00-00-46.xm_
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\about.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\action.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\annas_ice_cream16x16.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\arcade.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\around_the_world_in_80_days16x16.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\buy.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\cards.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\chicken_invaders_3_xmas16x16.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\deals.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\download.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\farm_frenzy_216x16.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\feedback.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\help.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\highlight.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\jigsaw.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\mahjong.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\multiplayer.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\mygames.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\mystery_stories_island_of_hope16x16.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\newGames.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\oberonconfig.xm_
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\partner.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\peggle_nights16x16.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\piggly_christmas_edition16x16.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\puzzle.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\search.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\search_yahoo.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\season_match_216x16.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\sendafriend.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\sports.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\trial.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\uninstall.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\update.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\webgame.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\09-02-16-00-00-46\about.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\09-02-16-00-00-46\partner.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\09-02-16-00-00-46\sendafriend.gif
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\09-02-16-00-00-46\update.gif
C:\Program Files\GamesBar
C:\Program Files\GamesBar\Localization2-French.ini
C:\Program Files\GamesBar\oberontb.dll
C:\Program Files\GamesBar\uninst.exe
C:\DOCUME~1\ALLUSE~1.WIN\MENUDM~1\PROGRA~1\GamesBar
C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@mysearch[2].txt
C:\Program Files\Mozilla Firefox\plugins\NPAskSBr.dll
-----------\\ Extensions
(benhassaine) - {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68} => imagezoom
(benhassaine) - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} => phpnukefr
(benhassaine) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(benhassaine) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
(benhassaine) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper
(Propri‚taire) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://search.speedbit.com/"
"Search Page"="http://recherche.neuf.fr/"
"Search Bar"="http://recherche.neuf.fr/ie/default.html"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Search Bar"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
--------------------\\ Recherche d'autres infections
--------------------\\ ROGUES ..
C:\DOCUME~1\BENHAS~1\APPLIC~1\DriveCleaner Free
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\BENHAS~1\Shared\dossier instru\fat joe- crack house.mp3
C:\DOCUME~1\BENHAS~1\Shared\explicit liric\_ALPHA_5_20_-_CRACK_SAISON_.MP3
1 - "C:\ToolBar SD\TB_1.txt" - 15/01/2009|14:39 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 15/01/2009|19:00 - Option : [1]
-----------\\ Fin du rapport a 19:00:19,15
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2800+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : benhassaine ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:144 Go (Free:36 Go)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (CD or DVD)
I:\ (CD or DVD) - CDFS - Total:3 Go (Free:0 Go)
J:\ (USB)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 15/01/2009|19:24 )
-----------\\ SUPPRESSION
Supprime! - C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@bananalotto[1].txt
Supprime! - C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@www.bananalotto[2].txt
Supprime! - C:\Program Files\AskSBar\bar
Supprime! - C:\Program Files\AskSBar\SrchAstt
Supprime! - C:\Program Files\AskTBar\bar
Supprime! - C:\Program Files\AskTBar\PopSwatr
Supprime! - C:\Program Files\AskTBar\SrchAstt
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\onload
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\09-02-16-00-00-46
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\09-02-16-00-00-46.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\about.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\action.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\annas_ice_cream16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\arcade.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\around_the_world_in_80_days16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\buy.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\cards.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\chicken_invaders_3_xmas16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\deals.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\download.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\farm_frenzy_216x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\feedback.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\help.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\highlight.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\jigsaw.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\mahjong.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\multiplayer.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\mygames.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\mystery_stories_island_of_hope16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\newGames.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\oberonconfig.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\partner.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\peggle_nights16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\piggly_christmas_edition16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\puzzle.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\search.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\search_yahoo.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\season_match_216x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\sendafriend.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\sports.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\trial.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\uninstall.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\update.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\webgame.gif
Supprime! - C:\Program Files\GamesBar\Localization2-French.ini
Supprime! - C:\Program Files\GamesBar\oberontb.dll
Supprime! - C:\Program Files\GamesBar\uninst.exe
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\MENUDM~1\PROGRA~1\GamesBar
Supprime! - C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@mysearch[2].txt
Supprime! - C:\Program Files\Mozilla Firefox\plugins\NPAskSBr.dll
Supprime! - C:\Program Files\AskSBar
Supprime! - C:\Program Files\AskTBar
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar
Supprime! - C:\Program Files\GamesBar
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(benhassaine) - {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68} => imagezoom
(benhassaine) - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} => phpnukefr
(benhassaine) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(benhassaine) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
(benhassaine) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper
(Propri‚taire) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://search.speedbit.com/"
"Search Page"="http://recherche.neuf.fr/"
"Search Bar"="http://recherche.neuf.fr/ie/default.html"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.msn.com/"
"Search Bar"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
--------------------\\ Recherche d'autres infections
--------------------\\ ROGUES ..
C:\DOCUME~1\BENHAS~1\APPLIC~1\DriveCleaner Free
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\BENHAS~1\Shared\dossier instru\fat joe- crack house.mp3
C:\DOCUME~1\BENHAS~1\Shared\explicit liric\_ALPHA_5_20_-_CRACK_SAISON_.MP3
1 - "C:\ToolBar SD\TB_1.txt" - 15/01/2009|14:39 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 15/01/2009|19:00 - Option : [1]
3 - "C:\ToolBar SD\TB_3.txt" - 15/01/2009|19:28 - Option : [2]
-----------\\ Fin du rapport a 19:28:28,78
On avance petit à petit.
Ne t'inquiète pas par rapport à tous les petits programmes que je te fais télécharger, j'ai ce qu'il faut pour les virer.
Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
Sélectionne Exécuter un examen rapide.
Clique sur Rechercher.
L'analyse démarre.
A la fin de l'analyse, un message s'affiche :
Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
Ne t'inquiète pas par rapport à tous les petits programmes que je te fais télécharger, j'ai ce qu'il faut pour les virer.
Citation :
L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2800+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : benhassaine ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:144 Go (Free:36 Go)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (CD or DVD)
I:\ (CD or DVD) - CDFS - Total:3 Go (Free:0 Go)
J:\ (USB)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 15/01/2009|19:24 )
-----------\\ SUPPRESSION
Supprime! - C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@bananalotto[1].txt
Supprime! - C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@www.bananalotto[2].txt
Supprime! - C:\Program Files\AskSBar\bar
Supprime! - C:\Program Files\AskSBar\SrchAstt
Supprime! - C:\Program Files\AskTBar\bar
Supprime! - C:\Program Files\AskTBar\PopSwatr
Supprime! - C:\Program Files\AskTBar\SrchAstt
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar\onload
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\09-02-16-00-00-46
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\09-02-16-00-00-46.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\about.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\action.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\annas_ice_cream16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\arcade.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\around_the_world_in_80_days16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\buy.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\cards.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\chicken_invaders_3_xmas16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\deals.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\download.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\farm_frenzy_216x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\feedback.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\help.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\highlight.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\jigsaw.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\mahjong.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\multiplayer.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\mygames.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\mystery_stories_island_of_hope16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\newGames.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\oberonconfig.xm_
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\partner.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\peggle_nights16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\piggly_christmas_edition16x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\puzzle.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\search.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\search_yahoo.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\season_match_216x16.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\sendafriend.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\sports.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\trial.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\uninstall.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\update.gif
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar\webgame.gif
Supprime! - C:\Program Files\GamesBar\Localization2-French.ini
Supprime! - C:\Program Files\GamesBar\oberontb.dll
Supprime! - C:\Program Files\GamesBar\uninst.exe
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\MENUDM~1\PROGRA~1\GamesBar
Supprime! - C:\DOCUME~1\BENHAS~1\Cookies\benhassaine@mysearch[2].txt
Supprime! - C:\Program Files\Mozilla Firefox\plugins\NPAskSBr.dll
Supprime! - C:\Program Files\AskSBar
Supprime! - C:\Program Files\AskTBar
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar
Supprime! - C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\GamesBar
Supprime! - C:\Program Files\GamesBar
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(benhassaine) - {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68} => imagezoom
(benhassaine) - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} => phpnukefr
(benhassaine) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(benhassaine) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
(benhassaine) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper
(Propri‚taire) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://search.speedbit.com/"
"Search Page"="http://recherche.neuf.fr/"
"Search Bar"="http://recherche.neuf.fr/ie/default.html"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.msn.com/"
"Search Bar"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
--------------------\\ Recherche d'autres infections
--------------------\\ ROGUES ..
C:\DOCUME~1\BENHAS~1\APPLIC~1\DriveCleaner Free
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\BENHAS~1\Shared\dossier instru\fat joe- crack house.mp3
C:\DOCUME~1\BENHAS~1\Shared\explicit liric\_ALPHA_5_20_-_CRACK_SAISON_.MP3
1 - "C:\ToolBar SD\TB_1.txt" - 15/01/2009|14:39 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 15/01/2009|19:00 - Option : [1]
3 - "C:\ToolBar SD\TB_3.txt" - 15/01/2009|19:28 - Option : [2]
-----------\\ Fin du rapport a 19:28:28,78
cette fois c'est le bon
Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1656
Windows 5.1.2600 Service Pack 3
15/01/2009 20:34:37
mbam-log-2009-01-15 (20-34-37).txt
Type de recherche: Examen rapide
Eléments examinés: 86988
Temps écoulé: 22 minute(s), 43 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 7
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 8
Fichier(s) infecté(s): 24
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a4dfb26d-6dde-44c6-ad4d-2d0fbb4389c1} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4dfb26d-6dde-44c6-ad4d-2d0fbb4389c1} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bumipejehe (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpm97cf6a06 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\c:\program files\registrysmart\ (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\c:\program files\registrysmart\microsoft.vc80.mfc\ (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\c:\program files\registrysmart\microsoft.vc80.crt\ (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_CLASSES_ROOT\regfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Program Files\RegistrySmart\Microsoft.VC80.CRT (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Program Files\RegistrySmart\Microsoft.VC80.MFC (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\DriveCleaner Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\DriveCleaner Free\Logs (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Registry Backups (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Documents and Settings\benhassaine\Application Data\DriveCleaner Free\Logs\update.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 13 - 11_00_25 PM_500.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 13 - 11_00_27 PM_046.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 14 - 05_59_06 PM_093.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 14 - 05_59_07 PM_234.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 14 - 06_09_24 PM_937.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 14 - 06_09_35 PM_812.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 14 - 06_17_58 PM_343.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 14 - 06_18_07 PM_500.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 14 - 06_25_57 PM_671.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 14 - 06_26_10 PM_765.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 15 - 01_31_06 PM_984.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 15 - 01_31_17 PM_625.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 15 - 11_56_38 AM_078.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 15 - 11_56_52 AM_000.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 16 - 01_18_26 PM_250.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 16 - 01_18_35 PM_281.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Registry Backups\2007-08-13_23-01-25.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Registry Backups\2007-08-14_18-06-49.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Registry Backups\2007-08-14_18-12-53.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Registry Backups\2007-08-14_18-19-45.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Registry Backups\2007-08-14_23-36-39.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Registry Backups\2007-08-15_11-59-53.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1656
Windows 5.1.2600 Service Pack 3
15/01/2009 20:34:37
mbam-log-2009-01-15 (20-34-37).txt
Type de recherche: Examen rapide
Eléments examinés: 86988
Temps écoulé: 22 minute(s), 43 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 7
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 8
Fichier(s) infecté(s): 24
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a4dfb26d-6dde-44c6-ad4d-2d0fbb4389c1} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4dfb26d-6dde-44c6-ad4d-2d0fbb4389c1} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bumipejehe (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpm97cf6a06 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\c:\program files\registrysmart\ (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\c:\program files\registrysmart\microsoft.vc80.mfc\ (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\c:\program files\registrysmart\microsoft.vc80.crt\ (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_CLASSES_ROOT\regfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Program Files\RegistrySmart\Microsoft.VC80.CRT (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Program Files\RegistrySmart\Microsoft.VC80.MFC (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\DriveCleaner Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\DriveCleaner Free\Logs (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Registry Backups (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Documents and Settings\benhassaine\Application Data\DriveCleaner Free\Logs\update.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 13 - 11_00_25 PM_500.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 13 - 11_00_27 PM_046.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 14 - 05_59_06 PM_093.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 14 - 05_59_07 PM_234.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 14 - 06_09_24 PM_937.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 14 - 06_09_35 PM_812.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 14 - 06_17_58 PM_343.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 14 - 06_18_07 PM_500.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 14 - 06_25_57 PM_671.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 14 - 06_26_10 PM_765.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 15 - 01_31_06 PM_984.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 15 - 01_31_17 PM_625.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 15 - 11_56_38 AM_078.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 15 - 11_56_52 AM_000.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 16 - 01_18_26 PM_250.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Log\2007 Aug 16 - 01_18_35 PM_281.log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Registry Backups\2007-08-13_23-01-25.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Registry Backups\2007-08-14_18-06-49.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Registry Backups\2007-08-14_18-12-53.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Registry Backups\2007-08-14_18-19-45.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Registry Backups\2007-08-14_23-36-39.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Documents and Settings\benhassaine\Application Data\RegistrySmart\Registry Backups\2007-08-15_11-59-53.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
Note : les rapports sont sauvegardés dans le dossier C:\rsit\.
voilà le le contenu de log.txt
Logfile of random's system information tool 1.05 (written by random/random)
Run by benhassaine at 2009-01-16 13:39:33
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 37 GB (25%) free of 147 GB
Total RAM: 511 MB (28% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:40:19, on 16/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Saxo\Saxo.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\AVG\AVG8\avgscanx.exe
C:\Documents and Settings\benhassaine\Bureau\RSIT.exe
C:\Program Files\trend micro\benhassaine.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.speedbit.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
R3 - URLSearchHook: PHPNukeFR Toolbar - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - C:\Program Files\PHPNukeFR\tbPHP0.dll (file missing)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: PHPNukeFR Toolbar - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - C:\Program Files\PHPNukeFR\tbPHP0.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: GamesBarBHO Class - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files\GamesBar\oberontb.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: PHPNukeFR Toolbar - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - C:\Program Files\PHPNukeFR\tbPHP0.dll (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Roxio\MyDVD\MyDVD\DetectorApp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [System Guards] C:\Program Files\SystemGuards.com\SystemGuards\SysGuards.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Saxo] C:\Program Files\Saxo\Saxo.exe regstart
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O9 - Extra 'Tools' menuitem: &Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://mafiakabyle.spaces.live.com/PhotoUpload/MsnPUpld...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\pivumuwe.dll,c:\windows\system32\fifitali.dll,avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 13436 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\RegistrySmart Scheduled Scan.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{258fe8b8-a13c-4b91-9a0c-c2d3cab8b990}]
PHPNukeFR Toolbar - C:\Program Files\PHPNukeFR\tbPHP0.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-12-23 455960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2005-08-26 118844]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-15 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-02-22 401968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-12-23 2055960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2007-08-06 2436160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CB0D163C-E9F4-4236-9496-0597E24B23A5}]
GamesBarBHO Class - C:\Program Files\GamesBar\oberontb.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-15 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-15 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-12-23 2055960]
{258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - PHPNukeFR Toolbar - C:\Program Files\PHPNukeFR\tbPHP0.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-15 136600]
"dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2005-08-26 122941]
"DetectorApp"=C:\Program Files\Roxio\MyDVD\MyDVD\DetectorApp.exe [2005-08-31 102400]
"ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-08-09 221184]
"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2004-08-09 81920]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-07-19 221184]
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2005-06-08 458752]
"LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2005-06-08 217088]
"REGSHAVE"=C:\Program Files\REGSHAVE\REGSHAVE.EXE [2002-02-04 53248]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744]
"CTSysVol"=C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe [2005-10-31 57344]
"P17Helper"=Rundll32 P17.dll []
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe []
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-12-23 1261336]
"System Guards"=C:\Program Files\SystemGuards.com\SystemGuards\SysGuards.exe []
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-09-10 289576]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"LogitechSoftwareUpdate"=C:\Program Files\Logitech\Video\ManifestEngine.exe [2005-06-08 196608]
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-07-22 67128]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe []
"Saxo"=C:\Program Files\Saxo\Saxo.exe [2008-02-05 315392]
"SweetIM"=C:\Program Files\Macrogaming\SweetIM\SweetIM.exe [2008-01-02 103712]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []
"NoSpam"= []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autoconfigurateur WiFi Neuf]
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe [2006-07-06 122880]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"usnjsvc"=3
"USBDeviceService"=2
"SLService"=2
"Pml Driver HPZ12"=3
"IDriverT"=3
"gusvc"=3
"Creative Service for CDROM Access"=2
"AVGEMS"=2
"Avg7UpdSvc"=2
"Avg7Alrt"=2
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage
Démarrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Documents and Settings\benhassaine\Menu Démarrer\Programmes\Démarrage
Adobe Media Player.lnk - C:\Program Files\Adobe Media Player\Adobe Media Player.exe
OneNote 2007 - Capture d'écran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\WINDOWS\system32\pivumuwe.dll,c:\windows\system32\fifitali.dll,avgrsstx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*![:D]( ":D")
isabled:Logitech Desktop Messenger"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\MSN BackUp\MSNBackup.exe"="C:\Program Files\MSN BackUp\MSNBackup.exe:*:Enabled:MSN BackUp"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\Sports Interactive\Football Manager 2006\fm.exe"="C:\Program Files\Sports Interactive\Football Manager 2006\fm.exe:*:Enabled:Football Manager 2006"
"C:\Documents and Settings\benhassaine\Local Settings\Temp\ImInstaller\HiYo_Installer.exe"="C:\Documents and Settings\benhassaine\Local Settings\Temp\ImInstaller\HiYo_Installer.exe:*:Enabled:IncrediMail Installer"
"C:\Documents and Settings\benhassaine\Application Data\PowerChallenge\PowerSoccer\PowerSoccer.exe"="C:\Documents and Settings\benhassaine\Application Data\PowerChallenge\PowerSoccer\PowerSoccer.exe:*:Enabled![:p]( ":p")
owerSoccer"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\WINDOWS\system32\winlogon.exe"="C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Explorer"
"C:\WINDOWS\system32\spoolsv.exe"="C:\WINDOWS\system32\spoolsv.exe:*:Enabled:spoolsv"
"C:\Program Files\MSN Messenger\usnsvc.exe"="C:\Program Files\MSN Messenger\usnsvc.exe:*:Enabled:usnsvc"
"C:\WINDOWS\system32\lsass.exe"="C:\WINDOWS\system32\lsass.exe:*:Enabled:lsass"
"C:\WINDOWS\system32\services.exe"="C:\WINDOWS\system32\services.exe:*:Enabled:services"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe"="C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe:*:Enabled:VideoAccelerator"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2aa46dbc-0170-11dc-8d33-00110975e2e2}]
shell\AutoRun\command - K:\ReadMe.exe
======List of files/folders created in the last 1 months======
2009-03-16 11:06:43 ----SH---- C:\WINDOWS\system32\ugahukib.ini
2009-03-15 23:17:55 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2009-03-15 23:07:18 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton
2009-03-15 23:06:51 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\NortonInstaller
2009-03-15 21:14:09 ----D---- C:\Program Files\Adobe
2009-03-15 17:04:50 ----SH---- C:\WINDOWS\system32\eyotahif.ini
2009-03-14 13:58:04 ----SH---- C:\WINDOWS\system32\edenobod.ini
2009-03-13 18:29:02 ----SH---- C:\WINDOWS\system32\uhehoyes.ini
2009-03-12 19:29:58 ----SH---- C:\WINDOWS\system32\ahezovem.ini
2009-03-11 18:28:35 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg8
2009-03-11 11:52:06 ----SH---- C:\WINDOWS\system32\emotegip.ini
2009-03-11 11:35:47 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2009-03-10 23:50:32 ----SH---- C:\WINDOWS\system32\itulipin.ini
2009-03-10 11:50:05 ----SH---- C:\WINDOWS\system32\opitafah.ini
2009-03-08 11:07:20 ----N---- C:\WINDOWS\system32\avgrsstx.dll.install_backup
2009-03-07 21:22:17 ----D---- C:\Program Files\IZArc
2009-02-15 23:51:58 ----D---- C:\Program Files\Oberon Media
2009-02-15 23:51:58 ----D---- C:\Program Files\Fichiers communs\Oberon Media
2009-02-15 23:51:57 ----D---- C:\Program Files\Gamenext
2009-02-14 12:46:17 ----D---- C:\Documents and Settings\benhassaine\Application Data\PowerChallenge
2009-02-14 12:04:51 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-02-14 12:04:43 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2009-02-14 12:04:31 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-02-14 12:03:46 ----D---- C:\Program Files\MSXML 4.0
2009-02-04 22:57:54 ----D---- C:\Documents and Settings\benhassaine\Application Data\Atari
2009-02-04 22:57:05 ----D---- C:\Program Files\DkZ Update
2009-02-04 15:57:00 ----A---- C:\WINDOWS\eSellerateEngine.dll
2009-02-04 15:56:06 ----D---- C:\Program Files\MSN Content Plus Inc
2009-02-04 15:56:06 ----A---- C:\WINDOWS\MSNImport.exe
2009-02-02 03:11:56 ----D---- C:\Program Files\Microsoft
2009-02-02 03:06:23 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-01-23 17:04:15 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-01-16 13:39:41 ----D---- C:\Program Files\trend micro
2009-01-16 13:39:33 ----D---- C:\rsit
2009-01-15 23:20:05 ----A---- C:\WINDOWS\system32\MRT.exe
2009-01-15 23:19:46 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-15 23:19:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-01-15 23:18:58 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-01-15 23:16:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-01-15 23:15:40 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-01-15 19:42:22 ----D---- C:\Documents and Settings\benhassaine\Application Data\Malwarebytes
2009-01-15 19:42:11 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-15 19:42:11 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-01-15 18:32:44 ----A---- C:\cleannavi.txt
2009-01-15 17:17:28 ----A---- C:\fixnavi.txt
2009-01-15 16:13:06 ----A---- C:\lopR.txt
2009-01-15 16:12:48 ----D---- C:\Lop SD
2009-01-15 14:36:22 ----A---- C:\TB.txt
2009-01-15 14:35:48 ----D---- C:\ToolBar SD
2009-01-15 13:25:59 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-01-15 13:25:58 ----A---- C:\WINDOWS\system32\javaws.exe
2009-01-15 13:25:58 ----A---- C:\WINDOWS\system32\javaw.exe
2009-01-15 13:25:58 ----A---- C:\WINDOWS\system32\java.exe
2009-01-15 12:37:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-01-15 12:37:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2009-01-15 12:37:09 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2009-01-15 12:32:58 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-01-15 12:31:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-01-14 17:34:44 ----D---- C:\Program Files\EA GAMES
2009-01-12 20:23:23 ----D---- C:\Program Files\Spider
2009-01-09 19:37:37 ----A---- C:\MaGiStErIaL [http--fr.youtube.com-watchv=l7haB82fAio&feature=channel_page]_09_01_2009@19_34_08.wav
2009-01-05 20:37:56 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2009-01-05 20:36:43 ----D---- C:\Program Files\iPod
2009-01-05 20:36:20 ----D---- C:\Program Files\iTunes
2009-01-05 20:36:20 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-05 20:34:52 ----D---- C:\Program Files\Bonjour
2009-01-05 20:27:11 ----D---- C:\Program Files\Apple Software Update
2009-01-05 20:25:30 ----D---- C:\Program Files\Fichiers communs\Apple
2009-01-05 20:25:27 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
2009-01-05 20:17:43 ----A---- C:\WINDOWS\system32\DfSdkBt.exe
2009-01-05 20:17:35 ----D---- C:\Program Files\Ashampoo
2009-01-05 19:17:16 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ableton
2009-01-05 19:17:15 ----D---- C:\Documents and Settings\benhassaine\Application Data\Ableton
2009-01-05 19:11:26 ----A---- C:\WINDOWS\system32\REX Shared Library.dll
2009-01-05 19:10:17 ----D---- C:\Program Files\Ableton
2008-12-30 00:50:18 ----A---- C:\WINDOWS\system32\md5.dll
2008-12-30 00:50:01 ----D---- C:\Program Files\SystemGuards.com
2008-12-30 00:35:19 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\SpeedBit
2008-12-30 00:34:55 ----D---- C:\Program Files\DAP
2008-12-29 01:42:29 ----D---- C:\Program Files\Conduit
2008-12-29 01:35:07 ----D---- C:\Program Files\Sony
2008-12-29 01:32:55 ----D---- C:\Program Files\Sony Setup
2008-12-29 01:12:23 ----A---- C:\WINDOWS\system32\MMREGOCX.EXE
2008-12-29 01:12:20 ----D---- C:\Program Files\Real dj system
2008-12-29 01:08:13 ----D---- C:\Program Files\DJ Mix Pro
2008-12-29 01:04:17 ----D---- C:\djp
2008-12-29 01:00:56 ----D---- C:\OtsLabs
2008-12-29 00:32:52 ----D---- C:\Program Files\Audacity
2008-12-28 23:51:15 ----A---- C:\WINDOWS\system32\msvcr80.dll
2008-12-28 23:51:15 ----A---- C:\WINDOWS\system32\msvcp80.dll
2008-12-28 23:51:15 ----A---- C:\WINDOWS\system32\msvcm80.dll
2008-12-28 23:51:11 ----D---- C:\Program Files\MyXOFT
2008-12-23 11:38:54 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-12-23 11:38:36 ----D---- C:\Documents and Settings\benhassaine\Application Data\AVGTOOLBAR
2008-12-23 11:38:10 ----D---- C:\Program Files\AVG
2008-12-19 13:08:09 ----SH---- C:\WINDOWS\system32\olanerik.ini
2008-12-19 01:09:16 ----SH---- C:\WINDOWS\system32\osopazov.ini
2008-12-17 18:18:33 ----SH---- C:\WINDOWS\system32\akoweraf.ini
======List of files/folders modified in the last 1 months======
2009-03-15 23:09:55 ----D---- C:\Documents and Settings
2009-03-15 22:36:55 ----D---- C:\Program Files\Eidos
2009-03-15 21:14:46 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
2009-03-11 20:33:57 ----D---- C:\WINDOWS\system32\config
2009-03-09 17:56:45 ----D---- C:\WINDOWS\network diagnostic
2009-03-05 15:52:01 ----D---- C:\Program Files\Windows Live
2009-03-05 15:43:41 ----D---- C:\Program Files\Cheat Engine
2009-02-26 09:32:30 ----D---- C:\Documents and Settings\benhassaine\Application Data\temp
2009-02-16 23:37:53 ----D---- C:\Documents and Settings\benhassaine\Application Data\LimeWire
2009-02-04 22:56:57 ----D---- C:\Program Files\DkZ Studio
2009-02-04 04:34:47 ----D---- C:\WINDOWS\Help
2009-02-03 01:31:38 ----SD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
2009-02-03 01:24:52 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-02-02 03:17:49 ----D---- C:\WINDOWS\system32\DirectX
2009-02-02 03:15:30 ----D---- C:\Program Files\Windows Live Toolbar
2009-01-16 13:40:21 ----D---- C:\WINDOWS\Temp
2009-01-16 13:39:41 ----D---- C:\Program Files
2009-01-16 13:39:31 ----D---- C:\WINDOWS\Prefetch
2009-01-16 11:54:11 ----HD---- C:\$AVG8.VAULT$
2009-01-16 10:26:01 ----D---- C:\Program Files\Mozilla Firefox
2009-01-16 10:22:03 ----D---- C:\Program Files\Saxo
2009-01-16 10:21:50 ----D---- C:\WINDOWS
2009-01-16 10:19:04 ----D---- C:\WINDOWS\system32
2009-01-16 10:19:03 ----HD---- C:\Config.Msi
2009-01-16 10:19:03 ----D---- C:\Program Files\Internet Explorer
2009-01-15 23:28:28 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-15 23:19:52 ----HD---- C:\WINDOWS\inf
2009-01-15 23:19:50 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-01-15 23:19:50 ----D---- C:\WINDOWS\system32\drivers
2009-01-15 23:19:44 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-15 23:19:40 ----A---- C:\WINDOWS\imsins.BAK
2009-01-15 23:16:45 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-15 23:15:44 ----RSD---- C:\WINDOWS\assembly
2009-01-15 23:13:38 ----SHD---- C:\WINDOWS\Installer
2009-01-15 23:13:34 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Help
2009-01-15 23:12:13 ----D---- C:\WINDOWS\Microsoft.NET
2009-01-15 23:02:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-01-15 23:01:53 ----D---- C:\WINDOWS\WinSxS
2009-01-15 22:30:15 ----D---- C:\Program Files\MSN Messenger
2009-01-15 16:45:21 ----SD---- C:\WINDOWS\Tasks
2009-01-15 15:58:51 ----D---- C:\Program Files\Fichiers communs
2009-01-15 13:25:21 ----D---- C:\Program Files\Java
2009-01-15 12:34:57 ----D---- C:\WINDOWS\ie7updates
2009-01-14 21:49:58 ----D---- C:\WINDOWS\Minidump
2009-01-14 17:21:06 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-10 09:08:21 ----A---- C:\crashAddress.txt
2009-01-06 21:16:46 ----AD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2009-01-05 20:39:47 ----D---- C:\Documents and Settings\benhassaine\Application Data\Apple Computer
2009-01-05 20:37:54 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-01-05 20:36:20 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2009-01-05 20:33:07 ----D---- C:\Program Files\QuickTime
2009-01-05 18:53:12 ----D---- C:\Program Files\eMule
2009-01-05 18:35:35 ----D---- C:\Program Files\VirtualDJ
2008-12-30 15:12:45 ----D---- C:\Program Files\StuffPlug3
2008-12-30 00:52:57 ----D---- C:\Program Files\SoftwareDepo
2008-12-29 00:32:22 ----RSD---- C:\WINDOWS\Fonts
2008-12-29 00:23:37 ----D---- C:\Fraps
2008-12-23 12:39:27 ----D---- C:\Program Files\Votre santé au quotidien
2008-12-23 12:27:52 ----D---- C:\Program Files\Larousse
2008-12-23 11:37:12 ----SD---- C:\Documents and Settings\benhassaine\Application Data\Microsoft
2008-12-23 11:16:32 ----SHD---- C:\System Volume Information
2008-12-22 15:45:57 ----D---- C:\Program Files\ipwins
2008-12-17 16:14:40 ----A---- C:\WINDOWS\system32\ReWire.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41856]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-12-23 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-12-23 26824]
R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2004-12-02 5627]
R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2004-12-02 23545]
R2 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-12-23 76040]
R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2004-12-23 40544]
R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2005-08-26 25725]
R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2005-08-26 34845]
R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2005-08-26 4125]
R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2005-08-26 2273]
R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2005-08-26 86812]
R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2005-08-26 15069]
R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2005-08-26 6365]
R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2005-08-26 98716]
R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2005-08-26 100605]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-08-19 701440]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2005-01-10 138752]
R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2006-03-28 13568]
R3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2006-03-28 55808]
R3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2006-03-28 69760]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2004-08-03 126686]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2005-01-10 106496]
R3 P17;Sound Blaster Audigy; C:\WINDOWS\system32\drivers\P17.sys [2005-07-07 1389056]
R3 Slntamr;Smart Link 56K Modem Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2004-08-03 404990]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2004-08-03 13240]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2004-04-14 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2004-04-14 44064]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 catchme;catchme; \??\C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-21 21744]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-01-31 22016]
S3 MRVW225;54M Wireless USB Adapter Dirver for Windows XP; C:\WINDOWS\system32\DRIVERS\MRVW225.sys [2005-12-21 299776]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2004-08-03 1309184]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NPF;Netgroup Packet Filter; C:\WINDOWS\system32\drivers\npf.sys []
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2004-08-03 180360]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2005-11-19 20096]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2005-01-31 211712]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2004-08-03 95424]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 w810bus;Sony Ericsson W810 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w810bus.sys [2006-02-20 58288]
S3 w810mdfl;Sony Ericsson W810 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w810mdfl.sys [2006-02-20 8336]
S3 w810mdm;Sony Ericsson W810 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w810mdm.sys [2006-02-20 94064]
S3 w810mgmt;Sony Ericsson W810 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w810mgmt.sys [2006-02-20 85408]
S3 w810obex;Sony Ericsson W810 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w810obex.sys [2006-02-20 83344]
S3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2004-04-14 21280]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2004-04-14 5600]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-10 116040]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-12-23 875288]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-12-23 231704]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-15 152984]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-09-10 536872]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 DfSdkS;Defragmentation-Service; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2008-12-22 410976]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-08-06 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032]
S4 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2008-04-14 73796]
S4 USBDeviceService;USBDeviceService; C:\Program Files\Roxio\MyDVD\MyDVD\USBDeviceService.exe [2005-08-31 90112]
S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
-----------------EOF-----------------
ainsi que le contenu info.txt
info.txt logfile of random's system information tool 1.05 2009-01-16 13:40:26
======Uninstall list======
-->"C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\CTCMSGO\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MINIDISC_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_ONLINESTORE_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative\SBAudigy\Program\Setup.exe" /S /U /W /L:FRN
-->C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EBD418-B8E6-4E86-89C4-33B72CF5663F}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EBD418-B8E6-4E86-89C4-33B72CF5663F}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x40c /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
7-Zip 4.47 beta-->"C:\Documents and Settings\benhassaine\Bureau\yanis_tout\Rechi's Big Ballpack v.6\balls\7-Zip\Uninstall.exe"
ACID Pro 7.0-->MsiExec.exe /X{8BAC9DAB-9118-4D13-8CF4-78812CC4755C}
Adobe AIR-->C:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Apple Mobile Device Support-->MsiExec.exe /I{AA9768AA-FF0B-4C66-A085-31E934F77841}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Ashampoo WinOptimizer 6.01-->"C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\unins000.exe"
Ask Toolbar-->rundll32 C:\PROGRA~1\AskTBar\bar\1.bin\AskTBar.dll,O
Assistant de connexion Windows Live-->MsiExec.exe /I{8984E374-6C93-427C-A3B9-AD92472FDCA0}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
AVS DVDMenu Editor 1.2.1.19-->"C:\Program Files\Fichiers communs\AVSMedia\AVS DVDMenu Editor\unins000.exe"
AVS Video Tools 5.6-->"C:\Program Files\AVSMedia\VideoTools\unins000.exe"
Barre d'outils Outlook de Windows Live (Windows Live Toolbar)-->MsiExec.exe /X{6E15BEDF-7EB5-4010-998E-B430DB4EFE45}
Bloqueur de fenêtres pop-up (Windows Live Toolbar)-->MsiExec.exe /X{A425C250-A0E1-4D78-B1C1-A5CBC7385E7C}
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Canon Camera Support Core Library-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A1D0D14A-B776-4907-BC00-5149F2298086} /l1036
Canon Camera Window DC_DV 5 for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{001AB29C-5468-4972-8D24-2EBDB2B12133}
