Iexplore.exe virus
Dernière réponse : dans Sécurité
Bonjour depuis peu jai des pages internet qui s'ouvrent dans le gestionnaires des taches j'ai beau les supprimer ou utiliser firefox elles reviennent. Cela me fais ramer voila mon rapport :
Logfile of random's system information tool 1.06 (written by random/random)
Run by fabien at 2009-11-11 16:50:51
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 165 GB (48%) free of 343 GB
Total RAM: 2047 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:50:53, on 11/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Hotbar\bin\11.0.78.0\HotbarSA.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SFR\Kit\9props.exe
C:\documents and settings\fabien\local settings\application data\sgtauan.exe
C:\Program Files\Mumble\dbus-daemon.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\WINDOWS\system32\wuauclt.exe
C:\DOCUME~1\fabien\LOCALS~1\Temp\vshost32.exe
C:\DOCUME~1\fabien\LOCALS~1\Temp\scvhost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hotbar\bin\11.0.78.0\Srv.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Mumble\mumble.exe
C:\Program Files\NCSoft\Launcher\NCLauncher.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Hotbar\bin\11.0.78.0\Srv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\explorer.exe
C:\Downloads\Software\RSIT.exe
C:\Downloads\Software\fabien.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\fabien\LOCALS~1\Temp\vshost32.exe
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HotbarSA] "C:\Program Files\Hotbar\bin\11.0.78.0\HotbarSA.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [WeatherDPA] "C:\Program Files\Hotbar\bin\11.0.78.0\Weather.exe" -auto
O4 - HKCU\..\Run: [sgtauan] "c:\documents and settings\fabien\local settings\application data\sgtauan.exe" sgtauan
O4 - HKCU\..\Run: [Windows Workstation] C:\DOCUME~1\fabien\LOCALS~1\Temp\scvhost.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: Enregistrement de FIFA 09.lnk = C:\Program Files\EA Sports\FIFA 09\Support\EAregister.exe
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O8 - Extra context menu item: Save YouTube Video - res://C:\Program Files\Fichiers communs\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP4.htm
O8 - Extra context menu item: Save YouTube Video as MP3 - res://C:\Program Files\Fichiers communs\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/srl_bin/sysreqlab_...
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) - http://srtest-cdn.systemrequirementslab.com.s3.amazonaw...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
--
End of file - 13115 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\WGASetup.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465}]
ShoppingReport - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll [2009-10-13 1185056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}]
Hotbar - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll [2009-09-15 537904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-06-16 1144712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-06-16 1144712]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - Hotbar - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll [2009-09-15 537904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Ai Nap"=C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe [2008-05-26 1423360]
"QFan Help"=C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe [2008-05-06 594432]
"Cpu Level Up help"=C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe [2007-11-30 881152]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-16 16806400]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-03-27 13684736]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-03-27 86016]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"HotbarSA"=C:\Program Files\Hotbar\bin\11.0.78.0\HotbarSA.exe [2009-09-15 768816]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-09-13 3883856]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe [2009-04-24 203416]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe [2009-03-28 3325952]
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []
"Connexion SFR 9props.exe"=C:\Program Files\SFR\Kit\9props.exe [2009-04-21 955712]
"Software Informer"=C:\Program Files\Software Informer\softinfo.exe [2009-09-17 1933381]
"Octoshape Streaming Services"=C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [2009-01-08 70936]
"Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe [2009-01-31 3399727]
"fsm"= []
"PlayNC Launcher"= []
"WeatherDPA"=C:\Program Files\Hotbar\bin\11.0.78.0\Weather.exe [2009-09-15 353584]
"sgtauan"=c:\documents and settings\fabien\local settings\application data\sgtauan.exe [2009-11-09 446464]
"Windows Workstation"=C:\DOCUME~1\fabien\LOCALS~1\Temp\scvhost.exe [2009-11-11 22528]
C:\Documents and Settings\fabien\Menu Démarrer\Programmes\Démarrage
Enregistrement de FIFA 09.lnk - C:\Program Files\EA Sports\FIFA 09\Support\EAregister.exe
PowerReg Scheduler V3.exe
Xfire.lnk - C:\Program Files\Xfire\Xfire.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="wbsys.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
C:\Program Files\AlienGUIse\fastload.dll [2001-12-20 24576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2008-05-07 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"MemCheckBoxInRunDlg"=1
"NoSMBalloonTip"=1
"NoDesktopCleanupWizard"=1
"NoWelcomeScreen"=1
"NoStrCmpLogical"=0
"NoInstrumentation"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoResolveSearch"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled![:p]( ":p")
nkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled![:p]( ":p")
nkBstrB"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170.exe:*:Enabled:call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe"="C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe:*:Enabled:GRAW"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade 1.0, Public Beta 4"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Conference\Conference.dll"="C:\Program Files\Conference\Conference.dll:*:Enabled:Audio/Video Conference"
"C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe"="C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:*:Enabled:Tom Clancy's H.A.W.X"
"C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe"="C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe:*:Enabled:Tom Clancy's H.A.W.X"
"C:\Program Files\Garena\Garena.exe"="C:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"C:\Program Files\Steam\steamapps\akira57120\counter-strike source\hl2.exe"="C:\Program Files\Steam\steamapps\akira57120\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\akira57120\day of defeat source\hl2.exe"="C:\Program Files\Steam\steamapps\akira57120\day of defeat source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Documents and Settings\fabien\Bureau\PES2008.exe"="C:\Documents and Settings\fabien\Bureau\PES2008.exe:*:Enabled![:p]( ":p")
ro Evolution Soccer 2008"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled![:p]( ":p")
ro Evolution Soccer 2008"
"C:\Documents and Settings\fabien\Bureau\pes2009.exe"="C:\Documents and Settings\fabien\Bureau\pes2009.exe:*:Enabled![:p]( ":p")
ro Evolution Soccer 2009"
"C:\Program Files\Activision\Call of Duty - World at War\crack cod5WoW.exe"="C:\Program Files\Activision\Call of Duty - World at War\crack cod5WoW.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe"="C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe:*:Enabled:speed2"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled![:p]( ":p")
ro Evolution Soccer 2009"
"C:\Program Files\Internet Download Manager\IDMan.exe"="C:\Program Files\Internet Download Manager\IDMan.exe:*:Enabled:Internet Download Manager (IDM)"
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine"
"C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Combat Arms EU\NMService.exe"="C:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core"
"C:\Program Files\Cyanide\GameCenter\GameCenter.exe"="C:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\PokerTH\pokerth.exe"="C:\Program Files\PokerTH\pokerth.exe:*:Enabled![:p]( ":p")
okerth"
"C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe"="C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client"
"C:\Program Files\World of Warcraft\WoW-3.2.0-frFR-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Program Files\World of Warcraft\WoW-3.2.0-enGB-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Downloads\Crack\pes2010.exe"="C:\Downloads\Crack\pes2010.exe:*:Enabled![:p]( ":p")
ro Evolution Soccer 2010"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{373807e3-30a9-11de-8417-002215493bfd}]
shell\AutoRun\command - G:\autorun.exe
======List of files/folders created in the last 1 months======
2009-11-11 10:55:51 ----RSH---- C:\vshost.exe
2009-11-11 09:46:14 ----D---- C:\WINDOWS\LastGood
2009-11-06 03:14:42 ----A---- C:\WINDOWS\system32\xfcodec.dll
2009-10-19 12:55:34 ----D---- C:\Documents and Settings\All Users\Application Data\HotbarSA
2009-10-19 12:55:34 ----D---- C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
2009-10-19 12:55:33 ----D---- C:\Documents and Settings\fabien\Application Data\WeatherDPA
2009-10-19 12:55:31 ----D---- C:\Program Files\Hotbar
2009-10-19 12:55:31 ----D---- C:\Documents and Settings\fabien\Application Data\Hotbar
2009-10-19 12:55:21 ----D---- C:\Program Files\ShoppingReport
2009-10-19 12:55:21 ----D---- C:\Documents and Settings\fabien\Application Data\ShoppingReport
2009-10-16 02:03:11 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-16 02:00:54 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-16 02:00:50 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-16 02:00:48 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-16 02:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-16 02:00:41 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-16 02:00:35 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-16 02:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-16 02:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-16 02:00:19 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
======List of files/folders modified in the last 1 months======
2009-11-11 16:47:48 ----D---- C:\Documents and Settings\fabien\Application Data\Free Download Manager
2009-11-11 16:23:51 ----D---- C:\Documents and Settings\fabien\Application Data\Xfire
2009-11-11 14:26:22 ----D---- C:\Documents and Settings\fabien\Application Data\mIRC
2009-11-11 13:55:22 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-11-11 12:31:08 ----D---- C:\WINDOWS\Prefetch
2009-11-11 11:57:05 ----D---- C:\Program Files\mIRC
2009-11-11 11:00:44 ----D---- C:\Downloads
2009-11-11 09:46:24 ----HD---- C:\WINDOWS\inf
2009-11-11 09:46:15 ----HD---- C:\WINDOWS\$hf_mig$
2009-11-11 09:46:14 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-11 09:46:14 ----D---- C:\WINDOWS
2009-11-11 09:06:57 ----D---- C:\Program Files\Xfire
2009-11-11 04:26:34 ----D---- C:\Program Files\Mozilla Firefox
2009-11-10 14:06:24 ----D---- C:\Documents and Settings\fabien\Application Data\Software Informer
2009-11-10 14:03:37 ----D---- C:\WINDOWS\Temp
2009-11-10 09:35:56 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-09 22:31:31 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-11-09 03:57:48 ----D---- C:\Documents and Settings\fabien\Application Data\Mumble
2009-11-05 05:03:06 ----D---- C:\WINDOWS\system32
2009-11-05 03:00:23 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-11-04 21:40:55 ----D---- C:\Documents and Settings\fabien\Application Data\teamspeak2
2009-11-02 00:10:29 ----D---- C:\Documents and Settings\fabien\Application Data\dvdcss
2009-10-30 22:22:29 ----D---- C:\Program Files\World of Warcraft
2009-10-30 22:21:50 ----SHD---- C:\Config.Msi
2009-10-30 22:21:45 ----SHD---- C:\WINDOWS\Installer
2009-10-30 22:21:19 ----D---- C:\Documents and Settings\All Users\Application Data\KONAMI
2009-10-30 22:17:29 ----D---- C:\Program Files\Lineage II
2009-10-30 22:17:09 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-30 04:35:17 ----D---- C:\Program Files\KONAMI
2009-10-26 13:01:45 ----A---- C:\WINDOWS\WORDPAD.INI
2009-10-22 10:17:28 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-10-19 12:55:31 ----RD---- C:\Program Files
2009-10-16 02:08:41 ----D---- C:\WINDOWS\Microsoft.NET
2009-10-16 02:05:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-16 02:05:04 ----D---- C:\WINDOWS\WinSxS
2009-10-16 02:03:26 ----A---- C:\WINDOWS\imsins.BAK
2009-10-16 02:03:22 ----D---- C:\Program Files\Internet Explorer
2009-10-16 02:00:21 ----D---- C:\WINDOWS\system32\drivers
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 oreans32;oreans32; \??\C:\WINDOWS\system32\drivers\oreans32.sys []
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-03-16 5632]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-07-12 281760]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-07-12 25888]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-16 4747776]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-09-24 38400]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-03-27 6280416]
R3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 a8ldp604;a8ldp604; C:\WINDOWS\system32\drivers\a8ldp604.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\fabien\LOCALS~1\Temp\catchme.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\fabien\LOCALS~1\Temp\NKG3F2.tmp []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 MSICPL;MSICPL; \??\D:\install4\MSICPL.sys []
S3 npkcrypt;npkcrypt; \??\C:\Program Files\Lineage II\system\npkcrypt.sys []
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-07 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-07 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-07-13 71096]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-03-27 163908]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-05-21 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-11-11 215104]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-05-25 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Au plaisir d'une réponse
Logfile of random's system information tool 1.06 (written by random/random)
Run by fabien at 2009-11-11 16:50:51
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 165 GB (48%) free of 343 GB
Total RAM: 2047 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:50:53, on 11/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Hotbar\bin\11.0.78.0\HotbarSA.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SFR\Kit\9props.exe
C:\documents and settings\fabien\local settings\application data\sgtauan.exe
C:\Program Files\Mumble\dbus-daemon.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\WINDOWS\system32\wuauclt.exe
C:\DOCUME~1\fabien\LOCALS~1\Temp\vshost32.exe
C:\DOCUME~1\fabien\LOCALS~1\Temp\scvhost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hotbar\bin\11.0.78.0\Srv.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Mumble\mumble.exe
C:\Program Files\NCSoft\Launcher\NCLauncher.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Hotbar\bin\11.0.78.0\Srv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\explorer.exe
C:\Downloads\Software\RSIT.exe
C:\Downloads\Software\fabien.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\fabien\LOCALS~1\Temp\vshost32.exe
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HotbarSA] "C:\Program Files\Hotbar\bin\11.0.78.0\HotbarSA.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [WeatherDPA] "C:\Program Files\Hotbar\bin\11.0.78.0\Weather.exe" -auto
O4 - HKCU\..\Run: [sgtauan] "c:\documents and settings\fabien\local settings\application data\sgtauan.exe" sgtauan
O4 - HKCU\..\Run: [Windows Workstation] C:\DOCUME~1\fabien\LOCALS~1\Temp\scvhost.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: Enregistrement de FIFA 09.lnk = C:\Program Files\EA Sports\FIFA 09\Support\EAregister.exe
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O8 - Extra context menu item: Save YouTube Video - res://C:\Program Files\Fichiers communs\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP4.htm
O8 - Extra context menu item: Save YouTube Video as MP3 - res://C:\Program Files\Fichiers communs\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/srl_bin/sysreqlab_...
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) - http://srtest-cdn.systemrequirementslab.com.s3.amazonaw...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
--
End of file - 13115 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\WGASetup.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465}]
ShoppingReport - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll [2009-10-13 1185056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}]
Hotbar - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll [2009-09-15 537904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-06-16 1144712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-06-16 1144712]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - Hotbar - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll [2009-09-15 537904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Ai Nap"=C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe [2008-05-26 1423360]
"QFan Help"=C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe [2008-05-06 594432]
"Cpu Level Up help"=C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe [2007-11-30 881152]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-16 16806400]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-03-27 13684736]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-03-27 86016]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"HotbarSA"=C:\Program Files\Hotbar\bin\11.0.78.0\HotbarSA.exe [2009-09-15 768816]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-09-13 3883856]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe [2009-04-24 203416]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe [2009-03-28 3325952]
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []
"Connexion SFR 9props.exe"=C:\Program Files\SFR\Kit\9props.exe [2009-04-21 955712]
"Software Informer"=C:\Program Files\Software Informer\softinfo.exe [2009-09-17 1933381]
"Octoshape Streaming Services"=C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [2009-01-08 70936]
"Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe [2009-01-31 3399727]
"fsm"= []
"PlayNC Launcher"= []
"WeatherDPA"=C:\Program Files\Hotbar\bin\11.0.78.0\Weather.exe [2009-09-15 353584]
"sgtauan"=c:\documents and settings\fabien\local settings\application data\sgtauan.exe [2009-11-09 446464]
"Windows Workstation"=C:\DOCUME~1\fabien\LOCALS~1\Temp\scvhost.exe [2009-11-11 22528]
C:\Documents and Settings\fabien\Menu Démarrer\Programmes\Démarrage
Enregistrement de FIFA 09.lnk - C:\Program Files\EA Sports\FIFA 09\Support\EAregister.exe
PowerReg Scheduler V3.exe
Xfire.lnk - C:\Program Files\Xfire\Xfire.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="wbsys.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
C:\Program Files\AlienGUIse\fastload.dll [2001-12-20 24576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2008-05-07 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"MemCheckBoxInRunDlg"=1
"NoSMBalloonTip"=1
"NoDesktopCleanupWizard"=1
"NoWelcomeScreen"=1
"NoStrCmpLogical"=0
"NoInstrumentation"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoResolveSearch"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled
nkBstrA""C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled
nkBstrB""C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170.exe:*:Enabled:call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe"="C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe:*:Enabled:GRAW"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade 1.0, Public Beta 4"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Conference\Conference.dll"="C:\Program Files\Conference\Conference.dll:*:Enabled:Audio/Video Conference"
"C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe"="C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:*:Enabled:Tom Clancy's H.A.W.X"
"C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe"="C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe:*:Enabled:Tom Clancy's H.A.W.X"
"C:\Program Files\Garena\Garena.exe"="C:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"C:\Program Files\Steam\steamapps\akira57120\counter-strike source\hl2.exe"="C:\Program Files\Steam\steamapps\akira57120\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\akira57120\day of defeat source\hl2.exe"="C:\Program Files\Steam\steamapps\akira57120\day of defeat source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Documents and Settings\fabien\Bureau\PES2008.exe"="C:\Documents and Settings\fabien\Bureau\PES2008.exe:*:Enabled
ro Evolution Soccer 2008""C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled
ro Evolution Soccer 2008""C:\Documents and Settings\fabien\Bureau\pes2009.exe"="C:\Documents and Settings\fabien\Bureau\pes2009.exe:*:Enabled
ro Evolution Soccer 2009""C:\Program Files\Activision\Call of Duty - World at War\crack cod5WoW.exe"="C:\Program Files\Activision\Call of Duty - World at War\crack cod5WoW.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe"="C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe:*:Enabled:speed2"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled
ro Evolution Soccer 2009""C:\Program Files\Internet Download Manager\IDMan.exe"="C:\Program Files\Internet Download Manager\IDMan.exe:*:Enabled:Internet Download Manager (IDM)"
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine"
"C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Combat Arms EU\NMService.exe"="C:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core"
"C:\Program Files\Cyanide\GameCenter\GameCenter.exe"="C:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\PokerTH\pokerth.exe"="C:\Program Files\PokerTH\pokerth.exe:*:Enabled
okerth""C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe"="C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client"
"C:\Program Files\World of Warcraft\WoW-3.2.0-frFR-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Program Files\World of Warcraft\WoW-3.2.0-enGB-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Downloads\Crack\pes2010.exe"="C:\Downloads\Crack\pes2010.exe:*:Enabled
ro Evolution Soccer 2010"[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{373807e3-30a9-11de-8417-002215493bfd}]
shell\AutoRun\command - G:\autorun.exe
======List of files/folders created in the last 1 months======
2009-11-11 10:55:51 ----RSH---- C:\vshost.exe
2009-11-11 09:46:14 ----D---- C:\WINDOWS\LastGood
2009-11-06 03:14:42 ----A---- C:\WINDOWS\system32\xfcodec.dll
2009-10-19 12:55:34 ----D---- C:\Documents and Settings\All Users\Application Data\HotbarSA
2009-10-19 12:55:34 ----D---- C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
2009-10-19 12:55:33 ----D---- C:\Documents and Settings\fabien\Application Data\WeatherDPA
2009-10-19 12:55:31 ----D---- C:\Program Files\Hotbar
2009-10-19 12:55:31 ----D---- C:\Documents and Settings\fabien\Application Data\Hotbar
2009-10-19 12:55:21 ----D---- C:\Program Files\ShoppingReport
2009-10-19 12:55:21 ----D---- C:\Documents and Settings\fabien\Application Data\ShoppingReport
2009-10-16 02:03:11 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-16 02:00:54 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-16 02:00:50 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-16 02:00:48 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-16 02:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-16 02:00:41 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-16 02:00:35 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-16 02:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-16 02:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-16 02:00:19 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
======List of files/folders modified in the last 1 months======
2009-11-11 16:47:48 ----D---- C:\Documents and Settings\fabien\Application Data\Free Download Manager
2009-11-11 16:23:51 ----D---- C:\Documents and Settings\fabien\Application Data\Xfire
2009-11-11 14:26:22 ----D---- C:\Documents and Settings\fabien\Application Data\mIRC
2009-11-11 13:55:22 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-11-11 12:31:08 ----D---- C:\WINDOWS\Prefetch
2009-11-11 11:57:05 ----D---- C:\Program Files\mIRC
2009-11-11 11:00:44 ----D---- C:\Downloads
2009-11-11 09:46:24 ----HD---- C:\WINDOWS\inf
2009-11-11 09:46:15 ----HD---- C:\WINDOWS\$hf_mig$
2009-11-11 09:46:14 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-11 09:46:14 ----D---- C:\WINDOWS
2009-11-11 09:06:57 ----D---- C:\Program Files\Xfire
2009-11-11 04:26:34 ----D---- C:\Program Files\Mozilla Firefox
2009-11-10 14:06:24 ----D---- C:\Documents and Settings\fabien\Application Data\Software Informer
2009-11-10 14:03:37 ----D---- C:\WINDOWS\Temp
2009-11-10 09:35:56 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-09 22:31:31 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-11-09 03:57:48 ----D---- C:\Documents and Settings\fabien\Application Data\Mumble
2009-11-05 05:03:06 ----D---- C:\WINDOWS\system32
2009-11-05 03:00:23 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-11-04 21:40:55 ----D---- C:\Documents and Settings\fabien\Application Data\teamspeak2
2009-11-02 00:10:29 ----D---- C:\Documents and Settings\fabien\Application Data\dvdcss
2009-10-30 22:22:29 ----D---- C:\Program Files\World of Warcraft
2009-10-30 22:21:50 ----SHD---- C:\Config.Msi
2009-10-30 22:21:45 ----SHD---- C:\WINDOWS\Installer
2009-10-30 22:21:19 ----D---- C:\Documents and Settings\All Users\Application Data\KONAMI
2009-10-30 22:17:29 ----D---- C:\Program Files\Lineage II
2009-10-30 22:17:09 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-30 04:35:17 ----D---- C:\Program Files\KONAMI
2009-10-26 13:01:45 ----A---- C:\WINDOWS\WORDPAD.INI
2009-10-22 10:17:28 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-10-19 12:55:31 ----RD---- C:\Program Files
2009-10-16 02:08:41 ----D---- C:\WINDOWS\Microsoft.NET
2009-10-16 02:05:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-16 02:05:04 ----D---- C:\WINDOWS\WinSxS
2009-10-16 02:03:26 ----A---- C:\WINDOWS\imsins.BAK
2009-10-16 02:03:22 ----D---- C:\Program Files\Internet Explorer
2009-10-16 02:00:21 ----D---- C:\WINDOWS\system32\drivers
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 oreans32;oreans32; \??\C:\WINDOWS\system32\drivers\oreans32.sys []
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-03-16 5632]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-07-12 281760]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-07-12 25888]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-16 4747776]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-09-24 38400]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-03-27 6280416]
R3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 a8ldp604;a8ldp604; C:\WINDOWS\system32\drivers\a8ldp604.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\fabien\LOCALS~1\Temp\catchme.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\fabien\LOCALS~1\Temp\NKG3F2.tmp []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 MSICPL;MSICPL; \??\D:\install4\MSICPL.sys []
S3 npkcrypt;npkcrypt; \??\C:\Program Files\Lineage II\system\npkcrypt.sys []
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-07 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-07 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-07-13 71096]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-03-27 163908]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-05-21 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-11-11 215104]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-05-25 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Au plaisir d'une réponse
Autres pages sur : iexplore exe virus
Lassé par la pub ? Créez un compte
Bonjour,
Télécharge Navilog1 (de IL-MAFIOSO) sur ton Bureau.
