ANtivirus Plus
Dernière réponse : dans Sécurité
Bonjour,
Alors voici mon problème "ANTIVIRUS PLUS" se trouve dans mon PC il m'est impossible de le supprimer .
J'ai lu que l'on pouvait essayer de le supprimé en mode sans échec le second problème est qu'il m'est impossible de démarrer mon PC en mode sans échec![:fou:]( ":fou:")
!
Est ce que quelqu'un aurait la solution svp ! merci
Alors voici mon problème "ANTIVIRUS PLUS" se trouve dans mon PC il m'est impossible de le supprimer .
J'ai lu que l'on pouvait essayer de le supprimé en mode sans échec le second problème est qu'il m'est impossible de démarrer mon PC en mode sans échec
!Est ce que quelqu'un aurait la solution svp ! merci
Autres pages sur : antivirus
Lassé par la pub ? Créez un compte
Bonjour!
Télécharge sur le bureau « RSIT »
* Double-clic dessus
(Avec VISTA > clic-droit et > Exécuter en tant qu'administrateur)
* Laisser « 1 month »
* Cliquer sur « Continue »
* À la fin du scan 2 rapports sont créés: « log.txt » et « info.txt »
* Copier/coller les deux rapports dans la réponse
** Note: les rapports se situent aussi dans « C:\rsit\log.txt » et « C:\rsit\info.txt »
Télécharge sur le bureau « RSIT »
* Double-clic dessus
(Avec VISTA > clic-droit et > Exécuter en tant qu'administrateur)
* Laisser « 1 month »
* Cliquer sur « Continue »
* À la fin du scan 2 rapports sont créés: « log.txt » et « info.txt »
* Copier/coller les deux rapports dans la réponse
** Note: les rapports se situent aussi dans « C:\rsit\log.txt » et « C:\rsit\info.txt »
info.txt logfile of random's system information tool 1.06 2009-01-15 19:32:02
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.57-->MsiExec.exe /I{23170F69-40C1-2701-0457-000001000000}
Acer eDataSecurity Management 2.0.3077-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{4AD13F68-CADA-4C6B-9759-C33753F89908} /l1036
Acer eDataSecurity Management-->C:\Acer\Empowering Technology\eDataSecurity\eDStbmngr.exe UNINSTALL 1
Acer Empowering Technology-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x40c -removeonly
Acer ePerformance Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7057702F-6D71-4F30-8000-9E72BC771887}\setup.exe" -l0x40c -removeonly
Acer WLAN 11g USB Dongle-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{0CB98AC0-D691-4B21-AD3D-95982517021D} /l1036
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Adobe Shockwave Player-->MsiExec.exe /X{54E4B63C-D252-454C-BE4F-468F102B331C}
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class![:D]( ":D")
ISPLAY -clean
Audacity 1.3.9 (Unicode)-->"C:\Documents and Settings\Lejeune\Mes documents\marion photo\divers\Audacity 1.3 Beta (Unicode)\unins000.exe"
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
BzTarot 1.02-->"C:\Program Files\BzTarot\unins000.exe"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
comsummer-1024x768-->MsiExec.exe /I{D27E6ABB-AF22-4618-838E-B4A3A1B02F98}
Correctif n° 2 pour Windows XP Édition Media Center 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
FFAwesomeBestShoppingTipsProgram-->C:\Program Files\Mozilla Firefox\extensions\AwesomeBestShoppingTipsProgram@AwesomeBestShoppingTipsProgram\uninstall.exe uninstall=awesomebestshoppingtipsprogramff
GemMaster Mystic-->"C:\Program Files\GemMasterFrench\uninstallgemmaster.exe"
Google Chrome-->"C:\Program Files\Google\Chrome\Application\3.0.195.38\Installer\setup.exe" --uninstall --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Kwanzy 1.0 build 131-->C:\Program Files\Kwanzy\uninstall.exe
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LimeWire 4.18.3-->"C:\Program Files\LimeWire\uninstall.exe"
LoudMo Contextual Ad Assistant-->C:\WINDOWS\system32\y-W-MOG7b.exe
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.0 Hotfix (KB953295)-->"C:\WINDOWS\$NtUninstallKB953295$\spuninst\spuninst.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Access 2003 Runtime-->MsiExec.exe /I{901C040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mirar-->mshta.exe http://remove.getmirar.com/
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913433)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB913433.inf
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB971180)-->"C:\WINDOWS\ie8updates\KB971180-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Mozilla Firefox (3.0.17)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0-->MsiExec.exe /I{428102E6-8A39-48B9-8389-847F5A44A600}
MSXML 4.0-->MsiExec.exe /I{54BB0384-1C33-488F-A95B-877E480D3EDC}
NTI Backup NOW! 4-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{385979FE-DC4F-4140-8EAD-A59625000D72} /l1036 BUN4
NTI CD & DVD-Maker-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7
OCA Client history tool install-->"C:\WINDOWS\$UninstallOCA-X86Fre-ENU$\spuninst\spuninst.exe"
OpenOffice.org 3.0-->MsiExec.exe /I{1572F66F-F9AD-4D45-B0D2-0F45A0D5A0F6}
Otto-->"C:\Program Files\FrenchOtto\uninstallotto.exe"
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Personal License Update Wizard for Windows Media Player-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\drmtool.inf,Uninstall
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.EXE" -uninstall
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Rami Royal-->MsiExec.exe /I{8C73244F-C76C-4F7A-AD14-10C041F60E13}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x40c -removeonly
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
TomCat Soft : Le Pendu-->"C:\Program Files\TomCat Soft\Le Pendu\unins000.exe"
TomTom HOME 2.6.3.1609-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Visionneuse Journal Windows Microsoft-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
Visual C++ 8.0 CRT (x86) WinSXS MSM-->MsiExec.exe /I{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Live Sync-->MsiExec.exe /X{67D0313C-4F15-437D-9A2D-C1564088A26A}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB908246-->"C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB973768-->"C:\WINDOWS\$NtUninstallKB973768$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======System event log======
Computer Name: ACER-DC6C4D74B4
Event Code: 7036
Message: Le service Google Software Updater est entré dans l'état : en cours d'exécution.
Record Number: 18346
Source Name: Service Control Manager
Time Written: 20091211122200.000000+060
Event Type: Informations
User:
Computer Name: ACER-DC6C4D74B4
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Google Software Updater.
Record Number: 18345
Source Name: Service Control Manager
Time Written: 20091211122200.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: ACER-DC6C4D74B4
Event Code: 19
Message: Installation réussie : Windows a installé la mise à jour suivante : Definition Update for Windows Defender - KB915597 (Definition 1.71.700.0)
Record Number: 18344
Source Name: Windows Update Agent
Time Written: 20091211102627.000000+060
Event Type: Informations
User:
Computer Name: ACER-DC6C4D74B4
Event Code: 2000
Message: Windows Defender signature version has been updated.
Current Signature Version: 1.71.700.0
Previous Signature Version: 1.71.700.0
Update Source: User
Signature Type: AntiSpyware
Update Type: Delta
User: AUTORITE NT\SYSTEM
Current Engine Version: 1.1.5302.0
Previous Engine Version: 1.1.5302.0
Record Number: 18343
Source Name: WinDefend
Time Written: 20091211102620.000000+060
Event Type: Informations
User:
Computer Name: ACER-DC6C4D74B4
Event Code: 2000
Message: Windows Defender signature version has been updated.
Current Signature Version: 1.71.700.0
Previous Signature Version: 1.71.570.0
Update Source: User
Signature Type: AntiSpyware
Update Type: Delta
User: AUTORITE NT\SYSTEM
Current Engine Version: 1.1.5302.0
Previous Engine Version: 1.1.5302.0
Record Number: 18342
Source Name: WinDefend
Time Written: 20091211102616.000000+060
Event Type: Informations
User:
=====Application event log=====
Computer Name: ACER-DC6C4D74B4
Event Code: 5000
Message: EventType visualstudio8setup, P1 microsoft .net framework 3.5-kb958484, P2 1036, P3 1603, P4 msi, P5 f, P6 9.0.31211.0, P7 install, P8 x86, P9 xp, P10 0.
Record Number: 15044
Source Name: HotFixInstaller
Time Written: 20091004224425.000000+120
Event Type: erreur
User:
Computer Name: ACER-DC6C4D74B4
Event Code: 11729
Message: Produit : Microsoft .NET Framework 3.5 SP1 -- La configuration a échoué.
Record Number: 15043
Source Name: MsiInstaller
Time Written: 20091004224425.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: ACER-DC6C4D74B4
Event Code: 1023
Message: Produit : Microsoft .NET Framework 3.5 SP1 - La mise à jour 'KB958484' n'a pas pu être installée. Code d'erreur 1603. Des informations supplémentaires sont disponibles dans le fichier journal C:\WINDOWS\system32\config\SYSTEM~1\LOCALS~1\Temp\Microsoft .NET Framework 3.5-KB958484_20091004_204417250-Msi0.txt.
Record Number: 15042
Source Name: MsiInstaller
Time Written: 20091004224425.000000+120
Event Type: erreur
User: AUTORITE NT\SYSTEM
Computer Name: ACER-DC6C4D74B4
Event Code: 0
Message: Le service a géré avec succès PowerEvent.
Record Number: 15041
Source Name: AcerMemUsageCheckService
Time Written: 20091004161613.000000+120
Event Type: Informations
User:
Computer Name: ACER-DC6C4D74B4
Event Code: 0
Message: Le service a géré avec succès PowerEvent.
Record Number: 15040
Source Name: AcerMemUsageCheckService
Time Written: 20091004161605.000000+120
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 4, GenuineIntel
"PROCESSOR_REVISION"=0604
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Lejeune at 2009-01-15 19:31:30
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 50 GB (68%) free of 73 GB
Total RAM: 2815 MB (78% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:31:58, on 15/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\Lejeune\Application Data\WhereSphere\wheresphere.exe
C:\Documents and Settings\Lejeune\Application Data\Microsoft\Windows\oulwsv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Lejeune\Bureau\RSIT.exe
C:\Program Files\trend micro\Lejeune.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://moteur.chat-land.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Mirar - {012EEB6D-1444-4A6A-8976-6C7A756612C0} - C:\WINDOWS\system32\f978.dll
O2 - BHO: gwprimawega - {146cabea-1007-d98f-47e0-71442ac2d3ec} - C:\WINDOWS\system32\03-ByyQ.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Antivirus Plus BHO - {C2B5AAB8-2183-4be7-81A6-F11493C45872} - C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Mirar - {012EEB6C-1444-4A6A-8976-6C7A756612C0} - C:\WINDOWS\system32\f978.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AntiVirus Plus] "C:\WINDOWS\system32\rundll32.exe" "C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll", start 70700
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S8F.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WhereSphere] C:\Documents and Settings\Lejeune\Application Data\WhereSphere\wheresphere.exe
O4 - HKCU\..\Run: [SfKg6wIPuS] C:\Documents and Settings\Lejeune\Application Data\Microsoft\Windows\oulwsv.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AntiVirus Plus] "C:\WINDOWS\system32\rundll32.exe" "C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll", start 70700
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: AntiVirus Plus.lnk = C:\WINDOWS\system32\rundll32.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: AntiVirus Plus.lnk = C:\WINDOWS\system32\rundll32.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.chat-land.org
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate1ca0a468d679126) (gupdate1ca0a468d679126) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kwanzy Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Kwanzy\kwanzy131.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
--
End of file - 10210 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{012EEB6D-1444-4A6A-8976-6C7A756612C0}]
Mirar - C:\WINDOWS\system32\f978.dll [2009-11-22 729088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{146cabea-1007-d98f-47e0-71442ac2d3ec}]
gwprimawega - C:\WINDOWS\system32\03-ByyQ.dll [2009-12-26 1191936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-13 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-07-21 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2B5AAB8-2183-4be7-81A6-F11493C45872}]
Antivirus Plus BHO - C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll [2010-01-14 2541568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-13 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-13 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar.dll [2006-03-08 106496]
{012EEB6C-1444-4A6A-8976-6C7A756612C0} - Mirar - C:\WINDOWS\system32\f978.dll [2009-11-22 729088]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584]
"LaunchApp"=Alaunch []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-01 16208384]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]
"IMEKRMIG6.1"=C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [2004-08-10 44032]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-10 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"Acer Empowering Technology Monitor"=C:\WINDOWS\system32\SysMonitor.exe [2006-04-18 49152]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2006-06-01 413696]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2006-03-17 345088]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