Canon Camera Window DS for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{6B8BDABA-6737-4998-AEE4-E218EDE5FC7A}
Canon Camera Window MC 5 for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{89EB3ED7-225A-412E-B048-623D502C000F}
Canon Internet Library for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{954BF446-BBC9-42CC-87A6-EBF0D55CA19A}
Canon PhotoRecord-->MsiExec.exe /X{6693BD7C-CB4E-43AC-A0D6-10D1A1B88DCF}
Canon RAW Image Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{44E24545-F317-4498-B7CD-240DE7BA8DE2}
Canon Utilities PhotoStitch 3.1-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{218BBBE3-FE63-4BB2-81A8-7435575A84FA}
Canon ZoomBrowser EX-->MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}
Cheat Engine 5.3-->"C:\Program Files\Cheat Engine\unins000.exe"
Choice Guard-->MsiExec.exe /I{EBD5E7A9-DBB8-4E24-AE3A-CF9390AF1CCB}
CM 03-04-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{F71C0208-1D32-439D-9257-F90F0BAACE6A} /l1036
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Creative MediaSource 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\SETUP.EXE" -l0x40c /remove
Creative Software AutoUpdate-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c /remove
Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{EFFCB0F1-CFEC-48D4-B793-EBFCAE852976}
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter-->C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DJ Mix Pro-->C:\Program Files\DJ Mix Pro\uninstall.exe
DJ Pofessionnel 2008 7.3.2.2-->"C:\djp\unins000.exe"
DkZ Studio-->MsiExec.exe /I{F656DC79-013A-4683-8692-B938FC00B941}
EA Download Manager-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{EF7E931D-DC84-471B-8DB6-A83358095474} /l1036
Ecran de Veille - Arctique-->C:\WINDOWS\unins000.exe
eMule-->"C:\Program Files\eMule\Uninstall.exe"
ENJOY Plus!-->"C:\Program Files\ENJOY Plus!\UnInstall.exe"
Entraîneur Cérébral 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CD3F86E2-7106-462F-B4B7-799B6FC44FFE}\setup.exe" -l0x40c -removeonly
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
FinePixViewer Ver.4.3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{24ED4D80-8294-11D5-96CD-0040266301AD}\SETUP.EXE"
FL Studio 7-->C:\Program Files\Image-Line\FL Studio 7\uninstall.exe
Flip Words-->"C:\Program Files\Gamenext\Flip Words\Uninstall.exe" "C:\Program Files\Gamenext\Flip Words\install.log"
FTP and Download helper 2.2.0.3-->"C:\Program Files\SoftwareDepo\unins000.exe"
FUJIFILM USB Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5490882C-6961-11D5-BAE5-00E0188E010B}\SETUP.EXE"
GIMP 2.4.2-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
honestech Video Editor-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5F56D88-56A2-4157-BED4-D650634974E3}\Setup.exe" -l0x9
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Image Zone 4.2-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 4.2-->"C:\Program Files\HP\Digital Imaging\{A1062847-0846-427A-92A1-BB8251A91E91}\setup\hpzscr01.exe" -datfile hposcr04.dat
HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe
iTunes-->MsiExec.exe /I{41B9E2CF-0B3F-442A-B5B3-592A4A355634}
IZArc 3.81-->"C:\Program Files\IZArc\unins000.exe"
J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 8-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150080}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
KhalSetup-->MsiExec.exe /I{EE7B9A8D-19F0-450D-8E94-3E391E6044CD}
Larousse Médical-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11DA34AE-A565-4659-86BE-11252557783F}\Setup.exe" -l0x40c
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Les Sims 2 : Nuits de Folie-->C:\Program Files\EA GAMES\Les Sims 2 Nuits de Folie\EAUninstall.exe
Les Sims 2 Académie-->C:\Program Files\EA GAMES\Les Sims 2 Académie\EAUninstall.exe
Les Sims 2 Fun en Famille Kit-->C:\Program Files\EA GAMES\Les Sims 2 Fun en Famille Kit\EAUninstall.exe
Les Sims 2 : La bonne affaire-->C:\Program Files\EA GAMES\Les Sims 2 La bonne affaire\EAUninstall.exe
Les Sims 2-->C:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe
Les Sims™ 2 Animaux & Cie-->C:\Program Files\EA GAMES\Les Sims 2 Animaux & Cie\EAUninstall.exe
Les Sims™ 2 H&M® Fashion Kit-->C:\Program Files\EA GAMES\Les Sims 2 H&M® Fashion Kit\EAUninstall.exe
Les Sims™ 2 IKEA® Home Design Kit-->C:\Program Files\EA GAMES\Les Sims 2 IKEA® Home Design Kit\EAUninstall.exe
Les Sims™ 2 Jour de fête ! Kit -->C:\Program Files\EA GAMES\Les Sims 2 Jour de fête ! Kit \EAUninstall.exe
Les Sims™ 2 Kit design Cuisine et Salle de bain-->C:\Program Files\EA GAMES\Les Sims 2 Kit design Cuisine et Salle de bain\EAUninstall.exe
Les Sims™ 2 Tout pour les ados Kit-->C:\Program Files\EA GAMES\Les Sims 2 Tout pour les ados Kit\EAUninstall.exe
Les Sims™ 2 Au fil des saisons-->C:\Program Files\EA GAMES\Les Sims 2 Au fil des saisons\EAUninstall.exe
Les Sims™ 2 Bon Voyage-->C:\Program Files\EA GAMES\Les Sims 2 Bon Voyage\EAUninstall.exe
LFP Manager 07-->C:\Program Files\EA SPORTS\LFP Manager 07\EAUninstall.exe
LimeWire 4.18.3-->"C:\Program Files\LimeWire\uninstall.exe"
Live 7.0.14-->C:\PROGRA~1\Ableton\LIVE70~1.14\Install\UNWISE.EXE C:\PROGRA~1\Ableton\LIVE70~1.14\Install\INSTALL.LOG
Logiciel QuickCam de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x40c
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.exe" -l0x40c UNINSTALL -removeonly
Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
Logitech SetPoint-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x40c -removeonly
Macrogaming SweetIM 2.1-->MsiExec.exe /X{502358FB-0718-45BC-B142-7511F1694D58}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Micro Application - Je
Logfile of random's system information tool 1.05 (written by random/random)
Run by benhassaine at 2009-01-16 13:39:33
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 37 GB (25%) free of 147 GB
Total RAM: 511 MB (28% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:40:19, on 16/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Saxo\Saxo.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\AVG\AVG8\avgscanx.exe
C:\Documents and Settings\benhassaine\Bureau\RSIT.exe
C:\Program Files\trend micro\benhassaine.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.speedbit.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
R3 - URLSearchHook: PHPNukeFR Toolbar - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - C:\Program Files\PHPNukeFR\tbPHP0.dll (file missing)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: PHPNukeFR Toolbar - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - C:\Program Files\PHPNukeFR\tbPHP0.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: GamesBarBHO Class - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files\GamesBar\oberontb.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: PHPNukeFR Toolbar - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - C:\Program Files\PHPNukeFR\tbPHP0.dll (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Roxio\MyDVD\MyDVD\DetectorApp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [System Guards] C:\Program Files\SystemGuards.com\SystemGuards\SysGuards.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Saxo] C:\Program Files\Saxo\Saxo.exe regstart
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O9 - Extra 'Tools' menuitem: &Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://mafiakabyle.spaces.live.com/PhotoUpload/MsnPUpld...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\pivumuwe.dll,c:\windows\system32\fifitali.dll,avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 13436 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\RegistrySmart Scheduled Scan.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{258fe8b8-a13c-4b91-9a0c-c2d3cab8b990}]
PHPNukeFR Toolbar - C:\Program Files\PHPNukeFR\tbPHP0.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-12-23 455960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2005-08-26 118844]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-15 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-02-22 401968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-12-23 2055960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2007-08-06 2436160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CB0D163C-E9F4-4236-9496-0597E24B23A5}]
GamesBarBHO Class - C:\Program Files\GamesBar\oberontb.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-15 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-15 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-12-23 2055960]
{258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - PHPNukeFR Toolbar - C:\Program Files\PHPNukeFR\tbPHP0.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-15 136600]
"dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2005-08-26 122941]
"DetectorApp"=C:\Program Files\Roxio\MyDVD\MyDVD\DetectorApp.exe [2005-08-31 102400]
"ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-08-09 221184]
"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2004-08-09 81920]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-07-19 221184]
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2005-06-08 458752]
"LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2005-06-08 217088]
"REGSHAVE"=C:\Program Files\REGSHAVE\REGSHAVE.EXE [2002-02-04 53248]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744]
"CTSysVol"=C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe [2005-10-31 57344]
"P17Helper"=Rundll32 P17.dll []
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe []
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-12-23 1261336]
"System Guards"=C:\Program Files\SystemGuards.com\SystemGuards\SysGuards.exe []
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-09-10 289576]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"LogitechSoftwareUpdate"=C:\Program Files\Logitech\Video\ManifestEngine.exe [2005-06-08 196608]
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-07-22 67128]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe []
"Saxo"=C:\Program Files\Saxo\Saxo.exe [2008-02-05 315392]
"SweetIM"=C:\Program Files\Macrogaming\SweetIM\SweetIM.exe [2008-01-02 103712]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []
"NoSpam"= []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autoconfigurateur WiFi Neuf]
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe [2006-07-06 122880]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"usnjsvc"=3
"USBDeviceService"=2
"SLService"=2
"Pml Driver HPZ12"=3
"IDriverT"=3
"gusvc"=3
"Creative Service for CDROM Access"=2
"AVGEMS"=2
"Avg7UpdSvc"=2
"Avg7Alrt"=2
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage
Démarrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Documents and Settings\benhassaine\Menu Démarrer\Programmes\Démarrage
Adobe Media Player.lnk - C:\Program Files\Adobe Media Player\Adobe Media Player.exe
OneNote 2007 - Capture d'écran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\WINDOWS\system32\pivumuwe.dll,c:\windows\system32\fifitali.dll,avgrsstx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*
isabled:Logitech Desktop Messenger""C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\MSN BackUp\MSNBackup.exe"="C:\Program Files\MSN BackUp\MSNBackup.exe:*:Enabled:MSN BackUp"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\Sports Interactive\Football Manager 2006\fm.exe"="C:\Program Files\Sports Interactive\Football Manager 2006\fm.exe:*:Enabled:Football Manager 2006"
"C:\Documents and Settings\benhassaine\Local Settings\Temp\ImInstaller\HiYo_Installer.exe"="C:\Documents and Settings\benhassaine\Local Settings\Temp\ImInstaller\HiYo_Installer.exe:*:Enabled:IncrediMail Installer"
"C:\Documents and Settings\benhassaine\Application Data\PowerChallenge\PowerSoccer\PowerSoccer.exe"="C:\Documents and Settings\benhassaine\Application Data\PowerChallenge\PowerSoccer\PowerSoccer.exe:*:Enabled
owerSoccer""C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\WINDOWS\system32\winlogon.exe"="C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Explorer"
"C:\WINDOWS\system32\spoolsv.exe"="C:\WINDOWS\system32\spoolsv.exe:*:Enabled:spoolsv"
"C:\Program Files\MSN Messenger\usnsvc.exe"="C:\Program Files\MSN Messenger\usnsvc.exe:*:Enabled:usnsvc"
"C:\WINDOWS\system32\lsass.exe"="C:\WINDOWS\system32\lsass.exe:*:Enabled:lsass"
"C:\WINDOWS\system32\services.exe"="C:\WINDOWS\system32\services.exe:*:Enabled:services"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe"="C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe:*:Enabled:VideoAccelerator"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2aa46dbc-0170-11dc-8d33-00110975e2e2}]
shell\AutoRun\command - K:\ReadMe.exe
======List of files/folders created in the last 1 months======
2009-03-16 11:06:43 ----SH---- C:\WINDOWS\system32\ugahukib.ini
2009-03-15 23:17:55 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2009-03-15 23:07:18 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton
2009-03-15 23:06:51 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\NortonInstaller
2009-03-15 21:14:09 ----D---- C:\Program Files\Adobe
2009-03-15 17:04:50 ----SH---- C:\WINDOWS\system32\eyotahif.ini
2009-03-14 13:58:04 ----SH---- C:\WINDOWS\system32\edenobod.ini
2009-03-13 18:29:02 ----SH---- C:\WINDOWS\system32\uhehoyes.ini
2009-03-12 19:29:58 ----SH---- C:\WINDOWS\system32\ahezovem.ini
2009-03-11 18:28:35 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg8
2009-03-11 11:52:06 ----SH---- C:\WINDOWS\system32\emotegip.ini
2009-03-11 11:35:47 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2009-03-10 23:50:32 ----SH---- C:\WINDOWS\system32\itulipin.ini
2009-03-10 11:50:05 ----SH---- C:\WINDOWS\system32\opitafah.ini
2009-03-08 11:07:20 ----N---- C:\WINDOWS\system32\avgrsstx.dll.install_backup
2009-03-07 21:22:17 ----D---- C:\Program Files\IZArc
2009-02-15 23:51:58 ----D---- C:\Program Files\Oberon Media
2009-02-15 23:51:58 ----D---- C:\Program Files\Fichiers communs\Oberon Media
2009-02-15 23:51:57 ----D---- C:\Program Files\Gamenext
2009-02-14 12:46:17 ----D---- C:\Documents and Settings\benhassaine\Application Data\PowerChallenge
2009-02-14 12:04:51 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-02-14 12:04:43 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2009-02-14 12:04:31 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-02-14 12:03:46 ----D---- C:\Program Files\MSXML 4.0
2009-02-04 22:57:54 ----D---- C:\Documents and Settings\benhassaine\Application Data\Atari
2009-02-04 22:57:05 ----D---- C:\Program Files\DkZ Update
2009-02-04 15:57:00 ----A---- C:\WINDOWS\eSellerateEngine.dll
2009-02-04 15:56:06 ----D---- C:\Program Files\MSN Content Plus Inc
2009-02-04 15:56:06 ----A---- C:\WINDOWS\MSNImport.exe
2009-02-02 03:11:56 ----D---- C:\Program Files\Microsoft
2009-02-02 03:06:23 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-01-23 17:04:15 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-01-16 13:39:41 ----D---- C:\Program Files\trend micro
2009-01-16 13:39:33 ----D---- C:\rsit
2009-01-15 23:20:05 ----A---- C:\WINDOWS\system32\MRT.exe
2009-01-15 23:19:46 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-15 23:19:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-01-15 23:18:58 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-01-15 23:16:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-01-15 23:15:40 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-01-15 19:42:22 ----D---- C:\Documents and Settings\benhassaine\Application Data\Malwarebytes
2009-01-15 19:42:11 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-15 19:42:11 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-01-15 18:32:44 ----A---- C:\cleannavi.txt
2009-01-15 17:17:28 ----A---- C:\fixnavi.txt
2009-01-15 16:13:06 ----A---- C:\lopR.txt
2009-01-15 16:12:48 ----D---- C:\Lop SD
2009-01-15 14:36:22 ----A---- C:\TB.txt
2009-01-15 14:35:48 ----D---- C:\ToolBar SD
2009-01-15 13:25:59 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-01-15 13:25:58 ----A---- C:\WINDOWS\system32\javaws.exe
2009-01-15 13:25:58 ----A---- C:\WINDOWS\system32\javaw.exe
2009-01-15 13:25:58 ----A---- C:\WINDOWS\system32\java.exe
2009-01-15 12:37:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-01-15 12:37:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2009-01-15 12:37:09 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2009-01-15 12:32:58 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-01-15 12:31:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-01-14 17:34:44 ----D---- C:\Program Files\EA GAMES
2009-01-12 20:23:23 ----D---- C:\Program Files\Spider
2009-01-09 19:37:37 ----A---- C:\MaGiStErIaL [http--fr.youtube.com-watchv=l7haB82fAio&feature=channel_page]_09_01_2009@19_34_08.wav
2009-01-05 20:37:56 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2009-01-05 20:36:43 ----D---- C:\Program Files\iPod
2009-01-05 20:36:20 ----D---- C:\Program Files\iTunes
2009-01-05 20:36:20 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-05 20:34:52 ----D---- C:\Program Files\Bonjour
2009-01-05 20:27:11 ----D---- C:\Program Files\Apple Software Update
2009-01-05 20:25:30 ----D---- C:\Program Files\Fichiers communs\Apple
2009-01-05 20:25:27 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
2009-01-05 20:17:43 ----A---- C:\WINDOWS\system32\DfSdkBt.exe
2009-01-05 20:17:35 ----D---- C:\Program Files\Ashampoo
2009-01-05 19:17:16 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ableton
2009-01-05 19:17:15 ----D---- C:\Documents and Settings\benhassaine\Application Data\Ableton
2009-01-05 19:11:26 ----A---- C:\WINDOWS\system32\REX Shared Library.dll
2009-01-05 19:10:17 ----D---- C:\Program Files\Ableton
2008-12-30 00:50:18 ----A---- C:\WINDOWS\system32\md5.dll
2008-12-30 00:50:01 ----D---- C:\Program Files\SystemGuards.com
2008-12-30 00:35:19 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\SpeedBit
2008-12-30 00:34:55 ----D---- C:\Program Files\DAP
2008-12-29 01:42:29 ----D---- C:\Program Files\Conduit
2008-12-29 01:35:07 ----D---- C:\Program Files\Sony
2008-12-29 01:32:55 ----D---- C:\Program Files\Sony Setup
2008-12-29 01:12:23 ----A---- C:\WINDOWS\system32\MMREGOCX.EXE
2008-12-29 01:12:20 ----D---- C:\Program Files\Real dj system
2008-12-29 01:08:13 ----D---- C:\Program Files\DJ Mix Pro
2008-12-29 01:04:17 ----D---- C:\djp
2008-12-29 01:00:56 ----D---- C:\OtsLabs
2008-12-29 00:32:52 ----D---- C:\Program Files\Audacity
2008-12-28 23:51:15 ----A---- C:\WINDOWS\system32\msvcr80.dll
2008-12-28 23:51:15 ----A---- C:\WINDOWS\system32\msvcp80.dll
2008-12-28 23:51:15 ----A---- C:\WINDOWS\system32\msvcm80.dll
2008-12-28 23:51:11 ----D---- C:\Program Files\MyXOFT
2008-12-23 11:38:54 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-12-23 11:38:36 ----D---- C:\Documents and Settings\benhassaine\Application Data\AVGTOOLBAR
2008-12-23 11:38:10 ----D---- C:\Program Files\AVG
2008-12-19 13:08:09 ----SH---- C:\WINDOWS\system32\olanerik.ini
2008-12-19 01:09:16 ----SH---- C:\WINDOWS\system32\osopazov.ini
2008-12-17 18:18:33 ----SH---- C:\WINDOWS\system32\akoweraf.ini
======List of files/folders modified in the last 1 months======
2009-03-15 23:09:55 ----D---- C:\Documents and Settings
2009-03-15 22:36:55 ----D---- C:\Program Files\Eidos
2009-03-15 21:14:46 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
2009-03-11 20:33:57 ----D---- C:\WINDOWS\system32\config
2009-03-09 17:56:45 ----D---- C:\WINDOWS\network diagnostic
2009-03-05 15:52:01 ----D---- C:\Program Files\Windows Live
2009-03-05 15:43:41 ----D---- C:\Program Files\Cheat Engine
2009-02-26 09:32:30 ----D---- C:\Documents and Settings\benhassaine\Application Data\temp
2009-02-16 23:37:53 ----D---- C:\Documents and Settings\benhassaine\Application Data\LimeWire
2009-02-04 22:56:57 ----D---- C:\Program Files\DkZ Studio
2009-02-04 04:34:47 ----D---- C:\WINDOWS\Help
2009-02-03 01:31:38 ----SD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
2009-02-03 01:24:52 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-02-02 03:17:49 ----D---- C:\WINDOWS\system32\DirectX
2009-02-02 03:15:30 ----D---- C:\Program Files\Windows Live Toolbar
2009-01-16 13:40:21 ----D---- C:\WINDOWS\Temp
2009-01-16 13:39:41 ----D---- C:\Program Files
2009-01-16 13:39:31 ----D---- C:\WINDOWS\Prefetch
2009-01-16 11:54:11 ----HD---- C:\$AVG8.VAULT$
2009-01-16 10:26:01 ----D---- C:\Program Files\Mozilla Firefox
2009-01-16 10:22:03 ----D---- C:\Program Files\Saxo
2009-01-16 10:21:50 ----D---- C:\WINDOWS
2009-01-16 10:19:04 ----D---- C:\WINDOWS\system32
2009-01-16 10:19:03 ----HD---- C:\Config.Msi
2009-01-16 10:19:03 ----D---- C:\Program Files\Internet Explorer
2009-01-15 23:28:28 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-15 23:19:52 ----HD---- C:\WINDOWS\inf
2009-01-15 23:19:50 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-01-15 23:19:50 ----D---- C:\WINDOWS\system32\drivers
2009-01-15 23:19:44 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-15 23:19:40 ----A---- C:\WINDOWS\imsins.BAK
2009-01-15 23:16:45 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-15 23:15:44 ----RSD---- C:\WINDOWS\assembly
2009-01-15 23:13:38 ----SHD---- C:\WINDOWS\Installer
2009-01-15 23:13:34 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Help
2009-01-15 23:12:13 ----D---- C:\WINDOWS\Microsoft.NET
2009-01-15 23:02:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-01-15 23:01:53 ----D---- C:\WINDOWS\WinSxS
2009-01-15 22:30:15 ----D---- C:\Program Files\MSN Messenger
2009-01-15 16:45:21 ----SD---- C:\WINDOWS\Tasks
2009-01-15 15:58:51 ----D---- C:\Program Files\Fichiers communs
2009-01-15 13:25:21 ----D---- C:\Program Files\Java
2009-01-15 12:34:57 ----D---- C:\WINDOWS\ie7updates
2009-01-14 21:49:58 ----D---- C:\WINDOWS\Minidump
2009-01-14 17:21:06 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-10 09:08:21 ----A---- C:\crashAddress.txt
2009-01-06 21:16:46 ----AD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2009-01-05 20:39:47 ----D---- C:\Documents and Settings\benhassaine\Application Data\Apple Computer
2009-01-05 20:37:54 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-01-05 20:36:20 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2009-01-05 20:33:07 ----D---- C:\Program Files\QuickTime
2009-01-05 18:53:12 ----D---- C:\Program Files\eMule
2009-01-05 18:35:35 ----D---- C:\Program Files\VirtualDJ
2008-12-30 15:12:45 ----D---- C:\Program Files\StuffPlug3
2008-12-30 00:52:57 ----D---- C:\Program Files\SoftwareDepo
2008-12-29 00:32:22 ----RSD---- C:\WINDOWS\Fonts
2008-12-29 00:23:37 ----D---- C:\Fraps
2008-12-23 12:39:27 ----D---- C:\Program Files\Votre santé au quotidien
2008-12-23 12:27:52 ----D---- C:\Program Files\Larousse
2008-12-23 11:37:12 ----SD---- C:\Documents and Settings\benhassaine\Application Data\Microsoft
2008-12-23 11:16:32 ----SHD---- C:\System Volume Information
2008-12-22 15:45:57 ----D---- C:\Program Files\ipwins
2008-12-17 16:14:40 ----A---- C:\WINDOWS\system32\ReWire.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41856]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-12-23 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-12-23 26824]
R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2004-12-02 5627]
R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2004-12-02 23545]
R2 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-12-23 76040]
R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2004-12-23 40544]
R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2005-08-26 25725]
R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2005-08-26 34845]
R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2005-08-26 4125]
R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2005-08-26 2273]
R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2005-08-26 86812]
R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2005-08-26 15069]
R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2005-08-26 6365]
R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2005-08-26 98716]
R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2005-08-26 100605]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-08-19 701440]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2005-01-10 138752]
R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2006-03-28 13568]
R3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2006-03-28 55808]
R3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2006-03-28 69760]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2004-08-03 126686]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2005-01-10 106496]
R3 P17;Sound Blaster Audigy; C:\WINDOWS\system32\drivers\P17.sys [2005-07-07 1389056]
R3 Slntamr;Smart Link 56K Modem Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2004-08-03 404990]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2004-08-03 13240]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2004-04-14 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2004-04-14 44064]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 catchme;catchme; \??\C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-21 21744]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-01-31 22016]
S3 MRVW225;54M Wireless USB Adapter Dirver for Windows XP; C:\WINDOWS\system32\DRIVERS\MRVW225.sys [2005-12-21 299776]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2004-08-03 1309184]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NPF;Netgroup Packet Filter; C:\WINDOWS\system32\drivers\npf.sys []
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2004-08-03 180360]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2005-11-19 20096]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2005-01-31 211712]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2004-08-03 95424]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 w810bus;Sony Ericsson W810 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w810bus.sys [2006-02-20 58288]
S3 w810mdfl;Sony Ericsson W810 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w810mdfl.sys [2006-02-20 8336]
S3 w810mdm;Sony Ericsson W810 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w810mdm.sys [2006-02-20 94064]
S3 w810mgmt;Sony Ericsson W810 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w810mgmt.sys [2006-02-20 85408]
S3 w810obex;Sony Ericsson W810 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w810obex.sys [2006-02-20 83344]
S3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2004-04-14 21280]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2004-04-14 5600]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-10 116040]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-12-23 875288]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-12-23 231704]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-15 152984]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-09-10 536872]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 DfSdkS;Defragmentation-Service; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2008-12-22 410976]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-08-06 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032]
S4 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2008-04-14 73796]
S4 USBDeviceService;USBDeviceService; C:\Program Files\Roxio\MyDVD\MyDVD\USBDeviceService.exe [2005-08-31 90112]
S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
-----------------EOF-----------------
ainsi que le contenu info.txt
info.txt logfile of random's system information tool 1.05 2009-01-16 13:40:26
======Uninstall list======
-->"C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\CTCMSGO\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MINIDISC_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_ONLINESTORE_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative\SBAudigy\Program\Setup.exe" /S /U /W /L:FRN
-->C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EBD418-B8E6-4E86-89C4-33B72CF5663F}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EBD418-B8E6-4E86-89C4-33B72CF5663F}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x40c /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
7-Zip 4.47 beta-->"C:\Documents and Settings\benhassaine\Bureau\yanis_tout\Rechi's Big Ballpack v.6\balls\7-Zip\Uninstall.exe"
ACID Pro 7.0-->MsiExec.exe /X{8BAC9DAB-9118-4D13-8CF4-78812CC4755C}
Adobe AIR-->C:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Apple Mobile Device Support-->MsiExec.exe /I{AA9768AA-FF0B-4C66-A085-31E934F77841}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Ashampoo WinOptimizer 6.01-->"C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\unins000.exe"
Ask Toolbar-->rundll32 C:\PROGRA~1\AskTBar\bar\1.bin\AskTBar.dll,O
Assistant de connexion Windows Live-->MsiExec.exe /I{8984E374-6C93-427C-A3B9-AD92472FDCA0}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
AVS DVDMenu Editor 1.2.1.19-->"C:\Program Files\Fichiers communs\AVSMedia\AVS DVDMenu Editor\unins000.exe"
AVS Video Tools 5.6-->"C:\Program Files\AVSMedia\VideoTools\unins000.exe"
Barre d'outils Outlook de Windows Live (Windows Live Toolbar)-->MsiExec.exe /X{6E15BEDF-7EB5-4010-998E-B430DB4EFE45}
Bloqueur de fenêtres pop-up (Windows Live Toolbar)-->MsiExec.exe /X{A425C250-A0E1-4D78-B1C1-A5CBC7385E7C}
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Canon Camera Support Core Library-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A1D0D14A-B776-4907-BC00-5149F2298086} /l1036
Canon Camera Window DC_DV 5 for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{001AB29C-5468-4972-8D24-2EBDB2B12133}
Canon Camera Window DS for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{6B8BDABA-6737-4998-AEE4-E218EDE5FC7A}
Canon Camera Window MC 5 for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{89EB3ED7-225A-412E-B048-623D502C000F}
Canon Internet Library for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{954BF446-BBC9-42CC-87A6-EBF0D55CA19A}
Canon PhotoRecord-->MsiExec.exe /X{6693BD7C-CB4E-43AC-A0D6-10D1A1B88DCF}
Canon RAW Image Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{44E24545-F317-4498-B7CD-240DE7BA8DE2}
Canon Utilities PhotoStitch 3.1-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{218BBBE3-FE63-4BB2-81A8-7435575A84FA}
Canon ZoomBrowser EX-->MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}
Cheat Engine 5.3-->"C:\Program Files\Cheat Engine\unins000.exe"
Choice Guard-->MsiExec.exe /I{EBD5E7A9-DBB8-4E24-AE3A-CF9390AF1CCB}
CM 03-04-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{F71C0208-1D32-439D-9257-F90F0BAACE6A} /l1036
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Creative MediaSource 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\SETUP.EXE" -l0x40c /remove
Creative Software AutoUpdate-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c /remove
Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{EFFCB0F1-CFEC-48D4-B793-EBFCAE852976}
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter-->C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DJ Mix Pro-->C:\Program Files\DJ Mix Pro\uninstall.exe
DJ Pofessionnel 2008 7.3.2.2-->"C:\djp\unins000.exe"
DkZ Studio-->MsiExec.exe /I{F656DC79-013A-4683-8692-B938FC00B941}
EA Download Manager-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{EF7E931D-DC84-471B-8DB6-A83358095474} /l1036
Ecran de Veille - Arctique-->C:\WINDOWS\unins000.exe
eMule-->"C:\Program Files\eMule\Uninstall.exe"
ENJOY Plus!-->"C:\Program Files\ENJOY Plus!\UnInstall.exe"
Entraîneur Cérébral 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CD3F86E2-7106-462F-B4B7-799B6FC44FFE}\setup.exe" -l0x40c -removeonly
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
FinePixViewer Ver.4.3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{24ED4D80-8294-11D5-96CD-0040266301AD}\SETUP.EXE"
FL Studio 7-->C:\Program Files\Image-Line\FL Studio 7\uninstall.exe
Flip Words-->"C:\Program Files\Gamenext\Flip Words\Uninstall.exe" "C:\Program Files\Gamenext\Flip Words\install.log"
FTP and Download helper 2.2.0.3-->"C:\Program Files\SoftwareDepo\unins000.exe"
FUJIFILM USB Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5490882C-6961-11D5-BAE5-00E0188E010B}\SETUP.EXE"
GIMP 2.4.2-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
honestech Video Editor-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5F56D88-56A2-4157-BED4-D650634974E3}\Setup.exe" -l0x9
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Image Zone 4.2-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 4.2-->"C:\Program Files\HP\Digital Imaging\{A1062847-0846-427A-92A1-BB8251A91E91}\setup\hpzscr01.exe" -datfile hposcr04.dat
HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe
iTunes-->MsiExec.exe /I{41B9E2CF-0B3F-442A-B5B3-592A4A355634}
IZArc 3.81-->"C:\Program Files\IZArc\unins000.exe"
J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 8-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150080}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
KhalSetup-->MsiExec.exe /I{EE7B9A8D-19F0-450D-8E94-3E391E6044CD}
Larousse Médical-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11DA34AE-A565-4659-86BE-11252557783F}\Setup.exe" -l0x40c
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Les Sims 2 : Nuits de Folie-->C:\Program Files\EA GAMES\Les Sims 2 Nuits de Folie\EAUninstall.exe
Les Sims 2 Académie-->C:\Program Files\EA GAMES\Les Sims 2 Académie\EAUninstall.exe
Les Sims 2 Fun en Famille Kit-->C:\Program Files\EA GAMES\Les Sims 2 Fun en Famille Kit\EAUninstall.exe
Les Sims 2 : La bonne affaire-->C:\Program Files\EA GAMES\Les Sims 2 La bonne affaire\EAUninstall.exe
Les Sims 2-->C:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe
Les Sims™ 2 Animaux & Cie-->C:\Program Files\EA GAMES\Les Sims 2 Animaux & Cie\EAUninstall.exe
Les Sims™ 2 H&M® Fashion Kit-->C:\Program Files\EA GAMES\Les Sims 2 H&M® Fashion Kit\EAUninstall.exe
Les Sims™ 2 IKEA® Home Design Kit-->C:\Program Files\EA GAMES\Les Sims 2 IKEA® Home Design Kit\EAUninstall.exe
Les Sims™ 2 Jour de fête ! Kit -->C:\Program Files\EA GAMES\Les Sims 2 Jour de fête ! Kit \EAUninstall.exe
Les Sims™ 2 Kit design Cuisine et Salle de bain-->C:\Program Files\EA GAMES\Les Sims 2 Kit design Cuisine et Salle de bain\EAUninstall.exe
Les Sims™ 2 Tout pour les ados Kit-->C:\Program Files\EA GAMES\Les Sims 2 Tout pour les ados Kit\EAUninstall.exe
Les Sims™ 2 Au fil des saisons-->C:\Program Files\EA GAMES\Les Sims 2 Au fil des saisons\EAUninstall.exe
Les Sims™ 2 Bon Voyage-->C:\Program Files\EA GAMES\Les Sims 2 Bon Voyage\EAUninstall.exe
LFP Manager 07-->C:\Program Files\EA SPORTS\LFP Manager 07\EAUninstall.exe
LimeWire 4.18.3-->"C:\Program Files\LimeWire\uninstall.exe"
Live 7.0.14-->C:\PROGRA~1\Ableton\LIVE70~1.14\Install\UNWISE.EXE C:\PROGRA~1\Ableton\LIVE70~1.14\Install\INSTALL.LOG
Logiciel QuickCam de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x40c
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.exe" -l0x40c UNINSTALL -removeonly
Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
Logitech SetPoint-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x40c -removeonly
Macrogaming SweetIM 2.1-->MsiExec.exe /X{502358FB-0718-45BC-B142-7511F1694D58}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Micro Application - Je
Saxo apparement c'est un logiciel pour de la musique . je sais pas trop c'est pas moi qui l'ai téléchargé mais d'après mon frère je peux le supprimer
info.txt logfile of random's system information tool 1.05 2009-01-16 13:40:26
======Uninstall list======
-->"C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\CTCMSGO\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MINIDISC_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_ONLINESTORE_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative\SBAudigy\Program\Setup.exe" /S /U /W /L:FRN
-->C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EBD418-B8E6-4E86-89C4-33B72CF5663F}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EBD418-B8E6-4E86-89C4-33B72CF5663F}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x40c /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
7-Zip 4.47 beta-->"C:\Documents and Settings\benhassaine\Bureau\yanis_tout\Rechi's Big Ballpack v.6\balls\7-Zip\Uninstall.exe"
ACID Pro 7.0-->MsiExec.exe /X{8BAC9DAB-9118-4D13-8CF4-78812CC4755C}
Adobe AIR-->C:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Apple Mobile Device Support-->MsiExec.exe /I{AA9768AA-FF0B-4C66-A085-31E934F77841}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Ashampoo WinOptimizer 6.01-->"C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\unins000.exe"
Ask Toolbar-->rundll32 C:\PROGRA~1\AskTBar\bar\1.bin\AskTBar.dll,O
Assistant de connexion Windows Live-->MsiExec.exe /I{8984E374-6C93-427C-A3B9-AD92472FDCA0}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
AVS DVDMenu Editor 1.2.1.19-->"C:\Program Files\Fichiers communs\AVSMedia\AVS DVDMenu Editor\unins000.exe"
AVS Video Tools 5.6-->"C:\Program Files\AVSMedia\VideoTools\unins000.exe"
Barre d'outils Outlook de Windows Live (Windows Live Toolbar)-->MsiExec.exe /X{6E15BEDF-7EB5-4010-998E-B430DB4EFE45}
Bloqueur de fenêtres pop-up (Windows Live Toolbar)-->MsiExec.exe /X{A425C250-A0E1-4D78-B1C1-A5CBC7385E7C}
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Canon Camera Support Core Library-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A1D0D14A-B776-4907-BC00-5149F2298086} /l1036
Canon Camera Window DC_DV 5 for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{001AB29C-5468-4972-8D24-2EBDB2B12133}
Canon Camera Window DS for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{6B8BDABA-6737-4998-AEE4-E218EDE5FC7A}
Canon Camera Window MC 5 for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{89EB3ED7-225A-412E-B048-623D502C000F}
Canon Internet Library for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{954BF446-BBC9-42CC-87A6-EBF0D55CA19A}
Canon PhotoRecord-->MsiExec.exe /X{6693BD7C-CB4E-43AC-A0D6-10D1A1B88DCF}
Canon RAW Image Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{44E24545-F317-4498-B7CD-240DE7BA8DE2}
Canon Utilities PhotoStitch 3.1-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{218BBBE3-FE63-4BB2-81A8-7435575A84FA}
Canon ZoomBrowser EX-->MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}
Cheat Engine 5.3-->"C:\Program Files\Cheat Engine\unins000.exe"
Choice Guard-->MsiExec.exe /I{EBD5E7A9-DBB8-4E24-AE3A-CF9390AF1CCB}
CM 03-04-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{F71C0208-1D32-439D-9257-F90F0BAACE6A} /l1036
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Creative MediaSource 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\SETUP.EXE" -l0x40c /remove
Creative Software AutoUpdate-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c /remove
Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{EFFCB0F1-CFEC-48D4-B793-EBFCAE852976}
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter-->C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DJ Mix Pro-->C:\Program Files\DJ Mix Pro\uninstall.exe
DJ Pofessionnel 2008 7.3.2.2-->"C:\djp\unins000.exe"
DkZ Studio-->MsiExec.exe /I{F656DC79-013A-4683-8692-B938FC00B941}
EA Download Manager-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{EF7E931D-DC84-471B-8DB6-A83358095474} /l1036
Ecran de Veille - Arctique-->C:\WINDOWS\unins000.exe
eMule-->"C:\Program Files\eMule\Uninstall.exe"
ENJOY Plus!-->"C:\Program Files\ENJOY Plus!\UnInstall.exe"
Entraîneur Cérébral 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CD3F86E2-7106-462F-B4B7-799B6FC44FFE}\setup.exe" -l0x40c -removeonly
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
FinePixViewer Ver.4.3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{24ED4D80-8294-11D5-96CD-0040266301AD}\SETUP.EXE"
FL Studio 7-->C:\Program Files\Image-Line\FL Studio 7\uninstall.exe
Flip Words-->"C:\Program Files\Gamenext\Flip Words\Uninstall.exe" "C:\Program Files\Gamenext\Flip Words\install.log"
FTP and Download helper 2.2.0.3-->"C:\Program Files\SoftwareDepo\unins000.exe"
FUJIFILM USB Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5490882C-6961-11D5-BAE5-00E0188E010B}\SETUP.EXE"
GIMP 2.4.2-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
honestech Video Editor-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5F56D88-56A2-4157-BED4-D650634974E3}\Setup.exe" -l0x9
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Image Zone 4.2-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 4.2-->"C:\Program Files\HP\Digital Imaging\{A1062847-0846-427A-92A1-BB8251A91E91}\setup\hpzscr01.exe" -datfile hposcr04.dat
HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe
iTunes-->MsiExec.exe /I{41B9E2CF-0B3F-442A-B5B3-592A4A355634}
IZArc 3.81-->"C:\Program Files\IZArc\unins000.exe"
J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 8-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150080}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
KhalSetup-->MsiExec.exe /I{EE7B9A8D-19F0-450D-8E94-3E391E6044CD}
Larousse Médical-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11DA34AE-A565-4659-86BE-11252557783F}\Setup.exe" -l0x40c
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Les Sims 2 : Nuits de Folie-->C:\Program Files\EA GAMES\Les Sims 2 Nuits de Folie\EAUninstall.exe
Les Sims 2 Académie-->C:\Program Files\EA GAMES\Les Sims 2 Académie\EAUninstall.exe
Les Sims 2 Fun en Famille Kit-->C:\Program Files\EA GAMES\Les Sims 2 Fun en Famille Kit\EAUninstall.exe
Les Sims 2 : La bonne affaire-->C:\Program Files\EA GAMES\Les Sims 2 La bonne affaire\EAUninstall.exe
Les Sims 2-->C:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe
Les Sims™ 2 Animaux & Cie-->C:\Program Files\EA GAMES\Les Sims 2 Animaux & Cie\EAUninstall.exe
Les Sims™ 2 H&M® Fashion Kit-->C:\Program Files\EA GAMES\Les Sims 2 H&M® Fashion Kit\EAUninstall.exe
Les Sims™ 2 IKEA® Home Design Kit-->C:\Program Files\EA GAMES\Les Sims 2 IKEA® Home Design Kit\EAUninstall.exe
Les Sims™ 2 Jour de fête ! Kit -->C:\Program Files\EA GAMES\Les Sims 2 Jour de fête ! Kit \EAUninstall.exe
Les Sims™ 2 Kit design Cuisine et Salle de bain-->C:\Program Files\EA GAMES\Les Sims 2 Kit design Cuisine et Salle de bain\EAUninstall.exe
Les Sims™ 2 Tout pour les ados Kit-->C:\Program Files\EA GAMES\Les Sims 2 Tout pour les ados Kit\EAUninstall.exe
Les Sims™ 2 Au fil des saisons-->C:\Program Files\EA GAMES\Les Sims 2 Au fil des saisons\EAUninstall.exe
Les Sims™ 2 Bon Voyage-->C:\Program Files\EA GAMES\Les Sims 2 Bon Voyage\EAUninstall.exe
LFP Manager 07-->C:\Program Files\EA SPORTS\LFP Manager 07\EAUninstall.exe
LimeWire 4.18.3-->"C:\Program Files\LimeWire\uninstall.exe"
Live 7.0.14-->C:\PROGRA~1\Ableton\LIVE70~1.14\Install\UNWISE.EXE C:\PROGRA~1\Ableton\LIVE70~1.14\Install\INSTALL.LOG
Logiciel QuickCam de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x40c
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.exe" -l0x40c UNINSTALL -removeonly
Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
Logitech SetPoint-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x40c -removeonly
Macrogaming SweetIM 2.1-->MsiExec.exe /X{502358FB-0718-45BC-B142-7511F1694D58}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Micro Application - Jeu de Tarot-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Micro Application\Jeu de Tarot\Uninst.isu"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN Polygamy 8.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{952DEE45-7C0B-4CDF-80B3-D14BE6B02678}\Setup.exe"
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Neuf - Kit de connexion-->C:\Program Files\Neuf\Kit\uninstall.exe
OneCare Advisor (Windows Live Toolbar)-->MsiExec.exe /X{6D7F8D4B-D1A4-402A-973E-31E90940E585}
ONES Trial (F)-->C:\WINDOWS\InZU31.exe /U:C:\Program Files\ONES Trial (F)\Uninstall.inz /L:f /K![:o]( ":o")
NES(F)
OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
OtsTurntables Free 1.00.012-->"C:\WINDOWS\OTS_UI.EXE" "C:\OtsLabs\OTSTT.osi"
overland-->MsiExec.exe /I{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}
Pro Evolution Soccer 6-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{EBB794ED-D282-4334-92FB-254481EFF514} /l1036
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Project64 1.6-->MsiExec.exe /X{9559F7CA-5E34-4237-A2D9-D856464AD727}
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Real dj system-->C:\WINDOWS\ST5UNST.EXE -n "C:\Program Files\Real dj system\ST5UNST.LOG"
Roxio MyDVD-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Roxio UDF Reader-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Security Update for Visio 2007 (KB947590)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
Sony Ericsson PC Suite 1.20.173-->MsiExec.exe /I{C5ADA65A-7828-4D85-B071-ECC52B51F794}
SopCast 2.0.4-->C:\Program Files\SopCast\uninst.exe
Sound Blaster Audigy-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}\SETUP.EXE" -l0x40c /remove
SpicyTools Video Converter 1.0-->C:\Program Files\SpicyTools Video Converter 1.0\uninst.exe
Spider-->"C:\Program Files\Spider\unins000.exe"
StuffPlug 3-->C:\Program Files\StuffPlug3\Uninstall.exe
SUDOKU - LE GRAND DEFI-->C:\WINDOWS\SUDOKU - LE GRAND DEFI Uninstaller.exe
SUPER © Version 2007.bld.23 (July 4, 2007)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
SweetIM For Internet Explorer 3.0b-->MsiExec.exe /X{F6D63A65-BD23-46F3-B9A3-87F442423481}
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Virtual DJ - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
Votre santé au quotidien-->C:\Program Files\Votre santé au quotidien\Uninstall\Uninstall.exe
Wave MP3 Editor v11.9.2 - Fully Functional Evaluation Version-->MsiExec.exe /I{AEC01EFA-2C3B-40F1-8F5B-AA49D2490979}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
======Security center information======
AV: AVG Anti-Virus Free
System event log
Computer Name: MARTINE
Event Code: 7036
Message: Le service Service Messenger Sharing Folders USN Journal Reader est entré dans l'état : en cours d'exécution.