Double-clique sur Navilog1.exe pour le lancer.
(Sous Vista, clique droit sur Navilog1 et choisis Exécuter en tant qu'administrateur)
Appuie sur 1 puis valide avec Entrée pour choisir Français.
Appuie sur une touche de ton clavier à chaque fois que cela est demandé, tu arriveras au menu des options.
Choisis l'option 1 et appuie sur la touche Entrée pour valider ton choix.
Patiente le temps du scan. Il te sera peut-être demandé de redémarrer ton PC.
Patiente jusqu'au message : *** Scan terminé le ..... ***
Le scan fini, le Bloc-notes contenant le rapport sera affiché, poste le rapport dans ta prochaine réponse.
Si le résultat du scan ne s'affiche pas, tu le trouveras dans C:\cleannavi.txt
(Sous Vista, clique droit sur Navilog1 et choisis Exécuter en tant qu'administrateur)
Merci de ta réponse et voici le rapport :
Fix Navipromo version 4.0.5 commencé le 12/11/2009 2:14:19,34
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 10.11.2009 à 18h00 par IL-MAFIOSO
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Processeur Intel Pentium III Xeon )
BIOS : BIOS Date: 11/28/08 17:25:18 Ver: 08.00.14
USER : fabien ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:335 Go (Free:161 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
G:\ (CD or DVD) - UDF - Total:5 Go (Free:0 Go)
Recherche executée en mode normal
Nettoyage exécuté au redémarrage de l'ordinateur
C:\Program Files\Live-Player supprimé !
c:\docume~1\alluse~1\menudm~1\progra~1\Live-Player supprimé !
C:\Documents and Settings\fabien\applic~1\Live-Player supprimé !
c:\docume~1\alluse~1\bureau\Live-Player.lnk supprimé !
C:\WINDOWS\prefetch\fmltskrq*.pf supprimé !
c:\docume~1\fabien\locals~1\applic~1\fmltskrq.exe supprimé !
c:\docume~1\fabien\locals~1\applic~1\fmltskrq.dat supprimé !
c:\docume~1\fabien\locals~1\applic~1\fmltskrq_nav.dat supprimé !
c:\docume~1\fabien\locals~1\applic~1\fmltskrq_navps.dat supprimé !
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\fabien\locals~1\Temp effectué !
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Scan terminé 12/11/2009 5:24:31,76 ***
Fix Navipromo version 4.0.5 commencé le 12/11/2009 2:14:19,34
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 10.11.2009 à 18h00 par IL-MAFIOSO
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Processeur Intel Pentium III Xeon )
BIOS : BIOS Date: 11/28/08 17:25:18 Ver: 08.00.14
USER : fabien ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:335 Go (Free:161 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
G:\ (CD or DVD) - UDF - Total:5 Go (Free:0 Go)
Recherche executée en mode normal
Nettoyage exécuté au redémarrage de l'ordinateur
C:\Program Files\Live-Player supprimé !
c:\docume~1\alluse~1\menudm~1\progra~1\Live-Player supprimé !
C:\Documents and Settings\fabien\applic~1\Live-Player supprimé !
c:\docume~1\alluse~1\bureau\Live-Player.lnk supprimé !
C:\WINDOWS\prefetch\fmltskrq*.pf supprimé !
c:\docume~1\fabien\locals~1\applic~1\fmltskrq.exe supprimé !
c:\docume~1\fabien\locals~1\applic~1\fmltskrq.dat supprimé !
c:\docume~1\fabien\locals~1\applic~1\fmltskrq_nav.dat supprimé !
c:\docume~1\fabien\locals~1\applic~1\fmltskrq_navps.dat supprimé !
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\fabien\locals~1\Temp effectué !
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Scan terminé 12/11/2009 5:24:31,76 ***
Ok.
Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
Clique sur Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
Note : les rapports sont sauvegardés dans le dossier C:\rsit.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
Note : les rapports sont sauvegardés dans le dossier C:\rsit.
Alors voila le log.txt
Logfile of random's system information tool 1.06 (written by random/random)
Run by fabien at 2009-11-13 04:31:01
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 165 GB (48%) free of 343 GB
Total RAM: 2047 MB (73% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:31:04, on 13/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\DOCUME~1\fabien\LOCALS~1\Temp\vshost32.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Hotbar\bin\11.0.78.0\HotbarSA.exe
C:\WINDOWS\system32\ctfmon.exe
C:\DOCUME~1\fabien\LOCALS~1\Temp\scvhost.exe
C:\Program Files\SFR\Kit\9props.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mumble\mumble.exe
C:\Program Files\Mumble\dbus-daemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Hotbar\bin\11.0.78.0\Srv.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
C:\Program Files\Xfire\Xfire.exe
C:\WINDOWS\explorer.exe
C:\Downloads\Software\RSIT(1).exe
C:\Downloads\Software\fabien.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\fabien\LOCALS~1\Temp\vshost32.exe
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HotbarSA] "C:\Program Files\Hotbar\bin\11.0.78.0\HotbarSA.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [WeatherDPA] "C:\Program Files\Hotbar\bin\11.0.78.0\Weather.exe" -auto
O4 - HKCU\..\Run: [Windows Workstation] C:\DOCUME~1\fabien\LOCALS~1\Temp\scvhost.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: Enregistrement de FIFA 09.lnk = C:\Program Files\EA Sports\FIFA 09\Support\EAregister.exe
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O8 - Extra context menu item: Save YouTube Video - res://C:\Program Files\Fichiers communs\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP4.htm
O8 - Extra context menu item: Save YouTube Video as MP3 - res://C:\Program Files\Fichiers communs\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/srl_bin/sysreqlab_...
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) - http://srtest-cdn.systemrequirementslab.com.s3.amazonaw...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
--
End of file - 12074 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\WGASetup.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465}]
ShoppingReport - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll [2009-10-13 1185056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}]
Hotbar - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll [2009-09-15 537904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-06-16 1144712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-06-16 1144712]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - Hotbar - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll [2009-09-15 537904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Ai Nap"=C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe [2008-05-26 1423360]
"QFan Help"=C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe [2008-05-06 594432]
"Cpu Level Up help"=C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe [2007-11-30 881152]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-16 16806400]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-03-27 13684736]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-03-27 86016]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"HotbarSA"=C:\Program Files\Hotbar\bin\11.0.78.0\HotbarSA.exe [2009-09-15 768816]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-09-13 3883856]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe [2009-04-24 203416]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe [2009-03-28 3325952]
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []
"Connexion SFR 9props.exe"=C:\Program Files\SFR\Kit\9props.exe [2009-04-21 955712]
"Software Informer"=C:\Program Files\Software Informer\softinfo.exe [2009-09-17 1933381]
"Octoshape Streaming Services"=C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [2009-01-08 70936]
"Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe [2009-01-31 3399727]
"fsm"= []
"PlayNC Launcher"= []
"WeatherDPA"=C:\Program Files\Hotbar\bin\11.0.78.0\Weather.exe [2009-09-15 353584]
"Windows Workstation"=C:\DOCUME~1\fabien\LOCALS~1\Temp\scvhost.exe [2009-11-12 22528]
C:\Documents and Settings\fabien\Menu Démarrer\Programmes\Démarrage
Enregistrement de FIFA 09.lnk - C:\Program Files\EA Sports\FIFA 09\Support\EAregister.exe
PowerReg Scheduler V3.exe
Xfire.lnk - C:\Program Files\Xfire\Xfire.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="wbsys.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
C:\Program Files\AlienGUIse\fastload.dll [2001-12-20 24576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2008-05-07 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"MemCheckBoxInRunDlg"=1
"NoSMBalloonTip"=1
"NoDesktopCleanupWizard"=1
"NoWelcomeScreen"=1
"NoStrCmpLogical"=0
"NoInstrumentation"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoResolveSearch"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled![:p]( ":p")
nkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled![:p]( ":p")
nkBstrB"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170.exe:*:Enabled:call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe"="C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe:*:Enabled:GRAW"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade 1.0, Public Beta 4"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Conference\Conference.dll"="C:\Program Files\Conference\Conference.dll:*:Enabled:Audio/Video Conference"
"C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe"="C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:*:Enabled:Tom Clancy's H.A.W.X"
"C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe"="C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe:*:Enabled:Tom Clancy's H.A.W.X"
"C:\Program Files\Garena\Garena.exe"="C:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"C:\Program Files\Steam\steamapps\akira57120\counter-strike source\hl2.exe"="C:\Program Files\Steam\steamapps\akira57120\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\akira57120\day of defeat source\hl2.exe"="C:\Program Files\Steam\steamapps\akira57120\day of defeat source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Documents and Settings\fabien\Bureau\PES2008.exe"="C:\Documents and Settings\fabien\Bureau\PES2008.exe:*:Enabled![:p]( ":p")
ro Evolution Soccer 2008"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled![:p]( ":p")
ro Evolution Soccer 2008"
"C:\Documents and Settings\fabien\Bureau\pes2009.exe"="C:\Documents and Settings\fabien\Bureau\pes2009.exe:*:Enabled![:p]( ":p")
ro Evolution Soccer 2009"
"C:\Program Files\Activision\Call of Duty - World at War\crack cod5WoW.exe"="C:\Program Files\Activision\Call of Duty - World at War\crack cod5WoW.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe"="C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe:*:Enabled:speed2"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled![:p]( ":p")
ro Evolution Soccer 2009"
"C:\Program Files\Internet Download Manager\IDMan.exe"="C:\Program Files\Internet Download Manager\IDMan.exe:*:Enabled:Internet Download Manager (IDM)"
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine"
"C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Combat Arms EU\NMService.exe"="C:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core"
"C:\Program Files\Cyanide\GameCenter\GameCenter.exe"="C:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\PokerTH\pokerth.exe"="C:\Program Files\PokerTH\pokerth.exe:*:Enabled![:p]( ":p")
okerth"
"C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe"="C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client"
"C:\Program Files\World of Warcraft\WoW-3.2.0-frFR-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Program Files\World of Warcraft\WoW-3.2.0-enGB-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Downloads\Crack\pes2010.exe"="C:\Downloads\Crack\pes2010.exe:*:Enabled![:p]( ":p")
ro Evolution Soccer 2010"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{373807e3-30a9-11de-8417-002215493bfd}]
shell\AutoRun\command - G:\autorun.exe
======List of files/folders created in the last 1 months======
2009-11-12 03:00:20 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-11-11 10:55:51 ----RSH---- C:\vshost.exe
2009-11-06 03:14:42 ----A---- C:\WINDOWS\system32\xfcodec.dll
2009-10-19 12:55:34 ----D---- C:\Documents and Settings\All Users\Application Data\HotbarSA
2009-10-19 12:55:34 ----D---- C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
2009-10-19 12:55:33 ----D---- C:\Documents and Settings\fabien\Application Data\WeatherDPA
2009-10-19 12:55:31 ----D---- C:\Program Files\Hotbar
2009-10-19 12:55:31 ----D---- C:\Documents and Settings\fabien\Application Data\Hotbar
2009-10-19 12:55:21 ----D---- C:\Program Files\ShoppingReport
2009-10-19 12:55:21 ----D---- C:\Documents and Settings\fabien\Application Data\ShoppingReport
2009-10-16 02:03:11 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-16 02:00:54 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-16 02:00:50 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-16 02:00:48 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-16 02:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-16 02:00:41 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-16 02:00:35 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-16 02:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-16 02:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-16 02:00:19 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
======List of files/folders modified in the last 1 months======
2009-11-13 04:28:41 ----D---- C:\Documents and Settings\fabien\Application Data\Free Download Manager
2009-11-12 13:44:56 ----D---- C:\Documents and Settings\fabien\Application Data\Software Informer
2009-11-12 13:44:36 ----D---- C:\Documents and Settings\fabien\Application Data\Xfire
2009-11-12 13:42:13 ----D---- C:\WINDOWS\Temp
2009-11-12 11:52:59 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-12 07:21:13 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-11-12 06:36:51 ----D---- C:\WINDOWS\Prefetch
2009-11-12 05:24:38 ----D---- C:\WINDOWS\system32
2009-11-12 05:24:38 ----D---- C:\Program Files\Navilog1
2009-11-12 05:24:31 ----A---- C:\cleannavi.txt
2009-11-12 05:24:10 ----RD---- C:\Program Files
2009-11-12 05:23:54 ----D---- C:\WINDOWS
2009-11-12 03:00:25 ----HD---- C:\WINDOWS\inf
2009-11-12 03:00:22 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-11-11 14:26:22 ----D---- C:\Documents and Settings\fabien\Application Data\mIRC
2009-11-11 11:57:05 ----D---- C:\Program Files\mIRC
2009-11-11 11:00:44 ----D---- C:\Downloads
2009-11-11 09:46:15 ----HD---- C:\WINDOWS\$hf_mig$
2009-11-11 09:46:14 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-11 09:06:57 ----D---- C:\Program Files\Xfire
2009-11-11 04:26:34 ----D---- C:\Program Files\Mozilla Firefox
2009-11-09 22:31:36 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-11-09 03:57:48 ----D---- C:\Documents and Settings\fabien\Application Data\Mumble
2009-11-05 18:36:21 ----A---- C:\WINDOWS\system32\MRT.exe
2009-11-05 03:00:26 ----A---- C:\WINDOWS\imsins.BAK
2009-11-04 21:40:55 ----D---- C:\Documents and Settings\fabien\Application Data\teamspeak2
2009-11-02 00:10:29 ----D---- C:\Documents and Settings\fabien\Application Data\dvdcss
2009-10-30 22:22:29 ----D---- C:\Program Files\World of Warcraft
2009-10-30 22:21:51 ----SHD---- C:\WINDOWS\Installer
2009-10-30 22:21:50 ----SHD---- C:\Config.Msi
2009-10-30 22:21:19 ----D---- C:\Documents and Settings\All Users\Application Data\KONAMI
2009-10-30 22:17:29 ----D---- C:\Program Files\Lineage II
2009-10-30 22:17:09 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-30 04:35:17 ----D---- C:\Program Files\KONAMI
2009-10-26 13:01:45 ----A---- C:\WINDOWS\WORDPAD.INI
2009-10-22 10:17:28 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-10-16 02:08:41 ----D---- C:\WINDOWS\Microsoft.NET
2009-10-16 02:05:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-16 02:05:04 ----D---- C:\WINDOWS\WinSxS
2009-10-16 02:03:22 ----D---- C:\Program Files\Internet Explorer
2009-10-16 02:00:21 ----D---- C:\WINDOWS\system32\drivers
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 oreans32;oreans32; \??\C:\WINDOWS\system32\drivers\oreans32.sys []
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-03-16 5632]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-07-12 281760]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-07-12 25888]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-16 4747776]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-09-24 38400]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-03-27 6280416]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 ap6lh84x;ap6lh84x; C:\WINDOWS\system32\drivers\ap6lh84x.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\fabien\LOCALS~1\Temp\catchme.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\fabien\LOCALS~1\Temp\NKG3F2.tmp []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 MSICPL;MSICPL; \??\D:\install4\MSICPL.sys []
S3 npkcrypt;npkcrypt; \??\C:\Program Files\Lineage II\system\npkcrypt.sys []
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-07 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-07 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-07-13 71096]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-03-27 163908]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-05-21 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-11-12 215104]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-05-25 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Et le info.txt
info.txt logfile of random's system information tool 1.06 2009-04-12 18:57:54
======Uninstall list======
-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
-->MsiExec /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}
AI Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{310BC5E2-31AF-49BB-904D-E71EB93645DC}\Setup.exe" -l0x40c
AlienGUIse Theme Manager-->C:\PROGRA~1\ALIENG~1\thememgr.exe /uninstallwise
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver-->"C:\Program Files\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x040c -removeonly
AV Voice Changer Software DIAMOND 6.0-->C:\PROGRA~1\AVVCS6~1.0DI\UNWISE.EXE C:\PROGRA~1\AVVCS6~1.0DI\INSTALL.LOG
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch-->C:\Program Files\InstallShield Installation Information\{E5141379-B2D9-4BBC-BB2A-5805541571DD}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch-->C:\Program Files\InstallShield Installation Information\{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch-->C:\Program Files\InstallShield Installation Information\{3BD633E0-4BF8-4499-9149-88F0767D449C}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch-->C:\Program Files\InstallShield Installation Information\{8503C901-85D7-4262-88D2-8D8B2A7B08B8}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x040c
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB942288-v3)-->"C:\WINDOWS\$NtUninstallKB942288-v3$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
EVEREST Ultimate Edition v5.01-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
Favorit-->"c:\documents and settings\fabien\local settings\application data\qemaoqs.exe" -uninstall
GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
Ghost Recon Advanced Warfighter-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFC97089-04D6-42CE-A707-A343B4A7D2CD}\setup.exe" -l0x40c
GRAW Patch 1.35-->"C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
K-Lite Codec Pack 4.3.1 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
LimeWire 5.1.1-->"C:\Program Files\LimeWire\uninstall.exe"
Lineage II-->C:\Program Files\InstallShield Installation Information\{430B1017-1B12-420C-8F27-05D0EC2995E0}\setup.exe -runfromtemp -l0x0009 -removeonly
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Mumble and Murmur-->C:\Program Files\Mumble\Uninstall.exe
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PartyPoker-->"C:\Program Files\PartyGaming\PartyPoker\Uninstall.exe" "C:\Program Files\PartyGaming\PartyPoker\install.log"
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
SopCast 3.0.1-->C:\Program Files\SopCast\uninst.exe
TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
Tom Clancy's H.A.W.X-->"C:\Program Files\InstallShield Installation Information\{6E36A172-06FB-4BC8-B7FC-D30D219E6776}\setup.exe" -runfromtemp -l0x040c -removeonly
TVAnts 1.0-->C:\PROGRA~1\TVAnts\UNWISE.EXE C:\PROGRA~1\TVAnts\INSTALL.LOG
Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Vuze Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
Vuze-->C:\Program Files\Vuze\uninstall.exe
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Xfire (remove only)-->"C:\Program Files\Xfire\uninst.exe"
======Security center information======
AV: avast! antivirus 4.8.1335 [VPS 090411-0]
======System event log======
Computer Name: A6-B767CBBC1F97
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service PnkBstrK.