"AntiVirus Plus"=C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll [2010-01-14 2541568]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"EPSON Stylus DX4400 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [2007-03-01 180736]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-21 39408]
"WhereSphere"=C:\Documents and Settings\Lejeune\Application Data\WhereSphere\wheresphere.exe [2009-12-20 827392]
"SfKg6wIPuS"=C:\Documents and Settings\Lejeune\Application Data\Microsoft\Windows\oulwsv.exe [2009-11-22 258048]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"AntiVirus Plus"=C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll [2010-01-14 2541568]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWQueuedReporting]
C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe [2007-02-26 437160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe [2005-11-10 36975]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-04-24 251240]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
Acer WLAN 11g USB Dongle.lnk - C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
AntiVirus Plus.lnk - C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Lejeune\Menu Démarrer\Programmes\Démarrage
AntiVirus Plus.lnk - C:\WINDOWS\system32\rundll32.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-07-18 86016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1be4f3d0-5259-11de-b91a-001e2a4bebd5}]
shell\AutoRun\command - J:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eaaed366-d2a2-11dd-b853-001e2a4bebd5}]
shell\AutoRun\command - J:\InstallTomTomHOME.exe
======List of files/folders created in the last 1 months======
2010-01-14 20:33:49 ----D---- C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus
2010-01-14 20:33:44 ----A---- C:\WINDOWS\system32\y-W-MOG7b.exe
2010-01-13 22:39:30 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-13 22:38:57 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2009-12-28 18:02:30 ----D---- C:\Documents and Settings\Lejeune\Application Data\Audacity
2009-12-26 05:11:52 ----A---- C:\WINDOWS\system32\03-ByyQ.dll
2009-12-09 23:19:01 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-09 23:18:36 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-09 23:17:51 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-09 23:17:44 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-09 23:17:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2009-11-25 23:03:56 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-11-25 23:03:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-11-22 18:25:40 ----HDC---- C:\WINDOWS\$NtUninstallKB925766$
2009-11-22 18:24:02 ----D---- C:\Program Files\Kwanzy
2009-11-22 18:24:02 ----D---- C:\Documents and Settings\All Users\Application Data\Kwanzy
2009-11-22 18:23:49 ----D---- C:\Documents and Settings\Lejeune\Application Data\WhereSphere
2009-11-22 18:23:48 ----A---- C:\WINDOWS\system32\f978.dll
2009-11-12 23:23:02 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-10-14 21:34:20 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-14 21:32:56 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-14 21:32:51 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-14 21:32:46 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-14 21:32:40 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-14 21:32:34 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-14 21:31:32 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-14 21:31:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-14 21:30:54 ----HDC---- C:\WINDOWS\$NtUninstallKB953295$
2009-10-14 21:30:25 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-03 10:06:22 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2009-09-16 21:38:39 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2009-09-16 12:06:24 ----D---- C:\Program Files\Microsoft
2009-09-09 22:49:00 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-09-09 06:14:45 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-09-09 06:14:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-09-09 06:14:20 ----HDC---- C:\WINDOWS\$NtUninstallKB973768$
2009-08-28 17:06:29 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-08-13 11:29:23 ----D---- C:\Documents and Settings\Lejeune\Application Data\Download Manager
2009-08-12 23:13:52 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-08-12 23:13:48 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-08-12 23:13:43 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-08-12 23:13:39 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2009-08-12 23:13:34 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-08-12 23:13:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-08-12 23:13:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-08-12 23:13:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-08-12 23:12:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-08-06 05:18:51 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-08-05 21:46:12 ----D---- C:\dfa7adc192a258b9f0408b39cc6509d3
2009-08-05 21:43:32 ----D---- C:\WINDOWS\system32\XPSViewer
2009-08-05 21:43:28 ----D---- C:\Program Files\MSBuild
2009-08-05 21:43:27 ----D---- C:\WINDOWS\system32\en-US
2009-08-05 21:43:21 ----D---- C:\Program Files\Reference Assemblies
2009-08-05 21:43:01 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-08-05 21:43:01 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-08-05 21:43:01 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-08-05 21:43:01 ----D---- C:\10b43c0ddf8b267179
2009-08-05 21:41:58 ----SHD---- C:\Config.Msi
2009-08-04 18:52:22 ----A---- C:\WINDOWS\system32\FM20.DLL
2009-07-26 22:11:08 ----D---- C:\Program Files\Windows Live Safety Center
2009-07-26 15:44:56 ----A---- C:\WINDOWS\system32\sirenacm.dll
2009-07-21 22:03:10 ----D---- C:\Documents and Settings\Lejeune\Application Data\Google
2009-07-21 22:01:16 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-07-21 22:01:14 ----D---- C:\Program Files\Google
2009-07-21 00:05:40 ----A---- C:\WINDOWS\system32\msxml4.dll
2009-07-15 23:02:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-15 23:02:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-15 23:01:31 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-11 14:03:03 ----HD---- C:\WINDOWS\PIF
2009-07-08 11:23:59 ----A---- C:\WINDOWS\system32\pywintypes25.dll
2009-07-08 11:23:59 ----A---- C:\WINDOWS\system32\pythoncom25.dll
2009-07-08 11:23:59 ----A---- C:\WINDOWS\system32\python25.dll
2009-07-06 13:29:29 ----D---- C:\Documents and Settings\Lejeune\Application Data\Save
2009-06-12 00:08:32 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-06-12 00:08:28 ----HDC---- C:\WINDOWS\$NtUninstallKB969898$
2009-06-12 00:07:30 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-06-12 00:07:23 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-06-06 06:33:18 ----D---- C:\WINDOWS\ie8updates
2009-06-06 06:31:31 ----HDC---- C:\WINDOWS\ie8
2009-06-06 06:16:00 ----D---- C:\Documents and Settings\Lejeune\Application Data\U3
2009-05-10 11:53:53 ----D---- C:\Program Files\Fichiers communs\Motorola Shared
2009-05-10 10:51:05 ----D---- C:\Program Files\TomTom International B.V
2009-05-06 16:57:25 ----D---- C:\WINDOWS\msdownld.tmp
2009-04-15 23:55:44 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-04-15 23:55:39 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2009-04-15 23:54:16 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-04-15 23:54:09 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-04-15 23:54:04 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-04-15 23:53:57 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-03-11 23:05:13 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-03-11 23:05:10 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-03-11 23:05:06 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-03-11 23:04:51 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$
2009-03-08 13:17:46 ----N---- C:\WINDOWS\system32\msrating.dll.mui
2009-03-08 13:17:30 ----N---- C:\WINDOWS\system32\mshta.exe.mui
2009-03-08 13:16:06 ----N---- C:\WINDOWS\system32\ie4uinit.exe.mui
2009-03-08 13:15:48 ----N---- C:\WINDOWS\system32\iedkcs32.dll.mui
2009-02-25 12:17:55 ----A---- C:\WINDOWS\ipool.INI
2009-02-25 12:16:13 ----D---- C:\Games
2009-02-25 12:10:56 ----D---- C:\Documents and Settings\Lejeune\Application Data\Help
2009-02-25 12:07:42 ----D---- C:\Program Files\TomCat Soft
2009-02-25 01:23:48 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-02-21 19:51:27 ----D---- C:\Program Files\BzTarot
2009-02-21 19:51:03 ----A---- C:\WINDOWS\system32\SpoonUninstall.exe
2009-02-21 19:51:02 ----D---- C:\Program Files\Objectif Tarot
2009-02-19 10:31:36 ----D---- C:\Program Files\Webtarot
2009-02-19 10:15:02 ----D---- C:\Rummy Royal
2009-02-11 13:24:16 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-01-15 19:31:30 ----D---- C:\rsit
2009-01-15 19:31:30 ----D---- C:\Program Files\trend micro
2009-01-15 16:04:20 ----D---- C:\Documents and Settings\Lejeune\Application Data\Apple Computer
2009-01-15 16:04:15 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2009-01-15 16:04:01 ----D---- C:\Program Files\iPod
2009-01-15 16:03:59 ----D---- C:\Program Files\iTunes
2009-01-15 16:03:59 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-15 16:03:50 ----D---- C:\Program Files\Bonjour
2009-01-15 16:03:25 ----D---- C:\Program Files\QuickTime
2009-01-15 16:03:24 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-01-15 16:03:10 ----D---- C:\Program Files\Apple Software Update
2009-01-15 16:02:53 ----D---- C:\Program Files\Fichiers communs\Apple
2009-01-15 16:02:52 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-01-14 22:13:22 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-14 07:07:49 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-14 07:07:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-01-07 17:20:18 ----A---- C:\WINDOWS\system32\msdbg2.dll
2008-12-25 17:44:53 ----D---- C:\Documents and Settings\All Users\Application Data\TomTom
2008-12-25 17:44:17 ----D---- C:\Documents and Settings\Lejeune\Application Data\TomTom
2008-12-25 17:43:57 ----D---- C:\Program Files\TomTom HOME 2
2008-12-25 17:42:04 ----D---- C:\Program Files\TomTom DesktopSuite
2008-12-18 22:33:21 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-12-18 06:04:35 ----A---- C:\WINDOWS\system32\muweb.dll
2008-12-18 06:04:35 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-12-18 06:04:35 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-12-17 16:35:48 ----D---- C:\Program Files\MSN Messenger
2008-12-17 16:27:57 ----D---- C:\Documents and Settings\Lejeune\Application Data\MSNInstaller
2008-12-17 14:52:52 ----D---- C:\Program Files\Microsoft Silverlight
2008-12-17 14:50:43 ----D---- C:\Program Files\Windows Live SkyDrive
2008-12-17 14:41:09 ----D---- C:\Program Files\Fichiers communs\Windows Live
======List of files/folders modified in the last 1 months======
2010-01-14 21:55:21 ----SHD---- C:\WINDOWS\Installer
2010-01-14 21:55:16 ----RSD---- C:\WINDOWS\assembly
2010-01-13 22:39:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-13 22:39:29 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-13 22:39:03 ----A---- C:\WINDOWS\imsins.BAK
2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe
2009-12-28 23:57:07 ----D---- C:\Documents and Settings\Lejeune\Application Data\LimeWire
2009-12-24 09:26:48 ----SD---- C:\Documents and Settings\Lejeune\Application Data\Microsoft
2009-12-22 22:14:30 ----D---- C:\Program Files\MSECache
2009-12-09 23:18:07 ----D---- C:\Program Files\Internet Explorer
2009-12-04 06:39:59 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-11-25 23:03:38 ----D---- C:\WINDOWS\WinSxS
2009-11-22 18:27:10 ----D---- C:\WINDOWS\ehome
2009-11-04 19:12:59 ----D---- C:\WINDOWS\network diagnostic
2009-10-29 08:42:33 ----A---- C:\WINDOWS\system32\wininet.dll
2009-10-29 08:42:33 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-10-29 08:42:32 ----A---- C:\WINDOWS\system32\occache.dll
2009-10-29 08:42:32 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-10-29 08:42:31 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-10-29 08:42:31 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-10-29 08:42:30 ----A---- C:\WINDOWS\system32\jsproxy.dll
2009-10-29 08:42:30 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-10-29 08:42:29 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-10-29 08:42:29 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-10-29 08:42:27 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2009-10-28 16:07:15 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-10-28 15:40:47 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2009-10-21 06:39:43 ----A---- C:\WINDOWS\system32\strmfilt.dll
2009-10-21 06:39:43 ----A---- C:\WINDOWS\system32\httpapi.dll
2009-10-17 23:23:40 ----RSD---- C:\WINDOWS\Fonts
2009-10-17 23:23:24 ----D---- C:\Program Files\Microsoft Works