Record Number: 211
Source Name: Service Control Manager
Time Written: 20081220114129.000000+060
Event Type: Informations
User:
Computer Name: MARTINE
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service Messenger Sharing Folders USN Journal Reader.
Record Number: 210
Source Name: Service Control Manager
Time Written: 20081220114129.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: MARTINE
Event Code: 7036
Message: Le service Gestionnaire de connexions d'accès distant est entré dans l'état : en cours d'exécution.
Record Number: 209
Source Name: Service Control Manager
Time Written: 20081220114001.000000+060
Event Type: Informations
User:
Computer Name: MARTINE
Event Code: 7036
Message: Le service Service de la passerelle de la couche Application est entré dans l'état : en cours d'exécution.
Record Number: 208
Source Name: Service Control Manager
Time Written: 20081220113958.000000+060
Event Type: Informations
User:
Computer Name: MARTINE
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service de la passerelle de la couche Application.
Record Number: 207
Source Name: Service Control Manager
Time Written: 20081220113958.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
Application event log
Computer Name: MARTINE
Event Code: 102
Message: msnmsgr (1408) \\.\C:\Documents and Settings\benhassaine\Local Settings\Application Data\Microsoft\Messenger\nissou07@live.fr\SharingMetadata\Working\database_3294_FC91_94FC_5935\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).
Record Number: 184
Source Name: ESENT
Time Written: 20090202004434.000000+060
Event Type: Informations
User:
Computer Name: MARTINE
Event Code: 100
Message: msnmsgr (1408) Le moteur de base de données 5.01.2600.5512 est démarré.
Record Number: 183
Source Name: ESENT
Time Written: 20090202004434.000000+060
Event Type: Informations
User:
Computer Name: MARTINE
Event Code: 101
Message: msnmsgr (2816) Le moteur de base de données est arrêté.
Record Number: 182
Source Name: ESENT
Time Written: 20090202004324.000000+060
Event Type: Informations
User:
Computer Name: MARTINE
Event Code: 103
Message: msnmsgr (2816) \\.\C:\Documents and Settings\benhassaine\Local Settings\Application Data\Microsoft\Messenger\nissou07@live.fr\SharingMetadata\Working\database_3294_FC91_94FC_5935\dfsr.db: Le moteur de base de données a arrêté une instance (0).
Record Number: 181
Source Name: ESENT
Time Written: 20090202004324.000000+060
Event Type: Informations
User:
Computer Name: MARTINE
Event Code: 704
Message: msnmsgr (2816) La défragmentation en ligne de la base de données '\\.\C:\Documents and Settings\benhassaine\Local Settings\Application Data\Microsoft\Messenger\nissou07@live.fr\SharingMetadata\Working\database_3294_FC91_94FC_5935\dfsr.db' a été interrompue et arrêtée. La prochaine fois qu'une défragmentation en ligne sera effectuée dans cette base de données, elle reprendra à l'endroit où elle a été interrompue.
Record Number: 180
Source Name: ESENT
Time Written: 20090202004323.000000+060
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\Teleca Shared;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0a00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.05 2009-01-16 13:40:26
======Uninstall list======
-->"C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\CTCMSGO\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MINIDISC_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_ONLINESTORE_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x040c
-->"C:\Program Files\Creative\SBAudigy\Program\Setup.exe" /S /U /W /L:FRN
-->C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EBD418-B8E6-4E86-89C4-33B72CF5663F}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EBD418-B8E6-4E86-89C4-33B72CF5663F}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe" -l0x40c /remove
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x40c /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
7-Zip 4.47 beta-->"C:\Documents and Settings\benhassaine\Bureau\yanis_tout\Rechi's Big Ballpack v.6\balls\7-Zip\Uninstall.exe"
ACID Pro 7.0-->MsiExec.exe /X{8BAC9DAB-9118-4D13-8CF4-78812CC4755C}
Adobe AIR-->C:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Apple Mobile Device Support-->MsiExec.exe /I{AA9768AA-FF0B-4C66-A085-31E934F77841}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Ashampoo WinOptimizer 6.01-->"C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\unins000.exe"
Ask Toolbar-->rundll32 C:\PROGRA~1\AskTBar\bar\1.bin\AskTBar.dll,O
Assistant de connexion Windows Live-->MsiExec.exe /I{8984E374-6C93-427C-A3B9-AD92472FDCA0}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
AVS DVDMenu Editor 1.2.1.19-->"C:\Program Files\Fichiers communs\AVSMedia\AVS DVDMenu Editor\unins000.exe"
AVS Video Tools 5.6-->"C:\Program Files\AVSMedia\VideoTools\unins000.exe"
Barre d'outils Outlook de Windows Live (Windows Live Toolbar)-->MsiExec.exe /X{6E15BEDF-7EB5-4010-998E-B430DB4EFE45}
Bloqueur de fenêtres pop-up (Windows Live Toolbar)-->MsiExec.exe /X{A425C250-A0E1-4D78-B1C1-A5CBC7385E7C}
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Canon Camera Support Core Library-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A1D0D14A-B776-4907-BC00-5149F2298086} /l1036
Canon Camera Window DC_DV 5 for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{001AB29C-5468-4972-8D24-2EBDB2B12133}
Canon Camera Window DS for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{6B8BDABA-6737-4998-AEE4-E218EDE5FC7A}
Canon Camera Window MC 5 for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{89EB3ED7-225A-412E-B048-623D502C000F}
Canon Internet Library for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{954BF446-BBC9-42CC-87A6-EBF0D55CA19A}
Canon PhotoRecord-->MsiExec.exe /X{6693BD7C-CB4E-43AC-A0D6-10D1A1B88DCF}
Canon RAW Image Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{44E24545-F317-4498-B7CD-240DE7BA8DE2}
Canon Utilities PhotoStitch 3.1-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{218BBBE3-FE63-4BB2-81A8-7435575A84FA}
Canon ZoomBrowser EX-->MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}
Cheat Engine 5.3-->"C:\Program Files\Cheat Engine\unins000.exe"
Choice Guard-->MsiExec.exe /I{EBD5E7A9-DBB8-4E24-AE3A-CF9390AF1CCB}
CM 03-04-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{F71C0208-1D32-439D-9257-F90F0BAACE6A} /l1036
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Creative MediaSource 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\SETUP.EXE" -l0x40c /remove
Creative Software AutoUpdate-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c /remove
Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{EFFCB0F1-CFEC-48D4-B793-EBFCAE852976}
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter-->C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DJ Mix Pro-->C:\Program Files\DJ Mix Pro\uninstall.exe
DJ Pofessionnel 2008 7.3.2.2-->"C:\djp\unins000.exe"
DkZ Studio-->MsiExec.exe /I{F656DC79-013A-4683-8692-B938FC00B941}
EA Download Manager-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{EF7E931D-DC84-471B-8DB6-A83358095474} /l1036
Ecran de Veille - Arctique-->C:\WINDOWS\unins000.exe
eMule-->"C:\Program Files\eMule\Uninstall.exe"
ENJOY Plus!-->"C:\Program Files\ENJOY Plus!\UnInstall.exe"
Entraîneur Cérébral 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CD3F86E2-7106-462F-B4B7-799B6FC44FFE}\setup.exe" -l0x40c -removeonly
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
FinePixViewer Ver.4.3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{24ED4D80-8294-11D5-96CD-0040266301AD}\SETUP.EXE"
FL Studio 7-->C:\Program Files\Image-Line\FL Studio 7\uninstall.exe
Flip Words-->"C:\Program Files\Gamenext\Flip Words\Uninstall.exe" "C:\Program Files\Gamenext\Flip Words\install.log"
FTP and Download helper 2.2.0.3-->"C:\Program Files\SoftwareDepo\unins000.exe"
FUJIFILM USB Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5490882C-6961-11D5-BAE5-00E0188E010B}\SETUP.EXE"
GIMP 2.4.2-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
honestech Video Editor-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5F56D88-56A2-4157-BED4-D650634974E3}\Setup.exe" -l0x9
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Image Zone 4.2-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 4.2-->"C:\Program Files\HP\Digital Imaging\{A1062847-0846-427A-92A1-BB8251A91E91}\setup\hpzscr01.exe" -datfile hposcr04.dat
HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe
iTunes-->MsiExec.exe /I{41B9E2CF-0B3F-442A-B5B3-592A4A355634}
IZArc 3.81-->"C:\Program Files\IZArc\unins000.exe"
J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 8-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150080}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
KhalSetup-->MsiExec.exe /I{EE7B9A8D-19F0-450D-8E94-3E391E6044CD}
Larousse Médical-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11DA34AE-A565-4659-86BE-11252557783F}\Setup.exe" -l0x40c
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Les Sims 2 : Nuits de Folie-->C:\Program Files\EA GAMES\Les Sims 2 Nuits de Folie\EAUninstall.exe
Les Sims 2 Académie-->C:\Program Files\EA GAMES\Les Sims 2 Académie\EAUninstall.exe
Les Sims 2 Fun en Famille Kit-->C:\Program Files\EA GAMES\Les Sims 2 Fun en Famille Kit\EAUninstall.exe
Les Sims 2 : La bonne affaire-->C:\Program Files\EA GAMES\Les Sims 2 La bonne affaire\EAUninstall.exe
Les Sims 2-->C:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe
Les Sims™ 2 Animaux & Cie-->C:\Program Files\EA GAMES\Les Sims 2 Animaux & Cie\EAUninstall.exe
Les Sims™ 2 H&M® Fashion Kit-->C:\Program Files\EA GAMES\Les Sims 2 H&M® Fashion Kit\EAUninstall.exe
Les Sims™ 2 IKEA® Home Design Kit-->C:\Program Files\EA GAMES\Les Sims 2 IKEA® Home Design Kit\EAUninstall.exe
Les Sims™ 2 Jour de fête ! Kit -->C:\Program Files\EA GAMES\Les Sims 2 Jour de fête ! Kit \EAUninstall.exe
Les Sims™ 2 Kit design Cuisine et Salle de bain-->C:\Program Files\EA GAMES\Les Sims 2 Kit design Cuisine et Salle de bain\EAUninstall.exe
Les Sims™ 2 Tout pour les ados Kit-->C:\Program Files\EA GAMES\Les Sims 2 Tout pour les ados Kit\EAUninstall.exe
Les Sims™ 2 Au fil des saisons-->C:\Program Files\EA GAMES\Les Sims 2 Au fil des saisons\EAUninstall.exe
Les Sims™ 2 Bon Voyage-->C:\Program Files\EA GAMES\Les Sims 2 Bon Voyage\EAUninstall.exe
LFP Manager 07-->C:\Program Files\EA SPORTS\LFP Manager 07\EAUninstall.exe
LimeWire 4.18.3-->"C:\Program Files\LimeWire\uninstall.exe"
Live 7.0.14-->C:\PROGRA~1\Ableton\LIVE70~1.14\Install\UNWISE.EXE C:\PROGRA~1\Ableton\LIVE70~1.14\Install\INSTALL.LOG
Logiciel QuickCam de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x40c
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.exe" -l0x40c UNINSTALL -removeonly
Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
Logitech SetPoint-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x40c -removeonly
Macrogaming SweetIM 2.1-->MsiExec.exe /X{502358FB-0718-45BC-B142-7511F1694D58}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Micro Application - Jeu de Tarot-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Micro Application\Jeu de Tarot\Uninst.isu"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN Polygamy 8.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{952DEE45-7C0B-4CDF-80B3-D14BE6B02678}\Setup.exe"
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Neuf - Kit de connexion-->C:\Program Files\Neuf\Kit\uninstall.exe
OneCare Advisor (Windows Live Toolbar)-->MsiExec.exe /X{6D7F8D4B-D1A4-402A-973E-31E90940E585}
ONES Trial (F)-->C:\WINDOWS\InZU31.exe /U:C:\Program Files\ONES Trial (F)\Uninstall.inz /L:f /K
NES(F)OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
OtsTurntables Free 1.00.012-->"C:\WINDOWS\OTS_UI.EXE" "C:\OtsLabs\OTSTT.osi"
overland-->MsiExec.exe /I{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}
Pro Evolution Soccer 6-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{EBB794ED-D282-4334-92FB-254481EFF514} /l1036
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Project64 1.6-->MsiExec.exe /X{9559F7CA-5E34-4237-A2D9-D856464AD727}
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Real dj system-->C:\WINDOWS\ST5UNST.EXE -n "C:\Program Files\Real dj system\ST5UNST.LOG"
Roxio MyDVD-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Roxio UDF Reader-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Security Update for Visio 2007 (KB947590)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
Sony Ericsson PC Suite 1.20.173-->MsiExec.exe /I{C5ADA65A-7828-4D85-B071-ECC52B51F794}
SopCast 2.0.4-->C:\Program Files\SopCast\uninst.exe
Sound Blaster Audigy-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}\SETUP.EXE" -l0x40c /remove
SpicyTools Video Converter 1.0-->C:\Program Files\SpicyTools Video Converter 1.0\uninst.exe
Spider-->"C:\Program Files\Spider\unins000.exe"
StuffPlug 3-->C:\Program Files\StuffPlug3\Uninstall.exe
SUDOKU - LE GRAND DEFI-->C:\WINDOWS\SUDOKU - LE GRAND DEFI Uninstaller.exe
SUPER © Version 2007.bld.23 (July 4, 2007)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
SweetIM For Internet Explorer 3.0b-->MsiExec.exe /X{F6D63A65-BD23-46F3-B9A3-87F442423481}
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Virtual DJ - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
Votre santé au quotidien-->C:\Program Files\Votre santé au quotidien\Uninstall\Uninstall.exe
Wave MP3 Editor v11.9.2 - Fully Functional Evaluation Version-->MsiExec.exe /I{AEC01EFA-2C3B-40F1-8F5B-AA49D2490979}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
======Security center information======
AV: AVG Anti-Virus Free
System event log
Computer Name: MARTINE
Event Code: 7036
Message: Le service Service Messenger Sharing Folders USN Journal Reader est entré dans l'état : en cours d'exécution.
Record Number: 211
Source Name: Service Control Manager
Time Written: 20081220114129.000000+060
Event Type: Informations
User:
Computer Name: MARTINE
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service Messenger Sharing Folders USN Journal Reader.
Record Number: 210
Source Name: Service Control Manager
Time Written: 20081220114129.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: MARTINE
Event Code: 7036
Message: Le service Gestionnaire de connexions d'accès distant est entré dans l'état : en cours d'exécution.
Record Number: 209
Source Name: Service Control Manager
Time Written: 20081220114001.000000+060
Event Type: Informations
User:
Computer Name: MARTINE
Event Code: 7036
Message: Le service Service de la passerelle de la couche Application est entré dans l'état : en cours d'exécution.
Record Number: 208
Source Name: Service Control Manager
Time Written: 20081220113958.000000+060
Event Type: Informations
User:
Computer Name: MARTINE
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service de la passerelle de la couche Application.
Record Number: 207
Source Name: Service Control Manager
Time Written: 20081220113958.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
Application event log
Computer Name: MARTINE
Event Code: 102
Message: msnmsgr (1408) \\.\C:\Documents and Settings\benhassaine\Local Settings\Application Data\Microsoft\Messenger\nissou07@live.fr\SharingMetadata\Working\database_3294_FC91_94FC_5935\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).
Record Number: 184
Source Name: ESENT
Time Written: 20090202004434.000000+060
Event Type: Informations
User:
Computer Name: MARTINE
Event Code: 100
Message: msnmsgr (1408) Le moteur de base de données 5.01.2600.5512 est démarré.
Record Number: 183
Source Name: ESENT
Time Written: 20090202004434.000000+060
Event Type: Informations
User:
Computer Name: MARTINE
Event Code: 101
Message: msnmsgr (2816) Le moteur de base de données est arrêté.
Record Number: 182
Source Name: ESENT
Time Written: 20090202004324.000000+060
Event Type: Informations
User:
Computer Name: MARTINE
Event Code: 103
Message: msnmsgr (2816) \\.\C:\Documents and Settings\benhassaine\Local Settings\Application Data\Microsoft\Messenger\nissou07@live.fr\SharingMetadata\Working\database_3294_FC91_94FC_5935\dfsr.db: Le moteur de base de données a arrêté une instance (0).
Record Number: 181
Source Name: ESENT
Time Written: 20090202004324.000000+060
Event Type: Informations
User:
Computer Name: MARTINE
Event Code: 704
Message: msnmsgr (2816) La défragmentation en ligne de la base de données '\\.\C:\Documents and Settings\benhassaine\Local Settings\Application Data\Microsoft\Messenger\nissou07@live.fr\SharingMetadata\Working\database_3294_FC91_94FC_5935\dfsr.db' a été interrompue et arrêtée. La prochaine fois qu'une défragmentation en ligne sera effectuée dans cette base de données, elle reprendra à l'endroit où elle a été interrompue.
Record Number: 180
Source Name: ESENT
Time Written: 20090202004323.000000+060
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\Teleca Shared;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0a00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
-----------------EOF-----------------
voilà le contenu log.txt
Logfile of random's system information tool 1.05 (written by random/random)
Run by benhassaine at 2009-01-16 14:46:47
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 37 GB (25%) free of 147 GB
Total RAM: 511 MB (18% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:47:48, on 16/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\AVG\AVG8\avgscanx.exe
C:\Documents and Settings\benhassaine\Bureau\RSIT.exe
C:\Program Files\trend micro\benhassaine.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.speedbit.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
R3 - URLSearchHook: PHPNukeFR Toolbar - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - C:\Program Files\PHPNukeFR\tbPHP0.dll (file missing)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: PHPNukeFR Toolbar - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - C:\Program Files\PHPNukeFR\tbPHP0.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: GamesBarBHO Class - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files\GamesBar\oberontb.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: PHPNukeFR Toolbar - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - C:\Program Files\PHPNukeFR\tbPHP0.dll (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Roxio\MyDVD\MyDVD\DetectorApp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [System Guards] C:\Program Files\SystemGuards.com\SystemGuards\SysGuards.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O9 - Extra 'Tools' menuitem: &Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://mafiakabyle.spaces.live.com/PhotoUpload/MsnPUpld...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\pivumuwe.dll,c:\windows\system32\fifitali.dll,avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 13338 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\RegistrySmart Scheduled Scan.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{258fe8b8-a13c-4b91-9a0c-c2d3cab8b990}]
PHPNukeFR Toolbar - C:\Program Files\PHPNukeFR\tbPHP0.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-12-23 455960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2005-08-26 118844]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-15 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-02-22 401968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-12-23 2055960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2007-08-06 2436160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CB0D163C-E9F4-4236-9496-0597E24B23A5}]
GamesBarBHO Class - C:\Program Files\GamesBar\oberontb.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-15 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-15 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-12-23 2055960]
{258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - PHPNukeFR Toolbar - C:\Program Files\PHPNukeFR\tbPHP0.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-15 136600]
"dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2005-08-26 122941]
"DetectorApp"=C:\Program Files\Roxio\MyDVD\MyDVD\DetectorApp.exe [2005-08-31 102400]
"ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-08-09 221184]
"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2004-08-09 81920]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-07-19 221184]
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2005-06-08 458752]
"LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2005-06-08 217088]
"REGSHAVE"=C:\Program Files\REGSHAVE\REGSHAVE.EXE [2002-02-04 53248]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744]
"CTSysVol"=C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe [2005-10-31 57344]
"P17Helper"=Rundll32 P17.dll []
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe []
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-12-23 1261336]
"System Guards"=C:\Program Files\SystemGuards.com\SystemGuards\SysGuards.exe []
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-09-10 289576]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"LogitechSoftwareUpdate"=C:\Program Files\Logitech\Video\ManifestEngine.exe [2005-06-08 196608]
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-07-22 67128]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe []
"SweetIM"=C:\Program Files\Macrogaming\SweetIM\SweetIM.exe [2008-01-02 103712]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []
"NoSpam"= []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autoconfigurateur WiFi Neuf]
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe [2006-07-06 122880]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"usnjsvc"=3
"USBDeviceService"=2
"SLService"=2
"Pml Driver HPZ12"=3
"IDriverT"=3
"gusvc"=3
"Creative Service for CDROM Access"=2
"AVGEMS"=2
"Avg7UpdSvc"=2
"Avg7Alrt"=2
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage
Démarrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Documents and Settings\benhassaine\Menu Démarrer\Programmes\Démarrage
Adobe Media Player.lnk - C:\Program Files\Adobe Media Player\Adobe Media Player.exe
OneNote 2007 - Capture d'écran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\WINDOWS\system32\pivumuwe.dll,c:\windows\system32\fifitali.dll,avgrsstx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*![:D]( ":D")
isabled:Logitech Desktop Messenger"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\MSN BackUp\MSNBackup.exe"="C:\Program Files\MSN BackUp\MSNBackup.exe:*:Enabled:MSN BackUp"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\Sports Interactive\Football Manager 2006\fm.exe"="C:\Program Files\Sports Interactive\Football Manager 2006\fm.exe:*:Enabled:Football Manager 2006"
"C:\Documents and Settings\benhassaine\Local Settings\Temp\ImInstaller\HiYo_Installer.exe"="C:\Documents and Settings\benhassaine\Local Settings\Temp\ImInstaller\HiYo_Installer.exe:*:Enabled:IncrediMail Installer"
"C:\Documents and Settings\benhassaine\Application Data\PowerChallenge\PowerSoccer\PowerSoccer.exe"="C:\Documents and Settings\benhassaine\Application Data\PowerChallenge\PowerSoccer\PowerSoccer.exe:*:Enabled![:p]( ":p")
owerSoccer"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\WINDOWS\system32\winlogon.exe"="C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Explorer"
"C:\WINDOWS\system32\spoolsv.exe"="C:\WINDOWS\system32\spoolsv.exe:*:Enabled:spoolsv"
"C:\Program Files\MSN Messenger\usnsvc.exe"="C:\Program Files\MSN Messenger\usnsvc.exe:*:Enabled:usnsvc"
"C:\WINDOWS\system32\lsass.exe"="C:\WINDOWS\system32\lsass.exe:*:Enabled:lsass"
"C:\WINDOWS\system32\services.exe"="C:\WINDOWS\system32\services.exe:*:Enabled:services"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe"="C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe:*:Enabled:VideoAccelerator"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2aa46dbc-0170-11dc-8d33-00110975e2e2}]
shell\AutoRun\command - K:\ReadMe.exe
======List of files/folders created in the last 3 months======
2009-03-16 11:06:43 ----SH---- C:\WINDOWS\system32\ugahukib.ini
2009-03-15 23:17:55 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2009-03-15 23:07:18 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton
2009-03-15 23:06:51 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\NortonInstaller
2009-03-15 21:14:09 ----D---- C:\Program Files\Adobe
2009-03-15 17:04:50 ----SH---- C:\WINDOWS\system32\eyotahif.ini
2009-03-14 13:58:04 ----SH---- C:\WINDOWS\system32\edenobod.ini
2009-03-13 18:29:02 ----SH---- C:\WINDOWS\system32\uhehoyes.ini
2009-03-12 19:29:58 ----SH---- C:\WINDOWS\system32\ahezovem.ini
2009-03-11 18:28:35 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg8
2009-03-11 11:52:06 ----SH---- C:\WINDOWS\system32\emotegip.ini
2009-03-11 11:35:47 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2009-03-10 23:50:32 ----SH---- C:\WINDOWS\system32\itulipin.ini
2009-03-10 11:50:05 ----SH---- C:\WINDOWS\system32\opitafah.ini
2009-03-08 11:07:20 ----N---- C:\WINDOWS\system32\avgrsstx.dll.install_backup
2009-03-07 21:22:17 ----D---- C:\Program Files\IZArc
2009-02-15 23:51:58 ----D---- C:\Program Files\Oberon Media
2009-02-15 23:51:58 ----D---- C:\Program Files\Fichiers communs\Oberon Media
2009-02-15 23:51:57 ----D---- C:\Program Files\Gamenext
2009-02-14 12:46:17 ----D---- C:\Documents and Settings\benhassaine\Application Data\PowerChallenge
2009-02-14 12:04:51 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-02-14 12:04:43 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2009-02-14 12:04:31 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-02-14 12:03:46 ----D---- C:\Program Files\MSXML 4.0
2009-02-04 22:57:54 ----D---- C:\Documents and Settings\benhassaine\Application Data\Atari
2009-02-04 22:57:05 ----D---- C:\Program Files\DkZ Update
2009-02-04 15:57:00 ----A---- C:\WINDOWS\eSellerateEngine.dll
2009-02-04 15:56:06 ----D---- C:\Program Files\MSN Content Plus Inc
2009-02-04 15:56:06 ----A---- C:\WINDOWS\MSNImport.exe
2009-02-02 03:11:56 ----D---- C:\Program Files\Microsoft
2009-02-02 03:06:23 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-01-23 17:04:15 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-01-16 13:39:41 ----D---- C:\Program Files\trend micro
2009-01-16 13:39:33 ----D---- C:\rsit
2009-01-15 23:20:05 ----A---- C:\WINDOWS\system32\MRT.exe
2009-01-15 23:19:46 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-15 23:19:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-01-15 23:18:58 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-01-15 23:16:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-01-15 23:15:40 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-01-15 19:42:22 ----D---- C:\Documents and Settings\benhassaine\Application Data\Malwarebytes
2009-01-15 19:42:11 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-15 19:42:11 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-01-15 18:32:44 ----A---- C:\cleannavi.txt
2009-01-15 17:17:28 ----A---- C:\fixnavi.txt
2009-01-15 16:13:06 ----A---- C:\lopR.txt
2009-01-15 16:12:48 ----D---- C:\Lop SD
2009-01-15 14:36:22 ----A---- C:\TB.txt
2009-01-15 14:35:48 ----D---- C:\ToolBar SD
2009-01-15 13:25:59 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-01-15 13:25:58 ----A---- C:\WINDOWS\system32\javaws.exe
2009-01-15 13:25:58 ----A---- C:\WINDOWS\system32\javaw.exe
2009-01-15 13:25:58 ----A---- C:\WINDOWS\system32\java.exe
2009-01-15 12:37:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-01-15 12:37:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2009-01-15 12:37:09 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2009-01-15 12:32:58 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-01-15 12:31:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-01-14 17:34:44 ----D---- C:\Program Files\EA GAMES
2009-01-12 20:23:23 ----D---- C:\Program Files\Spider
2009-01-09 19:37:37 ----A---- C:\MaGiStErIaL [http--fr.youtube.com-watchv=l7haB82fAio&feature=channel_page]_09_01_2009@19_34_08.wav
2009-01-05 20:37:56 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2009-01-05 20:36:43 ----D---- C:\Program Files\iPod
2009-01-05 20:36:20 ----D---- C:\Program Files\iTunes
2009-01-05 20:36:20 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-05 20:34:52 ----D---- C:\Program Files\Bonjour
2009-01-05 20:27:11 ----D---- C:\Program Files\Apple Software Update
2009-01-05 20:25:30 ----D---- C:\Program Files\Fichiers communs\Apple
2009-01-05 20:25:27 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
2009-01-05 20:17:43 ----A---- C:\WINDOWS\system32\DfSdkBt.exe
2009-01-05 20:17:35 ----D---- C:\Program Files\Ashampoo
2009-01-05 19:17:16 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ableton
2009-01-05 19:17:15 ----D---- C:\Documents and Settings\benhassaine\Application Data\Ableton
2009-01-05 19:11:26 ----A---- C:\WINDOWS\system32\REX Shared Library.dll
2009-01-05 19:10:17 ----D---- C:\Program Files\Ableton
2008-12-30 00:50:18 ----A---- C:\WINDOWS\system32\md5.dll
2008-12-30 00:50:01 ----D---- C:\Program Files\SystemGuards.com
2008-12-30 00:35:19 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\SpeedBit
2008-12-30 00:34:55 ----D---- C:\Program Files\DAP
2008-12-29 01:42:29 ----D---- C:\Program Files\Conduit
2008-12-29 01:35:07 ----D---- C:\Program Files\Sony
2008-12-29 01:32:55 ----D---- C:\Program Files\Sony Setup
2008-12-29 01:12:23 ----A---- C:\WINDOWS\system32\MMREGOCX.EXE
2008-12-29 01:12:20 ----D---- C:\Program Files\Real dj system
2008-12-29 01:08:13 ----D---- C:\Program Files\DJ Mix Pro
2008-12-29 01:04:17 ----D---- C:\djp
2008-12-29 01:00:56 ----D---- C:\OtsLabs
2008-12-29 00:32:52 ----D---- C:\Program Files\Audacity
2008-12-28 23:51:15 ----A---- C:\WINDOWS\system32\msvcr80.dll
2008-12-28 23:51:15 ----A---- C:\WINDOWS\system32\msvcp80.dll
2008-12-28 23:51:15 ----A---- C:\WINDOWS\system32\msvcm80.dll
2008-12-28 23:51:11 ----D---- C:\Program Files\MyXOFT
2008-12-23 11:38:54 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-12-23 11:38:36 ----D---- C:\Documents and Settings\benhassaine\Application Data\AVGTOOLBAR
2008-12-23 11:38:10 ----D---- C:\Program Files\AVG
2008-12-19 13:08:09 ----SH---- C:\WINDOWS\system32\olanerik.ini
2008-12-19 01:09:16 ----SH---- C:\WINDOWS\system32\osopazov.ini
2008-12-17 18:18:33 ----SH---- C:\WINDOWS\system32\akoweraf.ini
2008-12-16 18:35:05 ----A---- C:\WINDOWS\IE4 Error Log.txt
2008-12-16 18:20:18 ----SH---- C:\WINDOWS\system32\aridabuz.ini
2008-12-15 12:40:36 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Symantec
2008-12-15 11:23:58 ----SH---- C:\WINDOWS\system32\amesames.ini
======List of files/folders modified in the last 3 months======
2009-03-15 23:09:55 ----D---- C:\Documents and Settings
2009-03-15 22:36:55 ----D---- C:\Program Files\Eidos
2009-03-15 21:14:46 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
2009-03-11 20:33:57 ----D---- C:\WINDOWS\system32\config
2009-03-09 17:56:45 ----D---- C:\WINDOWS\network diagnostic
2009-03-05 15:52:01 ----D---- C:\Program Files\Windows Live
2009-03-05 15:43:41 ----D---- C:\Program Files\Cheat Engine
2009-02-26 09:32:30 ----D---- C:\Documents and Settings\benhassaine\Application Data\temp
2009-02-16 23:37:53 ----D---- C:\Documents and Settings\benhassaine\Application Data\LimeWire
2009-02-04 22:56:57 ----D---- C:\Program Files\DkZ Studio
2009-02-04 04:34:47 ----D---- C:\WINDOWS\Help
2009-02-03 01:31:38 ----SD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
2009-02-03 01:24:52 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-02-02 03:17:49 ----D---- C:\WINDOWS\system32\DirectX
2009-02-02 03:15:30 ----D---- C:\Program Files\Windows Live Toolbar
2009-01-16 14:47:53 ----D---- C:\WINDOWS\Temp
2009-01-16 14:45:26 ----D---- C:\Program Files\Saxo
2009-01-16 14:44:31 ----D---- C:\WINDOWS\Prefetch
2009-01-16 14:42:53 ----HD---- C:\$AVG8.VAULT$
2009-01-16 13:39:41 ----D---- C:\Program Files
2009-01-16 10:26:01 ----D---- C:\Program Files\Mozilla Firefox
2009-01-16 10:21:50 ----D---- C:\WINDOWS
2009-01-16 10:19:04 ----D---- C:\WINDOWS\system32
2009-01-16 10:19:03 ----HD---- C:\Config.Msi
2009-01-16 10:19:03 ----D---- C:\Program Files\Internet Explorer
2009-01-15 23:28:28 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-15 23:19:52 ----HD---- C:\WINDOWS\inf
2009-01-15 23:19:50 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-01-15 23:19:50 ----D---- C:\WINDOWS\system32\drivers
2009-01-15 23:19:44 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-15 23:19:40 ----A---- C:\WINDOWS\imsins.BAK
2009-01-15 23:19:13 ----D---- C:\WINDOWS\ie7updates
2009-01-15 23:16:45 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-15 23:15:44 ----RSD---- C:\WINDOWS\assembly
2009-01-15 23:13:38 ----SHD---- C:\WINDOWS\Installer
2009-01-15 23:13:34 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Help
2009-01-15 23:12:13 ----D---- C:\WINDOWS\Microsoft.NET
2009-01-15 23:02:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-01-15 23:01:53 ----D---- C:\WINDOWS\WinSxS
2009-01-15 22:30:15 ----D---- C:\Program Files\MSN Messenger
2009-01-15 16:45:21 ----SD---- C:\WINDOWS\Tasks
2009-01-15 15:58:51 ----D---- C:\Program Files\Fichiers communs
2009-01-15 13:25:21 ----D---- C:\Program Files\Java
2009-01-14 21:49:58 ----D---- C:\WINDOWS\Minidump
2009-01-14 17:21:06 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-10 09:08:21 ----A---- C:\crashAddress.txt
2009-01-06 21:16:46 ----AD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2009-01-05 20:39:47 ----D---- C:\Documents and Settings\benhassaine\Application Data\Apple Computer
2009-01-05 20:37:54 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-01-05 20:36:20 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2009-01-05 20:33:07 ----D---- C:\Program Files\QuickTime
2009-01-05 18:53:12 ----D---- C:\Program Files\eMule
2009-01-05 18:35:35 ----D---- C:\Program Files\VirtualDJ
2008-12-30 15:12:45 ----D---- C:\Program Files\StuffPlug3
2008-12-30 00:52:57 ----D---- C:\Program Files\SoftwareDepo
2008-12-29 00:32:22 ----RSD---- C:\WINDOWS\Fonts
2008-12-29 00:23:37 ----D---- C:\Fraps
2008-12-23 12:39:27 ----D---- C:\Program Files\Votre santé au quotidien
2008-12-23 12:27:52 ----D---- C:\Program Files\Larousse
2008-12-23 11:37:12 ----SD---- C:\Documents and Settings\benhassaine\Application Data\Microsoft
2008-12-23 11:16:32 ----SHD---- C:\System Volume Information
2008-12-22 15:45:57 ----D---- C:\Program Files\ipwins
2008-12-17 16:14:40 ----A---- C:\WINDOWS\system32\ReWire.dll
2008-12-16 18:48:00 ----A---- C:\WINDOWS\EurekaLog.ini
2008-12-15 23:07:29 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2008-12-13 07:37:56 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-10-23 13:36:51 ----A---- C:\WINDOWS\system32\gdi32.dll
2008-10-23 11:06:59 ----N---- C:\WINDOWS\system32\tzchange.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41856]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-12-23 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-12-23 26824]
R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2004-12-02 5627]
R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2004-12-02 23545]
R2 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-12-23 76040]
R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2004-12-23 40544]
R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2005-08-26 25725]
R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2005-08-26 34845]
R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2005-08-26 4125]
R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2005-08-26 2273]
R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2005-08-26 86812]
R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2005-08-26 15069]
R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2005-08-26 6365]
R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2005-08-26 98716]
R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2005-08-26 100605]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-08-19 701440]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2005-01-10 138752]
R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2006-03-28 13568]
R3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2006-03-28 55808]
R3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2006-03-28 69760]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2004-08-03 126686]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2005-01-10 106496]
R3 P17;Sound Blaster Audigy; C:\WINDOWS\system32\drivers\P17.sys [2005-07-07 1389056]
R3 Slntamr;Smart Link 56K Modem Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2004-08-03 404990]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2004-08-03 13240]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2004-04-14 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2004-04-14 44064]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 catchme;catchme; \??\C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-21 21744]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-01-31 22016]
S3 MRVW225;54M Wireless USB Adapter Dirver for Windows XP; C:\WINDOWS\system32\DRIVERS\MRVW225.sys [2005-12-21 299776]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2004-08-03 1309184]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NPF;Netgroup Packet Filter; C:\WINDOWS\system32\drivers\npf.sys []
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2004-08-03 180360]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2005-11-19 20096]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2005-01-31 211712]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2004-08-03 95424]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 w810bus;Sony Ericsson W810 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w810bus.sys [2006-02-20 58288]
S3 w810mdfl;Sony Ericsson W810 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w810mdfl.sys [2006-02-20 8336]
S3 w810mdm;Sony Ericsson W810 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w810mdm.sys [2006-02-20 94064]
S3 w810mgmt;Sony Ericsson W810 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w810mgmt.sys [2006-02-20 85408]
S3 w810obex;Sony Ericsson W810 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w810obex.sys [2006-02-20 83344]