Record Number: 4553
Source Name: Service Control Manager
Time Written: 20090325034203.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: A6-B767CBBC1F97
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service PnkBstrB.
Record Number: 4552
Source Name: Service Control Manager
Time Written: 20090325034157.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: A6-B767CBBC1F97
Event Code: 7036
Message: Le service PnkBstrB est entré dans l'état : en cours d'exécution.
Record Number: 4551
Source Name: Service Control Manager
Time Written: 20090325034157.000000+060
Event Type: Informations
User:
Computer Name: A6-B767CBBC1F97
Event Code: 7035
Message: Un contrôle Arrêter a correctement été envoyé au service PnkBstrB.
Record Number: 4550
Source Name: Service Control Manager
Time Written: 20090325034154.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: A6-B767CBBC1F97
Event Code: 7036
Message: Le service PnkBstrB est entré dans l'état : arrêté.
Record Number: 4549
Source Name: Service Control Manager
Time Written: 20090325034154.000000+060
Event Type: Informations
User:
=====Application event log=====
Computer Name: A6-B767CBBC1F97
Event Code: 100
Message: msnmsgr (1432) Le moteur de base de données 5.01.2600.5512 est démarré.
Record Number: 996
Source Name: ESENT
Time Written: 20090318140445.000000+060
Event Type: Informations
User:
Computer Name: A6-B767CBBC1F97
Event Code: 101
Message: msnmsgr (1432) Le moteur de base de données est arrêté.
Record Number: 995
Source Name: ESENT
Time Written: 20090318140439.000000+060
Event Type: Informations
User:
Computer Name: A6-B767CBBC1F97
Event Code: 103
Message: msnmsgr (1432) \\.\C:\Documents and Settings\fabien\Local Settings\Application Data\Microsoft\Messenger\fight57@hotmail.fr\SharingMetadata\Working\database_9C74_AFF6_74AF_D176\dfsr.db: Le moteur de base de données a arrêté une instance (0).
Record Number: 994
Source Name: ESENT
Time Written: 20090318140439.000000+060
Event Type: Informations
User:
Computer Name: A6-B767CBBC1F97
Event Code: 102
Message: msnmsgr (1432) \\.\C:\Documents and Settings\fabien\Local Settings\Application Data\Microsoft\Messenger\fight57@hotmail.fr\SharingMetadata\Working\database_9C74_AFF6_74AF_D176\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).
Record Number: 993
Source Name: ESENT
Time Written: 20090318140333.000000+060
Event Type: Informations
User:
Computer Name: A6-B767CBBC1F97
Event Code: 100
Message: msnmsgr (1432) Le moteur de base de données 5.01.2600.5512 est démarré.
Record Number: 992
Source Name: ESENT
Time Written: 20090318140333.000000+060
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Samsung\Samsung PC Studio 3\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=1706
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by fabien at 2009-11-13 04:31:01
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 165 GB (48%) free of 343 GB
Total RAM: 2047 MB (73% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:31:04, on 13/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\DOCUME~1\fabien\LOCALS~1\Temp\vshost32.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Hotbar\bin\11.0.78.0\HotbarSA.exe
C:\WINDOWS\system32\ctfmon.exe
C:\DOCUME~1\fabien\LOCALS~1\Temp\scvhost.exe
C:\Program Files\SFR\Kit\9props.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mumble\mumble.exe
C:\Program Files\Mumble\dbus-daemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Hotbar\bin\11.0.78.0\Srv.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
C:\Program Files\Xfire\Xfire.exe
C:\WINDOWS\explorer.exe
C:\Downloads\Software\RSIT(1).exe
C:\Downloads\Software\fabien.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\fabien\LOCALS~1\Temp\vshost32.exe
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HotbarSA] "C:\Program Files\Hotbar\bin\11.0.78.0\HotbarSA.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [WeatherDPA] "C:\Program Files\Hotbar\bin\11.0.78.0\Weather.exe" -auto
O4 - HKCU\..\Run: [Windows Workstation] C:\DOCUME~1\fabien\LOCALS~1\Temp\scvhost.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: Enregistrement de FIFA 09.lnk = C:\Program Files\EA Sports\FIFA 09\Support\EAregister.exe
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O8 - Extra context menu item: Save YouTube Video - res://C:\Program Files\Fichiers communs\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP4.htm
O8 - Extra context menu item: Save YouTube Video as MP3 - res://C:\Program Files\Fichiers communs\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/srl_bin/sysreqlab_...
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) - http://srtest-cdn.systemrequirementslab.com.s3.amazonaw...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
--
End of file - 12074 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\WGASetup.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465}]
ShoppingReport - C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll [2009-10-13 1185056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}]
Hotbar - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll [2009-09-15 537904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-06-16 1144712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-06-16 1144712]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - Hotbar - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll [2009-09-15 537904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Ai Nap"=C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe [2008-05-26 1423360]
"QFan Help"=C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe [2008-05-06 594432]
"Cpu Level Up help"=C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe [2007-11-30 881152]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-16 16806400]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-03-27 13684736]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-03-27 86016]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"HotbarSA"=C:\Program Files\Hotbar\bin\11.0.78.0\HotbarSA.exe [2009-09-15 768816]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-09-13 3883856]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe [2009-04-24 203416]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe [2009-03-28 3325952]
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []
"Connexion SFR 9props.exe"=C:\Program Files\SFR\Kit\9props.exe [2009-04-21 955712]
"Software Informer"=C:\Program Files\Software Informer\softinfo.exe [2009-09-17 1933381]
"Octoshape Streaming Services"=C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [2009-01-08 70936]
"Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe [2009-01-31 3399727]
"fsm"= []
"PlayNC Launcher"= []
"WeatherDPA"=C:\Program Files\Hotbar\bin\11.0.78.0\Weather.exe [2009-09-15 353584]
"Windows Workstation"=C:\DOCUME~1\fabien\LOCALS~1\Temp\scvhost.exe [2009-11-12 22528]
C:\Documents and Settings\fabien\Menu Démarrer\Programmes\Démarrage
Enregistrement de FIFA 09.lnk - C:\Program Files\EA Sports\FIFA 09\Support\EAregister.exe
PowerReg Scheduler V3.exe
Xfire.lnk - C:\Program Files\Xfire\Xfire.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="wbsys.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
C:\Program Files\AlienGUIse\fastload.dll [2001-12-20 24576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2008-05-07 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"MemCheckBoxInRunDlg"=1
"NoSMBalloonTip"=1
"NoDesktopCleanupWizard"=1
"NoWelcomeScreen"=1
"NoStrCmpLogical"=0
"NoInstrumentation"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoResolveSearch"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled
nkBstrA""C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled
nkBstrB""C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170.exe:*:Enabled:call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe"="C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe:*:Enabled:GRAW"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade 1.0, Public Beta 4"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Conference\Conference.dll"="C:\Program Files\Conference\Conference.dll:*:Enabled:Audio/Video Conference"
"C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe"="C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:*:Enabled:Tom Clancy's H.A.W.X"
"C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe"="C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe:*:Enabled:Tom Clancy's H.A.W.X"
"C:\Program Files\Garena\Garena.exe"="C:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"C:\Program Files\Steam\steamapps\akira57120\counter-strike source\hl2.exe"="C:\Program Files\Steam\steamapps\akira57120\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\akira57120\day of defeat source\hl2.exe"="C:\Program Files\Steam\steamapps\akira57120\day of defeat source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Documents and Settings\fabien\Bureau\PES2008.exe"="C:\Documents and Settings\fabien\Bureau\PES2008.exe:*:Enabled
ro Evolution Soccer 2008""C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled
ro Evolution Soccer 2008""C:\Documents and Settings\fabien\Bureau\pes2009.exe"="C:\Documents and Settings\fabien\Bureau\pes2009.exe:*:Enabled
ro Evolution Soccer 2009""C:\Program Files\Activision\Call of Duty - World at War\crack cod5WoW.exe"="C:\Program Files\Activision\Call of Duty - World at War\crack cod5WoW.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe"="C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe:*:Enabled:speed2"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled
ro Evolution Soccer 2009""C:\Program Files\Internet Download Manager\IDMan.exe"="C:\Program Files\Internet Download Manager\IDMan.exe:*:Enabled:Internet Download Manager (IDM)"
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine"
"C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Combat Arms EU\NMService.exe"="C:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core"
"C:\Program Files\Cyanide\GameCenter\GameCenter.exe"="C:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\PokerTH\pokerth.exe"="C:\Program Files\PokerTH\pokerth.exe:*:Enabled
okerth""C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe"="C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client"
"C:\Program Files\World of Warcraft\WoW-3.2.0-frFR-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Program Files\World of Warcraft\WoW-3.2.0-enGB-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Downloads\Crack\pes2010.exe"="C:\Downloads\Crack\pes2010.exe:*:Enabled
ro Evolution Soccer 2010"[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{373807e3-30a9-11de-8417-002215493bfd}]
shell\AutoRun\command - G:\autorun.exe
======List of files/folders created in the last 1 months======
2009-11-12 03:00:20 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-11-11 10:55:51 ----RSH---- C:\vshost.exe
2009-11-06 03:14:42 ----A---- C:\WINDOWS\system32\xfcodec.dll
2009-10-19 12:55:34 ----D---- C:\Documents and Settings\All Users\Application Data\HotbarSA
2009-10-19 12:55:34 ----D---- C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
2009-10-19 12:55:33 ----D---- C:\Documents and Settings\fabien\Application Data\WeatherDPA
2009-10-19 12:55:31 ----D---- C:\Program Files\Hotbar
2009-10-19 12:55:31 ----D---- C:\Documents and Settings\fabien\Application Data\Hotbar
2009-10-19 12:55:21 ----D---- C:\Program Files\ShoppingReport
2009-10-19 12:55:21 ----D---- C:\Documents and Settings\fabien\Application Data\ShoppingReport
2009-10-16 02:03:11 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-16 02:00:54 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-16 02:00:50 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-16 02:00:48 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-16 02:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-16 02:00:41 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-16 02:00:35 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-16 02:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-16 02:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-16 02:00:19 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
======List of files/folders modified in the last 1 months======
2009-11-13 04:28:41 ----D---- C:\Documents and Settings\fabien\Application Data\Free Download Manager
2009-11-12 13:44:56 ----D---- C:\Documents and Settings\fabien\Application Data\Software Informer
2009-11-12 13:44:36 ----D---- C:\Documents and Settings\fabien\Application Data\Xfire
2009-11-12 13:42:13 ----D---- C:\WINDOWS\Temp
2009-11-12 11:52:59 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-12 07:21:13 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-11-12 06:36:51 ----D---- C:\WINDOWS\Prefetch
2009-11-12 05:24:38 ----D---- C:\WINDOWS\system32
2009-11-12 05:24:38 ----D---- C:\Program Files\Navilog1
2009-11-12 05:24:31 ----A---- C:\cleannavi.txt
2009-11-12 05:24:10 ----RD---- C:\Program Files
2009-11-12 05:23:54 ----D---- C:\WINDOWS
2009-11-12 03:00:25 ----HD---- C:\WINDOWS\inf
2009-11-12 03:00:22 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-11-11 14:26:22 ----D---- C:\Documents and Settings\fabien\Application Data\mIRC
2009-11-11 11:57:05 ----D---- C:\Program Files\mIRC
2009-11-11 11:00:44 ----D---- C:\Downloads
2009-11-11 09:46:15 ----HD---- C:\WINDOWS\$hf_mig$
2009-11-11 09:46:14 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-11 09:06:57 ----D---- C:\Program Files\Xfire
2009-11-11 04:26:34 ----D---- C:\Program Files\Mozilla Firefox
2009-11-09 22:31:36 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-11-09 03:57:48 ----D---- C:\Documents and Settings\fabien\Application Data\Mumble
2009-11-05 18:36:21 ----A---- C:\WINDOWS\system32\MRT.exe
2009-11-05 03:00:26 ----A---- C:\WINDOWS\imsins.BAK
2009-11-04 21:40:55 ----D---- C:\Documents and Settings\fabien\Application Data\teamspeak2
2009-11-02 00:10:29 ----D---- C:\Documents and Settings\fabien\Application Data\dvdcss
2009-10-30 22:22:29 ----D---- C:\Program Files\World of Warcraft
2009-10-30 22:21:51 ----SHD---- C:\WINDOWS\Installer
2009-10-30 22:21:50 ----SHD---- C:\Config.Msi
2009-10-30 22:21:19 ----D---- C:\Documents and Settings\All Users\Application Data\KONAMI
2009-10-30 22:17:29 ----D---- C:\Program Files\Lineage II
2009-10-30 22:17:09 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-30 04:35:17 ----D---- C:\Program Files\KONAMI
2009-10-26 13:01:45 ----A---- C:\WINDOWS\WORDPAD.INI
2009-10-22 10:17:28 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-10-16 02:08:41 ----D---- C:\WINDOWS\Microsoft.NET
2009-10-16 02:05:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-16 02:05:04 ----D---- C:\WINDOWS\WinSxS
2009-10-16 02:03:22 ----D---- C:\Program Files\Internet Explorer
2009-10-16 02:00:21 ----D---- C:\WINDOWS\system32\drivers
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 oreans32;oreans32; \??\C:\WINDOWS\system32\drivers\oreans32.sys []
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-03-16 5632]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-07-12 281760]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-07-12 25888]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-16 4747776]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-09-24 38400]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-03-27 6280416]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 ap6lh84x;ap6lh84x; C:\WINDOWS\system32\drivers\ap6lh84x.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\fabien\LOCALS~1\Temp\catchme.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\fabien\LOCALS~1\Temp\NKG3F2.tmp []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 MSICPL;MSICPL; \??\D:\install4\MSICPL.sys []
S3 npkcrypt;npkcrypt; \??\C:\Program Files\Lineage II\system\npkcrypt.sys []
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-07 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-07 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-07-13 71096]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-03-27 163908]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-05-21 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-11-12 215104]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-05-25 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Et le info.txt
info.txt logfile of random's system information tool 1.06 2009-04-12 18:57:54
======Uninstall list======
-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
-->MsiExec /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}
AI Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{310BC5E2-31AF-49BB-904D-E71EB93645DC}\Setup.exe" -l0x40c
AlienGUIse Theme Manager-->C:\PROGRA~1\ALIENG~1\thememgr.exe /uninstallwise
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver-->"C:\Program Files\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x040c -removeonly
AV Voice Changer Software DIAMOND 6.0-->C:\PROGRA~1\AVVCS6~1.0DI\UNWISE.EXE C:\PROGRA~1\AVVCS6~1.0DI\INSTALL.LOG
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch-->C:\Program Files\InstallShield Installation Information\{E5141379-B2D9-4BBC-BB2A-5805541571DD}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch-->C:\Program Files\InstallShield Installation Information\{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch-->C:\Program Files\InstallShield Installation Information\{3BD633E0-4BF8-4499-9149-88F0767D449C}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch-->C:\Program Files\InstallShield Installation Information\{8503C901-85D7-4262-88D2-8D8B2A7B08B8}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x040c
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB942288-v3)-->"C:\WINDOWS\$NtUninstallKB942288-v3$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
EVEREST Ultimate Edition v5.01-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
Favorit-->"c:\documents and settings\fabien\local settings\application data\qemaoqs.exe" -uninstall
GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
Ghost Recon Advanced Warfighter-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFC97089-04D6-42CE-A707-A343B4A7D2CD}\setup.exe" -l0x40c
GRAW Patch 1.35-->"C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
K-Lite Codec Pack 4.3.1 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
LimeWire 5.1.1-->"C:\Program Files\LimeWire\uninstall.exe"
Lineage II-->C:\Program Files\InstallShield Installation Information\{430B1017-1B12-420C-8F27-05D0EC2995E0}\setup.exe -runfromtemp -l0x0009 -removeonly
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Mumble and Murmur-->C:\Program Files\Mumble\Uninstall.exe
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PartyPoker-->"C:\Program Files\PartyGaming\PartyPoker\Uninstall.exe" "C:\Program Files\PartyGaming\PartyPoker\install.log"
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
SopCast 3.0.1-->C:\Program Files\SopCast\uninst.exe
TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
Tom Clancy's H.A.W.X-->"C:\Program Files\InstallShield Installation Information\{6E36A172-06FB-4BC8-B7FC-D30D219E6776}\setup.exe" -runfromtemp -l0x040c -removeonly
TVAnts 1.0-->C:\PROGRA~1\TVAnts\UNWISE.EXE C:\PROGRA~1\TVAnts\INSTALL.LOG
Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Vuze Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
Vuze-->C:\Program Files\Vuze\uninstall.exe
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Xfire (remove only)-->"C:\Program Files\Xfire\uninst.exe"
======Security center information======
AV: avast! antivirus 4.8.1335 [VPS 090411-0]
======System event log======
Computer Name: A6-B767CBBC1F97
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service PnkBstrK.