2009-10-17 23:22:34 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-10-15 17:32:12 ----A---- C:\WINDOWS\system32\t2embed.dll
2009-10-15 17:32:12 ----A---- C:\WINDOWS\system32\fontsub.dll
2009-10-15 05:56:16 ----D---- C:\WINDOWS\Microsoft.NET
2009-10-13 11:33:37 ----A---- C:\WINDOWS\system32\oakley.dll
2009-10-12 17:03:39 ----SHD---- C:\RECYCLER
2009-10-12 14:39:22 ----A---- C:\WINDOWS\system32\rastls.dll
2009-10-12 14:39:22 ----A---- C:\WINDOWS\system32\raschap.dll
2009-09-16 12:06:18 ----D---- C:\Program Files\Windows Live
2009-09-11 15:18:20 ----A---- C:\WINDOWS\system32\msv1_0.dll
2009-09-04 22:04:39 ----A---- C:\WINDOWS\system32\msasn1.dll
2009-08-26 09:01:24 ----A---- C:\WINDOWS\system32\strmdll.dll
2009-08-25 10:18:35 ----A---- C:\WINDOWS\system32\winhttp.dll
2009-08-12 23:13:26 ----D---- C:\Program Files\Outlook Express
2009-08-06 18:24:26 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2009-08-06 18:24:18 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-08-06 18:24:18 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-08-06 18:24:10 ----A---- C:\WINDOWS\system32\wups2.dll
2009-08-06 18:24:10 ----A---- C:\WINDOWS\system32\wups.dll
2009-08-06 18:24:06 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-08-06 18:24:04 ----A---- C:\WINDOWS\system32\cdm.dll
2009-08-06 18:24:00 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2009-08-06 18:23:54 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-08-06 18:23:46 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2009-08-06 18:23:46 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-08-06 05:19:03 ----D---- C:\WINDOWS\system32\CatRoot
2009-08-05 21:43:09 ----D---- C:\WINDOWS\system32\spool
2009-08-05 10:00:38 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2009-08-04 18:27:57 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2009-08-04 18:27:54 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2009-08-03 15:54:18 ----A---- C:\WINDOWS\ModemLog_SAMSUNG Mobile USB Modem.txt
2009-07-31 10:03:46 ----N---- C:\WINDOWS\system32\msxml6.dll
2009-07-31 05:33:43 ----A---- C:\WINDOWS\system32\msxml3.dll
2009-07-17 20:03:33 ----A---- C:\WINDOWS\system32\atl.dll
2009-07-17 17:16:51 ----A---- C:\WINDOWS\system32\query.dll
2009-07-13 22:43:24 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2009-07-13 22:43:24 ----A---- C:\WINDOWS\system32\wmp.dll
2009-07-11 14:03:03 ----D---- C:\Program Files\Windows Media Player
2009-07-10 15:08:44 ----SHD---- C:\System Volume Information
2009-07-10 15:08:44 ----D---- C:\WINDOWS\system32\Restore
2009-07-08 11:23:11 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-07-02 14:54:12 ----D---- C:\WINDOWS\system32\FxsTmp
2009-06-25 09:26:32 ----A---- C:\WINDOWS\system32\wdigest.dll
2009-06-25 09:26:32 ----A---- C:\WINDOWS\system32\secur32.dll
2009-06-25 09:26:32 ----A---- C:\WINDOWS\system32\schannel.dll
2009-06-25 09:26:32 ----A---- C:\WINDOWS\system32\lsasrv.dll
2009-06-25 09:26:31 ----A---- C:\WINDOWS\system32\kerberos.dll
2009-06-22 07:47:13 ----A---- C:\WINDOWS\system32\jscript.dll
2009-06-19 14:26:56 ----D---- C:\WINDOWS\system32\Macromed
2009-06-15 11:44:50 ----A---- C:\WINDOWS\system32\telnet.exe
2009-06-15 11:44:49 ----A---- C:\WINDOWS\system32\tlntsess.exe
2009-06-10 15:14:28 ----A---- C:\WINDOWS\system32\avifil32.dll
2009-06-10 08:21:22 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-06-10 07:15:17 ----A---- C:\WINDOWS\system32\wkssvc.dll
2009-06-03 20:10:33 ----A---- C:\WINDOWS\system32\quartz.dll
2009-05-20 03:56:52 ----A---- C:\WINDOWS\system32\WMVCore.dll
2009-05-10 11:54:00 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-05-07 16:33:02 ----A---- C:\WINDOWS\system32\localspl.dll
2009-04-16 05:46:59 ----D---- C:\WINDOWS\system32\wbem
2009-04-15 15:53:29 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2009-04-01 22:02:22 ----A---- C:\WINDOWS\system32\wmspdmod.dll
2009-03-21 15:07:58 ----A---- C:\WINDOWS\system32\kernel32.dll
2009-03-08 13:18:02 ----A---- C:\WINDOWS\system32\ieframe.dll.mui
2009-03-08 13:16:06 ----A---- C:\WINDOWS\system32\advpack.dll.mui
2009-03-08 03:34:48 ----A---- C:\WINDOWS\system32\WinFXDocObj.exe
2009-03-08 03:34:48 ----A---- C:\WINDOWS\system32\webcheck.dll
2009-03-08 03:34:30 ----A---- C:\WINDOWS\system32\licmgr10.dll
2009-03-08 03:34:28 ----A---- C:\WINDOWS\system32\url.dll
2009-03-08 03:34:18 ----A---- C:\WINDOWS\system32\msrating.dll
2009-03-08 03:33:40 ----A---- C:\WINDOWS\system32\corpol.dll
2009-03-08 03:33:08 ----A---- C:\WINDOWS\system32\ieaksie.dll
2009-03-08 03:33:06 ----A---- C:\WINDOWS\system32\vbscript.dll
2009-03-08 03:33:02 ----A---- C:\WINDOWS\system32\ieakeng.dll
2009-03-08 03:32:56 ----A---- C:\WINDOWS\system32\admparse.dll
2009-03-08 03:32:52 ----A---- C:\WINDOWS\system32\ieudinit.exe
2009-03-08 03:32:52 ----A---- C:\WINDOWS\system32\ieakui.dll
2009-03-08 03:32:50 ----A---- C:\WINDOWS\system32\iesetup.dll
2009-03-08 03:32:50 ----A---- C:\WINDOWS\system32\iernonce.dll
2009-03-08 03:32:48 ----A---- C:\WINDOWS\system32\advpack.dll
2009-03-08 03:32:46 ----A---- C:\WINDOWS\system32\inseng.dll
2009-03-08 03:32:04 ----A---- C:\WINDOWS\system32\mstime.dll
2009-03-08 03:31:54 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2009-03-08 03:31:52 ----A---- C:\WINDOWS\system32\icardie.dll
2009-03-08 03:31:44 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2009-03-08 03:31:38 ----A---- C:\WINDOWS\system32\imgutil.dll
2009-03-08 03:31:38 ----A---- C:\WINDOWS\system32\dxtrans.dll
2009-03-08 03:31:36 ----A---- C:\WINDOWS\system32\pngfilt.dll
2
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.57-->MsiExec.exe /I{23170F69-40C1-2701-0457-000001000000}
Acer eDataSecurity Management 2.0.3077-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{4AD13F68-CADA-4C6B-9759-C33753F89908} /l1036
Acer eDataSecurity Management-->C:\Acer\Empowering Technology\eDataSecurity\eDStbmngr.exe UNINSTALL 1
Acer Empowering Technology-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x40c -removeonly
Acer ePerformance Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7057702F-6D71-4F30-8000-9E72BC771887}\setup.exe" -l0x40c -removeonly
Acer WLAN 11g USB Dongle-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{0CB98AC0-D691-4B21-AD3D-95982517021D} /l1036
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Adobe Shockwave Player-->MsiExec.exe /X{54E4B63C-D252-454C-BE4F-468F102B331C}
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class
ISPLAY -cleanAudacity 1.3.9 (Unicode)-->"C:\Documents and Settings\Lejeune\Mes documents\marion photo\divers\Audacity 1.3 Beta (Unicode)\unins000.exe"
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
BzTarot 1.02-->"C:\Program Files\BzTarot\unins000.exe"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
comsummer-1024x768-->MsiExec.exe /I{D27E6ABB-AF22-4618-838E-B4A3A1B02F98}
Correctif n° 2 pour Windows XP Édition Media Center 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
FFAwesomeBestShoppingTipsProgram-->C:\Program Files\Mozilla Firefox\extensions\AwesomeBestShoppingTipsProgram@AwesomeBestShoppingTipsProgram\uninstall.exe uninstall=awesomebestshoppingtipsprogramff
GemMaster Mystic-->"C:\Program Files\GemMasterFrench\uninstallgemmaster.exe"
Google Chrome-->"C:\Program Files\Google\Chrome\Application\3.0.195.38\Installer\setup.exe" --uninstall --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Kwanzy 1.0 build 131-->C:\Program Files\Kwanzy\uninstall.exe
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LimeWire 4.18.3-->"C:\Program Files\LimeWire\uninstall.exe"
LoudMo Contextual Ad Assistant-->C:\WINDOWS\system32\y-W-MOG7b.exe
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.0 Hotfix (KB953295)-->"C:\WINDOWS\$NtUninstallKB953295$\spuninst\spuninst.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Access 2003 Runtime-->MsiExec.exe /I{901C040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mirar-->mshta.exe http://remove.getmirar.com/
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913433)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB913433.inf
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB971180)-->"C:\WINDOWS\ie8updates\KB971180-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Mozilla Firefox (3.0.17)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0-->MsiExec.exe /I{428102E6-8A39-48B9-8389-847F5A44A600}
MSXML 4.0-->MsiExec.exe /I{54BB0384-1C33-488F-A95B-877E480D3EDC}
NTI Backup NOW! 4-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{385979FE-DC4F-4140-8EAD-A59625000D72} /l1036 BUN4
NTI CD & DVD-Maker-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7
OCA Client history tool install-->"C:\WINDOWS\$UninstallOCA-X86Fre-ENU$\spuninst\spuninst.exe"
OpenOffice.org 3.0-->MsiExec.exe /I{1572F66F-F9AD-4D45-B0D2-0F45A0D5A0F6}
Otto-->"C:\Program Files\FrenchOtto\uninstallotto.exe"
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Personal License Update Wizard for Windows Media Player-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\drmtool.inf,Uninstall
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.EXE" -uninstall
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Rami Royal-->MsiExec.exe /I{8C73244F-C76C-4F7A-AD14-10C041F60E13}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x40c -removeonly
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
TomCat Soft : Le Pendu-->"C:\Program Files\TomCat Soft\Le Pendu\unins000.exe"
TomTom HOME 2.6.3.1609-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Visionneuse Journal Windows Microsoft-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
Visual C++ 8.0 CRT (x86) WinSXS MSM-->MsiExec.exe /I{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Live Sync-->MsiExec.exe /X{67D0313C-4F15-437D-9A2D-C1564088A26A}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB908246-->"C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB973768-->"C:\WINDOWS\$NtUninstallKB973768$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======System event log======
Computer Name: ACER-DC6C4D74B4
Event Code: 7036
Message: Le service Google Software Updater est entré dans l'état : en cours d'exécution.
Record Number: 18346
Source Name: Service Control Manager
Time Written: 20091211122200.000000+060
Event Type: Informations
User:
Computer Name: ACER-DC6C4D74B4
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Google Software Updater.
Record Number: 18345
Source Name: Service Control Manager
Time Written: 20091211122200.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: ACER-DC6C4D74B4
Event Code: 19
Message: Installation réussie : Windows a installé la mise à jour suivante : Definition Update for Windows Defender - KB915597 (Definition 1.71.700.0)
Record Number: 18344
Source Name: Windows Update Agent
Time Written: 20091211102627.000000+060
Event Type: Informations
User:
Computer Name: ACER-DC6C4D74B4
Event Code: 2000
Message: Windows Defender signature version has been updated.
Current Signature Version: 1.71.700.0
Previous Signature Version: 1.71.700.0
Update Source: User
Signature Type: AntiSpyware
Update Type: Delta
User: AUTORITE NT\SYSTEM
Current Engine Version: 1.1.5302.0
Previous Engine Version: 1.1.5302.0
Record Number: 18343
Source Name: WinDefend
Time Written: 20091211102620.000000+060
Event Type: Informations
User:
Computer Name: ACER-DC6C4D74B4
Event Code: 2000
Message: Windows Defender signature version has been updated.
Current Signature Version: 1.71.700.0
Previous Signature Version: 1.71.570.0
Update Source: User
Signature Type: AntiSpyware
Update Type: Delta
User: AUTORITE NT\SYSTEM
Current Engine Version: 1.1.5302.0
Previous Engine Version: 1.1.5302.0
Record Number: 18342
Source Name: WinDefend
Time Written: 20091211102616.000000+060
Event Type: Informations
User:
=====Application event log=====
Computer Name: ACER-DC6C4D74B4
Event Code: 5000
Message: EventType visualstudio8setup, P1 microsoft .net framework 3.5-kb958484, P2 1036, P3 1603, P4 msi, P5 f, P6 9.0.31211.0, P7 install, P8 x86, P9 xp, P10 0.
Record Number: 15044
Source Name: HotFixInstaller
Time Written: 20091004224425.000000+120
Event Type: erreur
User:
Computer Name: ACER-DC6C4D74B4
Event Code: 11729
Message: Produit : Microsoft .NET Framework 3.5 SP1 -- La configuration a échoué.
Record Number: 15043
Source Name: MsiInstaller
Time Written: 20091004224425.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: ACER-DC6C4D74B4
Event Code: 1023
Message: Produit : Microsoft .NET Framework 3.5 SP1 - La mise à jour 'KB958484' n'a pas pu être installée. Code d'erreur 1603. Des informations supplémentaires sont disponibles dans le fichier journal C:\WINDOWS\system32\config\SYSTEM~1\LOCALS~1\Temp\Microsoft .NET Framework 3.5-KB958484_20091004_204417250-Msi0.txt.
Record Number: 15042
Source Name: MsiInstaller
Time Written: 20091004224425.000000+120
Event Type: erreur
User: AUTORITE NT\SYSTEM
Computer Name: ACER-DC6C4D74B4
Event Code: 0
Message: Le service a géré avec succès PowerEvent.
Record Number: 15041
Source Name: AcerMemUsageCheckService
Time Written: 20091004161613.000000+120
Event Type: Informations
User:
Computer Name: ACER-DC6C4D74B4
Event Code: 0
Message: Le service a géré avec succès PowerEvent.