S3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2004-04-14 21280]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2004-04-14 5600]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-10 116040]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-12-23 875288]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-12-23 231704]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-15 152984]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-09-10 536872]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 DfSdkS;Defragmentation-Service; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2008-12-22 410976]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-08-06 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032]
S4 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2008-04-14 73796]
S4 USBDeviceService;USBDeviceService; C:\Program Files\Roxio\MyDVD\MyDVD\USBDeviceService.exe [2005-08-31 90112]
S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
-----------------EOF-----------------
Logfile of random's system information tool 1.05 (written by random/random)
Run by benhassaine at 2009-01-16 14:46:47
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 37 GB (25%) free of 147 GB
Total RAM: 511 MB (18% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:47:48, on 16/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\AVG\AVG8\avgscanx.exe
C:\Documents and Settings\benhassaine\Bureau\RSIT.exe
C:\Program Files\trend micro\benhassaine.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.speedbit.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
R3 - URLSearchHook: PHPNukeFR Toolbar - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - C:\Program Files\PHPNukeFR\tbPHP0.dll (file missing)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: PHPNukeFR Toolbar - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - C:\Program Files\PHPNukeFR\tbPHP0.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: GamesBarBHO Class - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files\GamesBar\oberontb.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: PHPNukeFR Toolbar - {258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - C:\Program Files\PHPNukeFR\tbPHP0.dll (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Roxio\MyDVD\MyDVD\DetectorApp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [System Guards] C:\Program Files\SystemGuards.com\SystemGuards\SysGuards.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O9 - Extra 'Tools' menuitem: &Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://mafiakabyle.spaces.live.com/PhotoUpload/MsnPUpld...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\pivumuwe.dll,c:\windows\system32\fifitali.dll,avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 13338 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\RegistrySmart Scheduled Scan.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{258fe8b8-a13c-4b91-9a0c-c2d3cab8b990}]
PHPNukeFR Toolbar - C:\Program Files\PHPNukeFR\tbPHP0.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-12-23 455960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2005-08-26 118844]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-15 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-02-22 401968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-12-23 2055960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2007-08-06 2436160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CB0D163C-E9F4-4236-9496-0597E24B23A5}]
GamesBarBHO Class - C:\Program Files\GamesBar\oberontb.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-15 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-15 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-12-23 2055960]
{258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - PHPNukeFR Toolbar - C:\Program Files\PHPNukeFR\tbPHP0.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-15 136600]
"dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2005-08-26 122941]
"DetectorApp"=C:\Program Files\Roxio\MyDVD\MyDVD\DetectorApp.exe [2005-08-31 102400]
"ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-08-09 221184]
"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2004-08-09 81920]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-07-19 221184]
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2005-06-08 458752]
"LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2005-06-08 217088]
"REGSHAVE"=C:\Program Files\REGSHAVE\REGSHAVE.EXE [2002-02-04 53248]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744]
"CTSysVol"=C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe [2005-10-31 57344]
"P17Helper"=Rundll32 P17.dll []
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe []
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-12-23 1261336]
"System Guards"=C:\Program Files\SystemGuards.com\SystemGuards\SysGuards.exe []
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-09-10 289576]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"LogitechSoftwareUpdate"=C:\Program Files\Logitech\Video\ManifestEngine.exe [2005-06-08 196608]
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-07-22 67128]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe []
"SweetIM"=C:\Program Files\Macrogaming\SweetIM\SweetIM.exe [2008-01-02 103712]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []
"NoSpam"= []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autoconfigurateur WiFi Neuf]
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe [2006-07-06 122880]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"usnjsvc"=3
"USBDeviceService"=2
"SLService"=2
"Pml Driver HPZ12"=3
"IDriverT"=3
"gusvc"=3
"Creative Service for CDROM Access"=2
"AVGEMS"=2
"Avg7UpdSvc"=2
"Avg7Alrt"=2
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage
Démarrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Documents and Settings\benhassaine\Menu Démarrer\Programmes\Démarrage
Adobe Media Player.lnk - C:\Program Files\Adobe Media Player\Adobe Media Player.exe
OneNote 2007 - Capture d'écran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\WINDOWS\system32\pivumuwe.dll,c:\windows\system32\fifitali.dll,avgrsstx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*
isabled:Logitech Desktop Messenger""C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\MSN BackUp\MSNBackup.exe"="C:\Program Files\MSN BackUp\MSNBackup.exe:*:Enabled:MSN BackUp"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\Sports Interactive\Football Manager 2006\fm.exe"="C:\Program Files\Sports Interactive\Football Manager 2006\fm.exe:*:Enabled:Football Manager 2006"
"C:\Documents and Settings\benhassaine\Local Settings\Temp\ImInstaller\HiYo_Installer.exe"="C:\Documents and Settings\benhassaine\Local Settings\Temp\ImInstaller\HiYo_Installer.exe:*:Enabled:IncrediMail Installer"
"C:\Documents and Settings\benhassaine\Application Data\PowerChallenge\PowerSoccer\PowerSoccer.exe"="C:\Documents and Settings\benhassaine\Application Data\PowerChallenge\PowerSoccer\PowerSoccer.exe:*:Enabled
owerSoccer""C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\WINDOWS\system32\winlogon.exe"="C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Explorer"
"C:\WINDOWS\system32\spoolsv.exe"="C:\WINDOWS\system32\spoolsv.exe:*:Enabled:spoolsv"
"C:\Program Files\MSN Messenger\usnsvc.exe"="C:\Program Files\MSN Messenger\usnsvc.exe:*:Enabled:usnsvc"
"C:\WINDOWS\system32\lsass.exe"="C:\WINDOWS\system32\lsass.exe:*:Enabled:lsass"
"C:\WINDOWS\system32\services.exe"="C:\WINDOWS\system32\services.exe:*:Enabled:services"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe"="C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe:*:Enabled:VideoAccelerator"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2aa46dbc-0170-11dc-8d33-00110975e2e2}]
shell\AutoRun\command - K:\ReadMe.exe
======List of files/folders created in the last 3 months======
2009-03-16 11:06:43 ----SH---- C:\WINDOWS\system32\ugahukib.ini
2009-03-15 23:17:55 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2009-03-15 23:07:18 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton
2009-03-15 23:06:51 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\NortonInstaller
2009-03-15 21:14:09 ----D---- C:\Program Files\Adobe
2009-03-15 17:04:50 ----SH---- C:\WINDOWS\system32\eyotahif.ini
2009-03-14 13:58:04 ----SH---- C:\WINDOWS\system32\edenobod.ini
2009-03-13 18:29:02 ----SH---- C:\WINDOWS\system32\uhehoyes.ini
2009-03-12 19:29:58 ----SH---- C:\WINDOWS\system32\ahezovem.ini
2009-03-11 18:28:35 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg8
2009-03-11 11:52:06 ----SH---- C:\WINDOWS\system32\emotegip.ini
2009-03-11 11:35:47 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2009-03-10 23:50:32 ----SH---- C:\WINDOWS\system32\itulipin.ini
2009-03-10 11:50:05 ----SH---- C:\WINDOWS\system32\opitafah.ini
2009-03-08 11:07:20 ----N---- C:\WINDOWS\system32\avgrsstx.dll.install_backup
2009-03-07 21:22:17 ----D---- C:\Program Files\IZArc
2009-02-15 23:51:58 ----D---- C:\Program Files\Oberon Media
2009-02-15 23:51:58 ----D---- C:\Program Files\Fichiers communs\Oberon Media
2009-02-15 23:51:57 ----D---- C:\Program Files\Gamenext
2009-02-14 12:46:17 ----D---- C:\Documents and Settings\benhassaine\Application Data\PowerChallenge
2009-02-14 12:04:51 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-02-14 12:04:43 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2009-02-14 12:04:31 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-02-14 12:03:46 ----D---- C:\Program Files\MSXML 4.0
2009-02-04 22:57:54 ----D---- C:\Documents and Settings\benhassaine\Application Data\Atari
2009-02-04 22:57:05 ----D---- C:\Program Files\DkZ Update
2009-02-04 15:57:00 ----A---- C:\WINDOWS\eSellerateEngine.dll
2009-02-04 15:56:06 ----D---- C:\Program Files\MSN Content Plus Inc
2009-02-04 15:56:06 ----A---- C:\WINDOWS\MSNImport.exe
2009-02-02 03:11:56 ----D---- C:\Program Files\Microsoft
2009-02-02 03:06:23 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-01-23 17:04:15 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-01-16 13:39:41 ----D---- C:\Program Files\trend micro
2009-01-16 13:39:33 ----D---- C:\rsit
2009-01-15 23:20:05 ----A---- C:\WINDOWS\system32\MRT.exe
2009-01-15 23:19:46 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-15 23:19:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-01-15 23:18:58 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-01-15 23:16:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-01-15 23:15:40 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-01-15 19:42:22 ----D---- C:\Documents and Settings\benhassaine\Application Data\Malwarebytes
2009-01-15 19:42:11 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-15 19:42:11 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-01-15 18:32:44 ----A---- C:\cleannavi.txt
2009-01-15 17:17:28 ----A---- C:\fixnavi.txt
2009-01-15 16:13:06 ----A---- C:\lopR.txt
2009-01-15 16:12:48 ----D---- C:\Lop SD
2009-01-15 14:36:22 ----A---- C:\TB.txt
2009-01-15 14:35:48 ----D---- C:\ToolBar SD
2009-01-15 13:25:59 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-01-15 13:25:58 ----A---- C:\WINDOWS\system32\javaws.exe
2009-01-15 13:25:58 ----A---- C:\WINDOWS\system32\javaw.exe
2009-01-15 13:25:58 ----A---- C:\WINDOWS\system32\java.exe
2009-01-15 12:37:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-01-15 12:37:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2009-01-15 12:37:09 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2009-01-15 12:32:58 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-01-15 12:31:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-01-14 17:34:44 ----D---- C:\Program Files\EA GAMES
2009-01-12 20:23:23 ----D---- C:\Program Files\Spider
2009-01-09 19:37:37 ----A---- C:\MaGiStErIaL [http--fr.youtube.com-watchv=l7haB82fAio&feature=channel_page]_09_01_2009@19_34_08.wav
2009-01-05 20:37:56 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2009-01-05 20:36:43 ----D---- C:\Program Files\iPod
2009-01-05 20:36:20 ----D---- C:\Program Files\iTunes
2009-01-05 20:36:20 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-05 20:34:52 ----D---- C:\Program Files\Bonjour
2009-01-05 20:27:11 ----D---- C:\Program Files\Apple Software Update
2009-01-05 20:25:30 ----D---- C:\Program Files\Fichiers communs\Apple
2009-01-05 20:25:27 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
2009-01-05 20:17:43 ----A---- C:\WINDOWS\system32\DfSdkBt.exe
2009-01-05 20:17:35 ----D---- C:\Program Files\Ashampoo
2009-01-05 19:17:16 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ableton
2009-01-05 19:17:15 ----D---- C:\Documents and Settings\benhassaine\Application Data\Ableton
2009-01-05 19:11:26 ----A---- C:\WINDOWS\system32\REX Shared Library.dll
2009-01-05 19:10:17 ----D---- C:\Program Files\Ableton
2008-12-30 00:50:18 ----A---- C:\WINDOWS\system32\md5.dll
2008-12-30 00:50:01 ----D---- C:\Program Files\SystemGuards.com
2008-12-30 00:35:19 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\SpeedBit
2008-12-30 00:34:55 ----D---- C:\Program Files\DAP
2008-12-29 01:42:29 ----D---- C:\Program Files\Conduit
2008-12-29 01:35:07 ----D---- C:\Program Files\Sony
2008-12-29 01:32:55 ----D---- C:\Program Files\Sony Setup
2008-12-29 01:12:23 ----A---- C:\WINDOWS\system32\MMREGOCX.EXE
2008-12-29 01:12:20 ----D---- C:\Program Files\Real dj system
2008-12-29 01:08:13 ----D---- C:\Program Files\DJ Mix Pro
2008-12-29 01:04:17 ----D---- C:\djp
2008-12-29 01:00:56 ----D---- C:\OtsLabs
2008-12-29 00:32:52 ----D---- C:\Program Files\Audacity
2008-12-28 23:51:15 ----A---- C:\WINDOWS\system32\msvcr80.dll
2008-12-28 23:51:15 ----A---- C:\WINDOWS\system32\msvcp80.dll
2008-12-28 23:51:15 ----A---- C:\WINDOWS\system32\msvcm80.dll
2008-12-28 23:51:11 ----D---- C:\Program Files\MyXOFT
2008-12-23 11:38:54 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-12-23 11:38:36 ----D---- C:\Documents and Settings\benhassaine\Application Data\AVGTOOLBAR
2008-12-23 11:38:10 ----D---- C:\Program Files\AVG
2008-12-19 13:08:09 ----SH---- C:\WINDOWS\system32\olanerik.ini
2008-12-19 01:09:16 ----SH---- C:\WINDOWS\system32\osopazov.ini
2008-12-17 18:18:33 ----SH---- C:\WINDOWS\system32\akoweraf.ini
2008-12-16 18:35:05 ----A---- C:\WINDOWS\IE4 Error Log.txt
2008-12-16 18:20:18 ----SH---- C:\WINDOWS\system32\aridabuz.ini
2008-12-15 12:40:36 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Symantec
2008-12-15 11:23:58 ----SH---- C:\WINDOWS\system32\amesames.ini
======List of files/folders modified in the last 3 months======
2009-03-15 23:09:55 ----D---- C:\Documents and Settings
2009-03-15 22:36:55 ----D---- C:\Program Files\Eidos
2009-03-15 21:14:46 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
2009-03-11 20:33:57 ----D---- C:\WINDOWS\system32\config
2009-03-09 17:56:45 ----D---- C:\WINDOWS\network diagnostic
2009-03-05 15:52:01 ----D---- C:\Program Files\Windows Live
2009-03-05 15:43:41 ----D---- C:\Program Files\Cheat Engine
2009-02-26 09:32:30 ----D---- C:\Documents and Settings\benhassaine\Application Data\temp
2009-02-16 23:37:53 ----D---- C:\Documents and Settings\benhassaine\Application Data\LimeWire
2009-02-04 22:56:57 ----D---- C:\Program Files\DkZ Studio
2009-02-04 04:34:47 ----D---- C:\WINDOWS\Help
2009-02-03 01:31:38 ----SD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
2009-02-03 01:24:52 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-02-02 03:17:49 ----D---- C:\WINDOWS\system32\DirectX
2009-02-02 03:15:30 ----D---- C:\Program Files\Windows Live Toolbar
2009-01-16 14:47:53 ----D---- C:\WINDOWS\Temp
2009-01-16 14:45:26 ----D---- C:\Program Files\Saxo
2009-01-16 14:44:31 ----D---- C:\WINDOWS\Prefetch
2009-01-16 14:42:53 ----HD---- C:\$AVG8.VAULT$
2009-01-16 13:39:41 ----D---- C:\Program Files
2009-01-16 10:26:01 ----D---- C:\Program Files\Mozilla Firefox
2009-01-16 10:21:50 ----D---- C:\WINDOWS
2009-01-16 10:19:04 ----D---- C:\WINDOWS\system32
2009-01-16 10:19:03 ----HD---- C:\Config.Msi
2009-01-16 10:19:03 ----D---- C:\Program Files\Internet Explorer
2009-01-15 23:28:28 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-15 23:19:52 ----HD---- C:\WINDOWS\inf
2009-01-15 23:19:50 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-01-15 23:19:50 ----D---- C:\WINDOWS\system32\drivers
2009-01-15 23:19:44 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-15 23:19:40 ----A---- C:\WINDOWS\imsins.BAK
2009-01-15 23:19:13 ----D---- C:\WINDOWS\ie7updates
2009-01-15 23:16:45 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-15 23:15:44 ----RSD---- C:\WINDOWS\assembly
2009-01-15 23:13:38 ----SHD---- C:\WINDOWS\Installer
2009-01-15 23:13:34 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Help
2009-01-15 23:12:13 ----D---- C:\WINDOWS\Microsoft.NET
2009-01-15 23:02:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-01-15 23:01:53 ----D---- C:\WINDOWS\WinSxS
2009-01-15 22:30:15 ----D---- C:\Program Files\MSN Messenger
2009-01-15 16:45:21 ----SD---- C:\WINDOWS\Tasks
2009-01-15 15:58:51 ----D---- C:\Program Files\Fichiers communs
2009-01-15 13:25:21 ----D---- C:\Program Files\Java
2009-01-14 21:49:58 ----D---- C:\WINDOWS\Minidump
2009-01-14 17:21:06 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-10 09:08:21 ----A---- C:\crashAddress.txt
2009-01-06 21:16:46 ----AD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2009-01-05 20:39:47 ----D---- C:\Documents and Settings\benhassaine\Application Data\Apple Computer
2009-01-05 20:37:54 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-01-05 20:36:20 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2009-01-05 20:33:07 ----D---- C:\Program Files\QuickTime
2009-01-05 18:53:12 ----D---- C:\Program Files\eMule
2009-01-05 18:35:35 ----D---- C:\Program Files\VirtualDJ
2008-12-30 15:12:45 ----D---- C:\Program Files\StuffPlug3
2008-12-30 00:52:57 ----D---- C:\Program Files\SoftwareDepo
2008-12-29 00:32:22 ----RSD---- C:\WINDOWS\Fonts
2008-12-29 00:23:37 ----D---- C:\Fraps
2008-12-23 12:39:27 ----D---- C:\Program Files\Votre santé au quotidien
2008-12-23 12:27:52 ----D---- C:\Program Files\Larousse
2008-12-23 11:37:12 ----SD---- C:\Documents and Settings\benhassaine\Application Data\Microsoft
2008-12-23 11:16:32 ----SHD---- C:\System Volume Information
2008-12-22 15:45:57 ----D---- C:\Program Files\ipwins
2008-12-17 16:14:40 ----A---- C:\WINDOWS\system32\ReWire.dll
2008-12-16 18:48:00 ----A---- C:\WINDOWS\EurekaLog.ini
2008-12-15 23:07:29 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2008-12-13 07:37:56 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-10-23 13:36:51 ----A---- C:\WINDOWS\system32\gdi32.dll
2008-10-23 11:06:59 ----N---- C:\WINDOWS\system32\tzchange.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41856]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-12-23 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-12-23 26824]
R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2004-12-02 5627]
R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2004-12-02 23545]
R2 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-12-23 76040]
R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2004-12-23 40544]
R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2005-08-26 25725]
R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2005-08-26 34845]
R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2005-08-26 4125]
R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2005-08-26 2273]
R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2005-08-26 86812]
R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2005-08-26 15069]
R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2005-08-26 6365]
R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2005-08-26 98716]
R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2005-08-26 100605]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-08-19 701440]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2005-01-10 138752]
R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2006-03-28 13568]
R3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2006-03-28 55808]
R3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2006-03-28 69760]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2004-08-03 126686]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2005-01-10 106496]
R3 P17;Sound Blaster Audigy; C:\WINDOWS\system32\drivers\P17.sys [2005-07-07 1389056]
R3 Slntamr;Smart Link 56K Modem Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2004-08-03 404990]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2004-08-03 13240]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2004-04-14 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2004-04-14 44064]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 catchme;catchme; \??\C:\DOCUME~1\BENHAS~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-21 21744]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-01-31 22016]
S3 MRVW225;54M Wireless USB Adapter Dirver for Windows XP; C:\WINDOWS\system32\DRIVERS\MRVW225.sys [2005-12-21 299776]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2004-08-03 1309184]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NPF;Netgroup Packet Filter; C:\WINDOWS\system32\drivers\npf.sys []
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2004-08-03 180360]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2005-11-19 20096]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2005-01-31 211712]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2004-08-03 95424]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 w810bus;Sony Ericsson W810 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w810bus.sys [2006-02-20 58288]
S3 w810mdfl;Sony Ericsson W810 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w810mdfl.sys [2006-02-20 8336]
S3 w810mdm;Sony Ericsson W810 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w810mdm.sys [2006-02-20 94064]
S3 w810mgmt;Sony Ericsson W810 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w810mgmt.sys [2006-02-20 85408]
S3 w810obex;Sony Ericsson W810 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w810obex.sys [2006-02-20 83344]
S3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2004-04-14 21280]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2004-04-14 5600]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-10 116040]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-12-23 875288]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-12-23 231704]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-15 152984]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-09-10 536872]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 DfSdkS;Defragmentation-Service; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2008-12-22 410976]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-08-06 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032]
S4 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2008-04-14 73796]
S4 USBDeviceService;USBDeviceService; C:\Program Files\Roxio\MyDVD\MyDVD\USBDeviceService.exe [2005-08-31 90112]
S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
-----------------EOF-----------------
[#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]
Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
Il va te demander d'installer la console de récupération : accepte.
Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.
Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
voilà le rapport
ComboFix 09-01-15.01 - benhassaine 2009-01-16 20:01:37.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.511.78 [GMT 1:00]
Lancé depuis: c:\documents and settings\benhassaine\Bureau\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Outdated)
* Un nouveau point de restauration a été créé
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Fichiers communs\{34FC5~1
c:\program files\Fichiers communs\{94FC5~1
c:\program files\Fichiers communs\uninstall information
c:\program files\icroso~1.net
c:\program files\icroso~1.net\?icrosoft.NET\
c:\program files\ipwins
c:\program files\ipwins\pop13.tmp
c:\program files\outlook
c:\windows\IE4 Error Log.txt
c:\windows\msnimport.exe
c:\windows\system32\ahezovem.ini
c:\windows\system32\akoweraf.ini
c:\windows\system32\amesames.ini
c:\windows\system32\aridabuz.ini
c:\windows\system32\edenobod.ini
c:\windows\system32\emotegip.ini
c:\windows\system32\encapi32.dll
c:\windows\system32\eyotahif.ini
c:\windows\system32\itulipin.ini
c:\windows\system32\olanerik.ini
c:\windows\system32\opitafah.ini
c:\windows\system32\osopazov.ini
c:\windows\system32\poviwumi.dll
c:\windows\system32\ugahukib.ini
c:\windows\system32\uhehoyes.ini
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_NPF
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-16 au 2009-01-16 ))))))))))))))))))))))))))))))))))))
.
2009-03-15 23:17 . 2009-03-15 23:19 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Lavasoft
2009-03-15 23:07 . 2008-12-23 11:14 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Norton
2009-03-15 23:06 . 2009-03-15 23:06 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\NortonInstaller
2009-03-11 18:28 . 2008-12-23 11:38 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Avg8
2009-03-11 11:35 . 2009-03-11 20:32 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2009-03-08 11:07 . 2009-03-08 11:07 10,520 --------- c:\windows\system32\avgrsstx.dll.install_backup
2009-03-07 21:22 . 2009-03-07 21:22 <REP> d-------- c:\program files\IZArc
2009-03-07 11:50 . 2009-03-07 11:50 3,989,002 --a------ C:\rain_b_fever_3_Bilal_Feat_Sinik_&_Big_Ali_-_Bienvenue_Chez_Les_Bylka.MP3
2009-03-06 19:52 . 2009-03-06 19:52 149 --a------ c:\windows\system32\sys.xml
2009-02-16 20:48 . 2009-02-16 20:50 3,439,804 --a------ C:\Sheryfa_Luna_feat_Alibi_Montana_-_SI_tu_n_tais_plus_l_.flv.MP3
2009-02-15 23:51 . 2009-02-15 23:51 <REP> d-------- c:\program files\Oberon Media
2009-02-15 23:51 . 2009-02-15 23:51 <REP> d-------- c:\program files\Gamenext
2009-02-15 23:51 . 2009-02-15 23:51 <REP> d-------- c:\program files\Fichiers communs\Oberon Media
2009-02-14 12:46 . 2009-02-14 13:05 <REP> d-------- c:\documents and settings\benhassaine\Application Data\PowerChallenge
2009-02-14 12:03 . 2009-02-14 12:03 <REP> d-------- c:\program files\MSXML 4.0
2009-02-13 19:12 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2009-02-13 19:11 . 2008-09-04 18:16 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2009-02-04 22:57 . 2009-02-04 22:57 <REP> d-------- c:\program files\DkZ Update
2009-02-04 22:57 . 2009-02-04 22:57 <REP> d-------- c:\documents and settings\benhassaine\Application Data\Atari
2009-02-04 15:57 . 2009-02-04 15:57 360,580 --a------ c:\windows\eSellerateEngine.dll
2009-02-04 15:56 . 2009-02-04 15:56 <REP> d-------- c:\program files\MSN Content Plus Inc
2009-02-02 13:31 . 2009-03-05 15:30 <REP> d-------- c:\documents and settings\benhassaine\Tracing
2009-02-02 03:11 . 2009-02-02 03:11 <REP> d-------- c:\program files\Microsoft
2009-02-02 03:06 . 2009-02-02 03:06 <REP> d-------- c:\program files\Fichiers communs\Windows Live
2009-01-23 12:46 . 2008-10-15 17:35 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll
2009-01-20 17:03 . 2009-01-20 17:03 1,955,631 --a------ C:\BO_Cliente_Gigolo.MP3
2009-01-16 13:39 . 2009-01-16 13:40 <REP> d-------- C:\rsit
2009-01-16 13:39 . 2009-01-16 14:47 <REP> d-------- c:\program files\trend micro
2009-01-15 19:42 . 2009-01-15 19:42 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-15 19:42 . 2009-01-15 19:42 <REP> d-------- c:\documents and settings\benhassaine\Application Data\Malwarebytes
2009-01-15 19:42 . 2009-01-15 19:42 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-01-15 19:42 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-15 19:42 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-15 16:12 . 2009-01-15 16:49 <REP> d-------- C:\Lop SD
2009-01-15 14:35 . 2009-01-15 19:28 <REP> d-------- C:\ToolBar SD
2009-01-15 13:25 . 2009-01-15 13:25 410,984 --a------ c:\windows\system32\deploytk.dll
2009-01-15 05:03 . 2008-12-11 11:57 333,952 -----c--- c:\windows\system32\dllcache\srv.sys
2009-01-15 05:01 . 2008-09-15 16:26 1,846,528 -----c--- c:\windows\system32\dllcache\win32k.sys
2009-01-15 05:00 . 2008-08-14 14:23 2,191,232 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2009-01-15 05:00 . 2008-08-14 14:23 2,147,328 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-01-15 05:00 . 2008-08-14 14:23 2,068,096 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-01-15 05:00 . 2008-08-14 14:23 2,025,984 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2009-01-14 17:34 . 2009-01-14 22:37 <REP> d-------- c:\program files\EA GAMES
2009-01-12 22:11 . 2009-01-12 22:11 265,656 --a------ C:\MaGiStErIaL [si le racism est ta seul solution, choisi 1 otre option, je te rappel sur cet echequier nous ne somes ke des pions]_12_01_2009@22_04_27.wav
2009-01-12 20:23 . 2009-01-12 20:23 <REP> d-------- c:\program files\Spider
2009-01-09 19:37 . 2009-01-09 19:37 425,656 --a------ C:\MaGiStErIaL [http--fr.youtube.com-watchv=l7haB82fAio&feature=channel_page]_09_01_2009@19_34_08.wav
2009-01-05 20:37 . 2008-04-17 13:12 107,368 --a------ c:\windows\system32\GEARAspi.dll
2009-01-05 20:37 . 2008-04-17 13:12 15,464 --a------ c:\windows\system32\drivers\GEARAspiWDM.sys
2009-01-05 20:36 . 2009-01-05 20:37 <REP> d-------- c:\program files\iTunes
2009-01-05 20:36 . 2009-01-05 20:36 <REP> d-------- c:\program files\iPod
2009-01-05 20:36 . 2009-01-05 20:37 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-05 20:34 . 2009-01-05 20:34 <REP> d-------- c:\program files\Bonjour
2009-01-05 20:27 . 2009-01-05 20:27 <REP> d-------- c:\program files\Apple Software Update
2009-01-05 20:25 . 2009-01-05 20:32 <REP> d-------- c:\program files\Fichiers communs\Apple
2009-01-05 20:25 . 2009-01-05 20:25 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Apple
2009-01-05 20:17 . 2009-01-05 20:17 <REP> d-------- c:\program files\Ashampoo
2009-01-05 20:17 . 2008-12-22 10:18 33,632 --a------ c:\windows\system32\DfSdkBt.exe
2009-01-05 19:17 . 2009-01-05 19:17 <REP> d-------- c:\documents and settings\benhassaine\Application Data\Ableton
2009-01-05 19:17 . 2009-01-05 19:17 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Ableton
2009-01-05 19:11 . 2008-12-17 16:14 233,472 --a------ c:\windows\system32\REX Shared Library.dll
2009-01-05 19:10 . 2009-01-05 19:10 <REP> d-------- c:\program files\Ableton
2008-12-30 01:21 . 2008-12-30 01:37 132,594,552 --a------ C:\1sssd.flv.AVI
2008-12-30 01:03 . 2008-12-30 01:12 62,643,584 --a------ C:\65486560-russian.mature.rose.flv.AVI
2008-12-30 00:51 . 2001-04-20 02:28 28,672 --a------ c:\windows\system32\systray.ocx
2008-12-30 00:51 . 1999-08-29 04:15 7,716 --a------ c:\windows\system32\urlhist.tlb
2008-12-30 00:50 . 2008-12-30 00:50 <REP> d-------- c:\program files\SystemGuards.com
2008-12-30 00:50 . 2005-08-27 03:38 1,435,272 --a------ c:\windows\system32\Flash8.ocx
2008-12-30 00:50 . 2006-05-31 16:38 10,752 --a------ c:\windows\system32\md5.dll
2008-12-30 00:35 . 2009-01-06 21:17 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\SpeedBit
2008-12-30 00:34 . 2009-01-07 17:06 <REP> d-------- c:\program files\DAP
2008-12-29 14:38 . 2009-01-05 19:17 54,156 --ah----- c:\windows\QTFont.qfn
2008-12-29 14:38 . 2008-12-29 14:38 1,409 --a------ c:\windows\QTFont.for
2008-12-29 01:42 . 2008-12-29 01:42 <REP> d-------- c:\program files\Conduit
2008-12-29 01:35 . 2008-12-29 01:35 <REP> d-------- c:\program files\Sony
2008-12-29 01:32 . 2008-12-29 01:32 <REP> d-------- c:\program files\Sony Setup
2008-12-29 01:12 . 2008-12-29 01:15 <REP> d-------- c:\program files\Real dj system
2008-12-29 01:12 . 2002-04-16 09:15 2,670,080 --a------ c:\windows\system32\mmtoolsx2.OCX
2008-12-29 01:12 . 2001-01-20 17:14 428,032 --a------ c:\windows\system32\MMTypesX2.OCX
2008-12-29 01:12 . 2004-01-23 10:42 282,624 --a------ c:\windows\system32\ANIGif.ocx
2008-12-29 01:12 . 2001-01-21 20:01 63,488 --a------ c:\windows\system32\MMREGOCX.EXE
2008-12-29 01:12 . 2001-07-15 11:32 61,952 --a------ c:\windows\system32\midiio32.ocx
2008-12-29 01:12 . 2003-05-20 23:49 49,152 --a------ c:\windows\system32\tssDragDrop.ocx
2008-12-29 01:08 . 2008-12-29 01:08 <REP> d-------- c:\program files\DJ Mix Pro
2008-12-29 01:04 . 2008-12-29 01:05 <REP> d-------- C:\djp
2008-12-29 01:00 . 2008-12-29 01:00 <REP> d-------- C:\OtsLabs
2008-12-29 00:32 . 2008-12-29 00:32 <REP> d-------- c:\program files\Audacity
2008-12-28 23:51 . 2008-12-28 23:51 <REP> d-------- c:\program files\MyXOFT
2008-12-28 23:51 . 2008-12-29 00:16 <REP> d-------- c:\documents and settings\benhassaine\DSS DJ Data
2008-12-28 23:51 . 2006-12-01 22:03 626,688 --a------ c:\windows\system32\msvcr80.dll
2008-12-28 23:51 . 2006-12-01 22:03 548,864 --a------ c:\windows\system32\msvcp80.dll
2008-12-28 23:51 . 2006-12-02 06:22 479,232 --a------ c:\windows\system32\msvcm80.dll
2008-12-28 23:51 . 2006-12-01 22:03 1,869 --a------ c:\windows\system32\Microsoft.VC80.CRT.manifest
2008-12-26 19:17 . 2008-12-26 19:18 2,962,494 --a------ C:\I_Kissed_a_Girl_-_Katy_Perry.MP3
2008-12-23 11:38 . 2009-01-16 20:16 <REP> d-------- c:\windows\system32\drivers\Avg
2008-12-23 11:38 . 2008-12-23 11:38 <REP> d-------- c:\program files\AVG
2008-12-23 11:38 . 2009-01-13 18:41 <REP> d-------- c:\documents and settings\benhassaine\Application Data\AVGTOOLBAR
2008-12-23 11:38 . 2008-12-23 11:38 97,928 --a------ c:\windows\system32\drivers\avgldx86.sys
2008-12-23 11:38 . 2008-12-23 11:38 76,040 --a------ c:\windows\system32\drivers\avgtdix.sys
2008-12-23 11:38 . 2008-12-23 11:38 10,520 --a------ c:\windows\system32\avgrsstx.dll
2008-12-16 20:58 . 2008-12-16 20:59 3,898,305 --a------ C:\Sex and the City Final 2.MP3
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-15 21:36 --------- d-----w c:\program files\Eidos
2009-03-05 14:52 --------- d-----w c:\program files\Windows Live
2009-03-05 14:43 --------- d-----w c:\program files\Cheat Engine
2009-02-26 08:32 --------- d-----w c:\documents and settings\benhassaine\Application Data\temp
2009-02-16 22:37 --------- d-----w c:\documents and settings\benhassaine\Application Data\LimeWire
2009-02-04 21:56 --------- d-----w c:\program files\DkZ Studio
2009-02-02 02:15 --------- d-----w c:\program files\Windows Live Toolbar
2009-01-16 13:45 --------- d-----w c:\program files\Saxo
2009-01-15 22:13 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Microsoft Help
2009-01-15 21:30 --------- d-----w c:\program files\MSN Messenger
2009-01-15 12:25 --------- d-----w c:\program files\Java
2009-01-14 16:21 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-06 20:16 --------- d---a-w c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
2009-01-05 19:39 --------- d-----w c:\documents and settings\benhassaine\Application Data\Apple Computer
2009-01-05 19:36 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Apple Computer
2009-01-05 19:33 --------- d-----w c:\program files\QuickTime
2009-01-05 17:53 --------- d-----w c:\program files\eMule
2009-01-05 17:35 --------- d-----w c:\program files\VirtualDJ
2008-12-30 14:12 --------- d-----w c:\program files\StuffPlug3
2008-12-29 23:52 --------- d-----w c:\program files\SoftwareDepo
2008-12-23 11:39 --------- d-----w c:\program files\Votre santé au quotidien
2008-12-23 11:27 --------- d-----w c:\program files\Larousse
2008-12-15 11:40 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Symantec
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2006-05-03 09:06 163,328 --sh--r c:\windows\system32\flvDX.dll
2007-02-21 10:47 31,232 --sh--r c:\windows\system32\msfDX.dll
2008-06-14 10:34 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008061420080615\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2005-06-08 196608]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-07-22 67128]
"SweetIM"="c:\program files\Macrogaming\SweetIM\SweetIM.exe" [2008-01-02 103712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-15 136600]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2005-08-26 122941]
"DetectorApp"="c:\program files\Roxio\MyDVD\MyDVD\DetectorApp.exe" [2005-08-31 102400]
"ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-08-09 221184]
"ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-08-09 81920]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-06-08 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-06-08 217088]
"REGSHAVE"="c:\program files\REGSHAVE\REGSHAVE.EXE" [2002-02-04 53248]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 159744]
"CTSysVol"="c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-10-31 57344]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-12-23 1261336]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-09-10 289576]
"P17Helper"="P17.dll" [2005-05-03 c:\windows\system32\P17.dll]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\
D‚marrage rapide du logiciel HP Image Zone.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2004-05-28 53248]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-05-28 241664]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-07-22 67128]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2007-06-13 573440]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"msacm.l3codec"= l3codecp.acm
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ 'autocheck autochk *'
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autoconfigurateur WiFi Neuf]
--a------ 2006-07-06 21:32 122880 c:\program files\Neuf\Kit\WiFi\9wifi.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"usnjsvc"=3 (0x3)
"USBDeviceService"=2 (0x2)
"SLService"=2 (0x2)
"Pml Driver HPZ12"=3 (0x3)
"IDriverT"=3 (0x3)
"gusvc"=3 (0x3)
"Creative Service for CDROM Access"=2 (0x2)
"AVGEMS"=2 (0x2)
"Avg7UpdSvc"=2 (0x2)
"Avg7Alrt"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\benhassaine\\Application Data\\PowerChallenge\\PowerSoccer\\PowerSoccer.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\WINDOWS\\system32\\spoolsv.exe"=
"c:\\Program Files\\MSN Messenger\\usnsvc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R0 PzWDM;PzWDM;c:\windows\system32\drivers\PzWDM.sys [2008-06-02 15172]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-12-23 97928]
R4 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-12-23 875288]
R4 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-12-23 231704]
R4 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-12-23 76040]
S3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 6\DfSdkS.exe [2009-01-05 410976]
S3 MRVW225;54M Wireless USB Adapter Dirver for Windows XP;c:\windows\system32\drivers\MRVW225.sys [2007-06-24 299776]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2aa46dbc-0170-11dc-8d33-00110975e2e2}]
\Shell\AutoRun\command - K:\ReadMe.exe
.