Record Number: 4553
Source Name: Service Control Manager
Time Written: 20090325034203.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: A6-B767CBBC1F97
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service PnkBstrB.
Record Number: 4552
Source Name: Service Control Manager
Time Written: 20090325034157.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: A6-B767CBBC1F97
Event Code: 7036
Message: Le service PnkBstrB est entré dans l'état : en cours d'exécution.
Record Number: 4551
Source Name: Service Control Manager
Time Written: 20090325034157.000000+060
Event Type: Informations
User:
Computer Name: A6-B767CBBC1F97
Event Code: 7035
Message: Un contrôle Arrêter a correctement été envoyé au service PnkBstrB.
Record Number: 4550
Source Name: Service Control Manager
Time Written: 20090325034154.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: A6-B767CBBC1F97
Event Code: 7036
Message: Le service PnkBstrB est entré dans l'état : arrêté.
Record Number: 4549
Source Name: Service Control Manager
Time Written: 20090325034154.000000+060
Event Type: Informations
User:
=====Application event log=====
Computer Name: A6-B767CBBC1F97
Event Code: 100
Message: msnmsgr (1432) Le moteur de base de données 5.01.2600.5512 est démarré.
Record Number: 996
Source Name: ESENT
Time Written: 20090318140445.000000+060
Event Type: Informations
User:
Computer Name: A6-B767CBBC1F97
Event Code: 101
Message: msnmsgr (1432) Le moteur de base de données est arrêté.
Record Number: 995
Source Name: ESENT
Time Written: 20090318140439.000000+060
Event Type: Informations
User:
Computer Name: A6-B767CBBC1F97
Event Code: 103
Message: msnmsgr (1432) \\.\C:\Documents and Settings\fabien\Local Settings\Application Data\Microsoft\Messenger\fight57@hotmail.fr\SharingMetadata\Working\database_9C74_AFF6_74AF_D176\dfsr.db: Le moteur de base de données a arrêté une instance (0).
Record Number: 994
Source Name: ESENT
Time Written: 20090318140439.000000+060
Event Type: Informations
User:
Computer Name: A6-B767CBBC1F97
Event Code: 102
Message: msnmsgr (1432) \\.\C:\Documents and Settings\fabien\Local Settings\Application Data\Microsoft\Messenger\fight57@hotmail.fr\SharingMetadata\Working\database_9C74_AFF6_74AF_D176\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).
Record Number: 993
Source Name: ESENT
Time Written: 20090318140333.000000+060
Event Type: Informations
User:
Computer Name: A6-B767CBBC1F97
Event Code: 100
Message: msnmsgr (1432) Le moteur de base de données 5.01.2600.5512 est démarré.
Record Number: 992
Source Name: ESENT
Time Written: 20090318140333.000000+060
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Samsung\Samsung PC Studio 3\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=1706
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
-----------------EOF-----------------
/!\ Déconnecte-toi et ferme toutes applications en cours /!\
(Sous Vista, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
/!\ Laisse travailler l'outil /!\
(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
.
======= RAPPORT D'AD-REMOVER 1.1.4.6_C | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 12.11.2009 à 22:02
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 20:57:59, 13/11/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Nom du PC: A6-B767CBBC1F97 | Utilisateur actuel: fabien
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
HKCU\Software\AppDataLow\AskBarDis
HKCU\Software\AppDataLow\AskHomePage
HKCU\Software\Ask.com
HKCU\Software\AskToolbar
HKCU\Software\Grand Virtual
HKCU\Software\hotbarsa
HKCU\Software\Live-Player
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b}
HKCU\Software\PartyGaming
HKCU\Software\ShoppingReport
HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
HKLM\Software\Classes\CLSID\{06ADA938-0FB0-4BC0-B19B-0A38AB17F182}
HKLM\Software\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
HKLM\Software\Classes\CntntCntr.CntntDic
HKLM\Software\Classes\CntntCntr.CntntDic.1
HKLM\Software\Classes\CntntCntr.CntntDisp
HKLM\Software\Classes\CntntCntr.CntntDisp.1
HKLM\Software\Classes\coresrv.coreservices
HKLM\Software\Classes\coresrv.coreservices.1
HKLM\Software\Classes\coresrv.lfgax
HKLM\Software\Classes\coresrv.lfgax.1
HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
HKLM\Software\Classes\HbCoreSrv.DynamicProp
HKLM\Software\Classes\HbCoreSrv.DynamicProp.1
HKLM\Software\Classes\hbmain.commband
HKLM\Software\Classes\hbmain.commband.1
HKLM\Software\Classes\hbr.hbmain
HKLM\Software\Classes\hbr.hbmain.1
HKLM\Software\Classes\hostie.bho
HKLM\Software\Classes\hostie.bho.1
HKLM\Software\Classes\hostol.mailanim
HKLM\Software\Classes\hostol.mailanim.1
HKLM\Software\Classes\hostol.webmailsend
HKLM\Software\Classes\hostol.webmailsend.1
HKLM\Software\Classes\HotbarAx.Info
HKLM\Software\Classes\HotbarAx.Info.1
HKLM\Software\Classes\HotbarAX.UserProfiles
HKLM\Software\Classes\HotbarAX.UserProfiles.1
HKLM\Software\Classes\HotbarWeather.WeatherController
HKLM\Software\Classes\HotbarWeather.WeatherController.1
HKLM\Software\Classes\Interface\{0C1CF2DF-05A3-4FEF-8CD4-F5CFC4355A16}
HKLM\Software\Classes\shoppingreport.hbax
HKLM\Software\Classes\shoppingreport.hbax.1
HKLM\Software\Classes\shoppingreport.hbinfoband
HKLM\Software\Classes\shoppingreport.hbinfoband.1
HKLM\Software\Classes\shoppingreport.iebutton
HKLM\Software\Classes\shoppingreport.iebutton.1
HKLM\Software\Classes\shoppingreport.iebuttona
HKLM\Software\Classes\shoppingreport.iebuttona.1
HKLM\Software\Classes\shoppingreport.rprtctrl
HKLM\Software\Classes\shoppingreport.rprtctrl.1
HKLM\Software\Classes\srv.coreservices
HKLM\Software\Classes\srv.coreservices.1
HKLM\Software\Classes\toolbar.htmlmenuui
HKLM\Software\Classes\toolbar.htmlmenuui.1
HKLM\Software\Classes\toolbar.toolbarctl
HKLM\Software\Classes\toolbar.toolbarctl.1
HKLM\Software\Classes\TypeLib\{710993A2-4F87-41D7-B6FE-F5A20368465F}
HKLM\Software\Hotbar
HKLM\Software\Live-Player
HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
HKLM\Software\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}
HKLM\Software\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2}
HKLM\Software\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDDBB5EE-BB64-4bfc-9DBE-E7C85941335B}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Everest Poker
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\HotbarSA
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PartyPoker
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport
HKLM\Software\ShoppingReport
HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\\Hotbar 11.0.78.0
HKLM\Software\Mozilla\Firefox\Extensions\\Hotbar@Hotbar.com
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\WeatherDPA
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HotbarSA
HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
HKLM\Software\Classes\CLSID\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
HKLM\Software\Classes\CLSID\{14113B47-D59C-4F0F-9D10-FF1730265584}
HKLM\Software\Classes\CLSID\{20EA9658-6BC3-4599-A87D-6371FE9295FC}
HKLM\Software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
HKLM\Software\Classes\CLSID\{2D00AA2A-69EF-487a-8A40-B3E27F07C91E}
HKLM\Software\Classes\CLSID\{62906E60-BCE2-4E1B-9ED0-8B9042EE15E4}
HKLM\Software\Classes\CLSID\{70880CE6-308C-4204-A89E-B266C3F7B7FA}
HKLM\Software\Classes\CLSID\{71F731B3-008B-4052-9EA4-4145ACCE40C3}
HKLM\Software\Classes\CLSID\{86C5840B-80C4-4C30-A655-37344A542009}
HKLM\Software\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
HKLM\Software\Classes\CLSID\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
HKLM\Software\Classes\CLSID\{A16AD1E9-F69A-45AF-9462-B1C286708842}
HKLM\Software\Classes\CLSID\{A3E67DAA-DA01-4da5-98BE-3088B554A11E}
HKLM\Software\Classes\CLSID\{A5B6FA30-D317-41CA-9CB1-C898D3C7F34E}
HKLM\Software\Classes\CLSID\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
HKLM\Software\Classes\CLSID\{A9C42A57-421C-4572-8B12-249C59183D1C}
HKLM\Software\Classes\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}
HKLM\Software\Classes\CLSID\{C9CCBB35-D123-4A31-AFFC-9B2933132116}
HKLM\Software\Classes\CLSID\{CC19A5F2-B4AD-41D5-A5C9-0680904C1483}
HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Classes\CLSID\{D95C7240-0282-4c01-93F5-673BCA03DA86}
HKLM\Software\Classes\CLSID\{F9BFA98D-9935-4EA4-A05A-72C7F0778F02}
HKLM\Software\Classes\TypeLib\{03D7FF6E-9781-40B5-BB7F-94291A361604}
HKLM\Software\Classes\TypeLib\{0729F461-8054-47DC-8D39-A31B61CC0119}
HKLM\Software\Classes\TypeLib\{148E1447-C728-48FD-BEEC-A7D06C5FFF58}
HKLM\Software\Classes\TypeLib\{76D54105-99EB-4ECB-95B2-A944F50CC566}
HKLM\Software\Classes\TypeLib\{8292078F-F6E9-412B-8EB1-360C05C5ECE5}
HKLM\Software\Classes\TypeLib\{A57470DE-14C7-4FCD-9D4C-E5711F24F0ED}
HKLM\Software\Classes\TypeLib\{C62A9E79-2B52-439B-AF57-2E60BB06E86C}
HKLM\Software\Classes\TypeLib\{CDC73256-A88D-4642-844E-A8F20B76789C}
HKLM\Software\Classes\TypeLib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2}
HKLM\Software\Classes\TypeLib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF}
HKLM\Software\Classes\TypeLib\{E343EDFC-1E6C-4CB5-AA29-E9C922641C80}
HKLM\Software\Classes\Interface\{15FD8424-D12A-4C51-8C6C-D5D57B80F781}
HKLM\Software\Classes\Interface\{2447E305-5E90-42A8-BD1E-0BC333B807E1}
HKLM\Software\Classes\Interface\{2557DD3F-23A0-477C-BCD8-90FD0AECC4B8}
HKLM\Software\Classes\Interface\{2893116C-A176-42B1-8794-DA8C9FC45564}
HKLM\Software\Classes\Interface\{3CEB04AB-08AF-45F4-81B4-70D13C1F7B85}
HKLM\Software\Classes\Interface\{40CA90F3-4098-4877-AE87-23EB612B18C7}
HKLM\Software\Classes\Interface\{50D2FDCC-2707-49CB-8223-7FE0424909AA}
HKLM\Software\Classes\Interface\{5A635A91-C303-45C9-8DB9-F759D98A3B9D}
HKLM\Software\Classes\Interface\{67B3BECF-7B6F-42B2-99F0-F7656F89CFFA}
HKLM\Software\Classes\Interface\{715FFD42-4E05-4EAB-9513-C8DAA5395AE2}
HKLM\Software\Classes\Interface\{759D6F7C-8D30-45B6-ABEA-FA51C190EED5}
HKLM\Software\Classes\Interface\{7E335D04-2E6E-4D0E-A921-C3D9192E7121}
HKLM\Software\Classes\Interface\{878CE013-7BA9-4650-A78C-B2234C0C1648}
HKLM\Software\Classes\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}
HKLM\Software\Classes\Interface\{8EE46F55-1CE1-4DB9-811A-68938EC7F3DD}
HKLM\Software\Classes\Interface\{99CCFB8C-6380-4A14-8FDD-EF3E7E95335D}
HKLM\Software\Classes\Interface\{99FDCA0C-7380-4E9C-8D99-5DC4750334EF}
HKLM\Software\Classes\Interface\{9A4A64A4-A2FB-48FA-9BBA-1AC50267695D}
HKLM\Software\Classes\Interface\{A7213D71-47E1-4832-92D7-D61DFE9F231F}
HKLM\Software\Classes\Interface\{A87DFD99-CF81-4241-85CE-881E0026B686}
HKLM\Software\Classes\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}
HKLM\Software\Classes\Interface\{B1D9F4B1-B9FF-463F-BF15-AB9CB26160F7}
HKLM\Software\Classes\Interface\{B20D7ADD-989C-4BC0-A797-F6FE7998EFD7}
HKLM\Software\Classes\Interface\{BFC20A15-B0AC-44CC-A25A-A7039014BA9F}
HKLM\Software\Classes\Interface\{C96B9FAE-A032-4100-BB47-32EF05E28BE4}
HKLM\Software\Classes\Interface\{CF82F350-E1C4-4916-AC12-BA73DB60AFB7}
HKLM\Software\Classes\Interface\{D1063603-F045-475F-AFBC-8CBA7D5797FB}
HKLM\Software\Classes\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082}
HKLM\Software\Classes\Interface\{F019AEC4-4C95-46DE-A107-E302473E3B9A}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
HKLM\software\classes\installer\Products\A28B4D68DEBAA244EB686953B7074FEF
.
C:\DOCUME~1\fabien\APPLIC~1\Hotbar ... ERREUR SUPPRESSION !!
C:\DOCUME~1\fabien\APPLIC~1\Mozilla\Firefox\Profiles\98cegs9k.default\extensions\toolbar@ask.com
C:\DOCUME~1\fabien\APPLIC~1\Mozilla\Firefox\Profiles\98cegs9k.default\searchplugins\ask.xml
C:\DOCUME~1\fabien\APPLIC~1\Mozilla\Firefox\Profiles\98cegs9k.default\searchplugins\askcom.xml
C:\DOCUME~1\fabien\APPLIC~1\WeatherDPA
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Everest Poker
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Hotbar
C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
C:\Program Files\Ask.com ... ERREUR SUPPRESSION !!
C:\Program Files\Everest Poker
C:\Program Files\Hotbar ... ERREUR SUPPRESSION !!
C:\Program Files\Mozilla FireFox\Components\AskSearch.js
C:\Program Files\Mozilla FireFox\Plugins\npclntax_HotbarSA.dll
C:\Program Files\PartyGaming
C:\Program Files\ShoppingReport ... ERREUR SUPPRESSION !!
C:\DOCUME~1\fabien\MENUDM~1\PROGRA~1\PartyPoker
C:\DOCUME~1\fabien\APPLIC~1\Microsoft\Internet Explorer\Quick Launch\PartyPoker.lnk
C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
C:\DOCUME~1\fabien\Bureau\PartyPoker.lnk
C:\DOCUME~1\ALLUSE~1\Bureau\Everest Poker.lnk
C:\WINDOWS\Prefetch\HOTBARSA.EXE-172AADFE.pf
C:\DOCUME~1\fabien\Cookies\fabien@ask[1].txt
C:\DOCUME~1\fabien\Cookies\fabien@ask[2].txt
C:\DOCUME~1\fabien\Cookies\fabien@ask[3].txt
C:\DOCUME~1\fabien\Cookies\fabien@ask[4].txt
C:\DOCUME~1\fabien\Cookies\fabien@ask[5].txt
C:\DOCUME~1\fabien\Cookies\fabien@ask[6].txt
C:\DOCUME~1\fabien\Cookies\fabien@ask[7].txt
C:\DOCUME~1\fabien\Cookies\fabien@ask[8].txt
C:\DOCUME~1\fabien\Cookies\fabien@fcg.casino770[2].txt
C:\DOCUME~1\fabien\Cookies\fabien@fr.partypoker[1].txt
C:\DOCUME~1\fabien\Cookies\fabien@hotbar[2].txt
C:\DOCUME~1\fabien\Cookies\fabien@partygaming.122.2o7[1].txt
C:\DOCUME~1\fabien\Cookies\fabien@partypoker[1].txt
C:\DOCUME~1\fabien\Cookies\fabien@partypoker[2].txt
C:\DOCUME~1\fabien\Cookies\fabien@partypoker[3].txt
C:\DOCUME~1\fabien\Cookies\fabien@partypoker[4].txt
C:\DOCUME~1\fabien\Cookies\fabien@rotator.adjuggler[1].txt
C:\DOCUME~1\fabien\Cookies\fabien@search.conduit[2].txt
C:\DOCUME~1\fabien\Cookies\fabien@simyo[1].txt
C:\DOCUME~1\fabien\Cookies\fabien@www.casino770[2].txt
C:\DOCUME~1\fabien\Cookies\fabien@www.everestpoker[1].txt
(!) -- Fichiers temporaires supprimés.
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.0.14 [fr] *
.
Nom du profil: 98cegs9k.default (fabien)
.
(fabien, prefs.js) Browser.download.lastDir, C:\Documents and Settings\fabien\Mes documents\Mes images
(fabien, prefs.js) Browser.search.defaultenginename, Bing
(fabien, prefs.js) Browser.search.defaulturl, hxxp://www.bing.com/search?FORM=IEFM1&q=
(fabien, prefs.js) Browser.startup.homepage, hxxp://go.microsoft.com/fwlink/?LinkId=69157
.