Record Number: 15040
Source Name: AcerMemUsageCheckService
Time Written: 20091004161605.000000+120
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 4, GenuineIntel
"PROCESSOR_REVISION"=0604
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Lejeune at 2009-01-15 19:31:30
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 50 GB (68%) free of 73 GB
Total RAM: 2815 MB (78% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:31:58, on 15/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\Lejeune\Application Data\WhereSphere\wheresphere.exe
C:\Documents and Settings\Lejeune\Application Data\Microsoft\Windows\oulwsv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Lejeune\Bureau\RSIT.exe
C:\Program Files\trend micro\Lejeune.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://moteur.chat-land.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Mirar - {012EEB6D-1444-4A6A-8976-6C7A756612C0} - C:\WINDOWS\system32\f978.dll
O2 - BHO: gwprimawega - {146cabea-1007-d98f-47e0-71442ac2d3ec} - C:\WINDOWS\system32\03-ByyQ.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Antivirus Plus BHO - {C2B5AAB8-2183-4be7-81A6-F11493C45872} - C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Mirar - {012EEB6C-1444-4A6A-8976-6C7A756612C0} - C:\WINDOWS\system32\f978.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AntiVirus Plus] "C:\WINDOWS\system32\rundll32.exe" "C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll", start 70700
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S8F.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WhereSphere] C:\Documents and Settings\Lejeune\Application Data\WhereSphere\wheresphere.exe
O4 - HKCU\..\Run: [SfKg6wIPuS] C:\Documents and Settings\Lejeune\Application Data\Microsoft\Windows\oulwsv.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AntiVirus Plus] "C:\WINDOWS\system32\rundll32.exe" "C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll", start 70700
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: AntiVirus Plus.lnk = C:\WINDOWS\system32\rundll32.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: AntiVirus Plus.lnk = C:\WINDOWS\system32\rundll32.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.chat-land.org
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate1ca0a468d679126) (gupdate1ca0a468d679126) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kwanzy Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Kwanzy\kwanzy131.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
--
End of file - 10210 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{012EEB6D-1444-4A6A-8976-6C7A756612C0}]
Mirar - C:\WINDOWS\system32\f978.dll [2009-11-22 729088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{146cabea-1007-d98f-47e0-71442ac2d3ec}]
gwprimawega - C:\WINDOWS\system32\03-ByyQ.dll [2009-12-26 1191936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-13 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-07-21 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2B5AAB8-2183-4be7-81A6-F11493C45872}]
Antivirus Plus BHO - C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll [2010-01-14 2541568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-13 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-13 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar.dll [2006-03-08 106496]
{012EEB6C-1444-4A6A-8976-6C7A756612C0} - Mirar - C:\WINDOWS\system32\f978.dll [2009-11-22 729088]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584]
"LaunchApp"=Alaunch []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-01 16208384]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]
"IMEKRMIG6.1"=C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [2004-08-10 44032]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-10 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"Acer Empowering Technology Monitor"=C:\WINDOWS\system32\SysMonitor.exe [2006-04-18 49152]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2006-06-01 413696]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2006-03-17 345088]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
"AntiVirus Plus"=C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll [2010-01-14 2541568]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"EPSON Stylus DX4400 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [2007-03-01 180736]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-21 39408]
"WhereSphere"=C:\Documents and Settings\Lejeune\Application Data\WhereSphere\wheresphere.exe [2009-12-20 827392]
"SfKg6wIPuS"=C:\Documents and Settings\Lejeune\Application Data\Microsoft\Windows\oulwsv.exe [2009-11-22 258048]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"AntiVirus Plus"=C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll [2010-01-14 2541568]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWQueuedReporting]
C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe [2007-02-26 437160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe [2005-11-10 36975]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-04-24 251240]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
Acer WLAN 11g USB Dongle.lnk - C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
AntiVirus Plus.lnk - C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Lejeune\Menu Démarrer\Programmes\Démarrage
AntiVirus Plus.lnk - C:\WINDOWS\system32\rundll32.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-07-18 86016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1be4f3d0-5259-11de-b91a-001e2a4bebd5}]
shell\AutoRun\command - J:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eaaed366-d2a2-11dd-b853-001e2a4bebd5}]
shell\AutoRun\command - J:\InstallTomTomHOME.exe
======List of files/folders created in the last 1 months======
2010-01-14 20:33:49 ----D---- C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus
2010-01-14 20:33:44 ----A---- C:\WINDOWS\system32\y-W-MOG7b.exe
2010-01-13 22:39:30 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-13 22:38:57 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2009-12-28 18:02:30 ----D---- C:\Documents and Settings\Lejeune\Application Data\Audacity
2009-12-26 05:11:52 ----A---- C:\WINDOWS\system32\03-ByyQ.dll
2009-12-09 23:19:01 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-09 23:18:36 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-09 23:17:51 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-09 23:17:44 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-09 23:17:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2009-11-25 23:03:56 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-11-25 23:03:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-11-22 18:25:40 ----HDC---- C:\WINDOWS\$NtUninstallKB925766$
2009-11-22 18:24:02 ----D---- C:\Program Files\Kwanzy
2009-11-22 18:24:02 ----D---- C:\Documents and Settings\All Users\Application Data\Kwanzy
2009-11-22 18:23:49 ----D---- C:\Documents and Settings\Lejeune\Application Data\WhereSphere
2009-11-22 18:23:48 ----A---- C:\WINDOWS\system32\f978.dll
2009-11-12 23:23:02 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-10-14 21:34:20 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-14 21:32:56 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-14 21:32:51 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-14 21:32:46 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-14 21:32:40 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-14 21:32:34 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-14 21:31:32 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-14 21:31:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-14 21:30:54 ----HDC---- C:\WINDOWS\$NtUninstallKB953295$
2009-10-14 21:30:25 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-03 10:06:22 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2009-09-16 21:38:39 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2009-09-16 12:06:24 ----D---- C:\Program Files\Microsoft
2009-09-09 22:49:00 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-09-09 06:14:45 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-09-09 06:14:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-09-09 06:14:20 ----HDC---- C:\WINDOWS\$NtUninstallKB973768$
2009-08-28 17:06:29 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-08-13 11:29:23 ----D---- C:\Documents and Settings\Lejeune\Application Data\Download Manager
2009-08-12 23:13:52 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-08-12 23:13:48 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-08-12 23:13:43 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-08-12 23:13:39 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2009-08-12 23:13:34 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-08-12 23:13:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-08-12 23:13:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-08-12 23:13:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-08-12 23:12:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-08-06 05:18:51 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-08-05 21:46:12 ----D---- C:\dfa7adc192a258b9f0408b39cc6509d3
2009-08-05 21:43:32 ----D---- C:\WINDOWS\system32\XPSViewer
2009-08-05 21:43:28 ----D---- C:\Program Files\MSBuild
2009-08-05 21:43:27 ----D---- C:\WINDOWS\system32\en-US
2009-08-05 21:43:21 ----D---- C:\Program Files\Reference Assemblies
2009-08-05 21:43:01 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-08-05 21:43:01 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-08-05 21:43:01 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-08-05 21:43:01 ----D---- C:\10b43c0ddf8b267179
2009-08-05 21:41:58 ----SHD---- C:\Config.Msi
2009-08-04 18:52:22 ----A---- C:\WINDOWS\system32\FM20.DLL
2009-07-26 22:11:08 ----D---- C:\Program Files\Windows Live Safety Center
2009-07-26 15:44:56 ----A---- C:\WINDOWS\system32\sirenacm.dll
2009-07-21 22:03:10 ----D---- C:\Documents and Settings\Lejeune\Application Data\Google
2009-07-21 22:01:16 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-07-21 22:01:14 ----D---- C:\Program Files\Google
2009-07-21 00:05:40 ----A---- C:\WINDOWS\system32\msxml4.dll
2009-07-15 23:02:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-15 23:02:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-15 23:01:31 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-11 14:03:03 ----HD---- C:\WINDOWS\PIF
2009-07-08 11:23:59 ----A---- C:\WINDOWS\system32\pywintypes25.dll
2009-07-08 11:23:59 ----A---- C:\WINDOWS\system32\pythoncom25.dll
2009-07-08 11:23:59 ----A---- C:\WINDOWS\system32\python25.dll
2009-07-06 13:29:29 ----D---- C:\Documents and Settings\Lejeune\Application Data\Save
2009-06-12 00:08:32 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-06-12 00:08:28 ----HDC---- C:\WINDOWS\$NtUninstallKB969898$
2009-06-12 00:07:30 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-06-12 00:07:23 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-06-06 06:33:18 ----D---- C:\WINDOWS\ie8updates
2009-06-06 06:31:31 ----HDC---- C:\WINDOWS\ie8
2009-06-06 06:16:00 ----D---- C:\Documents and Settings\Lejeune\Application Data\U3
2009-05-10 11:53:53 ----D---- C:\Program Files\Fichiers communs\Motorola Shared
2009-05-10 10:51:05 ----D---- C:\Program Files\TomTom International B.V
2009-05-06 16:57:25 ----D---- C:\WINDOWS\msdownld.tmp
2009-04-15 23:55:44 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-04-15 23:55:39 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2009-04-15 23:54:16 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-04-15 23:54:09 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-04-15 23:54:04 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-04-15 23:53:57 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-03-11 23:05:13 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-03-11 23:05:10 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-03-11 23:05:06 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-03-11 23:04:51 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$
2009-03-08 13:17:46 ----N---- C:\WINDOWS\system32\msrating.dll.mui
2009-03-08 13:17:30 ----N---- C:\WINDOWS\system32\mshta.exe.mui
2009-03-08 13:16:06 ----N---- C:\WINDOWS\system32\ie4uinit.exe.mui
2009-03-08 13:15:48 ----N---- C:\WINDOWS\system32\iedkcs32.dll.mui
2009-02-25 12:17:55 ----A---- C:\WINDOWS\ipool.INI
2009-02-25 12:16:13 ----D---- C:\Games
2009-02-25 12:10:56 ----D---- C:\Documents and Settings\Lejeune\Application Data\Help
2009-02-25 12:07:42 ----D---- C:\Program Files\TomCat Soft
2009-02-25 01:23:48 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-02-21 19:51:27 ----D---- C:\Program Files\BzTarot
2009-02-21 19:51:03 ----A---- C:\WINDOWS\system32\SpoonUninstall.exe
2009-02-21 19:51:02 ----D---- C:\Program Files\Objectif Tarot
2009-02-19 10:31:36 ----D---- C:\Program Files\Webtarot
2009-02-19 10:15:02 ----D---- C:\Rummy Royal
2009-02-11 13:24:16 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-01-15 19:31:30 ----D---- C:\rsit
2009-01-15 19:31:30 ----D---- C:\Program Files\trend micro
2009-01-15 16:04:20 ----D---- C:\Documents and Settings\Lejeune\Application Data\Apple Computer
2009-01-15 16:04:15 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2009-01-15 16:04:01 ----D---- C:\Program Files\iPod
2009-01-15 16:03:59 ----D---- C:\Program Files\iTunes
2009-01-15 16:03:59 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-15 16:03:50 ----D---- C:\Program Files\Bonjour
2009-01-15 16:03:25 ----D---- C:\Program Files\QuickTime
2009-01-15 16:03:24 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-01-15 16:03:10 ----D---- C:\Program Files\Apple Software Update
2009-01-15 16:02:53 ----D---- C:\Program Files\Fichiers communs\Apple
2009-01-15 16:02:52 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-01-14 22:13:22 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-14 07:07:49 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-14 07:07:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-01-07 17:20:18 ----A---- C:\WINDOWS\system32\msdbg2.dll
2008-12-25 17:44:53 ----D---- C:\Documents and Settings\All Users\Application Data\TomTom
2008-12-25 17:44:17 ----D---- C:\Documents and Settings\Lejeune\Application Data\TomTom
2008-12-25 17:43:57 ----D---- C:\Program Files\TomTom HOME 2
2008-12-25 17:42:04 ----D---- C:\Program Files\TomTom DesktopSuite