Contenu du dossier 'Tâches planifiées'
2009-01-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
2009-01-10 c:\windows\Tasks\RegistrySmart Scheduled Scan.job
- c:\program files\RegistrySmart\RegistrySmart.exe []
2009-01-10 c:\windows\Tasks\RegistrySmart Scheduled Scan.job
- c:\program files\RegistrySmart []
.
- - - - ORPHELINS SUPPRIMES - - - -
URLSearchHooks-{258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - c:\program files\PHPNukeFR\tbPHP0.dll
BHO-{258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - c:\program files\PHPNukeFR\tbPHP0.dll
Toolbar-{258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - c:\program files\PHPNukeFR\tbPHP0.dll
WebBrowser-{258FE8B8-A13C-4B91-9A0C-C2D3CAB8B990} - c:\program files\PHPNukeFR\tbPHP0.dll
HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
HKCU-Run-NoSpam - (no file)
HKLM-Run-NBKeyScan - c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
HKLM-Run-System Guards - c:\program files\SystemGuards.com\SystemGuards\SysGuards.exe
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://search.speedbit.com/
mWindow Title =
uInternet Connection Wizard,ShellNext = iexplore
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2102473&SearchSource=3&q=
FF - prefs.js: browser.search.selectedEngine - PHPNukeFR Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MOMWA3&q=
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll
FF - plugin: c:\documents and settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\extensions\OberonGameHost@OberonGames.com\platform\WINNT_x86-msvc\plugins\npOberonGameHost.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npigl.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll
FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll
---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-16 20:13:59
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-1708537768-220523388-839522115-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_USERS\S-1-5-21-1708537768-220523388-839522115-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:77,a9,ec,20,3b,fc,49,5b,da,07,7b,62,b8,81,5a,0d,85,6f,59,a9,81,73,15,
eb,a1,61,83,13,24,5b,b2,d2,29,83,18,c6,fc,dc,fc,f8,35,2d,19,dc,07,f5,b2,9c,\
"??"=hex:89,37,79,be,fd,86,ca,52,f1,de,65,d7,9e,66,67,49
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\windows\system32\rundll32.exe
c:\program files\Fichiers communs\Teleca Shared\CapabilityManager.exe
c:\program files\Fichiers communs\Logitech\KhalShared\KHALMNPR.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Logitech\Video\FxSvr2.exe
c:\program files\HP\Digital Imaging\bin\hpqgalry.exe
c:\windows\system32\wscntfy.exe
c:\program files\Fichiers communs\Teleca Shared\Generic.exe
c:\program files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
.
**************************************************************************
.
Heure de fin: 2009-01-16 20:26:33 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-01-16 19:26:25
Avant-CF: 38 739 353 600 octets libres
Après-CF: 40,306,655,232 octets libres
WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect
353 --- E O F --- 2009-02-14 11:10:26
ComboFix 09-01-15.01 - benhassaine 2009-01-16 20:01:37.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.511.78 [GMT 1:00]
Lancé depuis: c:\documents and settings\benhassaine\Bureau\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Outdated)
* Un nouveau point de restauration a été créé
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Fichiers communs\{34FC5~1
c:\program files\Fichiers communs\{94FC5~1
c:\program files\Fichiers communs\uninstall information
c:\program files\icroso~1.net
c:\program files\icroso~1.net\?icrosoft.NET\
c:\program files\ipwins
c:\program files\ipwins\pop13.tmp
c:\program files\outlook
c:\windows\IE4 Error Log.txt
c:\windows\msnimport.exe
c:\windows\system32\ahezovem.ini
c:\windows\system32\akoweraf.ini
c:\windows\system32\amesames.ini
c:\windows\system32\aridabuz.ini
c:\windows\system32\edenobod.ini
c:\windows\system32\emotegip.ini
c:\windows\system32\encapi32.dll
c:\windows\system32\eyotahif.ini
c:\windows\system32\itulipin.ini
c:\windows\system32\olanerik.ini
c:\windows\system32\opitafah.ini
c:\windows\system32\osopazov.ini
c:\windows\system32\poviwumi.dll
c:\windows\system32\ugahukib.ini
c:\windows\system32\uhehoyes.ini
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_NPF
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-16 au 2009-01-16 ))))))))))))))))))))))))))))))))))))
.
2009-03-15 23:17 . 2009-03-15 23:19 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Lavasoft
2009-03-15 23:07 . 2008-12-23 11:14 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Norton
2009-03-15 23:06 . 2009-03-15 23:06 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\NortonInstaller
2009-03-11 18:28 . 2008-12-23 11:38 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Avg8
2009-03-11 11:35 . 2009-03-11 20:32 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2009-03-08 11:07 . 2009-03-08 11:07 10,520 --------- c:\windows\system32\avgrsstx.dll.install_backup
2009-03-07 21:22 . 2009-03-07 21:22 <REP> d-------- c:\program files\IZArc
2009-03-07 11:50 . 2009-03-07 11:50 3,989,002 --a------ C:\rain_b_fever_3_Bilal_Feat_Sinik_&_Big_Ali_-_Bienvenue_Chez_Les_Bylka.MP3
2009-03-06 19:52 . 2009-03-06 19:52 149 --a------ c:\windows\system32\sys.xml
2009-02-16 20:48 . 2009-02-16 20:50 3,439,804 --a------ C:\Sheryfa_Luna_feat_Alibi_Montana_-_SI_tu_n_tais_plus_l_.flv.MP3
2009-02-15 23:51 . 2009-02-15 23:51 <REP> d-------- c:\program files\Oberon Media
2009-02-15 23:51 . 2009-02-15 23:51 <REP> d-------- c:\program files\Gamenext
2009-02-15 23:51 . 2009-02-15 23:51 <REP> d-------- c:\program files\Fichiers communs\Oberon Media
2009-02-14 12:46 . 2009-02-14 13:05 <REP> d-------- c:\documents and settings\benhassaine\Application Data\PowerChallenge
2009-02-14 12:03 . 2009-02-14 12:03 <REP> d-------- c:\program files\MSXML 4.0
2009-02-13 19:12 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2009-02-13 19:11 . 2008-09-04 18:16 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2009-02-04 22:57 . 2009-02-04 22:57 <REP> d-------- c:\program files\DkZ Update
2009-02-04 22:57 . 2009-02-04 22:57 <REP> d-------- c:\documents and settings\benhassaine\Application Data\Atari
2009-02-04 15:57 . 2009-02-04 15:57 360,580 --a------ c:\windows\eSellerateEngine.dll
2009-02-04 15:56 . 2009-02-04 15:56 <REP> d-------- c:\program files\MSN Content Plus Inc
2009-02-02 13:31 . 2009-03-05 15:30 <REP> d-------- c:\documents and settings\benhassaine\Tracing
2009-02-02 03:11 . 2009-02-02 03:11 <REP> d-------- c:\program files\Microsoft
2009-02-02 03:06 . 2009-02-02 03:06 <REP> d-------- c:\program files\Fichiers communs\Windows Live
2009-01-23 12:46 . 2008-10-15 17:35 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll
2009-01-20 17:03 . 2009-01-20 17:03 1,955,631 --a------ C:\BO_Cliente_Gigolo.MP3
2009-01-16 13:39 . 2009-01-16 13:40 <REP> d-------- C:\rsit
2009-01-16 13:39 . 2009-01-16 14:47 <REP> d-------- c:\program files\trend micro
2009-01-15 19:42 . 2009-01-15 19:42 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-15 19:42 . 2009-01-15 19:42 <REP> d-------- c:\documents and settings\benhassaine\Application Data\Malwarebytes
2009-01-15 19:42 . 2009-01-15 19:42 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-01-15 19:42 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-15 19:42 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-15 16:12 . 2009-01-15 16:49 <REP> d-------- C:\Lop SD
2009-01-15 14:35 . 2009-01-15 19:28 <REP> d-------- C:\ToolBar SD
2009-01-15 13:25 . 2009-01-15 13:25 410,984 --a------ c:\windows\system32\deploytk.dll
2009-01-15 05:03 . 2008-12-11 11:57 333,952 -----c--- c:\windows\system32\dllcache\srv.sys
2009-01-15 05:01 . 2008-09-15 16:26 1,846,528 -----c--- c:\windows\system32\dllcache\win32k.sys
2009-01-15 05:00 . 2008-08-14 14:23 2,191,232 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2009-01-15 05:00 . 2008-08-14 14:23 2,147,328 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-01-15 05:00 . 2008-08-14 14:23 2,068,096 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-01-15 05:00 . 2008-08-14 14:23 2,025,984 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2009-01-14 17:34 . 2009-01-14 22:37 <REP> d-------- c:\program files\EA GAMES
2009-01-12 22:11 . 2009-01-12 22:11 265,656 --a------ C:\MaGiStErIaL [si le racism est ta seul solution, choisi 1 otre option, je te rappel sur cet echequier nous ne somes ke des pions]_12_01_2009@22_04_27.wav
2009-01-12 20:23 . 2009-01-12 20:23 <REP> d-------- c:\program files\Spider
2009-01-09 19:37 . 2009-01-09 19:37 425,656 --a------ C:\MaGiStErIaL [http--fr.youtube.com-watchv=l7haB82fAio&feature=channel_page]_09_01_2009@19_34_08.wav
2009-01-05 20:37 . 2008-04-17 13:12 107,368 --a------ c:\windows\system32\GEARAspi.dll
2009-01-05 20:37 . 2008-04-17 13:12 15,464 --a------ c:\windows\system32\drivers\GEARAspiWDM.sys
2009-01-05 20:36 . 2009-01-05 20:37 <REP> d-------- c:\program files\iTunes
2009-01-05 20:36 . 2009-01-05 20:36 <REP> d-------- c:\program files\iPod
2009-01-05 20:36 . 2009-01-05 20:37 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-05 20:34 . 2009-01-05 20:34 <REP> d-------- c:\program files\Bonjour
2009-01-05 20:27 . 2009-01-05 20:27 <REP> d-------- c:\program files\Apple Software Update
2009-01-05 20:25 . 2009-01-05 20:32 <REP> d-------- c:\program files\Fichiers communs\Apple
2009-01-05 20:25 . 2009-01-05 20:25 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Apple
2009-01-05 20:17 . 2009-01-05 20:17 <REP> d-------- c:\program files\Ashampoo
2009-01-05 20:17 . 2008-12-22 10:18 33,632 --a------ c:\windows\system32\DfSdkBt.exe
2009-01-05 19:17 . 2009-01-05 19:17 <REP> d-------- c:\documents and settings\benhassaine\Application Data\Ableton
2009-01-05 19:17 . 2009-01-05 19:17 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Ableton
2009-01-05 19:11 . 2008-12-17 16:14 233,472 --a------ c:\windows\system32\REX Shared Library.dll
2009-01-05 19:10 . 2009-01-05 19:10 <REP> d-------- c:\program files\Ableton
2008-12-30 01:21 . 2008-12-30 01:37 132,594,552 --a------ C:\1sssd.flv.AVI
2008-12-30 01:03 . 2008-12-30 01:12 62,643,584 --a------ C:\65486560-russian.mature.rose.flv.AVI
2008-12-30 00:51 . 2001-04-20 02:28 28,672 --a------ c:\windows\system32\systray.ocx
2008-12-30 00:51 . 1999-08-29 04:15 7,716 --a------ c:\windows\system32\urlhist.tlb
2008-12-30 00:50 . 2008-12-30 00:50 <REP> d-------- c:\program files\SystemGuards.com
2008-12-30 00:50 . 2005-08-27 03:38 1,435,272 --a------ c:\windows\system32\Flash8.ocx
2008-12-30 00:50 . 2006-05-31 16:38 10,752 --a------ c:\windows\system32\md5.dll
2008-12-30 00:35 . 2009-01-06 21:17 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\SpeedBit
2008-12-30 00:34 . 2009-01-07 17:06 <REP> d-------- c:\program files\DAP
2008-12-29 14:38 . 2009-01-05 19:17 54,156 --ah----- c:\windows\QTFont.qfn
2008-12-29 14:38 . 2008-12-29 14:38 1,409 --a------ c:\windows\QTFont.for
2008-12-29 01:42 . 2008-12-29 01:42 <REP> d-------- c:\program files\Conduit
2008-12-29 01:35 . 2008-12-29 01:35 <REP> d-------- c:\program files\Sony
2008-12-29 01:32 . 2008-12-29 01:32 <REP> d-------- c:\program files\Sony Setup
2008-12-29 01:12 . 2008-12-29 01:15 <REP> d-------- c:\program files\Real dj system
2008-12-29 01:12 . 2002-04-16 09:15 2,670,080 --a------ c:\windows\system32\mmtoolsx2.OCX
2008-12-29 01:12 . 2001-01-20 17:14 428,032 --a------ c:\windows\system32\MMTypesX2.OCX
2008-12-29 01:12 . 2004-01-23 10:42 282,624 --a------ c:\windows\system32\ANIGif.ocx
2008-12-29 01:12 . 2001-01-21 20:01 63,488 --a------ c:\windows\system32\MMREGOCX.EXE
2008-12-29 01:12 . 2001-07-15 11:32 61,952 --a------ c:\windows\system32\midiio32.ocx
2008-12-29 01:12 . 2003-05-20 23:49 49,152 --a------ c:\windows\system32\tssDragDrop.ocx
2008-12-29 01:08 . 2008-12-29 01:08 <REP> d-------- c:\program files\DJ Mix Pro
2008-12-29 01:04 . 2008-12-29 01:05 <REP> d-------- C:\djp
2008-12-29 01:00 . 2008-12-29 01:00 <REP> d-------- C:\OtsLabs
2008-12-29 00:32 . 2008-12-29 00:32 <REP> d-------- c:\program files\Audacity
2008-12-28 23:51 . 2008-12-28 23:51 <REP> d-------- c:\program files\MyXOFT
2008-12-28 23:51 . 2008-12-29 00:16 <REP> d-------- c:\documents and settings\benhassaine\DSS DJ Data
2008-12-28 23:51 . 2006-12-01 22:03 626,688 --a------ c:\windows\system32\msvcr80.dll
2008-12-28 23:51 . 2006-12-01 22:03 548,864 --a------ c:\windows\system32\msvcp80.dll
2008-12-28 23:51 . 2006-12-02 06:22 479,232 --a------ c:\windows\system32\msvcm80.dll
2008-12-28 23:51 . 2006-12-01 22:03 1,869 --a------ c:\windows\system32\Microsoft.VC80.CRT.manifest
2008-12-26 19:17 . 2008-12-26 19:18 2,962,494 --a------ C:\I_Kissed_a_Girl_-_Katy_Perry.MP3
2008-12-23 11:38 . 2009-01-16 20:16 <REP> d-------- c:\windows\system32\drivers\Avg
2008-12-23 11:38 . 2008-12-23 11:38 <REP> d-------- c:\program files\AVG
2008-12-23 11:38 . 2009-01-13 18:41 <REP> d-------- c:\documents and settings\benhassaine\Application Data\AVGTOOLBAR
2008-12-23 11:38 . 2008-12-23 11:38 97,928 --a------ c:\windows\system32\drivers\avgldx86.sys
2008-12-23 11:38 . 2008-12-23 11:38 76,040 --a------ c:\windows\system32\drivers\avgtdix.sys
2008-12-23 11:38 . 2008-12-23 11:38 10,520 --a------ c:\windows\system32\avgrsstx.dll
2008-12-16 20:58 . 2008-12-16 20:59 3,898,305 --a------ C:\Sex and the City Final 2.MP3
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-15 21:36 --------- d-----w c:\program files\Eidos
2009-03-05 14:52 --------- d-----w c:\program files\Windows Live
2009-03-05 14:43 --------- d-----w c:\program files\Cheat Engine
2009-02-26 08:32 --------- d-----w c:\documents and settings\benhassaine\Application Data\temp
2009-02-16 22:37 --------- d-----w c:\documents and settings\benhassaine\Application Data\LimeWire
2009-02-04 21:56 --------- d-----w c:\program files\DkZ Studio
2009-02-02 02:15 --------- d-----w c:\program files\Windows Live Toolbar
2009-01-16 13:45 --------- d-----w c:\program files\Saxo
2009-01-15 22:13 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Microsoft Help
2009-01-15 21:30 --------- d-----w c:\program files\MSN Messenger
2009-01-15 12:25 --------- d-----w c:\program files\Java
2009-01-14 16:21 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-06 20:16 --------- d---a-w c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
2009-01-05 19:39 --------- d-----w c:\documents and settings\benhassaine\Application Data\Apple Computer
2009-01-05 19:36 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Apple Computer
2009-01-05 19:33 --------- d-----w c:\program files\QuickTime
2009-01-05 17:53 --------- d-----w c:\program files\eMule
2009-01-05 17:35 --------- d-----w c:\program files\VirtualDJ
2008-12-30 14:12 --------- d-----w c:\program files\StuffPlug3
2008-12-29 23:52 --------- d-----w c:\program files\SoftwareDepo
2008-12-23 11:39 --------- d-----w c:\program files\Votre santé au quotidien
2008-12-23 11:27 --------- d-----w c:\program files\Larousse
2008-12-15 11:40 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Symantec
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2006-05-03 09:06 163,328 --sh--r c:\windows\system32\flvDX.dll
2007-02-21 10:47 31,232 --sh--r c:\windows\system32\msfDX.dll
2008-06-14 10:34 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008061420080615\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2005-06-08 196608]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-07-22 67128]
"SweetIM"="c:\program files\Macrogaming\SweetIM\SweetIM.exe" [2008-01-02 103712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-15 136600]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2005-08-26 122941]
"DetectorApp"="c:\program files\Roxio\MyDVD\MyDVD\DetectorApp.exe" [2005-08-31 102400]
"ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-08-09 221184]
"ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-08-09 81920]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-06-08 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-06-08 217088]
"REGSHAVE"="c:\program files\REGSHAVE\REGSHAVE.EXE" [2002-02-04 53248]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 159744]
"CTSysVol"="c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-10-31 57344]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-12-23 1261336]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-09-10 289576]
"P17Helper"="P17.dll" [2005-05-03 c:\windows\system32\P17.dll]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\
D‚marrage rapide du logiciel HP Image Zone.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2004-05-28 53248]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-05-28 241664]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-07-22 67128]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2007-06-13 573440]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"msacm.l3codec"= l3codecp.acm
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ 'autocheck autochk *'
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autoconfigurateur WiFi Neuf]
--a------ 2006-07-06 21:32 122880 c:\program files\Neuf\Kit\WiFi\9wifi.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"usnjsvc"=3 (0x3)
"USBDeviceService"=2 (0x2)
"SLService"=2 (0x2)
"Pml Driver HPZ12"=3 (0x3)
"IDriverT"=3 (0x3)
"gusvc"=3 (0x3)
"Creative Service for CDROM Access"=2 (0x2)
"AVGEMS"=2 (0x2)
"Avg7UpdSvc"=2 (0x2)
"Avg7Alrt"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\benhassaine\\Application Data\\PowerChallenge\\PowerSoccer\\PowerSoccer.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\WINDOWS\\system32\\spoolsv.exe"=
"c:\\Program Files\\MSN Messenger\\usnsvc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R0 PzWDM;PzWDM;c:\windows\system32\drivers\PzWDM.sys [2008-06-02 15172]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-12-23 97928]
R4 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-12-23 875288]
R4 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-12-23 231704]
R4 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-12-23 76040]
S3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 6\DfSdkS.exe [2009-01-05 410976]
S3 MRVW225;54M Wireless USB Adapter Dirver for Windows XP;c:\windows\system32\drivers\MRVW225.sys [2007-06-24 299776]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2aa46dbc-0170-11dc-8d33-00110975e2e2}]
\Shell\AutoRun\command - K:\ReadMe.exe
.
Contenu du dossier 'Tâches planifiées'
2009-01-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
2009-01-10 c:\windows\Tasks\RegistrySmart Scheduled Scan.job
- c:\program files\RegistrySmart\RegistrySmart.exe []
2009-01-10 c:\windows\Tasks\RegistrySmart Scheduled Scan.job
- c:\program files\RegistrySmart []
.
- - - - ORPHELINS SUPPRIMES - - - -
URLSearchHooks-{258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - c:\program files\PHPNukeFR\tbPHP0.dll
BHO-{258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - c:\program files\PHPNukeFR\tbPHP0.dll
Toolbar-{258fe8b8-a13c-4b91-9a0c-c2d3cab8b990} - c:\program files\PHPNukeFR\tbPHP0.dll
WebBrowser-{258FE8B8-A13C-4B91-9A0C-C2D3CAB8B990} - c:\program files\PHPNukeFR\tbPHP0.dll
HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
HKCU-Run-NoSpam - (no file)
HKLM-Run-NBKeyScan - c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
HKLM-Run-System Guards - c:\program files\SystemGuards.com\SystemGuards\SysGuards.exe
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://search.speedbit.com/
mWindow Title =
uInternet Connection Wizard,ShellNext = iexplore
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2102473&SearchSource=3&q=
FF - prefs.js: browser.search.selectedEngine - PHPNukeFR Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MOMWA3&q=
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll
FF - plugin: c:\documents and settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\extensions\OberonGameHost@OberonGames.com\platform\WINNT_x86-msvc\plugins\npOberonGameHost.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npigl.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll
FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll
---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-16 20:13:59
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-1708537768-220523388-839522115-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_USERS\S-1-5-21-1708537768-220523388-839522115-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:77,a9,ec,20,3b,fc,49,5b,da,07,7b,62,b8,81,5a,0d,85,6f,59,a9,81,73,15,
eb,a1,61,83,13,24,5b,b2,d2,29,83,18,c6,fc,dc,fc,f8,35,2d,19,dc,07,f5,b2,9c,\
"??"=hex:89,37,79,be,fd,86,ca,52,f1,de,65,d7,9e,66,67,49
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\windows\system32\rundll32.exe
c:\program files\Fichiers communs\Teleca Shared\CapabilityManager.exe
c:\program files\Fichiers communs\Logitech\KhalShared\KHALMNPR.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Logitech\Video\FxSvr2.exe
c:\program files\HP\Digital Imaging\bin\hpqgalry.exe
c:\windows\system32\wscntfy.exe
c:\program files\Fichiers communs\Teleca Shared\Generic.exe
c:\program files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
.
**************************************************************************
.
Heure de fin: 2009-01-16 20:26:33 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-01-16 19:26:25
Avant-CF: 38 739 353 600 octets libres
Après-CF: 40,306,655,232 octets libres
WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect
353 --- E O F --- 2009-02-14 11:10:26
- Fais un scan en ligne ici : http://webscanner.kaspersky.fr/ (Avec Internet Explorer)
- En bas à droite, clique sur Démarrer Online-scanner.
- Dans la nouvelle fenêtre qui s'affiche, clique sur J'accepte.
- Accepte les Contrôles ActiveX.
- Choisis Poste de travail pour le scan.
- Celui-ci terminé, sauvegarde (Choisis fichier texte) et poste le rapport.
- Pour t'aider à utiliser le scan en ligne : Tutoriel
Note : Si tu reçois le message La licence de Kaspersky On-line Scanner est périmée, va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte-toi sur le site de Kaspersky pour retenter le scan en ligne.
- En bas à droite, clique sur Démarrer Online-scanner.
- Dans la nouvelle fenêtre qui s'affiche, clique sur J'accepte.
- Accepte les Contrôles ActiveX.
- Choisis Poste de travail pour le scan.
- Celui-ci terminé, sauvegarde (Choisis fichier texte) et poste le rapport.
- Pour t'aider à utiliser le scan en ligne : Tutoriel
Note : Si tu reçois le message La licence de Kaspersky On-line Scanner est périmée, va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte-toi sur le site de Kaspersky pour retenter le scan en ligne.
voilà le rapport du scan
-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Saturday, January 17, 2009 5:39:12 PM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 3 (Build 2600)
Kaspersky On-line Scanner version : 5.0.84.2
Dernière mise à jour de la base antivirus Kaspersky : 17/01/2009
Enregistrements dans la base antivirus Kaspersky : 1467905
-------------------------------------------------------------------------------
Paramètres d'analyse:
Analyser avec la base antivirus suivante: standard
Analyser les archives: vrai
Analyser les bases de messagerie: vrai
Cible de l'analyse - Poste de travail:
C:\
E:\
F:\
G:\
H:\
I:\
J:\
Statistiques de l'analyse:
Total d'objets analysés: 155146
Nombre de virus trouvés: 1
Nombre d'objets infectés: 5 / 0
Nombre d'objets suspects: 0
Durée de l'analyse: 05:00:04
Nom de l'objet infecté / Nom du virus / Dernière action
C:\a269c32112cf2f09cdf63f\msxml4-KB927978-enu.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\QuickTime\Installer.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg8\emc\Log\emc.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg8\Log\avgcore.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg8\Log\avglng.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg8\Log\avgrs.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg8\Log\avgsched.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg8\Log\avgwd.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg8\Log\avgwdsvc.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg8\Log\commonpriv.log L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\cert8.db L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\content-prefs.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\cookies.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\downloads.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\formhistory.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\key3.db L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\parent.lock L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\permissions.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\places.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\places.sqlite-journal L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\search.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Application Data\Teleca\Telecalib\Logging\Application logs\SpecificUSB_log.txt L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Bureau\jeux_yanis\C11 Script Controler 1.33.rar/A installer chez vous/Controler 1.33.plsc/Huhu Ctrler 1.33.js Infecté : Backdoor.JS.Agent.a ignoré
C:\Documents and Settings\benhassaine\Bureau\jeux_yanis\C11 Script Controler 1.33.rar/A installer chez vous/Controler 1.33.plsc Infecté : Backdoor.JS.Agent.a ignoré
C:\Documents and Settings\benhassaine\Bureau\jeux_yanis\C11 Script Controler 1.33.rar RAR: infecté - 2 ignoré
C:\Documents and Settings\benhassaine\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\ApplicationHistory\hpqgalry.exe.cf8dd223.ini.inuse L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\urlclassifier3.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Temp\etilqs_vROZB1b6WvCeRgiOnQij L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Temp\hpodvd09.log L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Temp\~DF7CF7.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Mes documents\YANIS\A installer chez vous\Controler 1.33.plsc/Huhu Ctrler 1.33.js Infecté : Backdoor.JS.Agent.a ignoré
C:\Documents and Settings\benhassaine\Mes documents\YANIS\A installer chez vous\Controler 1.33.plsc ZIP: infecté - 1 ignoré
C:\Documents and Settings\benhassaine\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\NTUSER.DAT.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService.AUTORITE NT\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService.AUTORITE NT\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService.AUTORITE NT\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService.AUTORITE NT\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService.AUTORITE NT\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Program Files\HP\hpcoretech\hpcmerr.log L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\chandir.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\chandir.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\chn.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\chn.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\D0000000.FCS L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\inuse.txt L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\L0000002.FCS L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\main.log L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\prs.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\prs.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\prs_die.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\prs_die.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\prs_dnd.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\prs_dnd.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\prs_ext.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\prs_ext.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\prs_rcv.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\prs_rcv.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\storydb.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\storydb.idx L'objet est verrouillé ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP558\change.log L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\ODiag.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\OSession.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\Temp\Perflib_Perfdata_758.dat L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
Analyse terminée.
-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Saturday, January 17, 2009 5:39:12 PM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 3 (Build 2600)
Kaspersky On-line Scanner version : 5.0.84.2
Dernière mise à jour de la base antivirus Kaspersky : 17/01/2009
Enregistrements dans la base antivirus Kaspersky : 1467905
-------------------------------------------------------------------------------
Paramètres d'analyse:
Analyser avec la base antivirus suivante: standard
Analyser les archives: vrai
Analyser les bases de messagerie: vrai
Cible de l'analyse - Poste de travail:
C:\
E:\
F:\
G:\
H:\
I:\
J:\
Statistiques de l'analyse:
Total d'objets analysés: 155146
Nombre de virus trouvés: 1
Nombre d'objets infectés: 5 / 0
Nombre d'objets suspects: 0
Durée de l'analyse: 05:00:04
Nom de l'objet infecté / Nom du virus / Dernière action
C:\a269c32112cf2f09cdf63f\msxml4-KB927978-enu.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\QuickTime\Installer.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg8\emc\Log\emc.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg8\Log\avgcore.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg8\Log\avglng.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg8\Log\avgrs.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg8\Log\avgsched.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg8\Log\avgwd.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg8\Log\avgwdsvc.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg8\Log\commonpriv.log L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\cert8.db L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\content-prefs.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\cookies.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\downloads.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\formhistory.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\key3.db L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\parent.lock L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\permissions.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\places.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\places.sqlite-journal L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\search.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Application Data\Teleca\Telecalib\Logging\Application logs\SpecificUSB_log.txt L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Bureau\jeux_yanis\C11 Script Controler 1.33.rar/A installer chez vous/Controler 1.33.plsc/Huhu Ctrler 1.33.js Infecté : Backdoor.JS.Agent.a ignoré
C:\Documents and Settings\benhassaine\Bureau\jeux_yanis\C11 Script Controler 1.33.rar/A installer chez vous/Controler 1.33.plsc Infecté : Backdoor.JS.Agent.a ignoré
C:\Documents and Settings\benhassaine\Bureau\jeux_yanis\C11 Script Controler 1.33.rar RAR: infecté - 2 ignoré
C:\Documents and Settings\benhassaine\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\ApplicationHistory\hpqgalry.exe.cf8dd223.ini.inuse L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\urlclassifier3.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Temp\etilqs_vROZB1b6WvCeRgiOnQij L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Temp\hpodvd09.log L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Temp\~DF7CF7.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\Mes documents\YANIS\A installer chez vous\Controler 1.33.plsc/Huhu Ctrler 1.33.js Infecté : Backdoor.JS.Agent.a ignoré
C:\Documents and Settings\benhassaine\Mes documents\YANIS\A installer chez vous\Controler 1.33.plsc ZIP: infecté - 1 ignoré
C:\Documents and Settings\benhassaine\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\benhassaine\NTUSER.DAT.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService.AUTORITE NT\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService.AUTORITE NT\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService.AUTORITE NT\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService.AUTORITE NT\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService.AUTORITE NT\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Program Files\HP\hpcoretech\hpcmerr.log L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\chandir.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\chandir.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\chn.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\chn.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\D0000000.FCS L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\inuse.txt L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\L0000002.FCS L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\main.log L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\prs.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\prs.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\prs_die.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\prs_die.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\prs_dnd.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\prs_dnd.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\prs_ext.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\prs_ext.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\prs_rcv.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\prs_rcv.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\storydb.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\benhassaine\Data\storydb.idx L'objet est verrouillé ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP558\change.log L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\ODiag.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\OSession.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\Temp\Perflib_Perfdata_758.dat L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
Analyse terminée.
Citation :
C:\Documents and Settings\benhassaine\Bureau\jeux_yanis\C11 Script Controler 1.33.rar/A installer chez vous/Controler 1.33.plsc/Huhu Ctrler 1.33.js => Backdoor.JS.Agent.aC:\Documents and Settings\benhassaine\Bureau\jeux_yanis\C11 Script Controler 1.33.rar/A installer chez vous/Controler 1.33.plsc => Backdoor.JS.Agent.a
C:\Documents and Settings\benhassaine\Mes documents\YANIS\A installer chez vous\Controler 1.33.plsc/Huhu Ctrler 1.33.js => Backdoor.JS.Agent.a
---> C'est bien le script MSN Plus pour contrôler le PC de ton contact ?
Fais un scan avec le logiciel suivant et poste le rapport si tu peux en avoir un :
http://www.clubic.com/lancer-le-telechargement-279068-0...
http://www.clubic.com/lancer-le-telechargement-279068-0...