(fabien, prefs.js) EFFACE - Browser.search.defaultengine, Ask.com
(fabien, prefs.js) EFFACE - Browser.search.order.1, Ask.com
(fabien, prefs.js) EFFACE - Extensions.asktb.cbid, U9
(fabien, prefs.js) EFFACE - Extensions.asktb.default-channel-url-mask, hxxp://fr.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}&dm=lang
(fabien, prefs.js) EFFACE - Extensions.asktb.fresh-install, false
(fabien, prefs.js) EFFACE - Extensions.asktb.l, dis
(fabien, prefs.js) EFFACE - Extensions.asktb.last-config-req, 1257909399037
(fabien, prefs.js) EFFACE - Extensions.asktb.locale, fr_FR
(fabien, prefs.js) EFFACE - Extensions.asktb.o, 15012
(fabien, prefs.js) EFFACE - Extensions.asktb.overlay-reloaded-using-restart, true
(fabien, prefs.js) EFFACE - Extensions.asktb.qsrc, 2871
(fabien, prefs.js) EFFACE - Extensions.asktb.r, 4
(fabien, prefs.js) EFFACE - Extensions.enabledItems, toolbar@ask.com:3.4.4.118,dvscontextmenuy@dvdvideosoft.com:1.0,fdm_ffext@freedownloadmanager.org:1.3.4,Hotbar@Hotbar.com:11.0.0.0,{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13,{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15,jqs@sun.com:1.0,firefox@tvunetworks.com:2,4,7,2,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.14
(fabien, prefs.js) EFFACE - Extensions.snipit.chromeURL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10611&gct=&gc=1&q={searchTerms}&crm=1
.
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Start Page Redirect Cache: hxxp://fr.msn.com/?ocid=iehp
Start Page Redirect Cache_TIMESTAMP: NARY 6ca19e29b260ca01
Start Page Redirect Cache AcceptLangs: fr-fr
Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials, ...) ==============
.
C:\Documents and Settings\fabien\Bureau\WLMUniversalPatcher-POUR-WLM8.5.exe
C:\Documents and Settings\fabien\Mes documents\RCT2_patch_JeuxVideo.com_6205.zip
C:\Documents and Settings\fabien\Mes documents\Patch cod4\182.06_geforce_winxp_32bit_international_whql.exe
C:\Documents and Settings\fabien\Mes documents\Patch cod4\call_of_duty_4_modern_warfare_mise_a_jour_depuis_v1.6_multi-langues_247528.exe
C:\Documents and Settings\fabien\Mes documents\Patch cod4\call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170.exe
C:\Documents and Settings\fabien\Mes documents\Patch cod4\call_of_duty_4_modern_warfare_patch_v1.2_multi-langues_184570.exe
C:\Documents and Settings\fabien\Mes documents\Patch cod4\call_of_duty_4_modern_warfare_patch_v1.3_multi-langues_193372.exe
C:\Documents and Settings\fabien\Mes documents\Patch cod4\call_of_duty_4_modern_warfare_patch_v1.4_multi-langues_197704.exe
C:\Documents and Settings\fabien\Mes documents\Patch cod4\call_of_duty_4_modern_warfare_patch_v1.5_multi-langues_211464.exe
C:\Documents and Settings\fabien\Mes documents\Patch cod4\call_of_duty_4_modern_warfare_patch_v1.6_variety_map_pack_multi-langues_245252.exe
C:\Documents and Settings\fabien\Mes documents\Patch cod4\cfg.rar
C:\Documents and Settings\fabien\Mes documents\Patch cod4\mumble_mumble_1.1.6_francais_43179.exe
C:\Documents and Settings\fabien\Mes documents\Patch cod4\Mumble-1.1.4.exe
C:\Documents and Settings\fabien\Mes documents\Patch cod4\pbsetup.exe
C:\Documents and Settings\fabien\Mes documents\Patch cod4\pbsetup.zip
C:\Documents and Settings\fabien\Mes documents\Patch cod4\ts2_client_rc2_2032.exe
C:\Documents and Settings\fabien\Mes documents\Patch cod4\vlc-0.9.8a-win32.exe
C:\Documents and Settings\fabien\Mes documents\psy 4\Rollercoaster Tycoon 2 + WW et TT\Rollercoaster Tycoon 2\Crack\rct2.exe
C:\Documents and Settings\fabien\Mes documents\psy 4\Rollercoaster Tycoon 2 + WW et TT\Rollercoaster Tycoon 2\Crack\Readme.nfo
C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CoDWaW_patch1.1.rar
C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CoDWaW_patch1.2.rar
C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CoDWaW-1.0.1017-PatchSetup.exe
C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CoDWaW-1.2-1.3-PatchSetup.exe
C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CoDWaW-1.2-1.3-PatchSetup.rar
C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CoDWaW-1.2-1.4-PatchSetup.exe
C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CoDWaW-1.2-PatchSetup.exe
C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\crack cod5WoW.exe
C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CRACKINETTE COD5.rar
C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\Sony Vegas Pro 9.0\Sony Vegas Pro 9.0\Keygen\Keygen.exe
C:\Documents and Settings\fabien\Mes documents\steam\DynPatch v2.exe
C:\Documents and Settings\fabien\Mes documents\steam\UnDeadPatch.exe
.
===================================
.
20482 Octet(s) - C:\Ad-Report-CLEAN[1].log
.
115 Fichier(s) - C:\DOCUME~1\fabien\LOCALS~1\Temp
1 Fichier(s) - C:\WINDOWS\Temp
.
10 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
3019 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
Si cela peut t'aider mon virus pourrait venir de xifre a la base car quand je le lance ils ouvrent toutes mes pages d'amis et envoi un lien de telechargement.
.
Fin à: 21:08:08 | 13/11/2009 - CLEAN[1]
.
============== E.O.F ==============
.
======= RAPPORT D'AD-REMOVER 1.1.4.6_C | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 12.11.2009 à 22:02
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 20:57:59, 13/11/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Nom du PC: A6-B767CBBC1F97 | Utilisateur actuel: fabien
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
HKCU\Software\AppDataLow\AskBarDis
HKCU\Software\AppDataLow\AskHomePage
HKCU\Software\Ask.com
HKCU\Software\AskToolbar
HKCU\Software\Grand Virtual
HKCU\Software\hotbarsa
HKCU\Software\Live-Player
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b}
HKCU\Software\PartyGaming
HKCU\Software\ShoppingReport
HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
HKLM\Software\Classes\CLSID\{06ADA938-0FB0-4BC0-B19B-0A38AB17F182}
HKLM\Software\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
HKLM\Software\Classes\CntntCntr.CntntDic
HKLM\Software\Classes\CntntCntr.CntntDic.1
HKLM\Software\Classes\CntntCntr.CntntDisp
HKLM\Software\Classes\CntntCntr.CntntDisp.1
HKLM\Software\Classes\coresrv.coreservices
HKLM\Software\Classes\coresrv.coreservices.1
HKLM\Software\Classes\coresrv.lfgax
HKLM\Software\Classes\coresrv.lfgax.1
HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
HKLM\Software\Classes\HbCoreSrv.DynamicProp
HKLM\Software\Classes\HbCoreSrv.DynamicProp.1
HKLM\Software\Classes\hbmain.commband
HKLM\Software\Classes\hbmain.commband.1
HKLM\Software\Classes\hbr.hbmain
HKLM\Software\Classes\hbr.hbmain.1
HKLM\Software\Classes\hostie.bho
HKLM\Software\Classes\hostie.bho.1
HKLM\Software\Classes\hostol.mailanim
HKLM\Software\Classes\hostol.mailanim.1
HKLM\Software\Classes\hostol.webmailsend
HKLM\Software\Classes\hostol.webmailsend.1
HKLM\Software\Classes\HotbarAx.Info
HKLM\Software\Classes\HotbarAx.Info.1
HKLM\Software\Classes\HotbarAX.UserProfiles
HKLM\Software\Classes\HotbarAX.UserProfiles.1
HKLM\Software\Classes\HotbarWeather.WeatherController
HKLM\Software\Classes\HotbarWeather.WeatherController.1
HKLM\Software\Classes\Interface\{0C1CF2DF-05A3-4FEF-8CD4-F5CFC4355A16}
HKLM\Software\Classes\shoppingreport.hbax
HKLM\Software\Classes\shoppingreport.hbax.1
HKLM\Software\Classes\shoppingreport.hbinfoband
HKLM\Software\Classes\shoppingreport.hbinfoband.1
HKLM\Software\Classes\shoppingreport.iebutton
HKLM\Software\Classes\shoppingreport.iebutton.1
HKLM\Software\Classes\shoppingreport.iebuttona
HKLM\Software\Classes\shoppingreport.iebuttona.1
HKLM\Software\Classes\shoppingreport.rprtctrl
HKLM\Software\Classes\shoppingreport.rprtctrl.1
HKLM\Software\Classes\srv.coreservices
HKLM\Software\Classes\srv.coreservices.1
HKLM\Software\Classes\toolbar.htmlmenuui
HKLM\Software\Classes\toolbar.htmlmenuui.1
HKLM\Software\Classes\toolbar.toolbarctl
HKLM\Software\Classes\toolbar.toolbarctl.1
HKLM\Software\Classes\TypeLib\{710993A2-4F87-41D7-B6FE-F5A20368465F}
HKLM\Software\Hotbar
HKLM\Software\Live-Player
HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
HKLM\Software\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}
HKLM\Software\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2}
HKLM\Software\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDDBB5EE-BB64-4bfc-9DBE-E7C85941335B}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Everest Poker
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\HotbarSA
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PartyPoker
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport
HKLM\Software\ShoppingReport
HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\\Hotbar 11.0.78.0
HKLM\Software\Mozilla\Firefox\Extensions\\Hotbar@Hotbar.com
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\WeatherDPA
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HotbarSA
HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
HKLM\Software\Classes\CLSID\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
HKLM\Software\Classes\CLSID\{14113B47-D59C-4F0F-9D10-FF1730265584}
HKLM\Software\Classes\CLSID\{20EA9658-6BC3-4599-A87D-6371FE9295FC}
HKLM\Software\Classes\CLSID\{2AA2FBF8-9C76-4E97-A226-25C5F4AB6358}
HKLM\Software\Classes\CLSID\{2D00AA2A-69EF-487a-8A40-B3E27F07C91E}
HKLM\Software\Classes\CLSID\{62906E60-BCE2-4E1B-9ED0-8B9042EE15E4}
HKLM\Software\Classes\CLSID\{70880CE6-308C-4204-A89E-B266C3F7B7FA}
HKLM\Software\Classes\CLSID\{71F731B3-008B-4052-9EA4-4145ACCE40C3}
HKLM\Software\Classes\CLSID\{86C5840B-80C4-4C30-A655-37344A542009}
HKLM\Software\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
HKLM\Software\Classes\CLSID\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
HKLM\Software\Classes\CLSID\{A16AD1E9-F69A-45AF-9462-B1C286708842}
HKLM\Software\Classes\CLSID\{A3E67DAA-DA01-4da5-98BE-3088B554A11E}
HKLM\Software\Classes\CLSID\{A5B6FA30-D317-41CA-9CB1-C898D3C7F34E}
HKLM\Software\Classes\CLSID\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
HKLM\Software\Classes\CLSID\{A9C42A57-421C-4572-8B12-249C59183D1C}
HKLM\Software\Classes\CLSID\{B0CB585F-3271-4E42-88D9-AE5C9330D554}
HKLM\Software\Classes\CLSID\{C9CCBB35-D123-4A31-AFFC-9B2933132116}
HKLM\Software\Classes\CLSID\{CC19A5F2-B4AD-41D5-A5C9-0680904C1483}
HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Classes\CLSID\{D95C7240-0282-4c01-93F5-673BCA03DA86}
HKLM\Software\Classes\CLSID\{F9BFA98D-9935-4EA4-A05A-72C7F0778F02}
HKLM\Software\Classes\TypeLib\{03D7FF6E-9781-40B5-BB7F-94291A361604}
HKLM\Software\Classes\TypeLib\{0729F461-8054-47DC-8D39-A31B61CC0119}
HKLM\Software\Classes\TypeLib\{148E1447-C728-48FD-BEEC-A7D06C5FFF58}
HKLM\Software\Classes\TypeLib\{76D54105-99EB-4ECB-95B2-A944F50CC566}
HKLM\Software\Classes\TypeLib\{8292078F-F6E9-412B-8EB1-360C05C5ECE5}
HKLM\Software\Classes\TypeLib\{A57470DE-14C7-4FCD-9D4C-E5711F24F0ED}
HKLM\Software\Classes\TypeLib\{C62A9E79-2B52-439B-AF57-2E60BB06E86C}
HKLM\Software\Classes\TypeLib\{CDC73256-A88D-4642-844E-A8F20B76789C}
HKLM\Software\Classes\TypeLib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2}
HKLM\Software\Classes\TypeLib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF}
HKLM\Software\Classes\TypeLib\{E343EDFC-1E6C-4CB5-AA29-E9C922641C80}
HKLM\Software\Classes\Interface\{15FD8424-D12A-4C51-8C6C-D5D57B80F781}
HKLM\Software\Classes\Interface\{2447E305-5E90-42A8-BD1E-0BC333B807E1}
HKLM\Software\Classes\Interface\{2557DD3F-23A0-477C-BCD8-90FD0AECC4B8}
HKLM\Software\Classes\Interface\{2893116C-A176-42B1-8794-DA8C9FC45564}
HKLM\Software\Classes\Interface\{3CEB04AB-08AF-45F4-81B4-70D13C1F7B85}
HKLM\Software\Classes\Interface\{40CA90F3-4098-4877-AE87-23EB612B18C7}
HKLM\Software\Classes\Interface\{50D2FDCC-2707-49CB-8223-7FE0424909AA}
HKLM\Software\Classes\Interface\{5A635A91-C303-45C9-8DB9-F759D98A3B9D}
HKLM\Software\Classes\Interface\{67B3BECF-7B6F-42B2-99F0-F7656F89CFFA}
HKLM\Software\Classes\Interface\{715FFD42-4E05-4EAB-9513-C8DAA5395AE2}
HKLM\Software\Classes\Interface\{759D6F7C-8D30-45B6-ABEA-FA51C190EED5}
HKLM\Software\Classes\Interface\{7E335D04-2E6E-4D0E-A921-C3D9192E7121}
HKLM\Software\Classes\Interface\{878CE013-7BA9-4650-A78C-B2234C0C1648}
HKLM\Software\Classes\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}
HKLM\Software\Classes\Interface\{8EE46F55-1CE1-4DB9-811A-68938EC7F3DD}
HKLM\Software\Classes\Interface\{99CCFB8C-6380-4A14-8FDD-EF3E7E95335D}
HKLM\Software\Classes\Interface\{99FDCA0C-7380-4E9C-8D99-5DC4750334EF}
HKLM\Software\Classes\Interface\{9A4A64A4-A2FB-48FA-9BBA-1AC50267695D}
HKLM\Software\Classes\Interface\{A7213D71-47E1-4832-92D7-D61DFE9F231F}
HKLM\Software\Classes\Interface\{A87DFD99-CF81-4241-85CE-881E0026B686}
HKLM\Software\Classes\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}
HKLM\Software\Classes\Interface\{B1D9F4B1-B9FF-463F-BF15-AB9CB26160F7}
HKLM\Software\Classes\Interface\{B20D7ADD-989C-4BC0-A797-F6FE7998EFD7}
HKLM\Software\Classes\Interface\{BFC20A15-B0AC-44CC-A25A-A7039014BA9F}
HKLM\Software\Classes\Interface\{C96B9FAE-A032-4100-BB47-32EF05E28BE4}
HKLM\Software\Classes\Interface\{CF82F350-E1C4-4916-AC12-BA73DB60AFB7}
HKLM\Software\Classes\Interface\{D1063603-F045-475F-AFBC-8CBA7D5797FB}
HKLM\Software\Classes\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082}
HKLM\Software\Classes\Interface\{F019AEC4-4C95-46DE-A107-E302473E3B9A}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
HKLM\software\classes\installer\Products\A28B4D68DEBAA244EB686953B7074FEF
.
C:\DOCUME~1\fabien\APPLIC~1\Hotbar ... ERREUR SUPPRESSION !!
C:\DOCUME~1\fabien\APPLIC~1\Mozilla\Firefox\Profiles\98cegs9k.default\extensions\toolbar@ask.com
C:\DOCUME~1\fabien\APPLIC~1\Mozilla\Firefox\Profiles\98cegs9k.default\searchplugins\ask.xml
C:\DOCUME~1\fabien\APPLIC~1\Mozilla\Firefox\Profiles\98cegs9k.default\searchplugins\askcom.xml
C:\DOCUME~1\fabien\APPLIC~1\WeatherDPA
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Everest Poker
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Hotbar
C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
C:\Program Files\Ask.com ... ERREUR SUPPRESSION !!
C:\Program Files\Everest Poker
C:\Program Files\Hotbar ... ERREUR SUPPRESSION !!
C:\Program Files\Mozilla FireFox\Components\AskSearch.js
C:\Program Files\Mozilla FireFox\Plugins\npclntax_HotbarSA.dll
C:\Program Files\PartyGaming
C:\Program Files\ShoppingReport ... ERREUR SUPPRESSION !!
C:\DOCUME~1\fabien\MENUDM~1\PROGRA~1\PartyPoker
C:\DOCUME~1\fabien\APPLIC~1\Microsoft\Internet Explorer\Quick Launch\PartyPoker.lnk
C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
C:\DOCUME~1\fabien\Bureau\PartyPoker.lnk
C:\DOCUME~1\ALLUSE~1\Bureau\Everest Poker.lnk
C:\WINDOWS\Prefetch\HOTBARSA.EXE-172AADFE.pf
C:\DOCUME~1\fabien\Cookies\fabien@ask[1].txt
C:\DOCUME~1\fabien\Cookies\fabien@ask[2].txt
C:\DOCUME~1\fabien\Cookies\fabien@ask[3].txt
C:\DOCUME~1\fabien\Cookies\fabien@ask[4].txt
C:\DOCUME~1\fabien\Cookies\fabien@ask[5].txt
C:\DOCUME~1\fabien\Cookies\fabien@ask[6].txt
C:\DOCUME~1\fabien\Cookies\fabien@ask[7].txt
C:\DOCUME~1\fabien\Cookies\fabien@ask[8].txt
C:\DOCUME~1\fabien\Cookies\fabien@fcg.casino770[2].txt
C:\DOCUME~1\fabien\Cookies\fabien@fr.partypoker[1].txt
C:\DOCUME~1\fabien\Cookies\fabien@hotbar[2].txt
C:\DOCUME~1\fabien\Cookies\fabien@partygaming.122.2o7[1].txt
C:\DOCUME~1\fabien\Cookies\fabien@partypoker[1].txt
C:\DOCUME~1\fabien\Cookies\fabien@partypoker[2].txt
C:\DOCUME~1\fabien\Cookies\fabien@partypoker[3].txt
C:\DOCUME~1\fabien\Cookies\fabien@partypoker[4].txt
C:\DOCUME~1\fabien\Cookies\fabien@rotator.adjuggler[1].txt
C:\DOCUME~1\fabien\Cookies\fabien@search.conduit[2].txt
C:\DOCUME~1\fabien\Cookies\fabien@simyo[1].txt
C:\DOCUME~1\fabien\Cookies\fabien@www.casino770[2].txt
C:\DOCUME~1\fabien\Cookies\fabien@www.everestpoker[1].txt
(!) -- Fichiers temporaires supprimés.
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.0.14 [fr] *
.