2008-12-18 22:33:21 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-12-18 06:04:35 ----A---- C:\WINDOWS\system32\muweb.dll
2008-12-18 06:04:35 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-12-18 06:04:35 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-12-17 16:35:48 ----D---- C:\Program Files\MSN Messenger
2008-12-17 16:27:57 ----D---- C:\Documents and Settings\Lejeune\Application Data\MSNInstaller
2008-12-17 14:52:52 ----D---- C:\Program Files\Microsoft Silverlight
2008-12-17 14:50:43 ----D---- C:\Program Files\Windows Live SkyDrive
2008-12-17 14:41:09 ----D---- C:\Program Files\Fichiers communs\Windows Live
======List of files/folders modified in the last 1 months======
2010-01-14 21:55:21 ----SHD---- C:\WINDOWS\Installer
2010-01-14 21:55:16 ----RSD---- C:\WINDOWS\assembly
2010-01-13 22:39:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-13 22:39:29 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-13 22:39:03 ----A---- C:\WINDOWS\imsins.BAK
2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe
2009-12-28 23:57:07 ----D---- C:\Documents and Settings\Lejeune\Application Data\LimeWire
2009-12-24 09:26:48 ----SD---- C:\Documents and Settings\Lejeune\Application Data\Microsoft
2009-12-22 22:14:30 ----D---- C:\Program Files\MSECache
2009-12-09 23:18:07 ----D---- C:\Program Files\Internet Explorer
2009-12-04 06:39:59 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-11-25 23:03:38 ----D---- C:\WINDOWS\WinSxS
2009-11-22 18:27:10 ----D---- C:\WINDOWS\ehome
2009-11-04 19:12:59 ----D---- C:\WINDOWS\network diagnostic
2009-10-29 08:42:33 ----A---- C:\WINDOWS\system32\wininet.dll
2009-10-29 08:42:33 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-10-29 08:42:32 ----A---- C:\WINDOWS\system32\occache.dll
2009-10-29 08:42:32 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-10-29 08:42:31 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-10-29 08:42:31 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-10-29 08:42:30 ----A---- C:\WINDOWS\system32\jsproxy.dll
2009-10-29 08:42:30 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-10-29 08:42:29 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-10-29 08:42:29 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-10-29 08:42:27 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2009-10-28 16:07:15 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-10-28 15:40:47 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2009-10-21 06:39:43 ----A---- C:\WINDOWS\system32\strmfilt.dll
2009-10-21 06:39:43 ----A---- C:\WINDOWS\system32\httpapi.dll
2009-10-17 23:23:40 ----RSD---- C:\WINDOWS\Fonts
2009-10-17 23:23:24 ----D---- C:\Program Files\Microsoft Works
2009-10-17 23:22:34 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-10-15 17:32:12 ----A---- C:\WINDOWS\system32\t2embed.dll
2009-10-15 17:32:12 ----A---- C:\WINDOWS\system32\fontsub.dll
2009-10-15 05:56:16 ----D---- C:\WINDOWS\Microsoft.NET
2009-10-13 11:33:37 ----A---- C:\WINDOWS\system32\oakley.dll
2009-10-12 17:03:39 ----SHD---- C:\RECYCLER
2009-10-12 14:39:22 ----A---- C:\WINDOWS\system32\rastls.dll
2009-10-12 14:39:22 ----A---- C:\WINDOWS\system32\raschap.dll
2009-09-16 12:06:18 ----D---- C:\Program Files\Windows Live
2009-09-11 15:18:20 ----A---- C:\WINDOWS\system32\msv1_0.dll
2009-09-04 22:04:39 ----A---- C:\WINDOWS\system32\msasn1.dll
2009-08-26 09:01:24 ----A---- C:\WINDOWS\system32\strmdll.dll
2009-08-25 10:18:35 ----A---- C:\WINDOWS\system32\winhttp.dll
2009-08-12 23:13:26 ----D---- C:\Program Files\Outlook Express
2009-08-06 18:24:26 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2009-08-06 18:24:18 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-08-06 18:24:18 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-08-06 18:24:10 ----A---- C:\WINDOWS\system32\wups2.dll
2009-08-06 18:24:10 ----A---- C:\WINDOWS\system32\wups.dll
2009-08-06 18:24:06 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-08-06 18:24:04 ----A---- C:\WINDOWS\system32\cdm.dll
2009-08-06 18:24:00 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2009-08-06 18:23:54 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-08-06 18:23:46 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2009-08-06 18:23:46 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-08-06 05:19:03 ----D---- C:\WINDOWS\system32\CatRoot
2009-08-05 21:43:09 ----D---- C:\WINDOWS\system32\spool
2009-08-05 10:00:38 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2009-08-04 18:27:57 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2009-08-04 18:27:54 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2009-08-03 15:54:18 ----A---- C:\WINDOWS\ModemLog_SAMSUNG Mobile USB Modem.txt
2009-07-31 10:03:46 ----N---- C:\WINDOWS\system32\msxml6.dll
2009-07-31 05:33:43 ----A---- C:\WINDOWS\system32\msxml3.dll
2009-07-17 20:03:33 ----A---- C:\WINDOWS\system32\atl.dll
2009-07-17 17:16:51 ----A---- C:\WINDOWS\system32\query.dll
2009-07-13 22:43:24 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2009-07-13 22:43:24 ----A---- C:\WINDOWS\system32\wmp.dll
2009-07-11 14:03:03 ----D---- C:\Program Files\Windows Media Player
2009-07-10 15:08:44 ----SHD---- C:\System Volume Information
2009-07-10 15:08:44 ----D---- C:\WINDOWS\system32\Restore
2009-07-08 11:23:11 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-07-02 14:54:12 ----D---- C:\WINDOWS\system32\FxsTmp
2009-06-25 09:26:32 ----A---- C:\WINDOWS\system32\wdigest.dll
2009-06-25 09:26:32 ----A---- C:\WINDOWS\system32\secur32.dll
2009-06-25 09:26:32 ----A---- C:\WINDOWS\system32\schannel.dll
2009-06-25 09:26:32 ----A---- C:\WINDOWS\system32\lsasrv.dll
2009-06-25 09:26:31 ----A---- C:\WINDOWS\system32\kerberos.dll
2009-06-22 07:47:13 ----A---- C:\WINDOWS\system32\jscript.dll
2009-06-19 14:26:56 ----D---- C:\WINDOWS\system32\Macromed
2009-06-15 11:44:50 ----A---- C:\WINDOWS\system32\telnet.exe
2009-06-15 11:44:49 ----A---- C:\WINDOWS\system32\tlntsess.exe
2009-06-10 15:14:28 ----A---- C:\WINDOWS\system32\avifil32.dll
2009-06-10 08:21:22 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-06-10 07:15:17 ----A---- C:\WINDOWS\system32\wkssvc.dll
2009-06-03 20:10:33 ----A---- C:\WINDOWS\system32\quartz.dll
2009-05-20 03:56:52 ----A---- C:\WINDOWS\system32\WMVCore.dll
2009-05-10 11:54:00 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-05-07 16:33:02 ----A---- C:\WINDOWS\system32\localspl.dll
2009-04-16 05:46:59 ----D---- C:\WINDOWS\system32\wbem
2009-04-15 15:53:29 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2009-04-01 22:02:22 ----A---- C:\WINDOWS\system32\wmspdmod.dll
2009-03-21 15:07:58 ----A---- C:\WINDOWS\system32\kernel32.dll
2009-03-08 13:18:02 ----A---- C:\WINDOWS\system32\ieframe.dll.mui
2009-03-08 13:16:06 ----A---- C:\WINDOWS\system32\advpack.dll.mui
2009-03-08 03:34:48 ----A---- C:\WINDOWS\system32\WinFXDocObj.exe
2009-03-08 03:34:48 ----A---- C:\WINDOWS\system32\webcheck.dll
2009-03-08 03:34:30 ----A---- C:\WINDOWS\system32\licmgr10.dll
2009-03-08 03:34:28 ----A---- C:\WINDOWS\system32\url.dll
2009-03-08 03:34:18 ----A---- C:\WINDOWS\system32\msrating.dll
2009-03-08 03:33:40 ----A---- C:\WINDOWS\system32\corpol.dll
2009-03-08 03:33:08 ----A---- C:\WINDOWS\system32\ieaksie.dll
2009-03-08 03:33:06 ----A---- C:\WINDOWS\system32\vbscript.dll
2009-03-08 03:33:02 ----A---- C:\WINDOWS\system32\ieakeng.dll
2009-03-08 03:32:56 ----A---- C:\WINDOWS\system32\admparse.dll
2009-03-08 03:32:52 ----A---- C:\WINDOWS\system32\ieudinit.exe
2009-03-08 03:32:52 ----A---- C:\WINDOWS\system32\ieakui.dll
2009-03-08 03:32:50 ----A---- C:\WINDOWS\system32\iesetup.dll
2009-03-08 03:32:50 ----A---- C:\WINDOWS\system32\iernonce.dll
2009-03-08 03:32:48 ----A---- C:\WINDOWS\system32\advpack.dll
2009-03-08 03:32:46 ----A---- C:\WINDOWS\system32\inseng.dll
2009-03-08 03:32:04 ----A---- C:\WINDOWS\system32\mstime.dll
2009-03-08 03:31:54 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2009-03-08 03:31:52 ----A---- C:\WINDOWS\system32\icardie.dll
2009-03-08 03:31:44 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2009-03-08 03:31:38 ----A---- C:\WINDOWS\system32\imgutil.dll
2009-03-08 03:31:38 ----A---- C:\WINDOWS\system32\dxtrans.dll
2009-03-08 03:31:36 ----A---- C:\WINDOWS\system32\pngfilt.dll
2
Logfile of random's system information tool 1.06 (written by random/random)
Run by Lejeune at 2009-01-15 19:31:30
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 50 GB (68%) free of 73 GB
Total RAM: 2815 MB (78% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:31:58, on 15/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\Lejeune\Application Data\WhereSphere\wheresphere.exe
C:\Documents and Settings\Lejeune\Application Data\Microsoft\Windows\oulwsv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Lejeune\Bureau\RSIT.exe
C:\Program Files\trend micro\Lejeune.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://moteur.chat-land.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Mirar - {012EEB6D-1444-4A6A-8976-6C7A756612C0} - C:\WINDOWS\system32\f978.dll
O2 - BHO: gwprimawega - {146cabea-1007-d98f-47e0-71442ac2d3ec} - C:\WINDOWS\system32\03-ByyQ.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Antivirus Plus BHO - {C2B5AAB8-2183-4be7-81A6-F11493C45872} - C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Mirar - {012EEB6C-1444-4A6A-8976-6C7A756612C0} - C:\WINDOWS\system32\f978.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AntiVirus Plus] "C:\WINDOWS\system32\rundll32.exe" "C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll", start 70700
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S8F.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WhereSphere] C:\Documents and Settings\Lejeune\Application Data\WhereSphere\wheresphere.exe
O4 - HKCU\..\Run: [SfKg6wIPuS] C:\Documents and Settings\Lejeune\Application Data\Microsoft\Windows\oulwsv.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AntiVirus Plus] "C:\WINDOWS\system32\rundll32.exe" "C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll", start 70700
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: AntiVirus Plus.lnk = C:\WINDOWS\system32\rundll32.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: AntiVirus Plus.lnk = C:\WINDOWS\system32\rundll32.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.chat-land.org
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate1ca0a468d679126) (gupdate1ca0a468d679126) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kwanzy Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Kwanzy\kwanzy131.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
--
End of file - 10210 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{012EEB6D-1444-4A6A-8976-6C7A756612C0}]
Mirar - C:\WINDOWS\system32\f978.dll [2009-11-22 729088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{146cabea-1007-d98f-47e0-71442ac2d3ec}]
gwprimawega - C:\WINDOWS\system32\03-ByyQ.dll [2009-12-26 1191936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-13 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-07-21 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2B5AAB8-2183-4be7-81A6-F11493C45872}]
Antivirus Plus BHO - C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll [2010-01-14 2541568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-13 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-13 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar.dll [2006-03-08 106496]
{012EEB6C-1444-4A6A-8976-6C7A756612C0} - Mirar - C:\WINDOWS\system32\f978.dll [2009-11-22 729088]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584]
"LaunchApp"=Alaunch []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-01 16208384]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]
"IMEKRMIG6.1"=C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [2004-08-10 44032]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-10 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"Acer Empowering Technology Monitor"=C:\WINDOWS\system32\SysMonitor.exe [2006-04-18 49152]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2006-06-01 413696]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2006-03-17 345088]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
"AntiVirus Plus"=C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll [2010-01-14 2541568]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"EPSON Stylus DX4400 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [2007-03-01 180736]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-21 39408]
"WhereSphere"=C:\Documents and Settings\Lejeune\Application Data\WhereSphere\wheresphere.exe [2009-12-20 827392]
"SfKg6wIPuS"=C:\Documents and Settings\Lejeune\Application Data\Microsoft\Windows\oulwsv.exe [2009-11-22 258048]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"AntiVirus Plus"=C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll [2010-01-14 2541568]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWQueuedReporting]
C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe [2007-02-26 437160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe [2005-11-10 36975]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-04-24 251240]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
Acer WLAN 11g USB Dongle.lnk - C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
AntiVirus Plus.lnk - C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Lejeune\Menu Démarrer\Programmes\Démarrage
AntiVirus Plus.lnk - C:\WINDOWS\system32\rundll32.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-07-18 86016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1be4f3d0-5259-11de-b91a-001e2a4bebd5}]
shell\AutoRun\command - J:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eaaed366-d2a2-11dd-b853-001e2a4bebd5}]
shell\AutoRun\command - J:\InstallTomTomHOME.exe
======List of files/folders created in the last 1 months======
2010-01-14 20:33:49 ----D---- C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus
2010-01-14 20:33:44 ----A---- C:\WINDOWS\system32\y-W-MOG7b.exe
2010-01-13 22:39:30 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-13 22:38:57 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2009-12-28 18:02:30 ----D---- C:\Documents and Settings\Lejeune\Application Data\Audacity
2009-12-26 05:11:52 ----A---- C:\WINDOWS\system32\03-ByyQ.dll