voilà le rapport du scan
Version - a-squared Free 4.0
Dernière mise à jour : 17/01/2009 19:42:31
Paramètres des balayages :
Éléments : Mémoire, Traces, Cookies, C:\
Balaye dans les archives : Marche
Analyse heuristique : Marche
Balaye dans les ADS : Marche
Début du balayage : 17/01/2009 19:42:58
c:\program files\macrogaming\sweetim Objets détectés : Trace.Directory.Sweet IM!A2
c:\program files\macrogaming\sweetim\conf Objets détectés : Trace.Directory.Sweet IM!A2
c:\program files\macrogaming\sweetim\conf\users Objets détectés : Trace.Directory.Sweet IM!A2
c:\program files\macrogaming\sweetim\data Objets détectés : Trace.Directory.Sweet IM!A2
c:\program files\macrogaming\sweetim\data\contentdb Objets détectés : Trace.Directory.Sweet IM!A2
c:\program files\macrogaming\sweetim\logs Objets détectés : Trace.Directory.Sweet IM!A2
c:\program files\macrogaming\sweetim\update Objets détectés : Trace.Directory.Sweet IM!A2
c:\program files\macrogaming\sweetimbarforie Objets détectés : Trace.Directory.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\cache Objets détectés : Trace.Directory.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetim\conf\adapter.xml Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\conf\autoupdate.xml Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\conf\logger.xml Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\conf\messages.xml Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\conf\sweetim.xml Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\conf\sweetimapp.xml Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\conf\users\main_user_config.xml Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\data\contentdb\cache_indx.dat Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\default.xml Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgadaptersproxy.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgarchive.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgcommon.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgcommunication.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgconfig.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgflashplayer.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mghooking.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgieplayer.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mglogger.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgmediaplayer.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgmsnauto.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgmsnmessengeradapter.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgsweetim.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgupdatesupport.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgxml_wrapper.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgyahooauto.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgyahoomessengeradapter.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\sweetim.exe Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetimbarforie\affid.dat Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\basis.xml Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\bookmarks_23x18.bmp Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\cache\cd2005c66fba47ff715ecc444d3bc1fb.xml Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\email_23x18.bmp Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\games_23x18.bmp Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\greetingcards_23x18.bmp Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\mobile_23x18.bmp Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\music_23x18.bmp Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\news_23x18.bmp Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\shoping_23x18.bmp Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\smileysmile.bmp Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\smileywink.bmp Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\sweetimicons.bmp Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\toolbar.crc Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\toolbar.xml Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\version.txt Objets détectés : Trace.File.SweetIMBarForIE!A2
Value: HKEY_CLASSES_ROOT\CLSID\{394011F0-6D5C-42a3-96C6-24B9AD6B010C}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Shareaza Lite!A2
Value: HKEY_CLASSES_ROOT\CLSID\{591A5CFF-3172-4020-A067-238542DDE9C2}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Shareaza Lite!A2
Value: HKEY_CLASSES_ROOT\CLSID\{9AA8DF47-B8FE-47da-AB1A-2DAA0DA0B646}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Shareaza Lite!A2
Value: HKEY_CLASSES_ROOT\CLSID\{A4F1E383-B493-4580-8DB6-5CC89CBAAC53}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Shareaza Lite!A2
Value: HKEY_CLASSES_ROOT\CLSID\{BF00DBCC-90A2-4f46-8171-7D4F929D035F}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Shareaza Lite!A2
Value: HKEY_CLASSES_ROOT\CLSID\{C3B7B25C-6B8B-481A-BC48-59F9A6F7B69A}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Shareaza Lite!A2
Value: HKEY_CLASSES_ROOT\CLSID\{D07E630D-A850-4f11-AD29-3D3848B67EFE}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Shareaza Lite!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{394011F0-6D5C-42a3-96C6-24B9AD6B010C}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Shareaza Lite!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{591A5CFF-3172-4020-A067-238542DDE9C2}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Shareaza Lite!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9AA8DF47-B8FE-47da-AB1A-2DAA0DA0B646}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Shareaza Lite!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4F1E383-B493-4580-8DB6-5CC89CBAAC53}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Shareaza Lite!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF00DBCC-90A2-4f46-8171-7D4F929D035F}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Shareaza Lite!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3B7B25C-6B8B-481A-BC48-59F9A6F7B69A}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Shareaza Lite!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D07E630D-A850-4f11-AD29-3D3848B67EFE}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Shareaza Lite!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Macrogaming\SweetIM --> InstallDir Objets détectés : Trace.Registry.Sweet IM!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Macrogaming\SweetIM --> simapp_id Objets détectés : Trace.Registry.Sweet IM!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar --> {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> AuthorizedCDFPrefix Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> Comments Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> Contact Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> DisplayName Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> DisplayVersion Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> EstimatedSize Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> HelpLink Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> HelpTelephone Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> InstallDate Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> InstallLocation Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> InstallSource Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> Language Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> ModifyPath Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> NoModify Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> Publisher Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> Readme Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> Size Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> UninstallString Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> URLInfoAbout Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> URLUpdateInfo Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> Version Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> VersionMajor Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> VersionMinor Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> WindowsInstaller Objets détectés : Trace.Registry.SweetIMBarForIE!A2
c:\program files\macrogaming Objets détectés : Trace.Directory.SweetIM For Internet Explorer 3.0!A2
c:\program files\macrogaming\sweetimbarforie\thumbs.db Objets détectés : Trace.File.SweetIM For Internet Explorer 3.0!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders --> C:\Program Files\Macrogaming\SweetIMBarForIE\ Objets détectés : Trace.Registry.SweetIM For Internet Explorer 3.0!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders --> C:\Program Files\Macrogaming\SweetIMBarForIE\Cache\ Objets détectés : Trace.Registry.SweetIM For Internet Explorer 3.0!A2
c:\windows\bbstore\dss\dssagent.exe Objets détectés : Trace.File.DSSAgent!A2
c:\windows\system32\cgziplibrary.dll Objets détectés : Trace.File.Max Net Shield!A2
c:\windows\system32\urlhist.tlb Objets détectés : Trace.File.MyNabyoo!A2
c:\windows\system32\armaccess.dll Objets détectés : Trace.File.NGC ActiveSpy XP!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ST5UNST #1 --> ApplicationName Objets détectés : Trace.Registry.Autumn Waterfalls Screen Saver!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ST5UNST #1 --> AppToUninstall Objets détectés : Trace.Registry.Autumn Waterfalls Screen Saver!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ST5UNST #1 --> DisplayName Objets détectés : Trace.Registry.Autumn Waterfalls Screen Saver!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ST5UNST #1 --> UninstallString Objets détectés : Trace.Registry.Autumn Waterfalls Screen Saver!A2
Key: HKEY_CLASSES_ROOT\.bad Objets détectés : Trace.Registry.Beast
Value: HKEY_CLASSES_ROOT\CLSID\{79731811-6B9A-4DF0-92CF-991C37D2BCED}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Chat Watch 5.0!A2
Value: HKEY_CLASSES_ROOT\CLSID\{BEEB3409-33FB-493F-AD14-37A2D0329547}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Chat Watch 5.0!A2
Value: HKEY_CLASSES_ROOT\CLSID\{FA525B35-1E10-4747-8CD2-4C837A6F014D}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Chat Watch 5.0!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{79731811-6B9A-4DF0-92CF-991C37D2BCED}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Chat Watch 5.0!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEEB3409-33FB-493F-AD14-37A2D0329547}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Chat Watch 5.0!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA525B35-1E10-4747-8CD2-4C837A6F014D}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Chat Watch 5.0!A2
Key: HKEY_USERS\S-1-5-21-1708537768-220523388-839522115-1004\software\kazaa Objets détectés : Trace.Registry.KaZaA!A2
Value: HKEY_CLASSES_ROOT\CLSID\{293364AE-43F8-11D3-BC2D-4000000A2806}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Max Net Shield!A2
Value: HKEY_CLASSES_ROOT\CLSID\{293364BA-43F8-11D3-BC2D-4000000A2806}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Max Net Shield!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{293364AE-43F8-11D3-BC2D-4000000A2806}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Max Net Shield!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{293364BA-43F8-11D3-BC2D-4000000A2806}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Max Net Shield!A2
Value: HKEY_CLASSES_ROOT\CLSID\{A25E2A7C-2EB6-447A-B9A8-074FD2DE6BA8}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Net Spy Pro 4.0!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A25E2A7C-2EB6-447A-B9A8-074FD2DE6BA8}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Net Spy Pro 4.0!A2
C:\Documents and Settings\benhassaine\Cookies\benhassaine@247realmedia[1].txt Objets détectés : Trace.TrackingCookie.247realmedia!A2
C:\Documents and Settings\benhassaine\Cookies\benhassaine@adserver.alyzamedia[1].txt Objets détectés : Trace.TrackingCookie.adserv!A2
C:\Documents and Settings\benhassaine\Cookies\benhassaine@adserver.alyzamedia[1].txt Objets détectés : Trace.TrackingCookie.adserver!A2
C:\Documents and Settings\benhassaine\Cookies\benhassaine@adserver.aol[2].txt Objets détectés : Trace.TrackingCookie.adserv!A2
C:\Documents and Settings\benhassaine\Cookies\benhassaine@adserver.aol[2].txt Objets détectés : Trace.TrackingCookie.adserver!A2
C:\Documents and Settings\benhassaine\Cookies\benhassaine@com[2].txt Objets détectés : Trace.TrackingCookie.com!A2
C:\Documents and Settings\benhassaine\Cookies\benhassaine@incredimail[2].txt Objets détectés : Trace.TrackingCookie.incredimail!A2
C:\Documents and Settings\benhassaine\Cookies\benhassaine@media6degrees[2].txt Objets détectés : Trace.TrackingCookie.media!A2
C:\Documents and Settings\benhassaine\Cookies\benhassaine@mediatis[2].txt Objets détectés : Trace.TrackingCookie.media!A2
C:\Documents and Settings\benhassaine\Cookies\benhassaine@windowsmedia[1].txt Objets détectés : Trace.TrackingCookie.windowsmedia!A2
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\cookies.sqlite:1237198989017758 Objets détectés : Trace.TrackingCookie.com!A2
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\cookies.sqlite:1237198989017988 Objets détectés : Trace.TrackingCookie.tradedoubler!A2
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\cookies.sqlite:1237198989018020 Objets détectés : Trace.TrackingCookie.webtrends!A2
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\cookies.sqlite:1237198989022784 Objets détectés : Trace.TrackingCookie.com!A2
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\cookies.sqlite:1237198989034136 Objets détectés : Trace.TrackingCookie.com!A2
C:\Documents and Settings\benhassaine\Application Data\Microsoft\Live Search\Suppression-Live-Search.exe Objets détectés : Trojan.Generic!IK
C:\Documents and Settings\benhassaine\Bureau\jeux_yanis\A envoyer à votre victime\antivirus msn.plsc/mdr.exe Objets détectés : Trojan-Dropper!IK
C:\Documents and Settings\benhassaine\Bureau\jeux_yanis\A envoyer à votre victime\antivirus msn.plsc/huhu_ctrl.js Objets détectés : HTML.Rce!IK
C:\Documents and Settings\benhassaine\Bureau\jeux_yanis\C11 Script Controler 1.33.rar/Huhu Ctrler 1.33.js Objets détectés : Backdoor.JS.Agent!IK
C:\Documents and Settings\benhassaine\Bureau\jeux_yanis\C11 Script Controler 1.33.rar/mdr.exe Objets détectés : Trojan-Dropper!IK
C:\Documents and Settings\benhassaine\Bureau\jeux_yanis\C11 Script Controler 1.33.rar/huhu_ctrl.js Objets détectés : HTML.Rce!IK
C:\Documents and Settings\benhassaine\igLoader Files\MasterKickMiniClip\igUninst.exe Objets détectés : Trojan.Win32.Agent!IK
C:\Documents and Settings\benhassaine\Mes documents\Mes fichiers reçus\antivirus msn.plsc/mdr.exe Objets détectés : Trojan-Dropper!IK
C:\Documents and Settings\benhassaine\Mes documents\Mes fichiers reçus\antivirus msn.plsc/huhu_ctrl.js Objets détectés : HTML.Rce!IK
C:\Documents and Settings\benhassaine\Mes documents\YANIS\A envoyer à votre victime\antivirus msn.plsc/mdr.exe Objets détectés : Trojan-Dropper!IK
C:\Documents and Settings\benhassaine\Mes documents\YANIS\A envoyer à votre victime\antivirus msn.plsc/huhu_ctrl.js Objets détectés : HTML.Rce!IK
C:\Documents and Settings\benhassaine\Mes documents\YANIS\A installer chez vous\Controler 1.33.plsc/Huhu Ctrler 1.33.js Objets détectés : Backdoor.JS.Agent!IK
C:\Program Files\EA GAMES\Les Sims 2 Nuits de Folie\TSBin\Sims2EP2.exe Objets détectés : Heuristic.Dialer.RAS!A2
C:\Program Files\EA GAMES\Les Sims 2 Animaux & Cie\TSBin\Sims2EP4.exe Objets détectés : Heuristic.Dialer.RAS!A2
C:\Program Files\EA GAMES\Les Sims 2 H&M® Fashion Kit\TSBin\Sims2SP5.exe Objets détectés : Heuristic.Dialer.RAS!A2
C:\Program Files\EA GAMES\Les Sims 2 IKEA® Home Design Kit\TSBin\Sims2SP8.exe Objets détectés : Heuristic.Dialer.RAS!A2
C:\Program Files\EA GAMES\Les Sims 2 Jour de fête ! Kit \TSBin\Sims2SP4.exe Objets détectés : Heuristic.Dialer.RAS!A2
C:\Program Files\EA GAMES\Les Sims 2 Kit design Cuisine et Salle de bain\TSBin\Sims2SP7.exe Objets détectés : Heuristic.Dialer.RAS!A2
C:\Program Files\EA GAMES\Les Sims 2 Tout pour les ados Kit\TSBin\Sims2SP6.exe Objets détectés : Heuristic.Dialer.RAS!A2
C:\Program Files\EA GAMES\Les Sims 2 Au fil des saisons\TSBin\Sims2EP5.exe Objets détectés : Heuristic.Dialer.RAS!A2
C:\Program Files\EA GAMES\Les Sims 2 Bon Voyage\TSBin\Sims2EP6.exe Objets détectés : Heuristic.Dialer.RAS!A2
C:\Program Files\MSN Messenger\msnmsgr.exe Objets détectés : Trojan-Downloader.Win32.VB.bou!IK
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP495\A0230893.exe Objets détectés : Trojan-Dropper!IK
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP497\A0231954.exe Objets détectés : Trojan.Win32.Skintrim!IK
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP536\A0256417.exe Objets détectés : Trojan.Feutel.AV!IK
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP537\A0256423.dll Objets détectés : AdWare.DelphinMediaViewer!IK
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP552\A0263483.exe Objets détectés : Heuristic.Dialer.RAS!A2
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP552\A0263487.exe Objets détectés : Heuristic.Dialer.RAS!A2
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263630.exe Objets détectés : Riskware.RiskTool.Win32.Processor.20!A2
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263654.exe Objets détectés : Riskware.RiskTool.Win32.Processor.20!A2
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263668.DLL Objets détectés : Riskware.WebToolbar.Win32.MyWebSearch.dw!A2
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263672.DLL Objets détectés : Riskware.AdTool.Win32.MyWebSearch.az!A2
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263675.DLL Objets détectés : Riskware.AdTool.Win32.MyWebSearch!IK
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263692.sys Objets détectés : Hoax.Win32.Agent.fu!A2
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP558\A0264259.exe Objets détectés : Trojan-Dropper!IK
C:\WINDOWS\BBSTORE\DSS\DSSAGENT.EXE Objets détectés : Spyware.Win32.BrodcastDSSAGENT!IK
Analysé
Fichiers : 293994
Traces : 604731
Cookies : 1453
Processus : 51
Objets trouvés
Fichiers : 36
Traces : 120
Cookies : 15
Processus : 0
Clés de Registre : 0
Fin du balayage : 17/01/2009 23:04:03
Temps du balayage : 3:21:05
Version - a-squared Free 4.0
Dernière mise à jour : 17/01/2009 19:42:31
Paramètres des balayages :
Éléments : Mémoire, Traces, Cookies, C:\
Balaye dans les archives : Marche
Analyse heuristique : Marche
Balaye dans les ADS : Marche
Début du balayage : 17/01/2009 19:42:58
c:\program files\macrogaming\sweetim Objets détectés : Trace.Directory.Sweet IM!A2
c:\program files\macrogaming\sweetim\conf Objets détectés : Trace.Directory.Sweet IM!A2
c:\program files\macrogaming\sweetim\conf\users Objets détectés : Trace.Directory.Sweet IM!A2
c:\program files\macrogaming\sweetim\data Objets détectés : Trace.Directory.Sweet IM!A2
c:\program files\macrogaming\sweetim\data\contentdb Objets détectés : Trace.Directory.Sweet IM!A2
c:\program files\macrogaming\sweetim\logs Objets détectés : Trace.Directory.Sweet IM!A2
c:\program files\macrogaming\sweetim\update Objets détectés : Trace.Directory.Sweet IM!A2
c:\program files\macrogaming\sweetimbarforie Objets détectés : Trace.Directory.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\cache Objets détectés : Trace.Directory.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetim\conf\adapter.xml Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\conf\autoupdate.xml Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\conf\logger.xml Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\conf\messages.xml Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\conf\sweetim.xml Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\conf\sweetimapp.xml Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\conf\users\main_user_config.xml Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\data\contentdb\cache_indx.dat Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\default.xml Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgadaptersproxy.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgarchive.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgcommon.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgcommunication.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgconfig.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgflashplayer.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mghooking.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgieplayer.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mglogger.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgmediaplayer.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgmsnauto.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgmsnmessengeradapter.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgsweetim.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgupdatesupport.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgxml_wrapper.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgyahooauto.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\mgyahoomessengeradapter.dll Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetim\sweetim.exe Objets détectés : Trace.File.Sweet IM!A2
c:\program files\macrogaming\sweetimbarforie\affid.dat Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\basis.xml Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\bookmarks_23x18.bmp Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\cache\cd2005c66fba47ff715ecc444d3bc1fb.xml Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\email_23x18.bmp Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\games_23x18.bmp Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\greetingcards_23x18.bmp Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\mobile_23x18.bmp Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\music_23x18.bmp Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\news_23x18.bmp Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\shoping_23x18.bmp Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\smileysmile.bmp Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\smileywink.bmp Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\sweetimicons.bmp Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\toolbar.crc Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\toolbar.xml Objets détectés : Trace.File.SweetIMBarForIE!A2
c:\program files\macrogaming\sweetimbarforie\version.txt Objets détectés : Trace.File.SweetIMBarForIE!A2
Value: HKEY_CLASSES_ROOT\CLSID\{394011F0-6D5C-42a3-96C6-24B9AD6B010C}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Shareaza Lite!A2
Value: HKEY_CLASSES_ROOT\CLSID\{591A5CFF-3172-4020-A067-238542DDE9C2}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Shareaza Lite!A2
Value: HKEY_CLASSES_ROOT\CLSID\{9AA8DF47-B8FE-47da-AB1A-2DAA0DA0B646}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Shareaza Lite!A2
Value: HKEY_CLASSES_ROOT\CLSID\{A4F1E383-B493-4580-8DB6-5CC89CBAAC53}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Shareaza Lite!A2
Value: HKEY_CLASSES_ROOT\CLSID\{BF00DBCC-90A2-4f46-8171-7D4F929D035F}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Shareaza Lite!A2
Value: HKEY_CLASSES_ROOT\CLSID\{C3B7B25C-6B8B-481A-BC48-59F9A6F7B69A}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Shareaza Lite!A2
Value: HKEY_CLASSES_ROOT\CLSID\{D07E630D-A850-4f11-AD29-3D3848B67EFE}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Shareaza Lite!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{394011F0-6D5C-42a3-96C6-24B9AD6B010C}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Shareaza Lite!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{591A5CFF-3172-4020-A067-238542DDE9C2}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Shareaza Lite!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9AA8DF47-B8FE-47da-AB1A-2DAA0DA0B646}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Shareaza Lite!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4F1E383-B493-4580-8DB6-5CC89CBAAC53}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Shareaza Lite!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF00DBCC-90A2-4f46-8171-7D4F929D035F}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Shareaza Lite!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3B7B25C-6B8B-481A-BC48-59F9A6F7B69A}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Shareaza Lite!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D07E630D-A850-4f11-AD29-3D3848B67EFE}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Shareaza Lite!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Macrogaming\SweetIM --> InstallDir Objets détectés : Trace.Registry.Sweet IM!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Macrogaming\SweetIM --> simapp_id Objets détectés : Trace.Registry.Sweet IM!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar --> {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> AuthorizedCDFPrefix Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> Comments Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> Contact Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> DisplayName Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> DisplayVersion Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> EstimatedSize Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> HelpLink Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> HelpTelephone Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> InstallDate Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> InstallLocation Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> InstallSource Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> Language Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> ModifyPath Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> NoModify Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> Publisher Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> Readme Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> Size Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> UninstallString Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> URLInfoAbout Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> URLUpdateInfo Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> Version Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> VersionMajor Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> VersionMinor Objets détectés : Trace.Registry.SweetIMBarForIE!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481} --> WindowsInstaller Objets détectés : Trace.Registry.SweetIMBarForIE!A2
c:\program files\macrogaming Objets détectés : Trace.Directory.SweetIM For Internet Explorer 3.0!A2
c:\program files\macrogaming\sweetimbarforie\thumbs.db Objets détectés : Trace.File.SweetIM For Internet Explorer 3.0!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders --> C:\Program Files\Macrogaming\SweetIMBarForIE\ Objets détectés : Trace.Registry.SweetIM For Internet Explorer 3.0!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders --> C:\Program Files\Macrogaming\SweetIMBarForIE\Cache\ Objets détectés : Trace.Registry.SweetIM For Internet Explorer 3.0!A2
c:\windows\bbstore\dss\dssagent.exe Objets détectés : Trace.File.DSSAgent!A2
c:\windows\system32\cgziplibrary.dll Objets détectés : Trace.File.Max Net Shield!A2
c:\windows\system32\urlhist.tlb Objets détectés : Trace.File.MyNabyoo!A2
c:\windows\system32\armaccess.dll Objets détectés : Trace.File.NGC ActiveSpy XP!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ST5UNST #1 --> ApplicationName Objets détectés : Trace.Registry.Autumn Waterfalls Screen Saver!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ST5UNST #1 --> AppToUninstall Objets détectés : Trace.Registry.Autumn Waterfalls Screen Saver!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ST5UNST #1 --> DisplayName Objets détectés : Trace.Registry.Autumn Waterfalls Screen Saver!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ST5UNST #1 --> UninstallString Objets détectés : Trace.Registry.Autumn Waterfalls Screen Saver!A2
Key: HKEY_CLASSES_ROOT\.bad Objets détectés : Trace.Registry.Beast
Value: HKEY_CLASSES_ROOT\CLSID\{79731811-6B9A-4DF0-92CF-991C37D2BCED}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Chat Watch 5.0!A2
Value: HKEY_CLASSES_ROOT\CLSID\{BEEB3409-33FB-493F-AD14-37A2D0329547}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Chat Watch 5.0!A2
Value: HKEY_CLASSES_ROOT\CLSID\{FA525B35-1E10-4747-8CD2-4C837A6F014D}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Chat Watch 5.0!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{79731811-6B9A-4DF0-92CF-991C37D2BCED}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Chat Watch 5.0!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEEB3409-33FB-493F-AD14-37A2D0329547}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Chat Watch 5.0!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA525B35-1E10-4747-8CD2-4C837A6F014D}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Chat Watch 5.0!A2
Key: HKEY_USERS\S-1-5-21-1708537768-220523388-839522115-1004\software\kazaa Objets détectés : Trace.Registry.KaZaA!A2
Value: HKEY_CLASSES_ROOT\CLSID\{293364AE-43F8-11D3-BC2D-4000000A2806}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Max Net Shield!A2
Value: HKEY_CLASSES_ROOT\CLSID\{293364BA-43F8-11D3-BC2D-4000000A2806}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Max Net Shield!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{293364AE-43F8-11D3-BC2D-4000000A2806}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Max Net Shield!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{293364BA-43F8-11D3-BC2D-4000000A2806}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Max Net Shield!A2
Value: HKEY_CLASSES_ROOT\CLSID\{A25E2A7C-2EB6-447A-B9A8-074FD2DE6BA8}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Net Spy Pro 4.0!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A25E2A7C-2EB6-447A-B9A8-074FD2DE6BA8}\InprocServer32 --> ThreadingModel Objets détectés : Trace.Registry.Net Spy Pro 4.0!A2
C:\Documents and Settings\benhassaine\Cookies\benhassaine@247realmedia[1].txt Objets détectés : Trace.TrackingCookie.247realmedia!A2
C:\Documents and Settings\benhassaine\Cookies\benhassaine@adserver.alyzamedia[1].txt Objets détectés : Trace.TrackingCookie.adserv!A2
C:\Documents and Settings\benhassaine\Cookies\benhassaine@adserver.alyzamedia[1].txt Objets détectés : Trace.TrackingCookie.adserver!A2
C:\Documents and Settings\benhassaine\Cookies\benhassaine@adserver.aol[2].txt Objets détectés : Trace.TrackingCookie.adserv!A2
C:\Documents and Settings\benhassaine\Cookies\benhassaine@adserver.aol[2].txt Objets détectés : Trace.TrackingCookie.adserver!A2
C:\Documents and Settings\benhassaine\Cookies\benhassaine@com[2].txt Objets détectés : Trace.TrackingCookie.com!A2
C:\Documents and Settings\benhassaine\Cookies\benhassaine@incredimail[2].txt Objets détectés : Trace.TrackingCookie.incredimail!A2
C:\Documents and Settings\benhassaine\Cookies\benhassaine@media6degrees[2].txt Objets détectés : Trace.TrackingCookie.media!A2
C:\Documents and Settings\benhassaine\Cookies\benhassaine@mediatis[2].txt Objets détectés : Trace.TrackingCookie.media!A2
C:\Documents and Settings\benhassaine\Cookies\benhassaine@windowsmedia[1].txt Objets détectés : Trace.TrackingCookie.windowsmedia!A2
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\cookies.sqlite:1237198989017758 Objets détectés : Trace.TrackingCookie.com!A2
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\cookies.sqlite:1237198989017988 Objets détectés : Trace.TrackingCookie.tradedoubler!A2
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\cookies.sqlite:1237198989018020 Objets détectés : Trace.TrackingCookie.webtrends!A2
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\cookies.sqlite:1237198989022784 Objets détectés : Trace.TrackingCookie.com!A2
C:\Documents and Settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\cookies.sqlite:1237198989034136 Objets détectés : Trace.TrackingCookie.com!A2
C:\Documents and Settings\benhassaine\Application Data\Microsoft\Live Search\Suppression-Live-Search.exe Objets détectés : Trojan.Generic!IK
C:\Documents and Settings\benhassaine\Bureau\jeux_yanis\A envoyer à votre victime\antivirus msn.plsc/mdr.exe Objets détectés : Trojan-Dropper!IK
C:\Documents and Settings\benhassaine\Bureau\jeux_yanis\A envoyer à votre victime\antivirus msn.plsc/huhu_ctrl.js Objets détectés : HTML.Rce!IK
C:\Documents and Settings\benhassaine\Bureau\jeux_yanis\C11 Script Controler 1.33.rar/Huhu Ctrler 1.33.js Objets détectés : Backdoor.JS.Agent!IK
C:\Documents and Settings\benhassaine\Bureau\jeux_yanis\C11 Script Controler 1.33.rar/mdr.exe Objets détectés : Trojan-Dropper!IK
C:\Documents and Settings\benhassaine\Bureau\jeux_yanis\C11 Script Controler 1.33.rar/huhu_ctrl.js Objets détectés : HTML.Rce!IK
C:\Documents and Settings\benhassaine\igLoader Files\MasterKickMiniClip\igUninst.exe Objets détectés : Trojan.Win32.Agent!IK
C:\Documents and Settings\benhassaine\Mes documents\Mes fichiers reçus\antivirus msn.plsc/mdr.exe Objets détectés : Trojan-Dropper!IK
C:\Documents and Settings\benhassaine\Mes documents\Mes fichiers reçus\antivirus msn.plsc/huhu_ctrl.js Objets détectés : HTML.Rce!IK
C:\Documents and Settings\benhassaine\Mes documents\YANIS\A envoyer à votre victime\antivirus msn.plsc/mdr.exe Objets détectés : Trojan-Dropper!IK
C:\Documents and Settings\benhassaine\Mes documents\YANIS\A envoyer à votre victime\antivirus msn.plsc/huhu_ctrl.js Objets détectés : HTML.Rce!IK
C:\Documents and Settings\benhassaine\Mes documents\YANIS\A installer chez vous\Controler 1.33.plsc/Huhu Ctrler 1.33.js Objets détectés : Backdoor.JS.Agent!IK
C:\Program Files\EA GAMES\Les Sims 2 Nuits de Folie\TSBin\Sims2EP2.exe Objets détectés : Heuristic.Dialer.RAS!A2
C:\Program Files\EA GAMES\Les Sims 2 Animaux & Cie\TSBin\Sims2EP4.exe Objets détectés : Heuristic.Dialer.RAS!A2
C:\Program Files\EA GAMES\Les Sims 2 H&M® Fashion Kit\TSBin\Sims2SP5.exe Objets détectés : Heuristic.Dialer.RAS!A2
C:\Program Files\EA GAMES\Les Sims 2 IKEA® Home Design Kit\TSBin\Sims2SP8.exe Objets détectés : Heuristic.Dialer.RAS!A2
C:\Program Files\EA GAMES\Les Sims 2 Jour de fête ! Kit \TSBin\Sims2SP4.exe Objets détectés : Heuristic.Dialer.RAS!A2
C:\Program Files\EA GAMES\Les Sims 2 Kit design Cuisine et Salle de bain\TSBin\Sims2SP7.exe Objets détectés : Heuristic.Dialer.RAS!A2
C:\Program Files\EA GAMES\Les Sims 2 Tout pour les ados Kit\TSBin\Sims2SP6.exe Objets détectés : Heuristic.Dialer.RAS!A2
C:\Program Files\EA GAMES\Les Sims 2 Au fil des saisons\TSBin\Sims2EP5.exe Objets détectés : Heuristic.Dialer.RAS!A2
C:\Program Files\EA GAMES\Les Sims 2 Bon Voyage\TSBin\Sims2EP6.exe Objets détectés : Heuristic.Dialer.RAS!A2
C:\Program Files\MSN Messenger\msnmsgr.exe Objets détectés : Trojan-Downloader.Win32.VB.bou!IK
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP495\A0230893.exe Objets détectés : Trojan-Dropper!IK
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP497\A0231954.exe Objets détectés : Trojan.Win32.Skintrim!IK
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP536\A0256417.exe Objets détectés : Trojan.Feutel.AV!IK
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP537\A0256423.dll Objets détectés : AdWare.DelphinMediaViewer!IK
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP552\A0263483.exe Objets détectés : Heuristic.Dialer.RAS!A2
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP552\A0263487.exe Objets détectés : Heuristic.Dialer.RAS!A2
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263630.exe Objets détectés : Riskware.RiskTool.Win32.Processor.20!A2
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263654.exe Objets détectés : Riskware.RiskTool.Win32.Processor.20!A2
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263668.DLL Objets détectés : Riskware.WebToolbar.Win32.MyWebSearch.dw!A2
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263672.DLL Objets détectés : Riskware.AdTool.Win32.MyWebSearch.az!A2
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263675.DLL Objets détectés : Riskware.AdTool.Win32.MyWebSearch!IK
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263692.sys Objets détectés : Hoax.Win32.Agent.fu!A2
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP558\A0264259.exe Objets détectés : Trojan-Dropper!IK
C:\WINDOWS\BBSTORE\DSS\DSSAGENT.EXE Objets détectés : Spyware.Win32.BrodcastDSSAGENT!IK
Analysé
Fichiers : 293994
Traces : 604731
Cookies : 1453
Processus : 51
Objets trouvés
Fichiers : 36
Traces : 120
Cookies : 15
Processus : 0
Clés de Registre : 0
Fin du balayage : 17/01/2009 23:04:03
Temps du balayage : 3:21:05
Supprime-le dans Ajout/Suppression des programmes.
Télécharge AD-Remover (de Cyrildu17 / C_XX) sur ton Bureau.
/!\ Déconnecte-toi et ferme toutes applications en cours /!\
Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).
Double-clique sur l'icône AD-Remover située sur ton Bureau.
Au menu principal, choisis l'option A.
Poste le rapport qui apparaît à la fin.
(Le rapport est sauvegardé aussi sous C:\Ad-report(date).log)
(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
Note :
"Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
/!\ Déconnecte-toi et ferme toutes applications en cours /!\
(Le rapport est sauvegardé aussi sous C:\Ad-report(date).log)
(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
Note :
"Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
voilà le rapport
------- LOGFILE OF AD-REMOVER 1.0.9.3 | ONLY XP/VISTA -------
Updated by C_XX on 17/01/2009 at 12:00
Start at: 18:16:32 | Dim 18/01/2009 | Microsoft® Windows XP™ SP3 (V5.1.2600)
Boot mode: Normal
Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Pc: MARTINE | User: benhassaine ( Current user is an administrator)
Drive(s):
- C:\ (File System: NTFS)
- H:\ (File System: UDF)
- I:\ (File System: CDFS)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\
--- Running Processes: 45
+--------------------| Boonty/Boonty Games Elements Found :
.
.
+--------------------| Eorezo Elements Found :
.
.
+--------------------| Everest Casino/Everest Poker Elements Found :
.
.
+--------------------| Funwebproducts/Myway/Mywebsearch/Myglobalsearch Elements Found :
.
.
+--------------------| It's TV Elements Found :
.
+--------------------| Sweetim Elements Found :
Process: "SWEETIM.EXE" [PID:~2424]
.
HKCR\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
HKCR\SWEETIE.SWEETIE.1
HKCR\MgMediaPlayer.GifAnimator
HKCR\MgMediaPlayer.GifAnimator.1
HKCU\SOFTWARE\Microsoft\Installer\Upgradecodes\A97CEC23332751B47BA4B95BAA50C9D0
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\SOFTWARE\Macrogaming
HKLM\SOFTWARE\Microsoft\ESENT\Process\SweetIM
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{502358FB-0718-45BC-B142-7511F1694D58}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
HKCR\INSTALLER\PRODUCTS\BF8532058170CB541B2457111F96D485
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SWEETIM
HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\07D5290CDBDAE4242926B8E6CA650501
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\08E33F7B61DEFF24BB9673ED7D467636
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\1AC67655DD68F8240B2860F2D511EBD8
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\4318DF19719275242801CBE292063A4C
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\49B0E1A6FF50BBE4289E4E23DE6EA0C7
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\4CCCAC049F34D0540AAC13011398BEDB
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\5C4389D0BFB302C479DE4178BD5D9EBA
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\5D19F074C042AD34BAB463D4175A062E
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\5D2B09BDEF4FE54418E6F3373CDBC7AC
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\697E782CF574CC34CBB9566440BA12BC
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\6AE27A8613CF7EA4782F2886F67295E5
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\7CE172051F585E04187BCB97570BFA74
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\86A901BA5265452499DCBF719C378EE3
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\980289C22F80A7C4BB9323DC61255E4E
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\9A4B7EF3789F871419D9302583B20C15
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\A6C53B0F76C44004A8F36716213017DB
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\B59F2D8189784CC46A4597F2842480B0
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\D149C1355C98DE24E82CEFBD996FE06A
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\E337925F629CF4C4FB08F3D9674DD839
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\F327D0C73C0973644A21E8CC852267A0
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\FA96423FE2B98E248A3B23548D1E22D9
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\0FF2AEFF45EEA0A48A4B33C1973B6094
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\305B09CE8C53A214DB58887F62F25536
HKLM\SOFTWARE\CLASSES\INSTALLER\PRODUCT\BF8532058170CB541B2457111F96D485
HKLM\~\INSTALLER\USERDATA\S-1-5-18\PRODUCTS\BF8532058170CB541B2457111F96D485
HKLM\~\USERDATA\S-1-5-21-1708537768-220523388-839522115-1004\COMPONENTS\96D82BE152767B245B7D948EF9126F46
HKLM\~\USERDATA\S-1-5-21-1708537768-220523388-839522115-1004\COMPONENTS\C34CFCB49C8F0814C88A64469E1A2B9E
HKLM\~\USERDATA\S-1-5-21-1708537768-220523388-839522115-1004\COMPONENTS\DF75D238060B32E42A452FB5F328222E
HKLM\SOFTWARE\CLASSES\INSTALLER\PRODUCT\BF8532058170CB541B2457111F96D485
.
C:\WINDOWS\INSTALLER\4b14eec.msi
C:\WINDOWS\INSTALLER\4b14ef1.msi
C:\Program Files\Macrogaming
C:\Program Files\Macrogaming\SweetIM
C:\Program Files\Macrogaming\SweetIMBarForIE
C:\Program Files\Macrogaming\SweetIM\conf
C:\Program Files\Macrogaming\SweetIM\data
C:\Program Files\Macrogaming\SweetIM\default.xml
C:\Program Files\Macrogaming\SweetIM\logs
C:\Program Files\Macrogaming\SweetIM\mgAdaptersProxy.dll
C:\Program Files\Macrogaming\SweetIM\mgAIMAuto.dll
C:\Program Files\Macrogaming\SweetIM\mgAIMMessengerAdapter.dll
C:\Program Files\Macrogaming\SweetIM\mgArchive.dll
C:\Program Files\Macrogaming\SweetIM\mgcommon.dll
C:\Program Files\Macrogaming\SweetIM\mgcommunication.dll
C:\Program Files\Macrogaming\SweetIM\mgconfig.dll
C:\Program Files\Macrogaming\SweetIM\mgFlashPlayer.dll
C:\Program Files\Macrogaming\SweetIM\mghooking.dll
C:\Program Files\Macrogaming\SweetIM\mgIEPlayer.dll
C:\Program Files\Macrogaming\SweetIM\mglogger.dll
C:\Program Files\Macrogaming\SweetIM\mgMediaPlayer.dll
C:\Program Files\Macrogaming\SweetIM\mgMsnAuto.dll
C:\Program Files\Macrogaming\SweetIM\mgMsnMessengerAdapter.dll
C:\Program Files\Macrogaming\SweetIM\mgSweetIM.dll
C:\Program Files\Macrogaming\SweetIM\mgUpdateSupport.dll
C:\Program Files\Macrogaming\SweetIM\mgxml_wrapper.dll
C:\Program Files\Macrogaming\SweetIM\mgYahooAuto.dll
C:\Program Files\Macrogaming\SweetIM\mgYahooMessengerAdapter.dll
C:\Program Files\Macrogaming\SweetIM\msvcp71.dll
C:\Program Files\Macrogaming\SweetIM\msvcr71.dll
C:\Program Files\Macrogaming\SweetIM\resources
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Macrogaming\SweetIM\update
C:\Program Files\Macrogaming\SweetIM\conf\adapter.xml
C:\Program Files\Macrogaming\SweetIM\conf\autoupdate.xml
C:\Program Files\Macrogaming\SweetIM\conf\logger.xml
C:\Program Files\Macrogaming\SweetIM\conf\messages.xml
C:\Program Files\Macrogaming\SweetIM\conf\sweetim.xml
C:\Program Files\Macrogaming\SweetIM\conf\sweetimapp.xml
C:\Program Files\Macrogaming\SweetIM\conf\users
C:\Program Files\Macrogaming\SweetIM\conf\users\beda07@hotmail.com
C:\Program Files\Macrogaming\SweetIM\conf\users\kabylie_zoulou@hotmail.com
C:\Program Files\Macrogaming\SweetIM\conf\users\main_user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\nissou07@live.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\patricia.florian@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\silvert26@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\beda07@hotmail.com\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\beda07@hotmail.com\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\kabylie_zoulou@hotmail.com\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\kabylie_zoulou@hotmail.com\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\nissou07@live.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\nissou07@live.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\patricia.florian@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\patricia.florian@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\silvert26@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\silvert26@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\data\contentdb
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010859.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020185.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\cache_indx.dat
C:\Program Files\Macrogaming\SweetIM\resources\images
C:\Program Files\Macrogaming\SweetIM\resources\images\AudibleButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\DisplayPicturesButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\EmoticonButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\NudgeButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\SoundFxButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\WinksButton.png
C:\Program Files\Macrogaming\SweetIMBarForIE\affid.dat
C:\Program Files\Macrogaming\SweetIMBarForIE\basis.xml
C:\Program Files\Macrogaming\SweetIMBarForIE\Bookmarks_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Cache
C:\Program Files\Macrogaming\SweetIMBarForIE\Email_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Games_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Greetingcards_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Mobile_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Music_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\News_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Shoping_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\SmileySmile.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\SmileyWink.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\sweetimicons.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Thumbs.db
C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.crc
C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.xml
C:\Program Files\Macrogaming\SweetIMBarForIE\version.txt
C:\Program Files\Macrogaming\SweetIMBarForIE\Cache\cd2005c66fba47ff715ecc444d3bc1fb.xml
C:\Documents and Settings\benhassaine\Cookies\benhassaine@sweetim[1].txt
C:\Documents and Settings\benhassaine\Cookies\benhassaine@www.sweetim[2].txt
+--------------------| Added Scan :
+---------- SCANNING PREFS.JS ... ( # Mozilla user preferences )
..\5cnx2wy9.default\prefs.js :
~~~~ MOZILLA FIREFOX VERSION 3.0.4 ~~~~
* BROWSER SEARCH DEFAULT ENGINE: "Google"
* BROWSER SEARCH SELECTED ENGINE: "PHPNukeFR Customized Web Search"
* BROWSER SEARCH DEFAULT URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT210247..."
* BROWSER STARTUP HOMEPAGE: "http://www.google.fr"
.
+---------------------------------------------------------------------------+
~~~~ INTERNET EXPLORER VERSION 7.0.5730.13 ~~~~
+--[HKEY_CURRENT_USER\..\INTERNET EXPLORER\MAIN]
Start page : hxxp://search.speedbit.com/
+--[HKEY_LOCAL_MACHINE\..\INTERNET EXPLORER\MAIN]
Start page : hxxp://www.msn.com/
+---------------------------------------------------------------------------+
[~11256 BYTES] - "C:\AD-REPORT-SCAN-18.01.2009.LOG"
End at: 18:17:18 | 18/01/2009 - Time elapsed: 45.8 seconds
+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 190 Lines ]
+---------------------------------------------------------------------------+
------- LOGFILE OF AD-REMOVER 1.0.9.3 | ONLY XP/VISTA -------
Updated by C_XX on 17/01/2009 at 12:00
Start at: 18:16:32 | Dim 18/01/2009 | Microsoft® Windows XP™ SP3 (V5.1.2600)
Boot mode: Normal
Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Pc: MARTINE | User: benhassaine ( Current user is an administrator)
Drive(s):
- C:\ (File System: NTFS)
- H:\ (File System: UDF)
- I:\ (File System: CDFS)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\
--- Running Processes: 45
+--------------------| Boonty/Boonty Games Elements Found :
.
.
+--------------------| Eorezo Elements Found :
.
.
+--------------------| Everest Casino/Everest Poker Elements Found :
.
.
+--------------------| Funwebproducts/Myway/Mywebsearch/Myglobalsearch Elements Found :
.
.
+--------------------| It's TV Elements Found :
.
+--------------------| Sweetim Elements Found :
Process: "SWEETIM.EXE" [PID:~2424]
.