Nom du profil: 98cegs9k.default (fabien)
.
(fabien, prefs.js) Browser.download.lastDir, C:\Documents and Settings\fabien\Mes documents\Mes images
(fabien, prefs.js) Browser.search.defaultenginename, Bing
(fabien, prefs.js) Browser.search.defaulturl, hxxp://www.bing.com/search?FORM=IEFM1&q=
(fabien, prefs.js) Browser.startup.homepage, hxxp://go.microsoft.com/fwlink/?LinkId=69157
.
(fabien, prefs.js) EFFACE - Browser.search.defaultengine, Ask.com
(fabien, prefs.js) EFFACE - Browser.search.order.1, Ask.com
(fabien, prefs.js) EFFACE - Extensions.asktb.cbid, U9
(fabien, prefs.js) EFFACE - Extensions.asktb.default-channel-url-mask, hxxp://fr.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}&dm=lang
(fabien, prefs.js) EFFACE - Extensions.asktb.fresh-install, false
(fabien, prefs.js) EFFACE - Extensions.asktb.l, dis
(fabien, prefs.js) EFFACE - Extensions.asktb.last-config-req, 1257909399037
(fabien, prefs.js) EFFACE - Extensions.asktb.locale, fr_FR
(fabien, prefs.js) EFFACE - Extensions.asktb.o, 15012
(fabien, prefs.js) EFFACE - Extensions.asktb.overlay-reloaded-using-restart, true
(fabien, prefs.js) EFFACE - Extensions.asktb.qsrc, 2871
(fabien, prefs.js) EFFACE - Extensions.asktb.r, 4
(fabien, prefs.js) EFFACE - Extensions.enabledItems, toolbar@ask.com:3.4.4.118,dvscontextmenuy@dvdvideosoft.com:1.0,fdm_ffext@freedownloadmanager.org:1.3.4,Hotbar@Hotbar.com:11.0.0.0,{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13,{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15,jqs@sun.com:1.0,firefox@tvunetworks.com:2,4,7,2,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.14
(fabien, prefs.js) EFFACE - Extensions.snipit.chromeURL, hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10611&gct=&gc=1&q={searchTerms}&crm=1
.
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Start Page Redirect Cache: hxxp://fr.msn.com/?ocid=iehp
Start Page Redirect Cache_TIMESTAMP: NARY 6ca19e29b260ca01
Start Page Redirect Cache AcceptLangs: fr-fr
Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials, ...) ==============
.
C:\Documents and Settings\fabien\Bureau\WLMUniversalPatcher-POUR-WLM8.5.exe
C:\Documents and Settings\fabien\Mes documents\RCT2_patch_JeuxVideo.com_6205.zip
C:\Documents and Settings\fabien\Mes documents\Patch cod4\182.06_geforce_winxp_32bit_international_whql.exe
C:\Documents and Settings\fabien\Mes documents\Patch cod4\call_of_duty_4_modern_warfare_mise_a_jour_depuis_v1.6_multi-langues_247528.exe
C:\Documents and Settings\fabien\Mes documents\Patch cod4\call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170.exe
C:\Documents and Settings\fabien\Mes documents\Patch cod4\call_of_duty_4_modern_warfare_patch_v1.2_multi-langues_184570.exe
C:\Documents and Settings\fabien\Mes documents\Patch cod4\call_of_duty_4_modern_warfare_patch_v1.3_multi-langues_193372.exe
C:\Documents and Settings\fabien\Mes documents\Patch cod4\call_of_duty_4_modern_warfare_patch_v1.4_multi-langues_197704.exe
C:\Documents and Settings\fabien\Mes documents\Patch cod4\call_of_duty_4_modern_warfare_patch_v1.5_multi-langues_211464.exe
C:\Documents and Settings\fabien\Mes documents\Patch cod4\call_of_duty_4_modern_warfare_patch_v1.6_variety_map_pack_multi-langues_245252.exe
C:\Documents and Settings\fabien\Mes documents\Patch cod4\cfg.rar
C:\Documents and Settings\fabien\Mes documents\Patch cod4\mumble_mumble_1.1.6_francais_43179.exe
C:\Documents and Settings\fabien\Mes documents\Patch cod4\Mumble-1.1.4.exe
C:\Documents and Settings\fabien\Mes documents\Patch cod4\pbsetup.exe
C:\Documents and Settings\fabien\Mes documents\Patch cod4\pbsetup.zip
C:\Documents and Settings\fabien\Mes documents\Patch cod4\ts2_client_rc2_2032.exe
C:\Documents and Settings\fabien\Mes documents\Patch cod4\vlc-0.9.8a-win32.exe
C:\Documents and Settings\fabien\Mes documents\psy 4\Rollercoaster Tycoon 2 + WW et TT\Rollercoaster Tycoon 2\Crack\rct2.exe
C:\Documents and Settings\fabien\Mes documents\psy 4\Rollercoaster Tycoon 2 + WW et TT\Rollercoaster Tycoon 2\Crack\Readme.nfo
C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CoDWaW_patch1.1.rar
C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CoDWaW_patch1.2.rar
C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CoDWaW-1.0.1017-PatchSetup.exe
C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CoDWaW-1.2-1.3-PatchSetup.exe
C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CoDWaW-1.2-1.3-PatchSetup.rar
C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CoDWaW-1.2-1.4-PatchSetup.exe
C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CoDWaW-1.2-PatchSetup.exe
C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\crack cod5WoW.exe
C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CRACKINETTE COD5.rar
C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\Sony Vegas Pro 9.0\Sony Vegas Pro 9.0\Keygen\Keygen.exe
C:\Documents and Settings\fabien\Mes documents\steam\DynPatch v2.exe
C:\Documents and Settings\fabien\Mes documents\steam\UnDeadPatch.exe
.
===================================
.
20482 Octet(s) - C:\Ad-Report-CLEAN[1].log
.
115 Fichier(s) - C:\DOCUME~1\fabien\LOCALS~1\Temp
1 Fichier(s) - C:\WINDOWS\Temp
.
10 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
3019 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
Si cela peut t'aider mon virus pourrait venir de xifre a la base car quand je le lance ils ouvrent toutes mes pages d'amis et envoi un lien de telechargement.
.
Fin à: 21:08:08 | 13/11/2009 - CLEAN[1]
.
============== E.O.F ==============
.
Citation :
L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 3164
Windows 5.1.2600 Service Pack 3
13/11/2009 21:40:02
mbam-log-2009-11-13 (21-40-02).txt
Type de recherche: Examen rapide
Eléments examinés: 113760
Temps écoulé: 9 minute(s), 46 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 13
Fichier(s) infecté(s): 16
Processus mémoire infecté(s):
C:\Documents and Settings\fabien\Local Settings\Temp\vshost32.exe (Worm.IMStealer) -> Failed to unload process.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fd31ed6-7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows workstation (Worm.AutoRun) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.Userinit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\fabien\LOCALS~1\Temp\vshost32.exe) Good: (Userinit.exe) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Application Data\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\db (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\dwld (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\report (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\res2 (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\11.0.78.0 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin\2.6.58 (Adware.ShopperReports) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Documents and Settings\fabien\Local Settings\Temp\vshost32.exe (Worm.IMStealer) -> Delete on reboot.
C:\vshost.exe (Worm.IMStealer) -> Quarantined and deleted successfully.
C:\Downloads\Speed-Downloading_setup.exe (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Local Settings\Temporary Internet Files\Content.IE5\JUQY5XYM\bu[1].exe (Worm.IMStealer) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\Config.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\res2\WhiteList.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\11.0.78.0\CoreSrv.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\11.0.78.0\Toolbar.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Local Settings\Temp\scvhost.exe (Trojan.Downloader) -> Delete on reboot.
Version de la base de données: 3164
Windows 5.1.2600 Service Pack 3
13/11/2009 21:40:02
mbam-log-2009-11-13 (21-40-02).txt
Type de recherche: Examen rapide
Eléments examinés: 113760
Temps écoulé: 9 minute(s), 46 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 13
Fichier(s) infecté(s): 16
Processus mémoire infecté(s):
C:\Documents and Settings\fabien\Local Settings\Temp\vshost32.exe (Worm.IMStealer) -> Failed to unload process.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fd31ed6-7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows workstation (Worm.AutoRun) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.Userinit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\fabien\LOCALS~1\Temp\vshost32.exe) Good: (Userinit.exe) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Application Data\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\db (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\dwld (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\report (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\res2 (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\11.0.78.0 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin\2.6.58 (Adware.ShopperReports) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Documents and Settings\fabien\Local Settings\Temp\vshost32.exe (Worm.IMStealer) -> Delete on reboot.
C:\vshost.exe (Worm.IMStealer) -> Quarantined and deleted successfully.
C:\Downloads\Speed-Downloading_setup.exe (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Local Settings\Temporary Internet Files\Content.IE5\JUQY5XYM\bu[1].exe (Worm.IMStealer) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\Config.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Application Data\ShoppingReport\cs\res2\WhiteList.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\11.0.78.0\CoreSrv.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\Hotbar\bin\11.0.78.0\Toolbar.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin\2.6.58\ShoppingReport.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\fabien\Local Settings\Temp\scvhost.exe (Trojan.Downloader) -> Delete on reboot.
Voila jai supprimer les fichiers et voila le log :
Logfile of random's system information tool 1.06 (written by random/random)
Run by fabien at 2009-11-13 23:26:56
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 166 GB (48%) free of 343 GB
Total RAM: 2047 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:26:57, on 13/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SFR\Kit\9props.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\mIRC\mirc.exe
c:\program files\Mumble\dbus-daemon.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Downloads\Software\RSIT.exe
C:\Downloads\Software\fabien.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: Enregistrement de FIFA 09.lnk = C:\Program Files\EA Sports\FIFA 09\Support\EAregister.exe
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O8 - Extra context menu item: Save YouTube Video - res://C:\Program Files\Fichiers communs\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP4.htm
O8 - Extra context menu item: Save YouTube Video as MP3 - res://C:\Program Files\Fichiers communs\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/srl_bin/sysreqlab_...
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) - http://srtest-cdn.systemrequirementslab.com.s3.amazonaw...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
--
End of file - 10173 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\WGASetup.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Ai Nap"=C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe [2008-05-26 1423360]
"QFan Help"=C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe [2008-05-06 594432]
"Cpu Level Up help"=C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe [2007-11-30 881152]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-16 16806400]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-03-27 13684736]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-03-27 86016]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-09-13 3883856]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe [2009-04-24 203416]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe [2009-03-28 3325952]
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []
"Connexion SFR 9props.exe"=C:\Program Files\SFR\Kit\9props.exe [2009-04-21 955712]
"Software Informer"=C:\Program Files\Software Informer\softinfo.exe [2009-09-17 1933381]
"Octoshape Streaming Services"=C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [2009-01-08 70936]
"Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe [2009-01-31 3399727]
"fsm"= []
"PlayNC Launcher"= []
C:\Documents and Settings\fabien\Menu Démarrer\Programmes\Démarrage
Enregistrement de FIFA 09.lnk - C:\Program Files\EA Sports\FIFA 09\Support\EAregister.exe
PowerReg Scheduler V3.exe
Xfire.lnk - C:\Program Files\Xfire\Xfire.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="wbsys.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
C:\Program Files\AlienGUIse\fastload.dll [2001-12-20 24576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2008-05-07 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"MemCheckBoxInRunDlg"=1
"NoSMBalloonTip"=1
"NoDesktopCleanupWizard"=1
"NoWelcomeScreen"=1
"NoStrCmpLogical"=0
"NoInstrumentation"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoResolveSearch"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled![:p]( ":p")
nkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled![:p]( ":p")
nkBstrB"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170.exe:*:Enabled:call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe"="C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe:*:Enabled:GRAW"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade 1.0, Public Beta 4"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Conference\Conference.dll"="C:\Program Files\Conference\Conference.dll:*:Enabled:Audio/Video Conference"
"C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe"="C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:*:Enabled:Tom Clancy's H.A.W.X"
"C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe"="C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe:*:Enabled:Tom Clancy's H.A.W.X"
"C:\Program Files\Garena\Garena.exe"="C:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"C:\Program Files\Steam\steamapps\akira57120\counter-strike source\hl2.exe"="C:\Program Files\Steam\steamapps\akira57120\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\akira57120\day of defeat source\hl2.exe"="C:\Program Files\Steam\steamapps\akira57120\day of defeat source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Documents and Settings\fabien\Bureau\PES2008.exe"="C:\Documents and Settings\fabien\Bureau\PES2008.exe:*:Enabled![:p]( ":p")
ro Evolution Soccer 2008"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled![:p]( ":p")
ro Evolution Soccer 2008"
"C:\Documents and Settings\fabien\Bureau\pes2009.exe"="C:\Documents and Settings\fabien\Bureau\pes2009.exe:*:Enabled![:p]( ":p")
ro Evolution Soccer 2009"
"C:\Program Files\Activision\Call of Duty - World at War\crack cod5WoW.exe"="C:\Program Files\Activision\Call of Duty - World at War\crack cod5WoW.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe"="C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe:*:Enabled:speed2"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled![:p]( ":p")
ro Evolution Soccer 2009"
"C:\Program Files\Internet Download Manager\IDMan.exe"="C:\Program Files\Internet Download Manager\IDMan.exe:*:Enabled:Internet Download Manager (IDM)"
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine"
"C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Combat Arms EU\NMService.exe"="C:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core"
"C:\Program Files\Cyanide\GameCenter\GameCenter.exe"="C:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\PokerTH\pokerth.exe"="C:\Program Files\PokerTH\pokerth.exe:*:Enabled![:p]( ":p")
okerth"
"C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe"="C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client"
"C:\Program Files\World of Warcraft\WoW-3.2.0-frFR-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Program Files\World of Warcraft\WoW-3.2.0-enGB-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Downloads\Crack\pes2010.exe"="C:\Downloads\Crack\pes2010.exe:*:Enabled![:p]( ":p")
ro Evolution Soccer 2010"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{373807e3-30a9-11de-8417-002215493bfd}]
shell\AutoRun\command - G:\autorun.exe
======List of files/folders created in the last 1 months======
2009-11-13 21:26:47 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-11-13 20:57:58 ----D---- C:\Program Files\Ad-Remover
2009-11-12 03:00:20 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-11-06 03:14:42 ----A---- C:\WINDOWS\system32\xfcodec.dll
2009-10-19 12:55:34 ----D---- C:\Documents and Settings\All Users\Application Data\HotbarSA
2009-10-19 12:55:31 ----D---- C:\Documents and Settings\fabien\Application Data\Hotbar
2009-10-16 02:03:11 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-16 02:00:54 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-16 02:00:50 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-16 02:00:48 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-16 02:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-16 02:00:41 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-16 02:00:35 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-16 02:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-16 02:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-16 02:00:19 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
======List of files/folders modified in the last 1 months======
2009-11-13 23:26:31 ----D---- C:\Documents and Settings\fabien\Application Data\Free Download Manager
2009-11-13 22:45:06 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-11-13 22:36:16 ----D---- C:\Downloads
2009-11-13 21:57:55 ----D---- C:\Documents and Settings\fabien\Application Data\mIRC
2009-11-13 21:57:26 ----D---- C:\Program Files\mIRC
2009-11-13 21:47:12 ----D---- C:\Documents and Settings\fabien\Application Data\Xfire
2009-11-13 21:45:23 ----D---- C:\Documents and Settings\fabien\Application Data\Software Informer
2009-11-13 21:44:40 ----D---- C:\WINDOWS\Temp
2009-11-13 21:43:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-13 21:40:02 ----RD---- C:\Program Files
2009-11-13 21:26:48 ----D---- C:\WINDOWS\system32\drivers
2009-11-13 21:08:00 ----D---- C:\WINDOWS\Prefetch
2009-11-13 21:04:55 ----SD---- C:\WINDOWS\Tasks
2009-11-13 21:01:28 ----D---- C:\Program Files\Ask.com
2009-11-13 21:01:27 ----SHD---- C:\WINDOWS\Installer
2009-11-12 05:24:38 ----D---- C:\WINDOWS\system32
2009-11-12 05:24:38 ----D---- C:\Program Files\Navilog1
2009-11-12 05:24:31 ----A---- C:\cleannavi.txt
2009-11-12 05:23:54 ----D---- C:\WINDOWS
2009-11-12 03:00:25 ----HD---- C:\WINDOWS\inf
2009-11-12 03:00:22 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-11-11 09:46:15 ----HD---- C:\WINDOWS\$hf_mig$
2009-11-11 09:46:14 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-11 09:06:57 ----D---- C:\Program Files\Xfire
2009-11-11 04:26:34 ----D---- C:\Program Files\Mozilla Firefox
2009-11-09 22:31:36 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-11-09 03:57:48 ----D---- C:\Documents and Settings\fabien\Application Data\Mumble
2009-11-05 18:36:21 ----A---- C:\WINDOWS\system32\MRT.exe
2009-11-05 03:00:26 ----A---- C:\WINDOWS\imsins.BAK
2009-11-04 21:40:55 ----D---- C:\Documents and Settings\fabien\Application Data\teamspeak2
2009-11-02 00:10:29 ----D---- C:\Documents and Settings\fabien\Application Data\dvdcss
2009-10-30 22:22:29 ----D---- C:\Program Files\World of Warcraft
2009-10-30 22:21:50 ----SHD---- C:\Config.Msi
2009-10-30 22:21:19 ----D---- C:\Documents and Settings\All Users\Application Data\KONAMI
2009-10-30 22:17:29 ----D---- C:\Program Files\Lineage II
2009-10-30 22:17:09 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-30 04:35:17 ----D---- C:\Program Files\KONAMI
2009-10-26 13:01:45 ----A---- C:\WINDOWS\WORDPAD.INI
2009-10-22 10:17:28 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-10-16 02:08:41 ----D---- C:\WINDOWS\Microsoft.NET
2009-10-16 02:05:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-16 02:05:04 ----D---- C:\WINDOWS\WinSxS
2009-10-16 02:03:22 ----D---- C:\Program Files\Internet Explorer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 oreans32;oreans32; \??\C:\WINDOWS\system32\drivers\oreans32.sys []
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-03-16 5632]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-07-12 281760]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-07-12 25888]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-16 4747776]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-09-24 38400]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-03-27 6280416]
R3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 abs1m2d4;abs1m2d4; C:\WINDOWS\system32\drivers\abs1m2d4.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\fabien\LOCALS~1\Temp\catchme.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\fabien\LOCALS~1\Temp\NKG3F2.tmp []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 MSICPL;MSICPL; \??\D:\install4\MSICPL.sys []
S3 npkcrypt;npkcrypt; \??\C:\Program Files\Lineage II\system\npkcrypt.sys []
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-07 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-07 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-07-13 71096]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-03-27 163908]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-05-21 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-11-13 215104]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-05-25 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by fabien at 2009-11-13 23:26:56
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 166 GB (48%) free of 343 GB
Total RAM: 2047 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:26:57, on 13/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SFR\Kit\9props.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\mIRC\mirc.exe
c:\program files\Mumble\dbus-daemon.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Downloads\Software\RSIT.exe
C:\Downloads\Software\fabien.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: Enregistrement de FIFA 09.lnk = C:\Program Files\EA Sports\FIFA 09\Support\EAregister.exe
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O8 - Extra context menu item: Save YouTube Video - res://C:\Program Files\Fichiers communs\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP4.htm
O8 - Extra context menu item: Save YouTube Video as MP3 - res://C:\Program Files\Fichiers communs\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/srl_bin/sysreqlab_...