2009-12-09 23:19:01 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-09 23:18:36 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-09 23:17:51 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-09 23:17:44 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-09 23:17:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2009-11-25 23:03:56 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-11-25 23:03:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-11-22 18:25:40 ----HDC---- C:\WINDOWS\$NtUninstallKB925766$
2009-11-22 18:24:02 ----D---- C:\Program Files\Kwanzy
2009-11-22 18:24:02 ----D---- C:\Documents and Settings\All Users\Application Data\Kwanzy
2009-11-22 18:23:49 ----D---- C:\Documents and Settings\Lejeune\Application Data\WhereSphere
2009-11-22 18:23:48 ----A---- C:\WINDOWS\system32\f978.dll
2009-11-12 23:23:02 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-10-14 21:34:20 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-14 21:32:56 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-14 21:32:51 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-14 21:32:46 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-14 21:32:40 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-14 21:32:34 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-14 21:31:32 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-14 21:31:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-14 21:30:54 ----HDC---- C:\WINDOWS\$NtUninstallKB953295$
2009-10-14 21:30:25 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-03 10:06:22 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2009-09-16 21:38:39 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2009-09-16 12:06:24 ----D---- C:\Program Files\Microsoft
2009-09-09 22:49:00 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-09-09 06:14:45 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-09-09 06:14:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-09-09 06:14:20 ----HDC---- C:\WINDOWS\$NtUninstallKB973768$
2009-08-28 17:06:29 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-08-13 11:29:23 ----D---- C:\Documents and Settings\Lejeune\Application Data\Download Manager
2009-08-12 23:13:52 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-08-12 23:13:48 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-08-12 23:13:43 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-08-12 23:13:39 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2009-08-12 23:13:34 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-08-12 23:13:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-08-12 23:13:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-08-12 23:13:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-08-12 23:12:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-08-06 05:18:51 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-08-05 21:46:12 ----D---- C:\dfa7adc192a258b9f0408b39cc6509d3
2009-08-05 21:43:32 ----D---- C:\WINDOWS\system32\XPSViewer
2009-08-05 21:43:28 ----D---- C:\Program Files\MSBuild
2009-08-05 21:43:27 ----D---- C:\WINDOWS\system32\en-US
2009-08-05 21:43:21 ----D---- C:\Program Files\Reference Assemblies
2009-08-05 21:43:01 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-08-05 21:43:01 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-08-05 21:43:01 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-08-05 21:43:01 ----D---- C:\10b43c0ddf8b267179
2009-08-05 21:41:58 ----SHD---- C:\Config.Msi
2009-08-04 18:52:22 ----A---- C:\WINDOWS\system32\FM20.DLL
2009-07-26 22:11:08 ----D---- C:\Program Files\Windows Live Safety Center
2009-07-26 15:44:56 ----A---- C:\WINDOWS\system32\sirenacm.dll
2009-07-21 22:03:10 ----D---- C:\Documents and Settings\Lejeune\Application Data\Google
2009-07-21 22:01:16 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-07-21 22:01:14 ----D---- C:\Program Files\Google
2009-07-21 00:05:40 ----A---- C:\WINDOWS\system32\msxml4.dll
2009-07-15 23:02:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-15 23:02:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-15 23:01:31 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-11 14:03:03 ----HD---- C:\WINDOWS\PIF
2009-07-08 11:23:59 ----A---- C:\WINDOWS\system32\pywintypes25.dll
2009-07-08 11:23:59 ----A---- C:\WINDOWS\system32\pythoncom25.dll
2009-07-08 11:23:59 ----A---- C:\WINDOWS\system32\python25.dll
2009-07-06 13:29:29 ----D---- C:\Documents and Settings\Lejeune\Application Data\Save
2009-06-12 00:08:32 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-06-12 00:08:28 ----HDC---- C:\WINDOWS\$NtUninstallKB969898$
2009-06-12 00:07:30 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-06-12 00:07:23 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-06-06 06:33:18 ----D---- C:\WINDOWS\ie8updates
2009-06-06 06:31:31 ----HDC---- C:\WINDOWS\ie8
2009-06-06 06:16:00 ----D---- C:\Documents and Settings\Lejeune\Application Data\U3
2009-05-10 11:53:53 ----D---- C:\Program Files\Fichiers communs\Motorola Shared
2009-05-10 10:51:05 ----D---- C:\Program Files\TomTom International B.V
2009-05-06 16:57:25 ----D---- C:\WINDOWS\msdownld.tmp
2009-04-15 23:55:44 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-04-15 23:55:39 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2009-04-15 23:54:16 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-04-15 23:54:09 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-04-15 23:54:04 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-04-15 23:53:57 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-03-11 23:05:13 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-03-11 23:05:10 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-03-11 23:05:06 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-03-11 23:04:51 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$
2009-03-08 13:17:46 ----N---- C:\WINDOWS\system32\msrating.dll.mui
2009-03-08 13:17:30 ----N---- C:\WINDOWS\system32\mshta.exe.mui
2009-03-08 13:16:06 ----N---- C:\WINDOWS\system32\ie4uinit.exe.mui
2009-03-08 13:15:48 ----N---- C:\WINDOWS\system32\iedkcs32.dll.mui
2009-02-25 12:17:55 ----A---- C:\WINDOWS\ipool.INI
2009-02-25 12:16:13 ----D---- C:\Games
2009-02-25 12:10:56 ----D---- C:\Documents and Settings\Lejeune\Application Data\Help
2009-02-25 12:07:42 ----D---- C:\Program Files\TomCat Soft
2009-02-25 01:23:48 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-02-21 19:51:27 ----D---- C:\Program Files\BzTarot
2009-02-21 19:51:03 ----A---- C:\WINDOWS\system32\SpoonUninstall.exe
2009-02-21 19:51:02 ----D---- C:\Program Files\Objectif Tarot
2009-02-19 10:31:36 ----D---- C:\Program Files\Webtarot
2009-02-19 10:15:02 ----D---- C:\Rummy Royal
2009-02-11 13:24:16 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-01-15 19:31:30 ----D---- C:\rsit
2009-01-15 19:31:30 ----D---- C:\Program Files\trend micro
2009-01-15 16:04:20 ----D---- C:\Documents and Settings\Lejeune\Application Data\Apple Computer
2009-01-15 16:04:15 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2009-01-15 16:04:01 ----D---- C:\Program Files\iPod
2009-01-15 16:03:59 ----D---- C:\Program Files\iTunes
2009-01-15 16:03:59 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-15 16:03:50 ----D---- C:\Program Files\Bonjour
2009-01-15 16:03:25 ----D---- C:\Program Files\QuickTime
2009-01-15 16:03:24 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-01-15 16:03:10 ----D---- C:\Program Files\Apple Software Update
2009-01-15 16:02:53 ----D---- C:\Program Files\Fichiers communs\Apple
2009-01-15 16:02:52 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-01-14 22:13:22 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-14 07:07:49 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-14 07:07:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-01-07 17:20:18 ----A---- C:\WINDOWS\system32\msdbg2.dll
2008-12-25 17:44:53 ----D---- C:\Documents and Settings\All Users\Application Data\TomTom
2008-12-25 17:44:17 ----D---- C:\Documents and Settings\Lejeune\Application Data\TomTom
2008-12-25 17:43:57 ----D---- C:\Program Files\TomTom HOME 2
2008-12-25 17:42:04 ----D---- C:\Program Files\TomTom DesktopSuite
2008-12-18 22:33:21 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-12-18 06:04:35 ----A---- C:\WINDOWS\system32\muweb.dll
2008-12-18 06:04:35 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-12-18 06:04:35 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-12-17 16:35:48 ----D---- C:\Program Files\MSN Messenger
2008-12-17 16:27:57 ----D---- C:\Documents and Settings\Lejeune\Application Data\MSNInstaller
2008-12-17 14:52:52 ----D---- C:\Program Files\Microsoft Silverlight
2008-12-17 14:50:43 ----D---- C:\Program Files\Windows Live SkyDrive
2008-12-17 14:41:09 ----D---- C:\Program Files\Fichiers communs\Windows Live
======List of files/folders modified in the last 1 months======
2010-01-14 21:55:21 ----SHD---- C:\WINDOWS\Installer
2010-01-14 21:55:16 ----RSD---- C:\WINDOWS\assembly
2010-01-13 22:39:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-13 22:39:29 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-13 22:39:03 ----A---- C:\WINDOWS\imsins.BAK
2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe
2009-12-28 23:57:07 ----D---- C:\Documents and Settings\Lejeune\Application Data\LimeWire
2009-12-24 09:26:48 ----SD---- C:\Documents and Settings\Lejeune\Application Data\Microsoft
2009-12-22 22:14:30 ----D---- C:\Program Files\MSECache
2009-12-09 23:18:07 ----D---- C:\Program Files\Internet Explorer
2009-12-04 06:39:59 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-11-25 23:03:38 ----D---- C:\WINDOWS\WinSxS
2009-11-22 18:27:10 ----D---- C:\WINDOWS\ehome
2009-11-04 19:12:59 ----D---- C:\WINDOWS\network diagnostic
2009-10-29 08:42:33 ----A---- C:\WINDOWS\system32\wininet.dll
2009-10-29 08:42:33 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-10-29 08:42:32 ----A---- C:\WINDOWS\system32\occache.dll
2009-10-29 08:42:32 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-10-29 08:42:31 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-10-29 08:42:31 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-10-29 08:42:30 ----A---- C:\WINDOWS\system32\jsproxy.dll
2009-10-29 08:42:30 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-10-29 08:42:29 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-10-29 08:42:29 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-10-29 08:42:27 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2009-10-28 16:07:15 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-10-28 15:40:47 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2009-10-21 06:39:43 ----A---- C:\WINDOWS\system32\strmfilt.dll
2009-10-21 06:39:43 ----A---- C:\WINDOWS\system32\httpapi.dll
2009-10-17 23:23:40 ----RSD---- C:\WINDOWS\Fonts
2009-10-17 23:23:24 ----D---- C:\Program Files\Microsoft Works
2009-10-17 23:22:34 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-10-15 17:32:12 ----A---- C:\WINDOWS\system32\t2embed.dll
2009-10-15 17:32:12 ----A---- C:\WINDOWS\system32\fontsub.dll
2009-10-15 05:56:16 ----D---- C:\WINDOWS\Microsoft.NET
2009-10-13 11:33:37 ----A---- C:\WINDOWS\system32\oakley.dll
2009-10-12 17:03:39 ----SHD---- C:\RECYCLER
2009-10-12 14:39:22 ----A---- C:\WINDOWS\system32\rastls.dll
2009-10-12 14:39:22 ----A---- C:\WINDOWS\system32\raschap.dll
2009-09-16 12:06:18 ----D---- C:\Program Files\Windows Live
2009-09-11 15:18:20 ----A---- C:\WINDOWS\system32\msv1_0.dll
2009-09-04 22:04:39 ----A---- C:\WINDOWS\system32\msasn1.dll
2009-08-26 09:01:24 ----A---- C:\WINDOWS\system32\strmdll.dll
2009-08-25 10:18:35 ----A---- C:\WINDOWS\system32\winhttp.dll
2009-08-12 23:13:26 ----D---- C:\Program Files\Outlook Express
2009-08-06 18:24:26 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2009-08-06 18:24:18 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-08-06 18:24:18 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-08-06 18:24:10 ----A---- C:\WINDOWS\system32\wups2.dll
2009-08-06 18:24:10 ----A---- C:\WINDOWS\system32\wups.dll
2009-08-06 18:24:06 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-08-06 18:24:04 ----A---- C:\WINDOWS\system32\cdm.dll
2009-08-06 18:24:00 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2009-08-06 18:23:54 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-08-06 18:23:46 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2009-08-06 18:23:46 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-08-06 05:19:03 ----D---- C:\WINDOWS\system32\CatRoot
2009-08-05 21:43:09 ----D---- C:\WINDOWS\system32\spool
2009-08-05 10:00:38 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2009-08-04 18:27:57 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2009-08-04 18:27:54 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2009-08-03 15:54:18 ----A---- C:\WINDOWS\ModemLog_SAMSUNG Mobile USB Modem.txt
2009-07-31 10:03:46 ----N---- C:\WINDOWS\system32\msxml6.dll
2009-07-31 05:33:43 ----A---- C:\WINDOWS\system32\msxml3.dll
2009-07-17 20:03:33 ----A---- C:\WINDOWS\system32\atl.dll
2009-07-17 17:16:51 ----A---- C:\WINDOWS\system32\query.dll
2009-07-13 22:43:24 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2009-07-13 22:43:24 ----A---- C:\WINDOWS\system32\wmp.dll
2009-07-11 14:03:03 ----D---- C:\Program Files\Windows Media Player
2009-07-10 15:08:44 ----SHD---- C:\System Volume Information
2009-07-10 15:08:44 ----D---- C:\WINDOWS\system32\Restore
2009-07-08 11:23:11 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-07-02 14:54:12 ----D---- C:\WINDOWS\system32\FxsTmp
2009-06-25 09:26:32 ----A---- C:\WINDOWS\system32\wdigest.dll
2009-06-25 09:26:32 ----A---- C:\WINDOWS\system32\secur32.dll
2009-06-25 09:26:32 ----A---- C:\WINDOWS\system32\schannel.dll
2009-06-25 09:26:32 ----A---- C:\WINDOWS\system32\lsasrv.dll
2009-06-25 09:26:31 ----A---- C:\WINDOWS\system32\kerberos.dll
2009-06-22 07:47:13 ----A---- C:\WINDOWS\system32\jscript.dll
2009-06-19 14:26:56 ----D---- C:\WINDOWS\system32\Macromed
2009-06-15 11:44:50 ----A---- C:\WINDOWS\system32\telnet.exe
2009-06-15 11:44:49 ----A---- C:\WINDOWS\system32\tlntsess.exe
2009-06-10 15:14:28 ----A---- C:\WINDOWS\system32\avifil32.dll
2009-06-10 08:21:22 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-06-10 07:15:17 ----A---- C:\WINDOWS\system32\wkssvc.dll
2009-06-03 20:10:33 ----A---- C:\WINDOWS\system32\quartz.dll
2009-05-20 03:56:52 ----A---- C:\WINDOWS\system32\WMVCore.dll
2009-05-10 11:54:00 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-05-07 16:33:02 ----A---- C:\WINDOWS\system32\localspl.dll
2009-04-16 05:46:59 ----D---- C:\WINDOWS\system32\wbem