HKCR\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
HKCR\SWEETIE.SWEETIE.1
HKCR\MgMediaPlayer.GifAnimator
HKCR\MgMediaPlayer.GifAnimator.1
HKCU\SOFTWARE\Microsoft\Installer\Upgradecodes\A97CEC23332751B47BA4B95BAA50C9D0
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\SOFTWARE\Macrogaming
HKLM\SOFTWARE\Microsoft\ESENT\Process\SweetIM
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{502358FB-0718-45BC-B142-7511F1694D58}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
HKCR\INSTALLER\PRODUCTS\BF8532058170CB541B2457111F96D485
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SWEETIM
HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\07D5290CDBDAE4242926B8E6CA650501
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\08E33F7B61DEFF24BB9673ED7D467636
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\1AC67655DD68F8240B2860F2D511EBD8
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\4318DF19719275242801CBE292063A4C
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\49B0E1A6FF50BBE4289E4E23DE6EA0C7
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\4CCCAC049F34D0540AAC13011398BEDB
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\5C4389D0BFB302C479DE4178BD5D9EBA
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\5D19F074C042AD34BAB463D4175A062E
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\5D2B09BDEF4FE54418E6F3373CDBC7AC
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\697E782CF574CC34CBB9566440BA12BC
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\6AE27A8613CF7EA4782F2886F67295E5
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\7CE172051F585E04187BCB97570BFA74
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\86A901BA5265452499DCBF719C378EE3
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\980289C22F80A7C4BB9323DC61255E4E
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\9A4B7EF3789F871419D9302583B20C15
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\A6C53B0F76C44004A8F36716213017DB
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\B59F2D8189784CC46A4597F2842480B0
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\D149C1355C98DE24E82CEFBD996FE06A
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\E337925F629CF4C4FB08F3D9674DD839
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\F327D0C73C0973644A21E8CC852267A0
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\FA96423FE2B98E248A3B23548D1E22D9
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\0FF2AEFF45EEA0A48A4B33C1973B6094
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\305B09CE8C53A214DB58887F62F25536
HKLM\SOFTWARE\CLASSES\INSTALLER\PRODUCT\BF8532058170CB541B2457111F96D485
HKLM\~\INSTALLER\USERDATA\S-1-5-18\PRODUCTS\BF8532058170CB541B2457111F96D485
HKLM\~\USERDATA\S-1-5-21-1708537768-220523388-839522115-1004\COMPONENTS\96D82BE152767B245B7D948EF9126F46
HKLM\~\USERDATA\S-1-5-21-1708537768-220523388-839522115-1004\COMPONENTS\C34CFCB49C8F0814C88A64469E1A2B9E
HKLM\~\USERDATA\S-1-5-21-1708537768-220523388-839522115-1004\COMPONENTS\DF75D238060B32E42A452FB5F328222E
HKLM\SOFTWARE\CLASSES\INSTALLER\PRODUCT\BF8532058170CB541B2457111F96D485
.
C:\WINDOWS\INSTALLER\4b14eec.msi
C:\WINDOWS\INSTALLER\4b14ef1.msi
C:\Program Files\Macrogaming
C:\Program Files\Macrogaming\SweetIM
C:\Program Files\Macrogaming\SweetIMBarForIE
C:\Program Files\Macrogaming\SweetIM\conf
C:\Program Files\Macrogaming\SweetIM\data
C:\Program Files\Macrogaming\SweetIM\default.xml
C:\Program Files\Macrogaming\SweetIM\logs
C:\Program Files\Macrogaming\SweetIM\mgAdaptersProxy.dll
C:\Program Files\Macrogaming\SweetIM\mgAIMAuto.dll
C:\Program Files\Macrogaming\SweetIM\mgAIMMessengerAdapter.dll
C:\Program Files\Macrogaming\SweetIM\mgArchive.dll
C:\Program Files\Macrogaming\SweetIM\mgcommon.dll
C:\Program Files\Macrogaming\SweetIM\mgcommunication.dll
C:\Program Files\Macrogaming\SweetIM\mgconfig.dll
C:\Program Files\Macrogaming\SweetIM\mgFlashPlayer.dll
C:\Program Files\Macrogaming\SweetIM\mghooking.dll
C:\Program Files\Macrogaming\SweetIM\mgIEPlayer.dll
C:\Program Files\Macrogaming\SweetIM\mglogger.dll
C:\Program Files\Macrogaming\SweetIM\mgMediaPlayer.dll
C:\Program Files\Macrogaming\SweetIM\mgMsnAuto.dll
C:\Program Files\Macrogaming\SweetIM\mgMsnMessengerAdapter.dll
C:\Program Files\Macrogaming\SweetIM\mgSweetIM.dll
C:\Program Files\Macrogaming\SweetIM\mgUpdateSupport.dll
C:\Program Files\Macrogaming\SweetIM\mgxml_wrapper.dll
C:\Program Files\Macrogaming\SweetIM\mgYahooAuto.dll
C:\Program Files\Macrogaming\SweetIM\mgYahooMessengerAdapter.dll
C:\Program Files\Macrogaming\SweetIM\msvcp71.dll
C:\Program Files\Macrogaming\SweetIM\msvcr71.dll
C:\Program Files\Macrogaming\SweetIM\resources
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Macrogaming\SweetIM\update
C:\Program Files\Macrogaming\SweetIM\conf\adapter.xml
C:\Program Files\Macrogaming\SweetIM\conf\autoupdate.xml
C:\Program Files\Macrogaming\SweetIM\conf\logger.xml
C:\Program Files\Macrogaming\SweetIM\conf\messages.xml
C:\Program Files\Macrogaming\SweetIM\conf\sweetim.xml
C:\Program Files\Macrogaming\SweetIM\conf\sweetimapp.xml
C:\Program Files\Macrogaming\SweetIM\conf\users
C:\Program Files\Macrogaming\SweetIM\conf\users\beda07@hotmail.com
C:\Program Files\Macrogaming\SweetIM\conf\users\kabylie_zoulou@hotmail.com
C:\Program Files\Macrogaming\SweetIM\conf\users\main_user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\nissou07@live.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\patricia.florian@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\silvert26@hotmail.fr
C:\Program Files\Macrogaming\SweetIM\conf\users\beda07@hotmail.com\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\beda07@hotmail.com\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\kabylie_zoulou@hotmail.com\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\kabylie_zoulou@hotmail.com\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\nissou07@live.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\nissou07@live.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\patricia.florian@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\patricia.florian@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\silvert26@hotmail.fr\emoticons_shortcut.xml
C:\Program Files\Macrogaming\SweetIM\conf\users\silvert26@hotmail.fr\user_config.xml
C:\Program Files\Macrogaming\SweetIM\data\contentdb
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00010859.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\00020185.dat
C:\Program Files\Macrogaming\SweetIM\data\contentdb\cache_indx.dat
C:\Program Files\Macrogaming\SweetIM\resources\images
C:\Program Files\Macrogaming\SweetIM\resources\images\AudibleButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\DisplayPicturesButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\EmoticonButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\NudgeButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\SoundFxButton.png
C:\Program Files\Macrogaming\SweetIM\resources\images\WinksButton.png
C:\Program Files\Macrogaming\SweetIMBarForIE\affid.dat
C:\Program Files\Macrogaming\SweetIMBarForIE\basis.xml
C:\Program Files\Macrogaming\SweetIMBarForIE\Bookmarks_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Cache
C:\Program Files\Macrogaming\SweetIMBarForIE\Email_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Games_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Greetingcards_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Mobile_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Music_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\News_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Shoping_23x18.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\SmileySmile.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\SmileyWink.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\sweetimicons.bmp
C:\Program Files\Macrogaming\SweetIMBarForIE\Thumbs.db
C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.crc
C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.xml
C:\Program Files\Macrogaming\SweetIMBarForIE\version.txt
C:\Program Files\Macrogaming\SweetIMBarForIE\Cache\cd2005c66fba47ff715ecc444d3bc1fb.xml
C:\Documents and Settings\benhassaine\Cookies\benhassaine@sweetim[1].txt
C:\Documents and Settings\benhassaine\Cookies\benhassaine@www.sweetim[2].txt
+--------------------| Added Scan :
+---------- SCANNING PREFS.JS ... ( # Mozilla user preferences )
..\5cnx2wy9.default\prefs.js :
~~~~ MOZILLA FIREFOX VERSION 3.0.4 ~~~~
* BROWSER SEARCH DEFAULT ENGINE: "Google"
* BROWSER SEARCH SELECTED ENGINE: "PHPNukeFR Customized Web Search"
* BROWSER SEARCH DEFAULT URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT210247..."
* BROWSER STARTUP HOMEPAGE: "http://www.google.fr"
.
+---------------------------------------------------------------------------+
~~~~ INTERNET EXPLORER VERSION 7.0.5730.13 ~~~~
+--[HKEY_CURRENT_USER\..\INTERNET EXPLORER\MAIN]
Start page : hxxp://search.speedbit.com/
+--[HKEY_LOCAL_MACHINE\..\INTERNET EXPLORER\MAIN]
Start page : hxxp://www.msn.com/
+---------------------------------------------------------------------------+
[~11256 BYTES] - "C:\AD-REPORT-SCAN-18.01.2009.LOG"
End at: 18:17:18 | 18/01/2009 - Time elapsed: 45.8 seconds
+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 190 Lines ]
+---------------------------------------------------------------------------+
/!\ Déconnecte-toi et ferme toutes applications en cours /!\
Double-clique sur AD-Remover pour le lancer : au menu principal, choisis l'option B.
Coche à l'écran de sélection :
![]()
Suppression Boonty/BoontyGames (Si trouvé)
Suppression Eorezo (Si trouvé)
Suppression Everest Poker (Si trouvé)
Suppression Funwebproduct/MyWay/MyWebsearch (Si trouvé)
Suppression Messenger Skinner (Si trouvé)
Suppression Sweetim (Si trouvé)
Puis choisis S, le programme va travailler.
Poste le rapport qui apparaît à la fin.
(Le rapport est sauvegardé aussi sous C:\Ad-report.log)
/!\ Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide) /!\
Suppression Boonty/BoontyGames (Si trouvé)
Suppression Eorezo (Si trouvé)
Suppression Everest Poker (Si trouvé)
Suppression Funwebproduct/MyWay/MyWebsearch (Si trouvé)
Suppression Messenger Skinner (Si trouvé)
Suppression Sweetim (Si trouvé)
(Le rapport est sauvegardé aussi sous C:\Ad-report.log)
/!\ Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide) /!\
voilà le rapport
------- LOGFILE OF AD-REMOVER 1.0.9.3 | ONLY XP/VISTA -------
Updated by C_XX on 17/01/2009 at 12:00
*** LIMITED TO ***
Boonty/Boontygames
Eorezo
Everest casino/Everest poker
Funwebproduct/Myway/Mywebsearch
It's TV
Sweetim
******************
Start at: 19:07:08 | Dim 18/01/2009 | Microsoft® Windows XP™ SP3 (V5.1.2600)
Boot mode: Normal
Option: CLEAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Pc: MARTINE | User: benhassaine ( Current user is an administrator)
Drive(s):
- C:\ (File System: NTFS)
- H:\ (File System: UDF1.02)
- I:\ (File System: CDFS)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\
--- Running Processes: 48
(!) ---- IE start pages reset
+--------------------| Boonty/Boonty Games Elements Deleted :
.
.
+--------------------| Eorezo Elements Deleted :
.
.
+--------------------| Everest Casino/Everest Poker Elements Deleted :
.
.
+--------------------| Funwebproducts/Myway/Mywebsearch/Myglobalsearch Elements Deleted :
.
.
+--------------------| It's TV Elements Deleted :
.
+--------------------| Sweetim Elements Deleted :
Process: "SWEETIM.EXE" [PID:~2184]
.
HKCR\INSTALLER\PRODUCTS\BF8532058170CB541B2457111F96D485
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SWEETIM
HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\07D5290CDBDAE4242926B8E6CA650501
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\08E33F7B61DEFF24BB9673ED7D467636
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\1AC67655DD68F8240B2860F2D511EBD8
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\4318DF19719275242801CBE292063A4C
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\49B0E1A6FF50BBE4289E4E23DE6EA0C7
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\4CCCAC049F34D0540AAC13011398BEDB
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\5C4389D0BFB302C479DE4178BD5D9EBA
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\5D19F074C042AD34BAB463D4175A062E
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\5D2B09BDEF4FE54418E6F3373CDBC7AC
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\697E782CF574CC34CBB9566440BA12BC
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\6AE27A8613CF7EA4782F2886F67295E5
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\7CE172051F585E04187BCB97570BFA74
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\86A901BA5265452499DCBF719C378EE3
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\980289C22F80A7C4BB9323DC61255E4E
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\9A4B7EF3789F871419D9302583B20C15
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\A6C53B0F76C44004A8F36716213017DB
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\B59F2D8189784CC46A4597F2842480B0
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\D149C1355C98DE24E82CEFBD996FE06A
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\E337925F629CF4C4FB08F3D9674DD839
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\F327D0C73C0973644A21E8CC852267A0
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\FA96423FE2B98E248A3B23548D1E22D9
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\0FF2AEFF45EEA0A48A4B33C1973B6094
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\305B09CE8C53A214DB58887F62F25536
HKLM\~\INSTALLER\USERDATA\S-1-5-18\PRODUCTS\BF8532058170CB541B2457111F96D485
HKLM\~\USERDATA\S-1-5-21-1708537768-220523388-839522115-1004\COMPONENTS\96D82BE152767B245B7D948EF9126F46
HKLM\~\USERDATA\S-1-5-21-1708537768-220523388-839522115-1004\COMPONENTS\C34CFCB49C8F0814C88A64469E1A2B9E
HKLM\~\USERDATA\S-1-5-21-1708537768-220523388-839522115-1004\COMPONENTS\DF75D238060B32E42A452FB5F328222E
HKCR\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
HKCR\SWEETIE.SWEETIE.1
HKCR\MgMediaPlayer.GifAnimator
HKCR\MgMediaPlayer.GifAnimator.1
HKCU\SOFTWARE\Microsoft\Installer\Upgradecodes\A97CEC23332751B47BA4B95BAA50C9D0
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\SOFTWARE\Macrogaming
HKLM\SOFTWARE\Microsoft\ESENT\Process\SweetIM
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{502358FB-0718-45BC-B142-7511F1694D58}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
.
C:\WINDOWS\INSTALLER\4b14eec.msi
C:\WINDOWS\INSTALLER\4b14ef1.msi
/!\ NOT DELETED - C:\Program Files\Macrogaming
/!\ NOT DELETED - C:\Program Files\Macrogaming\SweetIM
/!\ NOT DELETED - C:\Program Files\Macrogaming\SweetIM\mgAdaptersProxy.dll
/!\ NOT DELETED - C:\Program Files\Macrogaming\SweetIM\msvcr71.dll
C:\Documents and Settings\benhassaine\Cookies\benhassaine@sweetim[1].txt
C:\Documents and Settings\benhassaine\Cookies\benhassaine@www.sweetim[2].txt
(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.
************* /!\ FILE(S)/FOLDER(S) NOT DELETED /!\ *************
"C:\Program Files\Macrogaming\SweetIM"
"C:\Program Files\Macrogaming\SweetIM\mgAdaptersProxy.dll"
"C:\Program Files\Macrogaming\SweetIM\msvcr71.dll"
SECOND RUN ...
/!\ RESIST ! - "C:\Program Files\Macrogaming\SweetIM"
/!\ RESIST ! - "C:\Program Files\Macrogaming\SweetIM\mgAdaptersProxy.dll"
/!\ RESIST ! - "C:\Program Files\Macrogaming\SweetIM\msvcr71.dll"
+--------------------| Added Scan :
+---------- SCANNING PREFS.JS ... ( # MOZILLA USER PREFERENCES )
..\5cnx2wy9.default\prefs.js :
~~~~ MOZILLA FIREFOX VERSION 3.0.4 ~~~~
* BROWSER SEARCH DEFAULT ENGINE: "Google"
* BROWSER SEARCH SELECTED ENGINE: "PHPNukeFR Customized Web Search"
* BROWSER SEARCH DEFAULT URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT210247..."
* BROWSER STARTUP HOMEPAGE: "http://www.google.fr"
.
+---------------------------------------------------------------------------+
~~~~ INTERNET EXPLORER VERSION 7.0.5730.13 ~~~~
+--[HKEY_CURRENT_USER\..\INTERNET EXPLORER\MAIN]
Start page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
+--[HKEY_LOCAL_MACHINE\..\INTERNET EXPLORER\MAIN]
Start page : hxxp://fr.msn.com/
+---------------------------------------------------------------------------+
[~6879 BYTES] - "C:\AD-REPORT-CLEAN-18.01.2009.LOG"
End at: 19:12:08 | 18/01/2009 - Time elapsed: 4 minutes, 59 seconds
+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 127 Lines ]
+---------------------------------------------------------------------------+
------- LOGFILE OF AD-REMOVER 1.0.9.3 | ONLY XP/VISTA -------
Updated by C_XX on 17/01/2009 at 12:00
*** LIMITED TO ***
Boonty/Boontygames
Eorezo
Everest casino/Everest poker
Funwebproduct/Myway/Mywebsearch
It's TV
Sweetim
******************
Start at: 19:07:08 | Dim 18/01/2009 | Microsoft® Windows XP™ SP3 (V5.1.2600)
Boot mode: Normal
Option: CLEAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Pc: MARTINE | User: benhassaine ( Current user is an administrator)
Drive(s):
- C:\ (File System: NTFS)
- H:\ (File System: UDF1.02)
- I:\ (File System: CDFS)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\
--- Running Processes: 48
(!) ---- IE start pages reset
+--------------------| Boonty/Boonty Games Elements Deleted :
.
.
+--------------------| Eorezo Elements Deleted :
.
.
+--------------------| Everest Casino/Everest Poker Elements Deleted :
.
.
+--------------------| Funwebproducts/Myway/Mywebsearch/Myglobalsearch Elements Deleted :
.
.
+--------------------| It's TV Elements Deleted :
.
+--------------------| Sweetim Elements Deleted :
Process: "SWEETIM.EXE" [PID:~2184]
.
HKCR\INSTALLER\PRODUCTS\BF8532058170CB541B2457111F96D485
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\SWEETIM
HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\\{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\07D5290CDBDAE4242926B8E6CA650501
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\08E33F7B61DEFF24BB9673ED7D467636
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\1AC67655DD68F8240B2860F2D511EBD8
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\4318DF19719275242801CBE292063A4C
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\49B0E1A6FF50BBE4289E4E23DE6EA0C7
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\4CCCAC049F34D0540AAC13011398BEDB
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\5C4389D0BFB302C479DE4178BD5D9EBA
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\5D19F074C042AD34BAB463D4175A062E
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\5D2B09BDEF4FE54418E6F3373CDBC7AC
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\697E782CF574CC34CBB9566440BA12BC
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\6AE27A8613CF7EA4782F2886F67295E5
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\7CE172051F585E04187BCB97570BFA74
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\86A901BA5265452499DCBF719C378EE3
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\980289C22F80A7C4BB9323DC61255E4E
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\9A4B7EF3789F871419D9302583B20C15
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\A6C53B0F76C44004A8F36716213017DB
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\B59F2D8189784CC46A4597F2842480B0
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\D149C1355C98DE24E82CEFBD996FE06A
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\E337925F629CF4C4FB08F3D9674DD839
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\F327D0C73C0973644A21E8CC852267A0
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\FA96423FE2B98E248A3B23548D1E22D9
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\0FF2AEFF45EEA0A48A4B33C1973B6094
HKLM\~\USERDATA\S-1-5-18\COMPONENTS\305B09CE8C53A214DB58887F62F25536
HKLM\~\INSTALLER\USERDATA\S-1-5-18\PRODUCTS\BF8532058170CB541B2457111F96D485
HKLM\~\USERDATA\S-1-5-21-1708537768-220523388-839522115-1004\COMPONENTS\96D82BE152767B245B7D948EF9126F46
HKLM\~\USERDATA\S-1-5-21-1708537768-220523388-839522115-1004\COMPONENTS\C34CFCB49C8F0814C88A64469E1A2B9E
HKLM\~\USERDATA\S-1-5-21-1708537768-220523388-839522115-1004\COMPONENTS\DF75D238060B32E42A452FB5F328222E
HKCR\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
HKCR\SWEETIE.SWEETIE.1
HKCR\MgMediaPlayer.GifAnimator
HKCR\MgMediaPlayer.GifAnimator.1
HKCU\SOFTWARE\Microsoft\Installer\Upgradecodes\A97CEC23332751B47BA4B95BAA50C9D0
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKLM\SOFTWARE\Macrogaming
HKLM\SOFTWARE\Microsoft\ESENT\Process\SweetIM
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{502358FB-0718-45BC-B142-7511F1694D58}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
.
C:\WINDOWS\INSTALLER\4b14eec.msi
C:\WINDOWS\INSTALLER\4b14ef1.msi
/!\ NOT DELETED - C:\Program Files\Macrogaming
/!\ NOT DELETED - C:\Program Files\Macrogaming\SweetIM
/!\ NOT DELETED - C:\Program Files\Macrogaming\SweetIM\mgAdaptersProxy.dll
/!\ NOT DELETED - C:\Program Files\Macrogaming\SweetIM\msvcr71.dll
C:\Documents and Settings\benhassaine\Cookies\benhassaine@sweetim[1].txt
C:\Documents and Settings\benhassaine\Cookies\benhassaine@www.sweetim[2].txt
(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.
************* /!\ FILE(S)/FOLDER(S) NOT DELETED /!\ *************
"C:\Program Files\Macrogaming\SweetIM"
"C:\Program Files\Macrogaming\SweetIM\mgAdaptersProxy.dll"
"C:\Program Files\Macrogaming\SweetIM\msvcr71.dll"
SECOND RUN ...
/!\ RESIST ! - "C:\Program Files\Macrogaming\SweetIM"
/!\ RESIST ! - "C:\Program Files\Macrogaming\SweetIM\mgAdaptersProxy.dll"
/!\ RESIST ! - "C:\Program Files\Macrogaming\SweetIM\msvcr71.dll"
+--------------------| Added Scan :
+---------- SCANNING PREFS.JS ... ( # MOZILLA USER PREFERENCES )
..\5cnx2wy9.default\prefs.js :
~~~~ MOZILLA FIREFOX VERSION 3.0.4 ~~~~
* BROWSER SEARCH DEFAULT ENGINE: "Google"
* BROWSER SEARCH SELECTED ENGINE: "PHPNukeFR Customized Web Search"
* BROWSER SEARCH DEFAULT URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT210247..."
* BROWSER STARTUP HOMEPAGE: "http://www.google.fr"
.
+---------------------------------------------------------------------------+
~~~~ INTERNET EXPLORER VERSION 7.0.5730.13 ~~~~
+--[HKEY_CURRENT_USER\..\INTERNET EXPLORER\MAIN]
Start page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
+--[HKEY_LOCAL_MACHINE\..\INTERNET EXPLORER\MAIN]
Start page : hxxp://fr.msn.com/
+---------------------------------------------------------------------------+
[~6879 BYTES] - "C:\AD-REPORT-CLEAN-18.01.2009.LOG"
End at: 19:12:08 | 18/01/2009 - Time elapsed: 4 minutes, 59 seconds
+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 127 Lines ]
+---------------------------------------------------------------------------+
/!\ Seul yaya07_15 peut suivre cette procédure /!\
Désactive toute protection résidente (Antivirus...) !
---> Copie (CTRL+C) le texte se situant dans le cadre ci-dessous :
---> Ouvre le Bloc Notes : Démarrer > Tous les programmes > Accessoires > Bloc notes
- Colle (CTRL+V) le texte dans le Bloc-notes.
- Enregistre ce fichier dans : Bureau
- Nom du fichier : CFScript
- Type du fichier : tous les fichiers !!
- Clique sur Enregistrer.
- Quitte le Bloc-notes.
---> Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :
![]()
Cela va relancer Combofix : au message qui apparaît (Type 1 to continue, or 2 to abort), tape 1 puis valide.
Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal !
Ne touche à rien tant que le scan n'est pas terminé.
Une fois le scan achevé, un rapport va s'afficher, copie/colle son contenu sur le forum.
Si le fichier ne s'ouvre pas, il se trouve ici : C:\ComboFix.txt
![;)]( ";)")
Désactive toute protection résidente (Antivirus...) !
---> Copie (CTRL+C) le texte se situant dans le cadre ci-dessous :
KillAll::
File::
c:\windows\Tasks\RegistrySmart Scheduled Scan.job
c:\windows\Tasks\RegistrySmart Scheduled Scan.job
c:\windows\system32\md5.dll
C:\WINDOWS\BBSTORE\DSS\DSSAGENT.EXE
c:\windows\system32\cgziplibrary.dll
c:\windows\system32\urlhist.tlb
c:\windows\system32\armaccess.dll
C:\Documents and Settings\benhassaine\igLoader Files\MasterKickMiniClip\igUninst.exe
C:\Documents and Settings\benhassaine\Bureau\jeux_yanis\C11 Script Controler 1.33.rar
C:\Documents and Settings\benhassaine\Cookies\benhassaine@247realmedia[1].txt
C:\Documents and Settings\benhassaine\Cookies\benhassaine@adserver.alyzamedia[1].txt
C:\Documents and Settings\benhassaine\Cookies\benhassaine@adserver.alyzamedia[1].txT
C:\Documents and Settings\benhassaine\Cookies\benhassaine@adserver.aol[2].txt
C:\Documents and Settings\benhassaine\Cookies\benhassaine@adserver.aol[2].txt
C:\Documents and Settings\benhassaine\Cookies\benhassaine@com[2].txt
C:\Documents and Settings\benhassaine\Cookies\benhassaine@incredimail[2].txt
C:\Documents and Settings\benhassaine\Cookies\benhassaine@media6degrees[2].txt
C:\Documents and Settings\benhassaine\Cookies\benhassaine@mediatis[2].txt
C:\Documents and Settings\benhassaine\Cookies\benhassaine@windowsmedia[1].txt
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP495\A0230893.exe
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP497\A0231954.exe
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP536\A0256417.exe
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP537\A0256423.dll
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP552\A0263483.exe
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP552\A0263487.exe
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263630.exe
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263654.exe
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263668.DLL
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263672.DLL
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263675.DLL
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263692.sys
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP558\A0264259.exe
Folder::
C:\Program Files\Macrogaming
C:\Documents and Settings\benhassaine\Bureau\jeux_yanis\A envoyer à votre victime
C:\Documents and Settings\benhassaine\Mes documents\YANIS\A installer chez vous
C:\Documents and Settings\benhassaine\Mes documents\YANIS\A envoyer à votre victime
C:\Documents and Settings\benhassaine\Mes documents\Mes fichiers reçus\antivirus msn.plsc
File::
c:\windows\Tasks\RegistrySmart Scheduled Scan.job
c:\windows\Tasks\RegistrySmart Scheduled Scan.job
c:\windows\system32\md5.dll
C:\WINDOWS\BBSTORE\DSS\DSSAGENT.EXE
c:\windows\system32\cgziplibrary.dll
c:\windows\system32\urlhist.tlb
c:\windows\system32\armaccess.dll
C:\Documents and Settings\benhassaine\igLoader Files\MasterKickMiniClip\igUninst.exe
C:\Documents and Settings\benhassaine\Bureau\jeux_yanis\C11 Script Controler 1.33.rar
C:\Documents and Settings\benhassaine\Cookies\benhassaine@247realmedia[1].txt
C:\Documents and Settings\benhassaine\Cookies\benhassaine@adserver.alyzamedia[1].txt
C:\Documents and Settings\benhassaine\Cookies\benhassaine@adserver.alyzamedia[1].txT
C:\Documents and Settings\benhassaine\Cookies\benhassaine@adserver.aol[2].txt
C:\Documents and Settings\benhassaine\Cookies\benhassaine@adserver.aol[2].txt
C:\Documents and Settings\benhassaine\Cookies\benhassaine@com[2].txt
C:\Documents and Settings\benhassaine\Cookies\benhassaine@incredimail[2].txt
C:\Documents and Settings\benhassaine\Cookies\benhassaine@media6degrees[2].txt
C:\Documents and Settings\benhassaine\Cookies\benhassaine@mediatis[2].txt
C:\Documents and Settings\benhassaine\Cookies\benhassaine@windowsmedia[1].txt
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP495\A0230893.exe
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP497\A0231954.exe
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP536\A0256417.exe
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP537\A0256423.dll
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP552\A0263483.exe
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP552\A0263487.exe
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263630.exe
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263654.exe
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263668.DLL
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263672.DLL
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263675.DLL
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263692.sys
C:\System Volume Information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP558\A0264259.exe
Folder::
C:\Program Files\Macrogaming
C:\Documents and Settings\benhassaine\Bureau\jeux_yanis\A envoyer à votre victime
C:\Documents and Settings\benhassaine\Mes documents\YANIS\A installer chez vous
C:\Documents and Settings\benhassaine\Mes documents\YANIS\A envoyer à votre victime
C:\Documents and Settings\benhassaine\Mes documents\Mes fichiers reçus\antivirus msn.plsc
---> Ouvre le Bloc Notes : Démarrer > Tous les programmes > Accessoires > Bloc notes
- Colle (CTRL+V) le texte dans le Bloc-notes.
- Enregistre ce fichier dans : Bureau
- Nom du fichier : CFScript
- Type du fichier : tous les fichiers !!
- Clique sur Enregistrer.
- Quitte le Bloc-notes.
---> Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :
ComboFix 09-01-17.04 - benhassaine 2009-01-18 20:33:39.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.511.79 [GMT 1:00]
Lancé depuis: c:\documents and settings\benhassaine\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\benhassaine\Bureau\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Outdated)
* Un nouveau point de restauration a été créé
FILE ::
c:\documents and settings\benhassaine\Bureau\jeux_yanis\C11 Script Controler 1.33.rar
c:\documents and settings\benhassaine\Cookies\benhassaine@247realmedia[1].txt
c:\documents and settings\benhassaine\Cookies\benhassaine@adserver.alyzamedia[1].txT
c:\documents and settings\benhassaine\Cookies\benhassaine@adserver.aol[2].txt
c:\documents and settings\benhassaine\Cookies\benhassaine@com[2].txt
c:\documents and settings\benhassaine\Cookies\benhassaine@incredimail[2].txt
c:\documents and settings\benhassaine\Cookies\benhassaine@media6degrees[2].txt
c:\documents and settings\benhassaine\Cookies\benhassaine@mediatis[2].txt
c:\documents and settings\benhassaine\Cookies\benhassaine@windowsmedia[1].txt
c:\documents and settings\benhassaine\igLoader Files\MasterKickMiniClip\igUninst.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP495\A0230893.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP497\A0231954.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP536\A0256417.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP537\A0256423.dll
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP552\A0263483.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP552\A0263487.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263630.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263654.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263668.DLL
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263672.DLL
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263675.DLL
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263692.sys
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP558\A0264259.exe
c:\windows\BBSTORE\DSS\DSSAGENT.EXE
c:\windows\system32\armaccess.dll
c:\windows\system32\cgziplibrary.dll
c:\windows\system32\md5.dll
c:\windows\system32\urlhist.tlb
c:\windows\Tasks\RegistrySmart Scheduled Scan.job
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\benhassaine\Bureau\jeux_yanis\A envoyer à votre victime
c:\documents and settings\benhassaine\Bureau\jeux_yanis\A envoyer à votre victime\antivirus msn.plsc
c:\documents and settings\benhassaine\Bureau\jeux_yanis\C11 Script Controler 1.33.rar
c:\documents and settings\benhassaine\Cookies\benhassaine@247realmedia[1].txt
c:\documents and settings\benhassaine\Cookies\benhassaine@adserver.alyzamedia[1].txT
c:\documents and settings\benhassaine\Cookies\benhassaine@adserver.aol[2].txt
c:\documents and settings\benhassaine\Cookies\benhassaine@com[2].txt
c:\documents and settings\benhassaine\Cookies\benhassaine@incredimail[2].txt
c:\documents and settings\benhassaine\Cookies\benhassaine@media6degrees[2].txt
c:\documents and settings\benhassaine\Cookies\benhassaine@mediatis[2].txt
c:\documents and settings\benhassaine\Cookies\benhassaine@windowsmedia[1].txt
c:\documents and settings\benhassaine\igLoader Files\MasterKickMiniClip\igUninst.exe
c:\documents and settings\benhassaine\Mes documents\Mes fichiers reçus\antivirus msn.plsc\
c:\documents and settings\benhassaine\Mes documents\YANIS\A envoyer à votre victime
c:\documents and settings\benhassaine\Mes documents\YANIS\A envoyer à votre victime\antivirus msn.plsc
c:\documents and settings\benhassaine\Mes documents\YANIS\A installer chez vous
c:\documents and settings\benhassaine\Mes documents\YANIS\A installer chez vous\Controler 1.33.plsc
c:\program files\Macrogaming
c:\program files\Macrogaming\SweetIM\mgAdaptersProxy.dll
c:\program files\Macrogaming\SweetIM\msvcr71.dll
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP495\A0230893.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP497\A0231954.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP536\A0256417.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP537\A0256423.dll
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP552\A0263483.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP552\A0263487.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263630.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263654.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263668.DLL
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263672.DLL
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263675.DLL
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263692.sys
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP558\A0264259.exe
c:\windows\BBSTORE\DSS\DSSAGENT.EXE
c:\windows\system32\armaccess.dll
c:\windows\system32\cgziplibrary.dll
c:\windows\system32\md5.dll
c:\windows\system32\urlhist.tlb
c:\windows\Tasks\RegistrySmart Scheduled Scan.job
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-18 au 2009-01-18 ))))))))))))))))))))))))))))))))))))
.