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) - http://srtest-cdn.systemrequirementslab.com.s3.amazonaw...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
--
End of file - 10173 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\WGASetup.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Ai Nap"=C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe [2008-05-26 1423360]
"QFan Help"=C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe [2008-05-06 594432]
"Cpu Level Up help"=C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe [2007-11-30 881152]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-16 16806400]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-03-27 13684736]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-03-27 86016]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-09-13 3883856]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe [2009-04-24 203416]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe [2009-03-28 3325952]
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []
"Connexion SFR 9props.exe"=C:\Program Files\SFR\Kit\9props.exe [2009-04-21 955712]
"Software Informer"=C:\Program Files\Software Informer\softinfo.exe [2009-09-17 1933381]
"Octoshape Streaming Services"=C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [2009-01-08 70936]
"Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe [2009-01-31 3399727]
"fsm"= []
"PlayNC Launcher"= []
C:\Documents and Settings\fabien\Menu Démarrer\Programmes\Démarrage
Enregistrement de FIFA 09.lnk - C:\Program Files\EA Sports\FIFA 09\Support\EAregister.exe
PowerReg Scheduler V3.exe
Xfire.lnk - C:\Program Files\Xfire\Xfire.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="wbsys.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
C:\Program Files\AlienGUIse\fastload.dll [2001-12-20 24576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2008-05-07 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"MemCheckBoxInRunDlg"=1
"NoSMBalloonTip"=1
"NoDesktopCleanupWizard"=1
"NoWelcomeScreen"=1
"NoStrCmpLogical"=0
"NoInstrumentation"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoResolveSearch"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled
nkBstrA""C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled
nkBstrB""C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170.exe:*:Enabled:call_of_duty_4_modern_warfare_patch_v1.1_multi-langues_182170"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe"="C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe:*:Enabled:GRAW"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade 1.0, Public Beta 4"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Conference\Conference.dll"="C:\Program Files\Conference\Conference.dll:*:Enabled:Audio/Video Conference"
"C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe"="C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:*:Enabled:Tom Clancy's H.A.W.X"
"C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe"="C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe:*:Enabled:Tom Clancy's H.A.W.X"
"C:\Program Files\Garena\Garena.exe"="C:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"C:\Program Files\Steam\steamapps\akira57120\counter-strike source\hl2.exe"="C:\Program Files\Steam\steamapps\akira57120\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\akira57120\day of defeat source\hl2.exe"="C:\Program Files\Steam\steamapps\akira57120\day of defeat source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Documents and Settings\fabien\Bureau\PES2008.exe"="C:\Documents and Settings\fabien\Bureau\PES2008.exe:*:Enabled
ro Evolution Soccer 2008""C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled
ro Evolution Soccer 2008""C:\Documents and Settings\fabien\Bureau\pes2009.exe"="C:\Documents and Settings\fabien\Bureau\pes2009.exe:*:Enabled
ro Evolution Soccer 2009""C:\Program Files\Activision\Call of Duty - World at War\crack cod5WoW.exe"="C:\Program Files\Activision\Call of Duty - World at War\crack cod5WoW.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe"="C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe:*:Enabled:speed2"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled
ro Evolution Soccer 2009""C:\Program Files\Internet Download Manager\IDMan.exe"="C:\Program Files\Internet Download Manager\IDMan.exe:*:Enabled:Internet Download Manager (IDM)"
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine"
"C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Combat Arms EU\NMService.exe"="C:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core"
"C:\Program Files\Cyanide\GameCenter\GameCenter.exe"="C:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\PokerTH\pokerth.exe"="C:\Program Files\PokerTH\pokerth.exe:*:Enabled
okerth""C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe"="C:\Documents and Settings\fabien\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client"
"C:\Program Files\World of Warcraft\WoW-3.2.0-frFR-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Program Files\World of Warcraft\WoW-3.2.0-enGB-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Downloads\Crack\pes2010.exe"="C:\Downloads\Crack\pes2010.exe:*:Enabled
ro Evolution Soccer 2010"[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{373807e3-30a9-11de-8417-002215493bfd}]
shell\AutoRun\command - G:\autorun.exe
======List of files/folders created in the last 1 months======
2009-11-13 21:26:47 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-11-13 20:57:58 ----D---- C:\Program Files\Ad-Remover
2009-11-12 03:00:20 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-11-06 03:14:42 ----A---- C:\WINDOWS\system32\xfcodec.dll
2009-10-19 12:55:34 ----D---- C:\Documents and Settings\All Users\Application Data\HotbarSA
2009-10-19 12:55:31 ----D---- C:\Documents and Settings\fabien\Application Data\Hotbar
2009-10-16 02:03:11 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-16 02:00:54 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-16 02:00:50 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-16 02:00:48 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-16 02:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-16 02:00:41 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-16 02:00:35 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-16 02:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-16 02:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-16 02:00:19 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
======List of files/folders modified in the last 1 months======
2009-11-13 23:26:31 ----D---- C:\Documents and Settings\fabien\Application Data\Free Download Manager
2009-11-13 22:45:06 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-11-13 22:36:16 ----D---- C:\Downloads
2009-11-13 21:57:55 ----D---- C:\Documents and Settings\fabien\Application Data\mIRC
2009-11-13 21:57:26 ----D---- C:\Program Files\mIRC
2009-11-13 21:47:12 ----D---- C:\Documents and Settings\fabien\Application Data\Xfire
2009-11-13 21:45:23 ----D---- C:\Documents and Settings\fabien\Application Data\Software Informer
2009-11-13 21:44:40 ----D---- C:\WINDOWS\Temp
2009-11-13 21:43:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-13 21:40:02 ----RD---- C:\Program Files
2009-11-13 21:26:48 ----D---- C:\WINDOWS\system32\drivers
2009-11-13 21:08:00 ----D---- C:\WINDOWS\Prefetch
2009-11-13 21:04:55 ----SD---- C:\WINDOWS\Tasks
2009-11-13 21:01:28 ----D---- C:\Program Files\Ask.com
2009-11-13 21:01:27 ----SHD---- C:\WINDOWS\Installer
2009-11-12 05:24:38 ----D---- C:\WINDOWS\system32
2009-11-12 05:24:38 ----D---- C:\Program Files\Navilog1
2009-11-12 05:24:31 ----A---- C:\cleannavi.txt
2009-11-12 05:23:54 ----D---- C:\WINDOWS
2009-11-12 03:00:25 ----HD---- C:\WINDOWS\inf
2009-11-12 03:00:22 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-11-11 09:46:15 ----HD---- C:\WINDOWS\$hf_mig$
2009-11-11 09:46:14 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-11 09:06:57 ----D---- C:\Program Files\Xfire
2009-11-11 04:26:34 ----D---- C:\Program Files\Mozilla Firefox
2009-11-09 22:31:36 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-11-09 03:57:48 ----D---- C:\Documents and Settings\fabien\Application Data\Mumble
2009-11-05 18:36:21 ----A---- C:\WINDOWS\system32\MRT.exe
2009-11-05 03:00:26 ----A---- C:\WINDOWS\imsins.BAK
2009-11-04 21:40:55 ----D---- C:\Documents and Settings\fabien\Application Data\teamspeak2
2009-11-02 00:10:29 ----D---- C:\Documents and Settings\fabien\Application Data\dvdcss
2009-10-30 22:22:29 ----D---- C:\Program Files\World of Warcraft
2009-10-30 22:21:50 ----SHD---- C:\Config.Msi
2009-10-30 22:21:19 ----D---- C:\Documents and Settings\All Users\Application Data\KONAMI
2009-10-30 22:17:29 ----D---- C:\Program Files\Lineage II
2009-10-30 22:17:09 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-30 04:35:17 ----D---- C:\Program Files\KONAMI
2009-10-26 13:01:45 ----A---- C:\WINDOWS\WORDPAD.INI
2009-10-22 10:17:28 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-10-16 02:08:41 ----D---- C:\WINDOWS\Microsoft.NET
2009-10-16 02:05:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-16 02:05:04 ----D---- C:\WINDOWS\WinSxS
2009-10-16 02:03:22 ----D---- C:\Program Files\Internet Explorer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 oreans32;oreans32; \??\C:\WINDOWS\system32\drivers\oreans32.sys []
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-03-16 5632]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-07-12 281760]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-07-12 25888]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-16 4747776]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-09-24 38400]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-03-27 6280416]
R3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 abs1m2d4;abs1m2d4; C:\WINDOWS\system32\drivers\abs1m2d4.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\fabien\LOCALS~1\Temp\catchme.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\fabien\LOCALS~1\Temp\NKG3F2.tmp []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 MSICPL;MSICPL; \??\D:\install4\MSICPL.sys []
S3 npkcrypt;npkcrypt; \??\C:\Program Files\Lineage II\system\npkcrypt.sys []
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-07 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-07 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-07-13 71096]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-03-27 163908]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-05-21 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-11-13 215104]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-05-25 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
:processes
explorer.exe
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
:files
C:\Documents and Settings\All Users\Application Data\HotbarSA
C:\Documents and Settings\fabien\Application Data\Hotbar
C:\Program Files\Ask.com
:commands
[purity]
[emptytemp]
[reboot]
explorer.exe
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
:files
C:\Documents and Settings\All Users\Application Data\HotbarSA
C:\Documents and Settings\fabien\Application Data\Hotbar
C:\Program Files\Ask.com
:commands
[purity]
[emptytemp]
[reboot]
---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
---> Le nom du rapport correspond au moment de sa création : date_heure.log
Voila le rapport, par contre jai un petit soucis je n'arrive plus a rentrer dans mon lecteur C via le poste de travail.
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
========== FILES ==========
C:\Documents and Settings\All Users\Application Data\HotbarSA folder moved successfully.
C:\Documents and Settings\fabien\Application Data\Hotbar\v3.5\Hotbar\static\1 folder moved successfully.
C:\Documents and Settings\fabien\Application Data\Hotbar\v3.5\Hotbar\static folder moved successfully.
C:\Documents and Settings\fabien\Application Data\Hotbar\v3.5\Hotbar folder moved successfully.
C:\Documents and Settings\fabien\Application Data\Hotbar\v3.5 folder moved successfully.
C:\Documents and Settings\fabien\Application Data\Hotbar folder moved successfully.
C:\Program Files\Ask.com folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: fabien
->Temp folder emptied: 3291601 bytes
->Temporary Internet Files folder emptied: 784394487 bytes
->Java cache emptied: 26602936 bytes
->FireFox cache emptied: 78113740 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 6155252 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: pb
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2351795 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 16823 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 28621180 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 886,64 mb
OTM by OldTimer - Version 3.1.1.0 log created on 11132009_235639
Files moved on Reboot...
Registry entries deleted on Reboot...
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
========== FILES ==========
C:\Documents and Settings\All Users\Application Data\HotbarSA folder moved successfully.
C:\Documents and Settings\fabien\Application Data\Hotbar\v3.5\Hotbar\static\1 folder moved successfully.
C:\Documents and Settings\fabien\Application Data\Hotbar\v3.5\Hotbar\static folder moved successfully.
C:\Documents and Settings\fabien\Application Data\Hotbar\v3.5\Hotbar folder moved successfully.
C:\Documents and Settings\fabien\Application Data\Hotbar\v3.5 folder moved successfully.
C:\Documents and Settings\fabien\Application Data\Hotbar folder moved successfully.
C:\Program Files\Ask.com folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: fabien
->Temp folder emptied: 3291601 bytes
->Temporary Internet Files folder emptied: 784394487 bytes
->Java cache emptied: 26602936 bytes
->FireFox cache emptied: 78113740 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 6155252 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: pb
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2351795 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 16823 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 28621180 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 886,64 mb
OTM by OldTimer - Version 3.1.1.0 log created on 11132009_235639
Files moved on Reboot...
Registry entries deleted on Reboot...
Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).
"Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Désolé de la réponse tardive j'etais en déplacement.
Comme demandé voila le rapport :
############################## | UsbFix V6.053 |
User : fabien (Administrateurs) # A6-B767CBBC1F97
Update on 14/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 14:39:53 | 17/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
Processeur Intel Pentium III Xeon
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
C:\ -> Disque fixe local # 335,34 Go (162,56 Go free) # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
G:\ -> Disque CD-ROM # 5,4 Go (0 Mo free) [PES2010] # UDF
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe 652
C:\WINDOWS\system32\csrss.exe 708
C:\WINDOWS\system32\winlogon.exe 732
C:\WINDOWS\system32\services.exe 776
C:\WINDOWS\system32\lsass.exe 788
C:\WINDOWS\system32\svchost.exe 964
C:\WINDOWS\system32\svchost.exe 1052
C:\WINDOWS\System32\svchost.exe 1172
C:\WINDOWS\system32\svchost.exe 1272
C:\WINDOWS\system32\svchost.exe 1404
C:\WINDOWS\system32\spoolsv.exe 1616
C:\WINDOWS\system32\svchost.exe 1692
C:\Program Files\Bonjour\mDNSResponder.exe 1736
C:\Program Files\Java\jre6\bin\jqs.exe 1888
C:\Program Files\CDBurnerXP\NMSAccessU.exe 1928
C:\WINDOWS\system32\nvsvc32.exe 1948
C:\WINDOWS\system32\WgaTray.exe 208
C:\WINDOWS\Explorer.EXE 220
C:\WINDOWS\system32\PnkBstrA.exe 268
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 476
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe 916
C:\WINDOWS\system32\wbem\wmiapsrv.exe 508
C:\WINDOWS\System32\alg.exe 584
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe 1324
C:\WINDOWS\RTHDCPL.EXE 2448
C:\WINDOWS\system32\RUNDLL32.EXE 2536
C:\Program Files\Java\jre6\bin\jusched.exe 2580
C:\WINDOWS\system32\ctfmon.exe 2868
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 2724
C:\Program Files\SFR\Kit\9props.exe 2792
C:\Program Files\Xfire\Xfire.exe 3020
C:\Program Files\Java\jre6\bin\jucheck.exe 1008
C:\Program Files\Internet Explorer\iexplore.exe 1744
C:\Program Files\Internet Explorer\iexplore.exe 2648
C:\Program Files\Windows Live\Toolbar\wltuser.exe 2736
C:\Program Files\Mumble\mumble.exe 3552
C:\Program Files\Mumble\dbus-daemon.exe 3560
C:\WINDOWS\system32\PnkBstrB.exe 3164
C:\WINDOWS\Explorer.EXE 4080
C:\Program Files\Windows Live\Contacts\wlcomm.exe 1044
C:\Program Files\Internet Explorer\iexplore.exe 2148
C:\Program Files\Internet Explorer\iexplore.exe 1040
C:\PROGRA~1\FREEDO~1\fdm.exe 2108
C:\WINDOWS\system32\wbem\wmiprvse.exe 2196
################## | Fichiers # Dossiers infectieux |
C:\autorun.inf
G:\autorun.inf
################## | Registre # Clés Run infectieuses |
[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoResolveSearch"
################## | Registre # Mountpoints2 |
HKCU\..\..\Explorer\MountPoints2\{373807e3-30a9-11de-8417-002215493bfd}
Shell\AutoRun\command =G:\autorun.exe
HKCU\..\..\Explorer\MountPoints2\{9b01000f-067d-11de-8f44-806d6172696f}
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL vshost.exe
################## | Suspect | http://www.virustotal.com |
################## | Cracks / Keygens / Serials |
"C:\Documents and Settings\fabien\Mes documents\psy 4\Rollercoaster Tycoon 2 + WW et TT\Rollercoaster Tycoon 2\Crack\rct2.exe"
11/05/2009 07:23 |Size 6785536 |Crc32 b0a582a2 |Md5 0b72f19dbb49b33d47542a56c3434bc8
"C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\Sony Vegas Pro 9.0\Sony Vegas Pro 9.0\Keygen\Keygen.exe"
23/05/2009 12:23 |Size 204800 |Crc32 ac0b884c |Md5 fd992237125ee6f616641d2e10f7f3d6
"C:\Downloads\Boost_Windows_2009\Crack\bw.exe"
15/12/2008 21:03 |Size 1777664 |Crc32 c3f1b45e |Md5 5d76a78c5f333864b1da8d0048040dd6
"C:\Downloads\cod2\call_of_duty_2_by_britney\CRACK\CoD2SP_s.exe"
03/11/2005 00:33 |Size 1751621 |Crc32 eb66ed20 |Md5 407907c3de73838227ed256338f2a8e9
"C:\Downloads\Crack\pes2010.exe"
19/10/2009 17:36 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07
"G:\Crack\pes2010.exe"
19/10/2009 16:36 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07
"C:\Downloads\cod2\call_of_duty_2_by_britney\CRACK\patch multijoueur.ZIP"
Contain : patch.exe 41636 DFLT-N 4% 40128 29-10-2005 15:08:18 81ffe60d
"C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CRACKINETTE COD5.rar"
-> contain : *crack cod5WoW.exe
################## | ! Fin du rapport # UsbFix V6.053 ! |
Comme demandé voila le rapport :
############################## | UsbFix V6.053 |
User : fabien (Administrateurs) # A6-B767CBBC1F97
Update on 14/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 14:39:53 | 17/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
Processeur Intel Pentium III Xeon
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
C:\ -> Disque fixe local # 335,34 Go (162,56 Go free) # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
G:\ -> Disque CD-ROM # 5,4 Go (0 Mo free) [PES2010] # UDF
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe 652
C:\WINDOWS\system32\csrss.exe 708
C:\WINDOWS\system32\winlogon.exe 732
C:\WINDOWS\system32\services.exe 776
C:\WINDOWS\system32\lsass.exe 788
C:\WINDOWS\system32\svchost.exe 964
C:\WINDOWS\system32\svchost.exe 1052
C:\WINDOWS\System32\svchost.exe 1172
C:\WINDOWS\system32\svchost.exe 1272
C:\WINDOWS\system32\svchost.exe 1404
C:\WINDOWS\system32\spoolsv.exe 1616
C:\WINDOWS\system32\svchost.exe 1692
C:\Program Files\Bonjour\mDNSResponder.exe 1736
C:\Program Files\Java\jre6\bin\jqs.exe 1888
C:\Program Files\CDBurnerXP\NMSAccessU.exe 1928
C:\WINDOWS\system32\nvsvc32.exe 1948
C:\WINDOWS\system32\WgaTray.exe 208
C:\WINDOWS\Explorer.EXE 220
C:\WINDOWS\system32\PnkBstrA.exe 268
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 476
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe 916
C:\WINDOWS\system32\wbem\wmiapsrv.exe 508
C:\WINDOWS\System32\alg.exe 584
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe 1324
C:\WINDOWS\RTHDCPL.EXE 2448
C:\WINDOWS\system32\RUNDLL32.EXE 2536
C:\Program Files\Java\jre6\bin\jusched.exe 2580
C:\WINDOWS\system32\ctfmon.exe 2868
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 2724
C:\Program Files\SFR\Kit\9props.exe 2792
C:\Program Files\Xfire\Xfire.exe 3020
C:\Program Files\Java\jre6\bin\jucheck.exe 1008
C:\Program Files\Internet Explorer\iexplore.exe 1744
C:\Program Files\Internet Explorer\iexplore.exe 2648
C:\Program Files\Windows Live\Toolbar\wltuser.exe 2736
C:\Program Files\Mumble\mumble.exe 3552
C:\Program Files\Mumble\dbus-daemon.exe 3560
C:\WINDOWS\system32\PnkBstrB.exe 3164
C:\WINDOWS\Explorer.EXE 4080
C:\Program Files\Windows Live\Contacts\wlcomm.exe 1044
C:\Program Files\Internet Explorer\iexplore.exe 2148
C:\Program Files\Internet Explorer\iexplore.exe 1040
C:\PROGRA~1\FREEDO~1\fdm.exe 2108
C:\WINDOWS\system32\wbem\wmiprvse.exe 2196
################## | Fichiers # Dossiers infectieux |
C:\autorun.inf
G:\autorun.inf
################## | Registre # Clés Run infectieuses |
[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoResolveSearch"
################## | Registre # Mountpoints2 |
HKCU\..\..\Explorer\MountPoints2\{373807e3-30a9-11de-8417-002215493bfd}
Shell\AutoRun\command =G:\autorun.exe
HKCU\..\..\Explorer\MountPoints2\{9b01000f-067d-11de-8f44-806d6172696f}
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL vshost.exe
################## | Suspect | http://www.virustotal.com |
################## | Cracks / Keygens / Serials |
"C:\Documents and Settings\fabien\Mes documents\psy 4\Rollercoaster Tycoon 2 + WW et TT\Rollercoaster Tycoon 2\Crack\rct2.exe"
11/05/2009 07:23 |Size 6785536 |Crc32 b0a582a2 |Md5 0b72f19dbb49b33d47542a56c3434bc8
"C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\Sony Vegas Pro 9.0\Sony Vegas Pro 9.0\Keygen\Keygen.exe"
23/05/2009 12:23 |Size 204800 |Crc32 ac0b884c |Md5 fd992237125ee6f616641d2e10f7f3d6
"C:\Downloads\Boost_Windows_2009\Crack\bw.exe"
15/12/2008 21:03 |Size 1777664 |Crc32 c3f1b45e |Md5 5d76a78c5f333864b1da8d0048040dd6
"C:\Downloads\cod2\call_of_duty_2_by_britney\CRACK\CoD2SP_s.exe"
03/11/2005 00:33 |Size 1751621 |Crc32 eb66ed20 |Md5 407907c3de73838227ed256338f2a8e9
"C:\Downloads\Crack\pes2010.exe"
19/10/2009 17:36 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07
"G:\Crack\pes2010.exe"
19/10/2009 16:36 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07
"C:\Downloads\cod2\call_of_duty_2_by_britney\CRACK\patch multijoueur.ZIP"
Contain : patch.exe 41636 DFLT-N 4% 40128 29-10-2005 15:08:18 81ffe60d
"C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CRACKINETTE COD5.rar"
-> contain : *crack cod5WoW.exe
################## | ! Fin du rapport # UsbFix V6.053 ! |
Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).