2009-04-15 15:53:29 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2009-04-01 22:02:22 ----A---- C:\WINDOWS\system32\wmspdmod.dll
2009-03-21 15:07:58 ----A---- C:\WINDOWS\system32\kernel32.dll
2009-03-08 13:18:02 ----A---- C:\WINDOWS\system32\ieframe.dll.mui
2009-03-08 13:16:06 ----A---- C:\WINDOWS\system32\advpack.dll.mui
2009-03-08 03:34:48 ----A---- C:\WINDOWS\system32\WinFXDocObj.exe
2009-03-08 03:34:48 ----A---- C:\WINDOWS\system32\webcheck.dll
2009-03-08 03:34:30 ----A---- C:\WINDOWS\system32\licmgr10.dll
2009-03-08 03:34:28 ----A---- C:\WINDOWS\system32\url.dll
2009-03-08 03:34:18 ----A---- C:\WINDOWS\system32\msrating.dll
2009-03-08 03:33:40 ----A---- C:\WINDOWS\system32\corpol.dll
2009-03-08 03:33:08 ----A---- C:\WINDOWS\system32\ieaksie.dll
2009-03-08 03:33:06 ----A---- C:\WINDOWS\system32\vbscript.dll
2009-03-08 03:33:02 ----A---- C:\WINDOWS\system32\ieakeng.dll
2009-03-08 03:32:56 ----A---- C:\WINDOWS\system32\admparse.dll
2009-03-08 03:32:52 ----A---- C:\WINDOWS\system32\ieudinit.exe
2009-03-08 03:32:52 ----A---- C:\WINDOWS\system32\ieakui.dll
2009-03-08 03:32:50 ----A---- C:\WINDOWS\system32\iesetup.dll
2009-03-08 03:32:50 ----A---- C:\WINDOWS\system32\iernonce.dll
2009-03-08 03:32:48 ----A---- C:\WINDOWS\system32\advpack.dll
2009-03-08 03:32:46 ----A---- C:\WINDOWS\system32\inseng.dll
2009-03-08 03:32:04 ----A---- C:\WINDOWS\system32\mstime.dll
2009-03-08 03:31:54 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2009-03-08 03:31:52 ----A---- C:\WINDOWS\system32\icardie.dll
2009-03-08 03:31:44 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2009-03-08 03:31:38 ----A---- C:\WINDOWS\system32\imgutil.dll
2009-03-08 03:31:38 ----A---- C:\WINDOWS\system32\dxtrans.dll
2009-03-08 03:31:36 ----A---- C:\WINDOWS\system32\pngfilt.dll
2009-03-08 03:31:26 ----A---- C:\WINDOWS\system32\mshtmled.dll
2009-03-08 03:31:18 ----A---- C:\WINDOWS\system32\mshtmler.dll
2009-03-08 03:31:02 ----A---- C:\WINDOWS\system32\mshta.exe
2009-03-08 03:22:46 ----A---- C:\WINDOWS\system32\ieui.dll
2009-03-08 03:22:38 ----A---- C:\WINDOWS\system32\msls31.dll
2009-03-08 03:11:12 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2009-03-06 15:20:52 ----A---- C:\WINDOWS\system32\pdh.dll
2009-02-20 18:10:47 ----A---- C:\WINDOWS\system32\extmgr.dll
2009-02-09 12:23:48 ----A---- C:\WINDOWS\system32\services.exe
2009-02-09 11:53:55 ----A---- C:\WINDOWS\system32\rpcss.dll
2009-02-09 11:53:55 ----A---- C:\WINDOWS\system32\ntdll.dll
2009-02-09 11:53:55 ----A---- C:\WINDOWS\system32\advapi32.dll
2009-02-06 11:39:08 ----A---- C:\WINDOWS\system32\sc.exe
2009-01-25 15:16:05 ----D---- C:\Documents and Settings\Lejeune\Application Data\Adobe
2009-01-15 19:31:30 ----RD---- C:\Program Files
2009-01-15 18:50:25 ----A---- C:\WINDOWS\win.ini
2009-01-15 18:33:03 ----SD---- C:\WINDOWS\Tasks
2009-01-15 18:31:57 ----D---- C:\Program Files\Mozilla Firefox
2009-01-15 18:30:22 ----D---- C:\WINDOWS\Registration
2009-01-15 18:30:17 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-15 18:30:01 ----AD---- C:\WINDOWS
2009-01-15 18:26:34 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-15 18:21:48 ----AD---- C:\VALUEADD
2009-01-15 18:12:55 ----HD---- C:\WINDOWS\inf
2009-01-15 06:57:00 ----D---- C:\WINDOWS\temp
2009-01-15 06:53:03 ----AD---- C:\WINDOWS\system32\drivers
2009-01-15 06:41:26 ----AD---- C:\WINDOWS\system32
2009-01-15 06:41:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-01-14 22:59:50 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-14 22:02:43 ----D---- C:\WINDOWS\Prefetch
2009-01-07 17:21:08 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-01-07 17:21:08 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-01-07 17:21:04 ----A---- C:\WINDOWS\system32\xmllite.dll
2009-01-07 17:20:38 ----A---- C:\WINDOWS\system32\nlsdl.dll
2009-01-07 17:20:36 ----A---- C:\WINDOWS\system32\normaliz.dll
2009-01-07 17:20:36 ----A---- C:\WINDOWS\system32\idndl.dll
2008-12-17 16:37:32 ----D---- C:\Program Files\Messenger Plus! Live
2008-12-17 14:52:05 ----D---- C:\WINDOWS\system32\DirectX
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-07-18 1621504]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-06 4284928]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-09-08 6144]
R3 psdfilter;psdfilter; \??\C:\WINDOWS\system32\Drivers\psdfilter.sys []
R3 psdvdisk;psdvdisk; \??\C:\WINDOWS\system32\Drivers\psdvdisk.sys []
R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-07-10 244864]
R3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2004-10-25 17664]
S3 GEMPC430;Lecteur de cartes à puce GEMPLUS GemPC430 USB; C:\WINDOWS\system32\DRIVERS\grclass.sys [2001-08-23 82560]
S3 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 402432]
S3 ZD1211U(ZyDAS);ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211u.sys [2005-10-04 280064]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73600]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcerMemUsageCheckService;Memory Check Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-05-11 28672]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-07-18 401408]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-13 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-02-17 73728]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-04-24 92008]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 gupdate1ca0a468d679126;Service Google Update (gupdate1ca0a468d679126); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-21 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-21 190448]
S2 Kwanzy Service;Kwanzy Service; C:\Documents and Settings\All Users\Application Data\Kwanzy\kwanzy131.exe [2009-11-26 46432]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Le voila dsl
Run by Lejeune at 2009-01-15 19:31:30
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 50 GB (68%) free of 73 GB
Total RAM: 2815 MB (78% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:31:58, on 15/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\Lejeune\Application Data\WhereSphere\wheresphere.exe
C:\Documents and Settings\Lejeune\Application Data\Microsoft\Windows\oulwsv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Lejeune\Bureau\RSIT.exe
C:\Program Files\trend micro\Lejeune.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://moteur.chat-land.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Mirar - {012EEB6D-1444-4A6A-8976-6C7A756612C0} - C:\WINDOWS\system32\f978.dll
O2 - BHO: gwprimawega - {146cabea-1007-d98f-47e0-71442ac2d3ec} - C:\WINDOWS\system32\03-ByyQ.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Antivirus Plus BHO - {C2B5AAB8-2183-4be7-81A6-F11493C45872} - C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Mirar - {012EEB6C-1444-4A6A-8976-6C7A756612C0} - C:\WINDOWS\system32\f978.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AntiVirus Plus] "C:\WINDOWS\system32\rundll32.exe" "C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll", start 70700
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S8F.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WhereSphere] C:\Documents and Settings\Lejeune\Application Data\WhereSphere\wheresphere.exe
O4 - HKCU\..\Run: [SfKg6wIPuS] C:\Documents and Settings\Lejeune\Application Data\Microsoft\Windows\oulwsv.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AntiVirus Plus] "C:\WINDOWS\system32\rundll32.exe" "C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll", start 70700
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: AntiVirus Plus.lnk = C:\WINDOWS\system32\rundll32.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: AntiVirus Plus.lnk = C:\WINDOWS\system32\rundll32.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.chat-land.org
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate1ca0a468d679126) (gupdate1ca0a468d679126) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kwanzy Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Kwanzy\kwanzy131.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
--
End of file - 10210 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{012EEB6D-1444-4A6A-8976-6C7A756612C0}]
Mirar - C:\WINDOWS\system32\f978.dll [2009-11-22 729088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{146cabea-1007-d98f-47e0-71442ac2d3ec}]
gwprimawega - C:\WINDOWS\system32\03-ByyQ.dll [2009-12-26 1191936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-13 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-07-21 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2B5AAB8-2183-4be7-81A6-F11493C45872}]
Antivirus Plus BHO - C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll [2010-01-14 2541568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-13 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-13 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar.dll [2006-03-08 106496]
{012EEB6C-1444-4A6A-8976-6C7A756612C0} - Mirar - C:\WINDOWS\system32\f978.dll [2009-11-22 729088]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584]
"LaunchApp"=Alaunch []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-01 16208384]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]
"IMEKRMIG6.1"=C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [2004-08-10 44032]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-10 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"Acer Empowering Technology Monitor"=C:\WINDOWS\system32\SysMonitor.exe [2006-04-18 49152]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2006-06-01 413696]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2006-03-17 345088]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
"AntiVirus Plus"=C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll [2010-01-14 2541568]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"EPSON Stylus DX4400 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [2007-03-01 180736]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-21 39408]
"WhereSphere"=C:\Documents and Settings\Lejeune\Application Data\WhereSphere\wheresphere.exe [2009-12-20 827392]
"SfKg6wIPuS"=C:\Documents and Settings\Lejeune\Application Data\Microsoft\Windows\oulwsv.exe [2009-11-22 258048]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"AntiVirus Plus"=C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll [2010-01-14 2541568]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWQueuedReporting]
C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe [2007-02-26 437160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe [2005-11-10 36975]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-04-24 251240]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
Acer WLAN 11g USB Dongle.lnk - C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
AntiVirus Plus.lnk - C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Lejeune\Menu Démarrer\Programmes\Démarrage
AntiVirus Plus.lnk - C:\WINDOWS\system32\rundll32.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-07-18 86016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1be4f3d0-5259-11de-b91a-001e2a4bebd5}]
shell\AutoRun\command - J:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eaaed366-d2a2-11dd-b853-001e2a4bebd5}]
shell\AutoRun\command - J:\InstallTomTomHOME.exe
======List of files/folders created in the last 1 months======
2010-01-14 20:33:49 ----D---- C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus
2010-01-14 20:33:44 ----A---- C:\WINDOWS\system32\y-W-MOG7b.exe
2010-01-13 22:39:30 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-13 22:38:57 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2009-12-28 18:02:30 ----D---- C:\Documents and Settings\Lejeune\Application Data\Audacity
2009-12-26 05:11:52 ----A---- C:\WINDOWS\system32\03-ByyQ.dll
2009-12-09 23:19:01 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-09 23:18:36 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-09 23:17:51 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-09 23:17:44 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-09 23:17:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2009-11-25 23:03:56 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-11-25 23:03:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-11-22 18:25:40 ----HDC---- C:\WINDOWS\$NtUninstallKB925766$
2009-11-22 18:24:02 ----D---- C:\Program Files\Kwanzy
2009-11-22 18:24:02 ----D---- C:\Documents and Settings\All Users\Application Data\Kwanzy
2009-11-22 18:23:49 ----D---- C:\Documents and Settings\Lejeune\Application Data\WhereSphere
2009-11-22 18:23:48 ----A---- C:\WINDOWS\system32\f978.dll
2009-11-12 23:23:02 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-10-14 21:34:20 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-14 21:32:56 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-14 21:32:51 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-14 21:32:46 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-14 21:32:40 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-14 21:32:34 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-14 21:31:32 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-14 21:31:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-14 21:30:54 ----HDC---- C:\WINDOWS\$NtUninstallKB953295$
2009-10-14 21:30:25 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-03 10:06:22 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2009-09-16 21:38:39 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2009-09-16 12:06:24 ----D---- C:\Program Files\Microsoft
2009-09-09 22:49:00 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-09-09 06:14:45 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-09-09 06:14:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-09-09 06:14:20 ----HDC---- C:\WINDOWS\$NtUninstallKB973768$
2009-08-28 17:06:29 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-08-13 11:29:23 ----D---- C:\Documents and Settings\Lejeune\Application Data\Download Manager
2009-08-12 23:13:52 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-08-12 23:13:48 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-08-12 23:13:43 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-08-12 23:13:39 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2009-08-12 23:13:34 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-08-12 23:13:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-08-12 23:13:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-08-12 23:13:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-08-12 23:12:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-08-06 05:18:51 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-08-05 21:46:12 ----D---- C:\dfa7adc192a258b9f0408b39cc6509d3