2009-03-15 23:17 . 2009-03-15 23:19 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Lavasoft
2009-03-15 23:07 . 2008-12-23 11:14 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Norton
2009-03-15 23:06 . 2009-03-15 23:06 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\NortonInstaller
2009-03-11 18:28 . 2008-12-23 11:38 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Avg8
2009-03-11 11:35 . 2009-03-11 20:32 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2009-03-08 11:07 . 2009-03-08 11:07 10,520 --------- c:\windows\system32\avgrsstx.dll.install_backup
2009-03-07 21:22 . 2009-03-07 21:22 <REP> d-------- c:\program files\IZArc
2009-03-07 11:50 . 2009-03-07 11:50 3,989,002 --a------ C:\rain_b_fever_3_Bilal_Feat_Sinik_&_Big_Ali_-_Bienvenue_Chez_Les_Bylka.MP3
2009-03-06 19:52 . 2009-03-06 19:52 149 --a------ c:\windows\system32\sys.xml
2009-02-16 20:48 . 2009-02-16 20:50 3,439,804 --a------ C:\Sheryfa_Luna_feat_Alibi_Montana_-_SI_tu_n_tais_plus_l_.flv.MP3
2009-02-15 23:51 . 2009-02-15 23:51 <REP> d-------- c:\program files\Oberon Media
2009-02-15 23:51 . 2009-02-15 23:51 <REP> d-------- c:\program files\Gamenext
2009-02-15 23:51 . 2009-02-15 23:51 <REP> d-------- c:\program files\Fichiers communs\Oberon Media
2009-02-14 12:46 . 2009-02-14 13:05 <REP> d-------- c:\documents and settings\benhassaine\Application Data\PowerChallenge
2009-02-14 12:03 . 2009-02-14 12:03 <REP> d-------- c:\program files\MSXML 4.0
2009-02-13 19:12 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2009-02-13 19:11 . 2008-09-04 18:16 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2009-02-04 22:57 . 2009-02-04 22:57 <REP> d-------- c:\program files\DkZ Update
2009-02-04 22:57 . 2009-02-04 22:57 <REP> d-------- c:\documents and settings\benhassaine\Application Data\Atari
2009-02-04 15:57 . 2009-02-04 15:57 360,580 --a------ c:\windows\eSellerateEngine.dll
2009-02-04 15:56 . 2009-02-04 15:56 <REP> d-------- c:\program files\MSN Content Plus Inc
2009-02-02 13:31 . 2009-03-05 15:30 <REP> d-------- c:\documents and settings\benhassaine\Tracing
2009-02-02 03:11 . 2009-02-02 03:11 <REP> d-------- c:\program files\Microsoft
2009-02-02 03:06 . 2009-02-02 03:06 <REP> d-------- c:\program files\Fichiers communs\Windows Live
2009-01-23 12:46 . 2008-10-15 17:35 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll
2009-01-20 17:03 . 2009-01-20 17:03 1,955,631 --a------ C:\BO_Cliente_Gigolo.MP3
2009-01-18 18:15 . 2009-01-18 19:29 <REP> d-------- c:\program files\Ad-remover
2009-01-16 13:39 . 2009-01-16 14:47 <REP> d-------- c:\program files\trend micro
2009-01-15 19:42 . 2009-01-15 19:42 <REP> d-------- c:\documents and settings\benhassaine\Application Data\Malwarebytes
2009-01-15 19:42 . 2009-01-15 19:42 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-01-15 13:25 . 2009-01-15 13:25 410,984 --a------ c:\windows\system32\deploytk.dll
2009-01-15 05:03 . 2008-12-11 11:57 333,952 -----c--- c:\windows\system32\dllcache\srv.sys
2009-01-15 05:01 . 2008-09-15 16:26 1,846,528 -----c--- c:\windows\system32\dllcache\win32k.sys
2009-01-15 05:00 . 2008-08-14 14:23 2,191,232 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2009-01-15 05:00 . 2008-08-14 14:23 2,147,328 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-01-15 05:00 . 2008-08-14 14:23 2,068,096 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-01-15 05:00 . 2008-08-14 14:23 2,025,984 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2009-01-14 17:34 . 2009-01-14 22:37 <REP> d-------- c:\program files\EA GAMES
2009-01-12 22:11 . 2009-01-12 22:11 265,656 --a------ C:\MaGiStErIaL [si le racism est ta seul solution, choisi 1 otre option, je te rappel sur cet echequier nous ne somes ke des pions]_12_01_2009@22_04_27.wav
2009-01-12 20:23 . 2009-01-12 20:23 <REP> d-------- c:\program files\Spider
2009-01-09 19:37 . 2009-01-09 19:37 425,656 --a------ C:\MaGiStErIaL [http--fr.youtube.com-watchv=l7haB82fAio&feature=channel_page]_09_01_2009@19_34_08.wav
2009-01-05 20:37 . 2008-04-17 13:12 107,368 --a------ c:\windows\system32\GEARAspi.dll
2009-01-05 20:37 . 2008-04-17 13:12 15,464 --a------ c:\windows\system32\drivers\GEARAspiWDM.sys
2009-01-05 20:36 . 2009-01-05 20:37 <REP> d-------- c:\program files\iTunes
2009-01-05 20:36 . 2009-01-05 20:36 <REP> d-------- c:\program files\iPod
2009-01-05 20:36 . 2009-01-05 20:37 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-05 20:34 . 2009-01-05 20:34 <REP> d-------- c:\program files\Bonjour
2009-01-05 20:27 . 2009-01-05 20:27 <REP> d-------- c:\program files\Apple Software Update
2009-01-05 20:25 . 2009-01-05 20:32 <REP> d-------- c:\program files\Fichiers communs\Apple
2009-01-05 20:25 . 2009-01-05 20:25 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Apple
2009-01-05 20:17 . 2009-01-05 20:17 <REP> d-------- c:\program files\Ashampoo
2009-01-05 20:17 . 2008-12-22 10:18 33,632 --a------ c:\windows\system32\DfSdkBt.exe
2009-01-05 19:17 . 2009-01-05 19:17 <REP> d-------- c:\documents and settings\benhassaine\Application Data\Ableton
2009-01-05 19:17 . 2009-01-05 19:17 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Ableton
2009-01-05 19:11 . 2008-12-17 16:14 233,472 --a------ c:\windows\system32\REX Shared Library.dll
2009-01-05 19:10 . 2009-01-05 19:10 <REP> d-------- c:\program files\Ableton
2008-12-30 01:21 . 2008-12-30 01:37 132,594,552 --a------ C:\1sssd.flv.AVI
2008-12-30 01:03 . 2008-12-30 01:12 62,643,584 --a------ C:\65486560-russian.mature.rose.flv.AVI
2008-12-30 00:51 . 2001-04-20 02:28 28,672 --a------ c:\windows\system32\systray.ocx
2008-12-30 00:50 . 2008-12-30 00:50 <REP> d-------- c:\program files\SystemGuards.com
2008-12-30 00:50 . 2005-08-27 03:38 1,435,272 --a------ c:\windows\system32\Flash8.ocx
2008-12-30 00:35 . 2009-01-06 21:17 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\SpeedBit
2008-12-30 00:34 . 2009-01-07 17:06 <REP> d-------- c:\program files\DAP
2008-12-29 14:38 . 2009-01-05 19:17 54,156 --ah----- c:\windows\QTFont.qfn
2008-12-29 14:38 . 2008-12-29 14:38 1,409 --a------ c:\windows\QTFont.for
2008-12-29 01:42 . 2008-12-29 01:42 <REP> d-------- c:\program files\Conduit
2008-12-29 01:35 . 2008-12-29 01:35 <REP> d-------- c:\program files\Sony
2008-12-29 01:32 . 2008-12-29 01:32 <REP> d-------- c:\program files\Sony Setup
2008-12-29 01:12 . 2008-12-29 01:15 <REP> d-------- c:\program files\Real dj system
2008-12-29 01:12 . 2002-04-16 09:15 2,670,080 --a------ c:\windows\system32\mmtoolsx2.OCX
2008-12-29 01:12 . 2001-01-20 17:14 428,032 --a------ c:\windows\system32\MMTypesX2.OCX
2008-12-29 01:12 . 2004-01-23 10:42 282,624 --a------ c:\windows\system32\ANIGif.ocx
2008-12-29 01:12 . 2001-01-21 20:01 63,488 --a------ c:\windows\system32\MMREGOCX.EXE
2008-12-29 01:12 . 2001-07-15 11:32 61,952 --a------ c:\windows\system32\midiio32.ocx
2008-12-29 01:12 . 2003-05-20 23:49 49,152 --a------ c:\windows\system32\tssDragDrop.ocx
2008-12-29 01:08 . 2008-12-29 01:08 <REP> d-------- c:\program files\DJ Mix Pro
2008-12-29 01:04 . 2008-12-29 01:05 <REP> d-------- C:\djp
2008-12-29 01:00 . 2008-12-29 01:00 <REP> d-------- C:\OtsLabs
2008-12-29 00:32 . 2008-12-29 00:32 <REP> d-------- c:\program files\Audacity
2008-12-28 23:51 . 2008-12-28 23:51 <REP> d-------- c:\program files\MyXOFT
2008-12-28 23:51 . 2008-12-29 00:16 <REP> d-------- c:\documents and settings\benhassaine\DSS DJ Data
2008-12-28 23:51 . 2006-12-01 22:03 626,688 --a------ c:\windows\system32\msvcr80.dll
2008-12-28 23:51 . 2006-12-01 22:03 548,864 --a------ c:\windows\system32\msvcp80.dll
2008-12-28 23:51 . 2006-12-02 06:22 479,232 --a------ c:\windows\system32\msvcm80.dll
2008-12-28 23:51 . 2006-12-01 22:03 1,869 --a------ c:\windows\system32\Microsoft.VC80.CRT.manifest
2008-12-26 19:17 . 2008-12-26 19:18 2,962,494 --a------ C:\I_Kissed_a_Girl_-_Katy_Perry.MP3
2008-12-23 11:38 . 2009-01-18 18:36 <REP> d-------- c:\windows\system32\drivers\Avg
2008-12-23 11:38 . 2008-12-23 11:38 <REP> d-------- c:\program files\AVG
2008-12-23 11:38 . 2009-01-13 18:41 <REP> d-------- c:\documents and settings\benhassaine\Application Data\AVGTOOLBAR
2008-12-23 11:38 . 2008-12-23 11:38 97,928 --a------ c:\windows\system32\drivers\avgldx86.sys
2008-12-23 11:38 . 2008-12-23 11:38 76,040 --a------ c:\windows\system32\drivers\avgtdix.sys
2008-12-23 11:38 . 2008-12-23 11:38 10,520 --a------ c:\windows\system32\avgrsstx.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-15 21:36 --------- d-----w c:\program files\Eidos
2009-03-05 14:52 --------- d-----w c:\program files\Windows Live
2009-03-05 14:43 --------- d-----w c:\program files\Cheat Engine
2009-02-26 08:32 --------- d-----w c:\documents and settings\benhassaine\Application Data\temp
2009-02-16 22:37 --------- d-----w c:\documents and settings\benhassaine\Application Data\LimeWire
2009-02-04 21:56 --------- d-----w c:\program files\DkZ Studio
2009-02-02 02:15 --------- d-----w c:\program files\Windows Live Toolbar
2009-01-16 13:45 --------- d-----w c:\program files\Saxo
2009-01-15 22:13 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Microsoft Help
2009-01-15 21:30 --------- d-----w c:\program files\MSN Messenger
2009-01-15 12:25 --------- d-----w c:\program files\Java
2009-01-14 16:21 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-06 20:16 --------- d---a-w c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
2009-01-05 19:39 --------- d-----w c:\documents and settings\benhassaine\Application Data\Apple Computer
2009-01-05 19:36 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Apple Computer
2009-01-05 19:33 --------- d-----w c:\program files\QuickTime
2009-01-05 17:53 --------- d-----w c:\program files\eMule
2009-01-05 17:35 --------- d-----w c:\program files\VirtualDJ
2008-12-30 14:12 --------- d-----w c:\program files\StuffPlug3
2008-12-29 23:52 --------- d-----w c:\program files\SoftwareDepo
2008-12-23 11:39 --------- d-----w c:\program files\Votre santé au quotidien
2008-12-23 11:27 --------- d-----w c:\program files\Larousse
2008-12-15 11:40 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Symantec
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2006-05-03 09:06 163,328 --sh--r c:\windows\system32\flvDX.dll
2007-02-21 10:47 31,232 --sh--r c:\windows\system32\msfDX.dll
2008-06-14 10:34 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008061420080615\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2005-06-08 196608]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-07-22 67128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-15 136600]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2005-08-26 122941]
"DetectorApp"="c:\program files\Roxio\MyDVD\MyDVD\DetectorApp.exe" [2005-08-31 102400]
"ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-08-09 221184]
"ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-08-09 81920]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-06-08 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-06-08 217088]
"REGSHAVE"="c:\program files\REGSHAVE\REGSHAVE.EXE" [2002-02-04 53248]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 159744]
"CTSysVol"="c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-10-31 57344]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-12-23 1261336]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-09-10 289576]
"P17Helper"="P17.dll" [2005-05-03 c:\windows\system32\P17.dll]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"msacm.l3codec"= l3codecp.acm
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ 'autocheck autochk *'
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autoconfigurateur WiFi Neuf]
--a------ 2006-07-06 21:32 122880 c:\program files\Neuf\Kit\WiFi\9wifi.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"usnjsvc"=3 (0x3)
"USBDeviceService"=2 (0x2)
"SLService"=2 (0x2)
"Pml Driver HPZ12"=3 (0x3)
"IDriverT"=3 (0x3)
"gusvc"=3 (0x3)
"Creative Service for CDROM Access"=2 (0x2)
"AVGEMS"=2 (0x2)
"Avg7UpdSvc"=2 (0x2)
"Avg7Alrt"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\benhassaine\\Application Data\\PowerChallenge\\PowerSoccer\\PowerSoccer.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\WINDOWS\\system32\\spoolsv.exe"=
"c:\\Program Files\\MSN Messenger\\usnsvc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R0 PzWDM;PzWDM;c:\windows\system32\drivers\PzWDM.sys [2008-06-02 15172]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-12-23 97928]
R4 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-12-23 875288]
R4 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-12-23 231704]
R4 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-12-23 76040]
S3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 6\DfSdkS.exe [2009-01-05 410976]
S3 MRVW225;54M Wireless USB Adapter Dirver for Windows XP;c:\windows\system32\drivers\MRVW225.sys [2007-06-24 299776]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2aa46dbc-0170-11dc-8d33-00110975e2e2}]
\Shell\AutoRun\command - K:\ReadMe.exe
.
Contenu du dossier 'Tâches planifiées'
2009-01-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
.
------- Examen supplémentaire -------
.
mWindow Title =
uInternet Connection Wizard,ShellNext = iexplore
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2102473&SearchSource=3&q=
FF - prefs.js: browser.search.selectedEngine - PHPNukeFR Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MOMWA3&q=
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll
FF - plugin: c:\documents and settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\extensions\OberonGameHost@OberonGames.com\platform\WINNT_x86-msvc\plugins\npOberonGameHost.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npigl.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll
FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll
---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-18 20:43:24
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-1708537768-220523388-839522115-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_USERS\S-1-5-21-1708537768-220523388-839522115-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:77,a9,ec,20,3b,fc,49,5b,da,07,7b,62,b8,81,5a,0d,85,6f,59,a9,81,73,15,
eb,a1,61,83,13,24,5b,b2,d2,29,83,18,c6,fc,dc,fc,f8,35,2d,19,dc,07,f5,b2,9c,\
"??"=hex:89,37,79,be,fd,86,ca,52,f1,de,65,d7,9e,66,67,49
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\windows\system32\rundll32.exe
c:\program files\HP\Digital Imaging\bin\hpqtra08.exe
c:\program files\Logitech\SetPoint\SetPoint.exe
c:\program files\Fichiers communs\Teleca Shared\CapabilityManager.exe
c:\program files\Fichiers communs\Logitech\KhalShared\KHALMNPR.exe
c:\program files\Logitech\Video\FxSvr2.exe
c:\windows\system32\wscntfy.exe
c:\program files\HP\Digital Imaging\bin\hpqgalry.exe
c:\program files\Fichiers communs\Teleca Shared\Generic.exe
c:\program files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
c:\windows\system32\msiexec.exe
.
**************************************************************************
.
Heure de fin: 2009-01-18 20:56:54 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-01-18 19:56:47
Avant-CF: 40 444 272 640 octets libres
AprÞs-CF: 40,439,517,184 octets libres
361 --- E O F --- 2009-02-14 11:10:26
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.511.79 [GMT 1:00]
Lancé depuis: c:\documents and settings\benhassaine\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\benhassaine\Bureau\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Outdated)
* Un nouveau point de restauration a été créé
FILE ::
c:\documents and settings\benhassaine\Bureau\jeux_yanis\C11 Script Controler 1.33.rar
c:\documents and settings\benhassaine\Cookies\benhassaine@247realmedia[1].txt
c:\documents and settings\benhassaine\Cookies\benhassaine@adserver.alyzamedia[1].txT
c:\documents and settings\benhassaine\Cookies\benhassaine@adserver.aol[2].txt
c:\documents and settings\benhassaine\Cookies\benhassaine@com[2].txt
c:\documents and settings\benhassaine\Cookies\benhassaine@incredimail[2].txt
c:\documents and settings\benhassaine\Cookies\benhassaine@media6degrees[2].txt
c:\documents and settings\benhassaine\Cookies\benhassaine@mediatis[2].txt
c:\documents and settings\benhassaine\Cookies\benhassaine@windowsmedia[1].txt
c:\documents and settings\benhassaine\igLoader Files\MasterKickMiniClip\igUninst.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP495\A0230893.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP497\A0231954.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP536\A0256417.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP537\A0256423.dll
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP552\A0263483.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP552\A0263487.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263630.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263654.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263668.DLL
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263672.DLL
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263675.DLL
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263692.sys
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP558\A0264259.exe
c:\windows\BBSTORE\DSS\DSSAGENT.EXE
c:\windows\system32\armaccess.dll
c:\windows\system32\cgziplibrary.dll
c:\windows\system32\md5.dll
c:\windows\system32\urlhist.tlb
c:\windows\Tasks\RegistrySmart Scheduled Scan.job
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\benhassaine\Bureau\jeux_yanis\A envoyer à votre victime
c:\documents and settings\benhassaine\Bureau\jeux_yanis\A envoyer à votre victime\antivirus msn.plsc
c:\documents and settings\benhassaine\Bureau\jeux_yanis\C11 Script Controler 1.33.rar
c:\documents and settings\benhassaine\Cookies\benhassaine@247realmedia[1].txt
c:\documents and settings\benhassaine\Cookies\benhassaine@adserver.alyzamedia[1].txT
c:\documents and settings\benhassaine\Cookies\benhassaine@adserver.aol[2].txt
c:\documents and settings\benhassaine\Cookies\benhassaine@com[2].txt
c:\documents and settings\benhassaine\Cookies\benhassaine@incredimail[2].txt
c:\documents and settings\benhassaine\Cookies\benhassaine@media6degrees[2].txt
c:\documents and settings\benhassaine\Cookies\benhassaine@mediatis[2].txt
c:\documents and settings\benhassaine\Cookies\benhassaine@windowsmedia[1].txt
c:\documents and settings\benhassaine\igLoader Files\MasterKickMiniClip\igUninst.exe
c:\documents and settings\benhassaine\Mes documents\Mes fichiers reçus\antivirus msn.plsc\
c:\documents and settings\benhassaine\Mes documents\YANIS\A envoyer à votre victime
c:\documents and settings\benhassaine\Mes documents\YANIS\A envoyer à votre victime\antivirus msn.plsc
c:\documents and settings\benhassaine\Mes documents\YANIS\A installer chez vous
c:\documents and settings\benhassaine\Mes documents\YANIS\A installer chez vous\Controler 1.33.plsc
c:\program files\Macrogaming
c:\program files\Macrogaming\SweetIM\mgAdaptersProxy.dll
c:\program files\Macrogaming\SweetIM\msvcr71.dll
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP495\A0230893.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP497\A0231954.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP536\A0256417.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP537\A0256423.dll
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP552\A0263483.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP552\A0263487.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263630.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263654.exe
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263668.DLL
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263672.DLL
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263675.DLL
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP555\A0263692.sys
c:\system volume information\_restore{10735617-779D-469E-A239-52DE14077B5F}\RP558\A0264259.exe
c:\windows\BBSTORE\DSS\DSSAGENT.EXE
c:\windows\system32\armaccess.dll
c:\windows\system32\cgziplibrary.dll
c:\windows\system32\md5.dll
c:\windows\system32\urlhist.tlb
c:\windows\Tasks\RegistrySmart Scheduled Scan.job
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-18 au 2009-01-18 ))))))))))))))))))))))))))))))))))))
.
2009-03-15 23:17 . 2009-03-15 23:19 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Lavasoft
2009-03-15 23:07 . 2008-12-23 11:14 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Norton
2009-03-15 23:06 . 2009-03-15 23:06 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\NortonInstaller
2009-03-11 18:28 . 2008-12-23 11:38 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Avg8
2009-03-11 11:35 . 2009-03-11 20:32 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2009-03-08 11:07 . 2009-03-08 11:07 10,520 --------- c:\windows\system32\avgrsstx.dll.install_backup
2009-03-07 21:22 . 2009-03-07 21:22 <REP> d-------- c:\program files\IZArc
2009-03-07 11:50 . 2009-03-07 11:50 3,989,002 --a------ C:\rain_b_fever_3_Bilal_Feat_Sinik_&_Big_Ali_-_Bienvenue_Chez_Les_Bylka.MP3
2009-03-06 19:52 . 2009-03-06 19:52 149 --a------ c:\windows\system32\sys.xml
2009-02-16 20:48 . 2009-02-16 20:50 3,439,804 --a------ C:\Sheryfa_Luna_feat_Alibi_Montana_-_SI_tu_n_tais_plus_l_.flv.MP3
2009-02-15 23:51 . 2009-02-15 23:51 <REP> d-------- c:\program files\Oberon Media
2009-02-15 23:51 . 2009-02-15 23:51 <REP> d-------- c:\program files\Gamenext
2009-02-15 23:51 . 2009-02-15 23:51 <REP> d-------- c:\program files\Fichiers communs\Oberon Media
2009-02-14 12:46 . 2009-02-14 13:05 <REP> d-------- c:\documents and settings\benhassaine\Application Data\PowerChallenge
2009-02-14 12:03 . 2009-02-14 12:03 <REP> d-------- c:\program files\MSXML 4.0
2009-02-13 19:12 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2009-02-13 19:11 . 2008-09-04 18:16 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2009-02-04 22:57 . 2009-02-04 22:57 <REP> d-------- c:\program files\DkZ Update
2009-02-04 22:57 . 2009-02-04 22:57 <REP> d-------- c:\documents and settings\benhassaine\Application Data\Atari
2009-02-04 15:57 . 2009-02-04 15:57 360,580 --a------ c:\windows\eSellerateEngine.dll
2009-02-04 15:56 . 2009-02-04 15:56 <REP> d-------- c:\program files\MSN Content Plus Inc
2009-02-02 13:31 . 2009-03-05 15:30 <REP> d-------- c:\documents and settings\benhassaine\Tracing
2009-02-02 03:11 . 2009-02-02 03:11 <REP> d-------- c:\program files\Microsoft
2009-02-02 03:06 . 2009-02-02 03:06 <REP> d-------- c:\program files\Fichiers communs\Windows Live
2009-01-23 12:46 . 2008-10-15 17:35 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll
2009-01-20 17:03 . 2009-01-20 17:03 1,955,631 --a------ C:\BO_Cliente_Gigolo.MP3
2009-01-18 18:15 . 2009-01-18 19:29 <REP> d-------- c:\program files\Ad-remover
2009-01-16 13:39 . 2009-01-16 14:47 <REP> d-------- c:\program files\trend micro
2009-01-15 19:42 . 2009-01-15 19:42 <REP> d-------- c:\documents and settings\benhassaine\Application Data\Malwarebytes
2009-01-15 19:42 . 2009-01-15 19:42 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-01-15 13:25 . 2009-01-15 13:25 410,984 --a------ c:\windows\system32\deploytk.dll
2009-01-15 05:03 . 2008-12-11 11:57 333,952 -----c--- c:\windows\system32\dllcache\srv.sys
2009-01-15 05:01 . 2008-09-15 16:26 1,846,528 -----c--- c:\windows\system32\dllcache\win32k.sys
2009-01-15 05:00 . 2008-08-14 14:23 2,191,232 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2009-01-15 05:00 . 2008-08-14 14:23 2,147,328 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-01-15 05:00 . 2008-08-14 14:23 2,068,096 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-01-15 05:00 . 2008-08-14 14:23 2,025,984 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2009-01-14 17:34 . 2009-01-14 22:37 <REP> d-------- c:\program files\EA GAMES
2009-01-12 22:11 . 2009-01-12 22:11 265,656 --a------ C:\MaGiStErIaL [si le racism est ta seul solution, choisi 1 otre option, je te rappel sur cet echequier nous ne somes ke des pions]_12_01_2009@22_04_27.wav
2009-01-12 20:23 . 2009-01-12 20:23 <REP> d-------- c:\program files\Spider
2009-01-09 19:37 . 2009-01-09 19:37 425,656 --a------ C:\MaGiStErIaL [http--fr.youtube.com-watchv=l7haB82fAio&feature=channel_page]_09_01_2009@19_34_08.wav
2009-01-05 20:37 . 2008-04-17 13:12 107,368 --a------ c:\windows\system32\GEARAspi.dll
2009-01-05 20:37 . 2008-04-17 13:12 15,464 --a------ c:\windows\system32\drivers\GEARAspiWDM.sys
2009-01-05 20:36 . 2009-01-05 20:37 <REP> d-------- c:\program files\iTunes
2009-01-05 20:36 . 2009-01-05 20:36 <REP> d-------- c:\program files\iPod
2009-01-05 20:36 . 2009-01-05 20:37 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-05 20:34 . 2009-01-05 20:34 <REP> d-------- c:\program files\Bonjour
2009-01-05 20:27 . 2009-01-05 20:27 <REP> d-------- c:\program files\Apple Software Update
2009-01-05 20:25 . 2009-01-05 20:32 <REP> d-------- c:\program files\Fichiers communs\Apple
2009-01-05 20:25 . 2009-01-05 20:25 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Apple
2009-01-05 20:17 . 2009-01-05 20:17 <REP> d-------- c:\program files\Ashampoo
2009-01-05 20:17 . 2008-12-22 10:18 33,632 --a------ c:\windows\system32\DfSdkBt.exe
2009-01-05 19:17 . 2009-01-05 19:17 <REP> d-------- c:\documents and settings\benhassaine\Application Data\Ableton
2009-01-05 19:17 . 2009-01-05 19:17 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Ableton
2009-01-05 19:11 . 2008-12-17 16:14 233,472 --a------ c:\windows\system32\REX Shared Library.dll
2009-01-05 19:10 . 2009-01-05 19:10 <REP> d-------- c:\program files\Ableton
2008-12-30 01:21 . 2008-12-30 01:37 132,594,552 --a------ C:\1sssd.flv.AVI
2008-12-30 01:03 . 2008-12-30 01:12 62,643,584 --a------ C:\65486560-russian.mature.rose.flv.AVI
2008-12-30 00:51 . 2001-04-20 02:28 28,672 --a------ c:\windows\system32\systray.ocx
2008-12-30 00:50 . 2008-12-30 00:50 <REP> d-------- c:\program files\SystemGuards.com
2008-12-30 00:50 . 2005-08-27 03:38 1,435,272 --a------ c:\windows\system32\Flash8.ocx
2008-12-30 00:35 . 2009-01-06 21:17 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\SpeedBit
2008-12-30 00:34 . 2009-01-07 17:06 <REP> d-------- c:\program files\DAP
2008-12-29 14:38 . 2009-01-05 19:17 54,156 --ah----- c:\windows\QTFont.qfn
2008-12-29 14:38 . 2008-12-29 14:38 1,409 --a------ c:\windows\QTFont.for
2008-12-29 01:42 . 2008-12-29 01:42 <REP> d-------- c:\program files\Conduit
2008-12-29 01:35 . 2008-12-29 01:35 <REP> d-------- c:\program files\Sony
2008-12-29 01:32 . 2008-12-29 01:32 <REP> d-------- c:\program files\Sony Setup
2008-12-29 01:12 . 2008-12-29 01:15 <REP> d-------- c:\program files\Real dj system
2008-12-29 01:12 . 2002-04-16 09:15 2,670,080 --a------ c:\windows\system32\mmtoolsx2.OCX
2008-12-29 01:12 . 2001-01-20 17:14 428,032 --a------ c:\windows\system32\MMTypesX2.OCX
2008-12-29 01:12 . 2004-01-23 10:42 282,624 --a------ c:\windows\system32\ANIGif.ocx
2008-12-29 01:12 . 2001-01-21 20:01 63,488 --a------ c:\windows\system32\MMREGOCX.EXE
2008-12-29 01:12 . 2001-07-15 11:32 61,952 --a------ c:\windows\system32\midiio32.ocx
2008-12-29 01:12 . 2003-05-20 23:49 49,152 --a------ c:\windows\system32\tssDragDrop.ocx
2008-12-29 01:08 . 2008-12-29 01:08 <REP> d-------- c:\program files\DJ Mix Pro
2008-12-29 01:04 . 2008-12-29 01:05 <REP> d-------- C:\djp
2008-12-29 01:00 . 2008-12-29 01:00 <REP> d-------- C:\OtsLabs
2008-12-29 00:32 . 2008-12-29 00:32 <REP> d-------- c:\program files\Audacity
2008-12-28 23:51 . 2008-12-28 23:51 <REP> d-------- c:\program files\MyXOFT
2008-12-28 23:51 . 2008-12-29 00:16 <REP> d-------- c:\documents and settings\benhassaine\DSS DJ Data
2008-12-28 23:51 . 2006-12-01 22:03 626,688 --a------ c:\windows\system32\msvcr80.dll
2008-12-28 23:51 . 2006-12-01 22:03 548,864 --a------ c:\windows\system32\msvcp80.dll
2008-12-28 23:51 . 2006-12-02 06:22 479,232 --a------ c:\windows\system32\msvcm80.dll
2008-12-28 23:51 . 2006-12-01 22:03 1,869 --a------ c:\windows\system32\Microsoft.VC80.CRT.manifest
2008-12-26 19:17 . 2008-12-26 19:18 2,962,494 --a------ C:\I_Kissed_a_Girl_-_Katy_Perry.MP3
2008-12-23 11:38 . 2009-01-18 18:36 <REP> d-------- c:\windows\system32\drivers\Avg
2008-12-23 11:38 . 2008-12-23 11:38 <REP> d-------- c:\program files\AVG
2008-12-23 11:38 . 2009-01-13 18:41 <REP> d-------- c:\documents and settings\benhassaine\Application Data\AVGTOOLBAR
2008-12-23 11:38 . 2008-12-23 11:38 97,928 --a------ c:\windows\system32\drivers\avgldx86.sys
2008-12-23 11:38 . 2008-12-23 11:38 76,040 --a------ c:\windows\system32\drivers\avgtdix.sys
2008-12-23 11:38 . 2008-12-23 11:38 10,520 --a------ c:\windows\system32\avgrsstx.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-15 21:36 --------- d-----w c:\program files\Eidos
2009-03-05 14:52 --------- d-----w c:\program files\Windows Live
2009-03-05 14:43 --------- d-----w c:\program files\Cheat Engine
2009-02-26 08:32 --------- d-----w c:\documents and settings\benhassaine\Application Data\temp
2009-02-16 22:37 --------- d-----w c:\documents and settings\benhassaine\Application Data\LimeWire
2009-02-04 21:56 --------- d-----w c:\program files\DkZ Studio
2009-02-02 02:15 --------- d-----w c:\program files\Windows Live Toolbar
2009-01-16 13:45 --------- d-----w c:\program files\Saxo
2009-01-15 22:13 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Microsoft Help
2009-01-15 21:30 --------- d-----w c:\program files\MSN Messenger
2009-01-15 12:25 --------- d-----w c:\program files\Java
2009-01-14 16:21 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-06 20:16 --------- d---a-w c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
2009-01-05 19:39 --------- d-----w c:\documents and settings\benhassaine\Application Data\Apple Computer
2009-01-05 19:36 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Apple Computer
2009-01-05 19:33 --------- d-----w c:\program files\QuickTime
2009-01-05 17:53 --------- d-----w c:\program files\eMule
2009-01-05 17:35 --------- d-----w c:\program files\VirtualDJ
2008-12-30 14:12 --------- d-----w c:\program files\StuffPlug3
2008-12-29 23:52 --------- d-----w c:\program files\SoftwareDepo
2008-12-23 11:39 --------- d-----w c:\program files\Votre santé au quotidien
2008-12-23 11:27 --------- d-----w c:\program files\Larousse
2008-12-15 11:40 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Symantec
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2006-05-03 09:06 163,328 --sh--r c:\windows\system32\flvDX.dll
2007-02-21 10:47 31,232 --sh--r c:\windows\system32\msfDX.dll
2008-06-14 10:34 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008061420080615\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2005-06-08 196608]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-07-22 67128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-15 136600]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2005-08-26 122941]
"DetectorApp"="c:\program files\Roxio\MyDVD\MyDVD\DetectorApp.exe" [2005-08-31 102400]
"ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-08-09 221184]
"ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-08-09 81920]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-06-08 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-06-08 217088]
"REGSHAVE"="c:\program files\REGSHAVE\REGSHAVE.EXE" [2002-02-04 53248]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 159744]
"CTSysVol"="c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-10-31 57344]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-12-23 1261336]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-09-10 289576]
"P17Helper"="P17.dll" [2005-05-03 c:\windows\system32\P17.dll]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"msacm.l3codec"= l3codecp.acm
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ 'autocheck autochk *'
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autoconfigurateur WiFi Neuf]
--a------ 2006-07-06 21:32 122880 c:\program files\Neuf\Kit\WiFi\9wifi.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"usnjsvc"=3 (0x3)
"USBDeviceService"=2 (0x2)
"SLService"=2 (0x2)
"Pml Driver HPZ12"=3 (0x3)
"IDriverT"=3 (0x3)
"gusvc"=3 (0x3)
"Creative Service for CDROM Access"=2 (0x2)
"AVGEMS"=2 (0x2)
"Avg7UpdSvc"=2 (0x2)
"Avg7Alrt"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\benhassaine\\Application Data\\PowerChallenge\\PowerSoccer\\PowerSoccer.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\WINDOWS\\system32\\spoolsv.exe"=
"c:\\Program Files\\MSN Messenger\\usnsvc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R0 PzWDM;PzWDM;c:\windows\system32\drivers\PzWDM.sys [2008-06-02 15172]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-12-23 97928]
R4 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-12-23 875288]
R4 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-12-23 231704]
R4 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-12-23 76040]
S3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 6\DfSdkS.exe [2009-01-05 410976]
S3 MRVW225;54M Wireless USB Adapter Dirver for Windows XP;c:\windows\system32\drivers\MRVW225.sys [2007-06-24 299776]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2aa46dbc-0170-11dc-8d33-00110975e2e2}]
\Shell\AutoRun\command - K:\ReadMe.exe
.
Contenu du dossier 'Tâches planifiées'
2009-01-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
.
------- Examen supplémentaire -------
.
mWindow Title =
uInternet Connection Wizard,ShellNext = iexplore
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2102473&SearchSource=3&q=
FF - prefs.js: browser.search.selectedEngine - PHPNukeFR Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MOMWA3&q=
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll
FF - plugin: c:\documents and settings\benhassaine\Application Data\Mozilla\Firefox\Profiles\5cnx2wy9.default\extensions\OberonGameHost@OberonGames.com\platform\WINNT_x86-msvc\plugins\npOberonGameHost.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npigl.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll
FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll
---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-18 20:43:24
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-1708537768-220523388-839522115-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_USERS\S-1-5-21-1708537768-220523388-839522115-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:77,a9,ec,20,3b,fc,49,5b,da,07,7b,62,b8,81,5a,0d,85,6f,59,a9,81,73,15,
eb,a1,61,83,13,24,5b,b2,d2,29,83,18,c6,fc,dc,fc,f8,35,2d,19,dc,07,f5,b2,9c,\
"??"=hex:89,37,79,be,fd,86,ca,52,f1,de,65,d7,9e,66,67,49
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\windows\system32\rundll32.exe
c:\program files\HP\Digital Imaging\bin\hpqtra08.exe
c:\program files\Logitech\SetPoint\SetPoint.exe
c:\program files\Fichiers communs\Teleca Shared\CapabilityManager.exe
c:\program files\Fichiers communs\Logitech\KhalShared\KHALMNPR.exe
c:\program files\Logitech\Video\FxSvr2.exe
c:\windows\system32\wscntfy.exe
c:\program files\HP\Digital Imaging\bin\hpqgalry.exe
c:\program files\Fichiers communs\Teleca Shared\Generic.exe
c:\program files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
c:\windows\system32\msiexec.exe
.
**************************************************************************
.
Heure de fin: 2009-01-18 20:56:54 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-01-18 19:56:47
Avant-CF: 40 444 272 640 octets libres
AprÞs-CF: 40,439,517,184 octets libres
361 --- E O F --- 2009-02-14 11:10:26
Bien.
Mets à jour Adobe Reader.
---> Télécharge JavaRa.zip (de Paul 'Prm753' McLain et Fred de Vries) sur ton Bureau.
Décompresse le fichier sur le Bureau (Clic droit > Extraire tout).
Double-clique sur le répertoire JavaRa.
Puis double-clique sur le fichier JavaRa.exe (le exe peut ne pas s'afficher).
Choisis Français puis clique sur Select.
Clique sur Effacer les anciennes versions.
Clique sur Oui pour confirmer. Laisse travailler et clique ensuite sur OK, puis une deuxième fois sur OK.
Un rapport va s'ouvrir. Poste-le dans ta prochaine réponse.
Ferme l'application.
Note : le rapport se trouve aussi dans C:\ sous le nom JavaRa.log.
---> Télécharge JavaRa.zip (de Paul 'Prm753' McLain et Fred de Vries) sur ton Bureau.
Note : le rapport se trouve aussi dans C:\ sous le nom JavaRa.log.
voilà le rapport
JavaRa 1.13 Removal Log.
Report follows after line.
------------------------------------
The JavaRa removal process was started on Sun Jan 18 21:53:11 2009
Found and removed: C:\Program Files\Java\jre1.5.0_08
Found and removed: C:\Program Files\Java\jre1.5.0_10
Found and removed: C:\Program Files\Java\jre1.6.0_01
Found and removed: C:\Program Files\Java\jre1.6.0_02
Found and removed: C:\Program Files\Java\jre1.6.0_03
Found and removed: C:\Program Files\Java\jre1.6.0_05
Found and removed: C:\Program Files\Java\jre1.6.0_07
Found and removed: Software\JavaSoft\Java2D\1.5.0_08
Found and removed: Software\JavaSoft\Java2D\1.5.0_10
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510008
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D511000
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510008
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D511000
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510008
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D511000
Found and removed: SOFTWARE\Classes\JavaPlugin.150_08
Found and removed: SOFTWARE\Classes\JavaPlugin.150_10
Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_08
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_10
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_08
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_10
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510008
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D511000
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510008
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D511000
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150080}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150100}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610001
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610002
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610005
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610001
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610002
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610005
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005
Found and removed: SOFTWARE\Classes\JavaPlugin.160_01
Found and removed: SOFTWARE\Classes\JavaPlugin.160_02
Found and removed: SOFTWARE\Classes\JavaPlugin.160_03
Found and removed: SOFTWARE\Classes\JavaPlugin.160_05
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_01
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_02
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_03
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_05
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_01
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_02
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_03
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_05
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610001
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610002
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610003
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610005
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610001
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610002
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610005
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160010}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160020}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160030}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160050}
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_08
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_10
Found and removed: Software\Classes\JavaPlugin.160_01
Found and removed: Software\Classes\JavaPlugin.160_02
Found and removed: Software\Classes\JavaPlugin.160_03
Found and removed: Software\Classes\JavaPlugin.160_05
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_01
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_02
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_03
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_05
Found and removed: Software\JavaSoft\Java2D\1.6.0_01
Found and removed: Software\JavaSoft\Java2D\1.6.0_02
Found and removed: Software\JavaSoft\Java2D\1.6.0_03
Found and removed: Software\JavaSoft\Java2D\1.6.0_05
Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_01
Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_02
Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_03
Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_05
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_08\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_10\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\bin\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\bin\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\bin\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\bin\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_07\bin\
JavaRa 1.13 Removal Log.
Report follows after line.
------------------------------------
The JavaRa removal process was started on Sun Jan 18 21:55:41 2009
------------------------------------
Finished reporting.
JavaRa 1.13 Removal Log.
Report follows after line.
------------------------------------
The JavaRa removal process was started on Sun Jan 18 21:53:11 2009
Found and removed: C:\Program Files\Java\jre1.5.0_08
Found and removed: C:\Program Files\Java\jre1.5.0_10
Found and removed: C:\Program Files\Java\jre1.6.0_01
Found and removed: C:\Program Files\Java\jre1.6.0_02
Found and removed: C:\Program Files\Java\jre1.6.0_03
Found and removed: C:\Program Files\Java\jre1.6.0_05
Found and removed: C:\Program Files\Java\jre1.6.0_07
Found and removed: Software\JavaSoft\Java2D\1.5.0_08
Found and removed: Software\JavaSoft\Java2D\1.5.0_10
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510008
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D511000
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510008
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D511000
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510008
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D511000
Found and removed: SOFTWARE\Classes\JavaPlugin.150_08
Found and removed: SOFTWARE\Classes\JavaPlugin.150_10
Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_08
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_10
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_08
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_10
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510008
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D511000
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510008
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D511000
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150080}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150100}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610001
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610002
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610005
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610001
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610002
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610005
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005
Found and removed: SOFTWARE\Classes\JavaPlugin.160_01
Found and removed: SOFTWARE\Classes\JavaPlugin.160_02
Found and removed: SOFTWARE\Classes\JavaPlugin.160_03
Found and removed: SOFTWARE\Classes\JavaPlugin.160_05
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_01
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_02
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_03
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_05
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_01
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_02
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_03
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_05
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610001
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610002
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610003
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610005
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610001
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610002
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610005
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160010}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160020}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160030}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160050}
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_08
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_10
Found and removed: Software\Classes\JavaPlugin.160_01
Found and removed: Software\Classes\JavaPlugin.160_02
Found and removed: Software\Classes\JavaPlugin.160_03
Found and removed: Software\Classes\JavaPlugin.160_05
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_01
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_02
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_03
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_05
Found and removed: Software\JavaSoft\Java2D\1.6.0_01
Found and removed: Software\JavaSoft\Java2D\1.6.0_02
Found and removed: Software\JavaSoft\Java2D\1.6.0_03
Found and removed: Software\JavaSoft\Java2D\1.6.0_05
Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_01
Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_02
Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_03
Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_05
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_08\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_10\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\bin\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\bin\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\bin\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\bin\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_07\bin\
JavaRa 1.13 Removal Log.
Report follows after line.
------------------------------------
The JavaRa removal process was started on Sun Jan 18 21:55:41 2009
------------------------------------
Finished reporting.
Lassé par la pub ? Créez un compte
- Contenus similaires :
- Forum[Résolu] HELP! cheval de troie
- Forum[Résolu] Cheval de Troie
- Forum[Resolu] Confirmation de suppression cheval de troie
- ForumCheval de troie (resolu)
- ForumCheval de troie ou ver..?? ou je sais pas .. résolu
- Forum[Résolu] Cheval de troie : comment le supprimer ?
- Forum[Résolu] J'ai un virus type Cheval de troie ( skintrim-A ) ! -
- Foruminfecte par le cheval de troie Win32:TratBHO [Resolu]
- ForumCheval de Troie Trojan.Win32.BHO.agz : Impossible à supprimer [Résolu]
- Voir plus