Voila le rapport
############################## | UsbFix V6.053 |
User : fabien (Administrateurs) # A6-B767CBBC1F97
Update on 14/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 18:35:14 | 23/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
Processeur Intel Pentium III Xeon
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
C:\ -> Disque fixe local # 335,34 Go (160,97 Go free) # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
G:\ -> Disque CD-ROM
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe 652
C:\WINDOWS\system32\csrss.exe 700
C:\WINDOWS\system32\winlogon.exe 724
C:\WINDOWS\system32\services.exe 768
C:\WINDOWS\system32\lsass.exe 780
C:\WINDOWS\system32\svchost.exe 956
C:\WINDOWS\system32\svchost.exe 1024
C:\WINDOWS\System32\svchost.exe 1120
C:\WINDOWS\system32\svchost.exe 1200
C:\WINDOWS\system32\svchost.exe 1272
C:\WINDOWS\system32\logonui.exe 1364
C:\WINDOWS\system32\spoolsv.exe 1544
C:\WINDOWS\system32\svchost.exe 1676
C:\Program Files\Bonjour\mDNSResponder.exe 1708
C:\Program Files\Java\jre6\bin\jqs.exe 1860
C:\Program Files\CDBurnerXP\NMSAccessU.exe 1912
C:\WINDOWS\system32\nvsvc32.exe 1940
C:\WINDOWS\system32\PnkBstrA.exe 1956
C:\WINDOWS\system32\PnkBstrB.exe 1968
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2020
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe 448
C:\WINDOWS\system32\wuauclt.exe 692
C:\WINDOWS\system32\wbem\wmiapsrv.exe 1264
C:\WINDOWS\System32\alg.exe 828
C:\WINDOWS\system32\wbem\wmiprvse.exe 1564
C:\WINDOWS\system32\wbem\wmiprvse.exe 1784
C:\WINDOWS\system32\KB905474\wgasetup.exe 496
C:\WINDOWS\system32\userinit.exe 508
C:\WINDOWS\system32\WgaTray.exe 1900
C:\WINDOWS\system32\KB905474\wgasetup.exe 560
C:\WINDOWS\Explorer.EXE 140
################## | Fichiers # Dossiers infectieux |
Supprimé ! C:\autorun.inf
################## | Registre # Clés Run infectieuses |
Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoResolveSearch"
################## | Registre # Mountpoints2 |
################## | Listing des fichiers présent |
[13/11/2009 21:08|--a------|20816] C:\Ad-Report-CLEAN[1].log
[01/03/2009 16:41|--a------|0] C:\AUTOEXEC.BAT
[01/03/2009 16:37|---hs----|212] C:\boot.ini
[14/04/2008 13:00|-rahs----|4952] C:\Bootfont.bin
[12/11/2009 05:24|--a------|1668] C:\cleannavi.txt
[01/03/2009 16:41|--a------|0] C:\CONFIG.SYS
[07/11/2007 08:00|--a------|17734] C:\eula.1028.txt
[07/11/2007 08:00|--a------|17734] C:\eula.1031.txt
[07/11/2007 08:00|--a------|10134] C:\eula.1033.txt
[07/11/2007 08:00|--a------|17734] C:\eula.1036.txt
[07/11/2007 08:00|--a------|17734] C:\eula.1040.txt
[07/11/2007 08:00|--a------|118] C:\eula.1041.txt
[07/11/2007 08:00|--a------|17734] C:\eula.1042.txt
[07/11/2007 08:00|--a------|17734] C:\eula.2052.txt
[07/11/2007 08:00|--a------|17734] C:\eula.3082.txt
[07/11/2007 08:00|--a------|1110] C:\globdata.ini
[07/11/2007 08:03|--a------|562688] C:\install.exe
[07/11/2007 08:00|--a------|843] C:\install.ini
[07/11/2007 08:03|--a------|76304] C:\install.res.1028.dll
[07/11/2007 08:03|--a------|96272] C:\install.res.1031.dll
[07/11/2007 08:03|--a------|91152] C:\install.res.1033.dll
[07/11/2007 08:03|--a------|97296] C:\install.res.1036.dll
[07/11/2007 08:03|--a------|95248] C:\install.res.1040.dll
[07/11/2007 08:03|--a------|81424] C:\install.res.1041.dll
[07/11/2007 08:03|--a------|79888] C:\install.res.1042.dll
[07/11/2007 08:03|--a------|75792] C:\install.res.2052.dll
[07/11/2007 08:03|--a------|96272] C:\install.res.3082.dll
[01/03/2009 16:41|-rahs----|0] C:\IO.SYS
[01/03/2009 16:41|-rahs----|0] C:\MSDOS.SYS
[14/04/2008 13:00|-rahs----|47564] C:\NTDETECT.COM
[14/04/2008 13:00|-rahs----|252240] C:\ntldr
[29/02/2004 16:44|--a------|52576] C:\orange.bmp
[?|?|?] C:\pagefile.sys
[25/04/2009 21:29|--a------|104] C:\start
[01/07/2009 16:40|--a------|4760] C:\sv_viol.log
[23/11/2009 18:39|--a------|4164] C:\UsbFix.txt
[07/11/2007 08:00|--a------|5686] C:\vcredist.bmp
[07/11/2007 08:09|--a------|1442522] C:\VC_RED.cab
[07/11/2007 08:12|--a------|232960] C:\VC_RED.MSI
################## | Vaccination |
# C:\autorun.inf -> Dossier créé par UsbFix.
################## | Suspect | http://www.virustotal.com |
################## | Cracks / Keygens / Serials |
"C:\Documents and Settings\fabien\Mes documents\psy 4\Rollercoaster Tycoon 2 + WW et TT\Rollercoaster Tycoon 2\Crack\rct2.exe"
11/05/2009 07:23 |Size 6785536 |Crc32 b0a582a2 |Md5 0b72f19dbb49b33d47542a56c3434bc8
"C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\Sony Vegas Pro 9.0\Sony Vegas Pro 9.0\Keygen\Keygen.exe"
23/05/2009 12:23 |Size 204800 |Crc32 ac0b884c |Md5 fd992237125ee6f616641d2e10f7f3d6
"C:\Downloads\Boost_Windows_2009\Crack\bw.exe"
15/12/2008 21:03 |Size 1777664 |Crc32 c3f1b45e |Md5 5d76a78c5f333864b1da8d0048040dd6
"C:\Downloads\cod2\call_of_duty_2_by_britney\CRACK\CoD2SP_s.exe"
03/11/2005 00:33 |Size 1751621 |Crc32 eb66ed20 |Md5 407907c3de73838227ed256338f2a8e9
"C:\Downloads\Crack\pes2010.exe"
19/10/2009 17:36 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07
"C:\Downloads\cod2\call_of_duty_2_by_britney\CRACK\patch multijoueur.ZIP"
Contain : patch.exe 41636 DFLT-N 4% 40128 29-10-2005 15:08:18 81ffe60d
"C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CRACKINETTE COD5.rar"
-> contain : *crack cod5WoW.exe
################## | Upload |
Veuillez envoyer le fichier : C:\DOCUME~1\fabien\Bureau\UsbFix_Upload_Me_A6-B767CBBC1F97.zip : http://forum-aide-contre-virus.be/usbfix/choix_fichier....
Merci pour votre contribution .
################## | ! Fin du rapport # UsbFix V6.053 ! |
############################## | UsbFix V6.053 |
User : fabien (Administrateurs) # A6-B767CBBC1F97
Update on 14/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 18:35:14 | 23/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
Processeur Intel Pentium III Xeon
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
C:\ -> Disque fixe local # 335,34 Go (160,97 Go free) # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
G:\ -> Disque CD-ROM
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe 652
C:\WINDOWS\system32\csrss.exe 700
C:\WINDOWS\system32\winlogon.exe 724
C:\WINDOWS\system32\services.exe 768
C:\WINDOWS\system32\lsass.exe 780
C:\WINDOWS\system32\svchost.exe 956
C:\WINDOWS\system32\svchost.exe 1024
C:\WINDOWS\System32\svchost.exe 1120
C:\WINDOWS\system32\svchost.exe 1200
C:\WINDOWS\system32\svchost.exe 1272
C:\WINDOWS\system32\logonui.exe 1364
C:\WINDOWS\system32\spoolsv.exe 1544
C:\WINDOWS\system32\svchost.exe 1676
C:\Program Files\Bonjour\mDNSResponder.exe 1708
C:\Program Files\Java\jre6\bin\jqs.exe 1860
C:\Program Files\CDBurnerXP\NMSAccessU.exe 1912
C:\WINDOWS\system32\nvsvc32.exe 1940
C:\WINDOWS\system32\PnkBstrA.exe 1956
C:\WINDOWS\system32\PnkBstrB.exe 1968
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2020
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe 448
C:\WINDOWS\system32\wuauclt.exe 692
C:\WINDOWS\system32\wbem\wmiapsrv.exe 1264
C:\WINDOWS\System32\alg.exe 828
C:\WINDOWS\system32\wbem\wmiprvse.exe 1564
C:\WINDOWS\system32\wbem\wmiprvse.exe 1784
C:\WINDOWS\system32\KB905474\wgasetup.exe 496
C:\WINDOWS\system32\userinit.exe 508
C:\WINDOWS\system32\WgaTray.exe 1900
C:\WINDOWS\system32\KB905474\wgasetup.exe 560
C:\WINDOWS\Explorer.EXE 140
################## | Fichiers # Dossiers infectieux |
Supprimé ! C:\autorun.inf
################## | Registre # Clés Run infectieuses |
Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoResolveSearch"
################## | Registre # Mountpoints2 |
################## | Listing des fichiers présent |
[13/11/2009 21:08|--a------|20816] C:\Ad-Report-CLEAN[1].log
[01/03/2009 16:41|--a------|0] C:\AUTOEXEC.BAT
[01/03/2009 16:37|---hs----|212] C:\boot.ini
[14/04/2008 13:00|-rahs----|4952] C:\Bootfont.bin
[12/11/2009 05:24|--a------|1668] C:\cleannavi.txt
[01/03/2009 16:41|--a------|0] C:\CONFIG.SYS
[07/11/2007 08:00|--a------|17734] C:\eula.1028.txt
[07/11/2007 08:00|--a------|17734] C:\eula.1031.txt
[07/11/2007 08:00|--a------|10134] C:\eula.1033.txt
[07/11/2007 08:00|--a------|17734] C:\eula.1036.txt
[07/11/2007 08:00|--a------|17734] C:\eula.1040.txt
[07/11/2007 08:00|--a------|118] C:\eula.1041.txt
[07/11/2007 08:00|--a------|17734] C:\eula.1042.txt
[07/11/2007 08:00|--a------|17734] C:\eula.2052.txt
[07/11/2007 08:00|--a------|17734] C:\eula.3082.txt
[07/11/2007 08:00|--a------|1110] C:\globdata.ini
[07/11/2007 08:03|--a------|562688] C:\install.exe
[07/11/2007 08:00|--a------|843] C:\install.ini
[07/11/2007 08:03|--a------|76304] C:\install.res.1028.dll
[07/11/2007 08:03|--a------|96272] C:\install.res.1031.dll
[07/11/2007 08:03|--a------|91152] C:\install.res.1033.dll
[07/11/2007 08:03|--a------|97296] C:\install.res.1036.dll
[07/11/2007 08:03|--a------|95248] C:\install.res.1040.dll
[07/11/2007 08:03|--a------|81424] C:\install.res.1041.dll
[07/11/2007 08:03|--a------|79888] C:\install.res.1042.dll
[07/11/2007 08:03|--a------|75792] C:\install.res.2052.dll
[07/11/2007 08:03|--a------|96272] C:\install.res.3082.dll
[01/03/2009 16:41|-rahs----|0] C:\IO.SYS
[01/03/2009 16:41|-rahs----|0] C:\MSDOS.SYS
[14/04/2008 13:00|-rahs----|47564] C:\NTDETECT.COM
[14/04/2008 13:00|-rahs----|252240] C:\ntldr
[29/02/2004 16:44|--a------|52576] C:\orange.bmp
[?|?|?] C:\pagefile.sys
[25/04/2009 21:29|--a------|104] C:\start
[01/07/2009 16:40|--a------|4760] C:\sv_viol.log
[23/11/2009 18:39|--a------|4164] C:\UsbFix.txt
[07/11/2007 08:00|--a------|5686] C:\vcredist.bmp
[07/11/2007 08:09|--a------|1442522] C:\VC_RED.cab
[07/11/2007 08:12|--a------|232960] C:\VC_RED.MSI
################## | Vaccination |
# C:\autorun.inf -> Dossier créé par UsbFix.
################## | Suspect | http://www.virustotal.com |
################## | Cracks / Keygens / Serials |
"C:\Documents and Settings\fabien\Mes documents\psy 4\Rollercoaster Tycoon 2 + WW et TT\Rollercoaster Tycoon 2\Crack\rct2.exe"
11/05/2009 07:23 |Size 6785536 |Crc32 b0a582a2 |Md5 0b72f19dbb49b33d47542a56c3434bc8
"C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\Sony Vegas Pro 9.0\Sony Vegas Pro 9.0\Keygen\Keygen.exe"
23/05/2009 12:23 |Size 204800 |Crc32 ac0b884c |Md5 fd992237125ee6f616641d2e10f7f3d6
"C:\Downloads\Boost_Windows_2009\Crack\bw.exe"
15/12/2008 21:03 |Size 1777664 |Crc32 c3f1b45e |Md5 5d76a78c5f333864b1da8d0048040dd6
"C:\Downloads\cod2\call_of_duty_2_by_britney\CRACK\CoD2SP_s.exe"
03/11/2005 00:33 |Size 1751621 |Crc32 eb66ed20 |Md5 407907c3de73838227ed256338f2a8e9
"C:\Downloads\Crack\pes2010.exe"
19/10/2009 17:36 |Size 19603456 |Crc32 6a65cb88 |Md5 8d98473b892907f342bcf25384bc4a07
"C:\Downloads\cod2\call_of_duty_2_by_britney\CRACK\patch multijoueur.ZIP"
Contain : patch.exe 41636 DFLT-N 4% 40128 29-10-2005 15:08:18 81ffe60d
"C:\Documents and Settings\fabien\Mes documents\sims\Call.of.Duty.World.at.War.ALL.ACCESS.CHEAT.AND.CHEAT.ENABLER.READNFO-ReVOLVeR\Cod5\CRACKINETTE COD5.rar"
-> contain : *crack cod5WoW.exe
################## | Upload |
Veuillez envoyer le fichier : C:\DOCUME~1\fabien\Bureau\UsbFix_Upload_Me_A6-B767CBBC1F97.zip : http://forum-aide-contre-virus.be/usbfix/choix_fichier....
Merci pour votre contribution .
################## | ! Fin du rapport # UsbFix V6.053 ! |
Tutoriel : Scanner le(s) disque(s) dur(s)
Lassé par la pub ? Créez un compte
- Contenus similaires :
- Forum[RESOLU] Iexplore.exe bloqué à 100 %
- Forumprobleme processus iexplore.exe gonfle a 250000Ko
- Forum[Résolu] Iexplore.exe dans mes processus
- ForumIexplore.exe en double + pop-up
- Forum[Résolu] Deux processus iexplore.exe tournent en même temps
- Forumiexplore.exe ou chrome.exe dans processus utilise la memoir de mon pc
- Forumiexplore.exe pb
- Forumiexplore.exe dans processus utilise la memoir de mon pc [résolu]
- Forumhelp !Plusieurs Processus IEXPLORE.EXE dans le gestionnaire des taches
- Voir plus