2009-08-05 21:43:32 ----D---- C:\WINDOWS\system32\XPSViewer
2009-08-05 21:43:28 ----D---- C:\Program Files\MSBuild
2009-08-05 21:43:27 ----D---- C:\WINDOWS\system32\en-US
2009-08-05 21:43:21 ----D---- C:\Program Files\Reference Assemblies
2009-08-05 21:43:01 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-08-05 21:43:01 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-08-05 21:43:01 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-08-05 21:43:01 ----D---- C:\10b43c0ddf8b267179
2009-08-05 21:41:58 ----SHD---- C:\Config.Msi
2009-08-04 18:52:22 ----A---- C:\WINDOWS\system32\FM20.DLL
2009-07-26 22:11:08 ----D---- C:\Program Files\Windows Live Safety Center
2009-07-26 15:44:56 ----A---- C:\WINDOWS\system32\sirenacm.dll
2009-07-21 22:03:10 ----D---- C:\Documents and Settings\Lejeune\Application Data\Google
2009-07-21 22:01:16 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-07-21 22:01:14 ----D---- C:\Program Files\Google
2009-07-21 00:05:40 ----A---- C:\WINDOWS\system32\msxml4.dll
2009-07-15 23:02:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-15 23:02:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-15 23:01:31 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-11 14:03:03 ----HD---- C:\WINDOWS\PIF
2009-07-08 11:23:59 ----A---- C:\WINDOWS\system32\pywintypes25.dll
2009-07-08 11:23:59 ----A---- C:\WINDOWS\system32\pythoncom25.dll
2009-07-08 11:23:59 ----A---- C:\WINDOWS\system32\python25.dll
2009-07-06 13:29:29 ----D---- C:\Documents and Settings\Lejeune\Application Data\Save
2009-06-12 00:08:32 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-06-12 00:08:28 ----HDC---- C:\WINDOWS\$NtUninstallKB969898$
2009-06-12 00:07:30 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-06-12 00:07:23 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-06-06 06:33:18 ----D---- C:\WINDOWS\ie8updates
2009-06-06 06:31:31 ----HDC---- C:\WINDOWS\ie8
2009-06-06 06:16:00 ----D---- C:\Documents and Settings\Lejeune\Application Data\U3
2009-05-10 11:53:53 ----D---- C:\Program Files\Fichiers communs\Motorola Shared
2009-05-10 10:51:05 ----D---- C:\Program Files\TomTom International B.V
2009-05-06 16:57:25 ----D---- C:\WINDOWS\msdownld.tmp
2009-04-15 23:55:44 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-04-15 23:55:39 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2009-04-15 23:54:16 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-04-15 23:54:09 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-04-15 23:54:04 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-04-15 23:53:57 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-03-11 23:05:13 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-03-11 23:05:10 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-03-11 23:05:06 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-03-11 23:04:51 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$
2009-03-08 13:17:46 ----N---- C:\WINDOWS\system32\msrating.dll.mui
2009-03-08 13:17:30 ----N---- C:\WINDOWS\system32\mshta.exe.mui
2009-03-08 13:16:06 ----N---- C:\WINDOWS\system32\ie4uinit.exe.mui
2009-03-08 13:15:48 ----N---- C:\WINDOWS\system32\iedkcs32.dll.mui
2009-02-25 12:17:55 ----A---- C:\WINDOWS\ipool.INI
2009-02-25 12:16:13 ----D---- C:\Games
2009-02-25 12:10:56 ----D---- C:\Documents and Settings\Lejeune\Application Data\Help
2009-02-25 12:07:42 ----D---- C:\Program Files\TomCat Soft
2009-02-25 01:23:48 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-02-21 19:51:27 ----D---- C:\Program Files\BzTarot
2009-02-21 19:51:03 ----A---- C:\WINDOWS\system32\SpoonUninstall.exe
2009-02-21 19:51:02 ----D---- C:\Program Files\Objectif Tarot
2009-02-19 10:31:36 ----D---- C:\Program Files\Webtarot
2009-02-19 10:15:02 ----D---- C:\Rummy Royal
2009-02-11 13:24:16 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-01-15 19:31:30 ----D---- C:\rsit
2009-01-15 19:31:30 ----D---- C:\Program Files\trend micro
2009-01-15 16:04:20 ----D---- C:\Documents and Settings\Lejeune\Application Data\Apple Computer
2009-01-15 16:04:15 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2009-01-15 16:04:01 ----D---- C:\Program Files\iPod
2009-01-15 16:03:59 ----D---- C:\Program Files\iTunes
2009-01-15 16:03:59 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-15 16:03:50 ----D---- C:\Program Files\Bonjour
2009-01-15 16:03:25 ----D---- C:\Program Files\QuickTime
2009-01-15 16:03:24 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-01-15 16:03:10 ----D---- C:\Program Files\Apple Software Update
2009-01-15 16:02:53 ----D---- C:\Program Files\Fichiers communs\Apple
2009-01-15 16:02:52 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-01-14 22:13:22 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-14 07:07:49 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-14 07:07:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-01-07 17:20:18 ----A---- C:\WINDOWS\system32\msdbg2.dll
2008-12-25 17:44:53 ----D---- C:\Documents and Settings\All Users\Application Data\TomTom
2008-12-25 17:44:17 ----D---- C:\Documents and Settings\Lejeune\Application Data\TomTom
2008-12-25 17:43:57 ----D---- C:\Program Files\TomTom HOME 2
2008-12-25 17:42:04 ----D---- C:\Program Files\TomTom DesktopSuite
2008-12-18 22:33:21 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-12-18 06:04:35 ----A---- C:\WINDOWS\system32\muweb.dll
2008-12-18 06:04:35 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-12-18 06:04:35 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-12-17 16:35:48 ----D---- C:\Program Files\MSN Messenger
2008-12-17 16:27:57 ----D---- C:\Documents and Settings\Lejeune\Application Data\MSNInstaller
2008-12-17 14:52:52 ----D---- C:\Program Files\Microsoft Silverlight
2008-12-17 14:50:43 ----D---- C:\Program Files\Windows Live SkyDrive
2008-12-17 14:41:09 ----D---- C:\Program Files\Fichiers communs\Windows Live
======List of files/folders modified in the last 1 months======
2010-01-14 21:55:21 ----SHD---- C:\WINDOWS\Installer
2010-01-14 21:55:16 ----RSD---- C:\WINDOWS\assembly
2010-01-13 22:39:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-13 22:39:29 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-13 22:39:03 ----A---- C:\WINDOWS\imsins.BAK
2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe
2009-12-28 23:57:07 ----D---- C:\Documents and Settings\Lejeune\Application Data\LimeWire
2009-12-24 09:26:48 ----SD---- C:\Documents and Settings\Lejeune\Application Data\Microsoft
2009-12-22 22:14:30 ----D---- C:\Program Files\MSECache
2009-12-09 23:18:07 ----D---- C:\Program Files\Internet Explorer
2009-12-04 06:39:59 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-11-25 23:03:38 ----D---- C:\WINDOWS\WinSxS
2009-11-22 18:27:10 ----D---- C:\WINDOWS\ehome
2009-11-04 19:12:59 ----D---- C:\WINDOWS\network diagnostic
2009-10-29 08:42:33 ----A---- C:\WINDOWS\system32\wininet.dll
2009-10-29 08:42:33 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-10-29 08:42:32 ----A---- C:\WINDOWS\system32\occache.dll
2009-10-29 08:42:32 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-10-29 08:42:31 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-10-29 08:42:31 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-10-29 08:42:30 ----A---- C:\WINDOWS\system32\jsproxy.dll
2009-10-29 08:42:30 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-10-29 08:42:29 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-10-29 08:42:29 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-10-29 08:42:27 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2009-10-28 16:07:15 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-10-28 15:40:47 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2009-10-21 06:39:43 ----A---- C:\WINDOWS\system32\strmfilt.dll
2009-10-21 06:39:43 ----A---- C:\WINDOWS\system32\httpapi.dll
2009-10-17 23:23:40 ----RSD---- C:\WINDOWS\Fonts
2009-10-17 23:23:24 ----D---- C:\Program Files\Microsoft Works
2009-10-17 23:22:34 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-10-15 17:32:12 ----A---- C:\WINDOWS\system32\t2embed.dll
2009-10-15 17:32:12 ----A---- C:\WINDOWS\system32\fontsub.dll
2009-10-15 05:56:16 ----D---- C:\WINDOWS\Microsoft.NET
2009-10-13 11:33:37 ----A---- C:\WINDOWS\system32\oakley.dll
2009-10-12 17:03:39 ----SHD---- C:\RECYCLER
2009-10-12 14:39:22 ----A---- C:\WINDOWS\system32\rastls.dll
2009-10-12 14:39:22 ----A---- C:\WINDOWS\system32\raschap.dll
2009-09-16 12:06:18 ----D---- C:\Program Files\Windows Live
2009-09-11 15:18:20 ----A---- C:\WINDOWS\system32\msv1_0.dll
2009-09-04 22:04:39 ----A---- C:\WINDOWS\system32\msasn1.dll
2009-08-26 09:01:24 ----A---- C:\WINDOWS\system32\strmdll.dll
2009-08-25 10:18:35 ----A---- C:\WINDOWS\system32\winhttp.dll
2009-08-12 23:13:26 ----D---- C:\Program Files\Outlook Express
2009-08-06 18:24:26 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2009-08-06 18:24:18 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-08-06 18:24:18 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-08-06 18:24:10 ----A---- C:\WINDOWS\system32\wups2.dll
2009-08-06 18:24:10 ----A---- C:\WINDOWS\system32\wups.dll
2009-08-06 18:24:06 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-08-06 18:24:04 ----A---- C:\WINDOWS\system32\cdm.dll
2009-08-06 18:24:00 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2009-08-06 18:23:54 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-08-06 18:23:46 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2009-08-06 18:23:46 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-08-06 05:19:03 ----D---- C:\WINDOWS\system32\CatRoot
2009-08-05 21:43:09 ----D---- C:\WINDOWS\system32\spool
2009-08-05 10:00:38 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2009-08-04 18:27:57 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2009-08-04 18:27:54 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2009-08-03 15:54:18 ----A---- C:\WINDOWS\ModemLog_SAMSUNG Mobile USB Modem.txt
2009-07-31 10:03:46 ----N---- C:\WINDOWS\system32\msxml6.dll
2009-07-31 05:33:43 ----A---- C:\WINDOWS\system32\msxml3.dll
2009-07-17 20:03:33 ----A---- C:\WINDOWS\system32\atl.dll
2009-07-17 17:16:51 ----A---- C:\WINDOWS\system32\query.dll
2009-07-13 22:43:24 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2009-07-13 22:43:24 ----A---- C:\WINDOWS\system32\wmp.dll
2009-07-11 14:03:03 ----D---- C:\Program Files\Windows Media Player
2009-07-10 15:08:44 ----SHD---- C:\System Volume Information
2009-07-10 15:08:44 ----D---- C:\WINDOWS\system32\Restore
2009-07-08 11:23:11 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-07-02 14:54:12 ----D---- C:\WINDOWS\system32\FxsTmp
2009-06-25 09:26:32 ----A---- C:\WINDOWS\system32\wdigest.dll
2009-06-25 09:26:32 ----A---- C:\WINDOWS\system32\secur32.dll
2009-06-25 09:26:32 ----A---- C:\WINDOWS\system32\schannel.dll
2009-06-25 09:26:32 ----A---- C:\WINDOWS\system32\lsasrv.dll
2009-06-25 09:26:31 ----A---- C:\WINDOWS\system32\kerberos.dll
2009-06-22 07:47:13 ----A---- C:\WINDOWS\system32\jscript.dll
2009-06-19 14:26:56 ----D---- C:\WINDOWS\system32\Macromed
2009-06-15 11:44:50 ----A---- C:\WINDOWS\system32\telnet.exe
2009-06-15 11:44:49 ----A---- C:\WINDOWS\system32\tlntsess.exe
2009-06-10 15:14:28 ----A---- C:\WINDOWS\system32\avifil32.dll
2009-06-10 08:21:22 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-06-10 07:15:17 ----A---- C:\WINDOWS\system32\wkssvc.dll
2009-06-03 20:10:33 ----A---- C:\WINDOWS\system32\quartz.dll
2009-05-20 03:56:52 ----A---- C:\WINDOWS\system32\WMVCore.dll
2009-05-10 11:54:00 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-05-07 16:33:02 ----A---- C:\WINDOWS\system32\localspl.dll
2009-04-16 05:46:59 ----D---- C:\WINDOWS\system32\wbem
2009-04-15 15:53:29 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2009-04-01 22:02:22 ----A---- C:\WINDOWS\system32\wmspdmod.dll
2009-03-21 15:07:58 ----A---- C:\WINDOWS\system32\kernel32.dll
2009-03-08 13:18:02 ----A---- C:\WINDOWS\system32\ieframe.dll.mui
2009-03-08 13:16:06 ----A---- C:\WINDOWS\system32\advpack.dll.mui
2009-03-08 03:34:48 ----A---- C:\WINDOWS\system32\WinFXDocObj.exe
2009-03-08 03:34:48 ----A---- C:\WINDOWS\system32\webcheck.dll
2009-03-08 03:34:30 ----A---- C:\WINDOWS\system32\licmgr10.dll
2009-03-08 03:34:28 ----A---- C:\WINDOWS\system32\url.dll
2009-03-08 03:34:18 ----A---- C:\WINDOWS\system32\msrating.dll
2009-03-08 03:33:40 ----A---- C:\WINDOWS\system32\corpol.dll
2009-03-08 03:33:08 ----A---- C:\WINDOWS\system32\ieaksie.dll
2009-03-08 03:33:06 ----A---- C:\WINDOWS\system32\vbscript.dll
2009-03-08 03:33:02 ----A---- C:\WINDOWS\system32\ieakeng.dll
2009-03-08 03:32:56 ----A---- C:\WINDOWS\system32\admparse.dll
2009-03-08 03:32:52 ----A---- C:\WINDOWS\system32\ieudinit.exe
2009-03-08 03:32:52 ----A---- C:\WINDOWS\system32\ieakui.dll
2009-03-08 03:32:50 ----A---- C:\WINDOWS\system32\iesetup.dll
2009-03-08 03:32:50 ----A---- C:\WINDOWS\system32\iernonce.dll
2009-03-08 03:32:48 ----A---- C:\WINDOWS\system32\advpack.dll
2009-03-08 03:32:46 ----A---- C:\WINDOWS\system32\inseng.dll
2009-03-08 03:32:04 ----A---- C:\WINDOWS\system32\mstime.dll
2009-03-08 03:31:54 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2009-03-08 03:31:52 ----A---- C:\WINDOWS\system32\icardie.dll
2009-03-08 03:31:44 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2009-03-08 03:31:38 ----A---- C:\WINDOWS\system32\imgutil.dll
2009-03-08 03:31:38 ----A---- C:\WINDOWS\system32\dxtrans.dll
2009-03-08 03:31:36 ----A---- C:\WINDOWS\system32\pngfilt.dll
2009-03-08 03:31:26 ----A---- C:\WINDOWS\system32\mshtmled.dll
2009-03-08 03:31:18 ----A---- C:\WINDOWS\system32\mshtmler.dll
2009-03-08 03:31:02 ----A---- C:\WINDOWS\system32\mshta.exe
2009-03-08 03:22:46 ----A---- C:\WINDOWS\system32\ieui.dll
2009-03-08 03:22:38 ----A---- C:\WINDOWS\system32\msls31.dll
2009-03-08 03:11:12 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2009-03-06 15:20:52 ----A---- C:\WINDOWS\system32\pdh.dll
2009-02-20 18:10:47 ----A---- C:\WINDOWS\system32\extmgr.dll
2009-02-09 12:23:48 ----A---- C:\WINDOWS\system32\services.exe
2009-02-09 11:53:55 ----A---- C:\WINDOWS\system32\rpcss.dll
2009-02-09 11:53:55 ----A---- C:\WINDOWS\system32\ntdll.dll
2009-02-09 11:53:55 ----A---- C:\WINDOWS\system32\advapi32.dll
2009-02-06 11:39:08 ----A---- C:\WINDOWS\system32\sc.exe
2009-01-25 15:16:05 ----D---- C:\Documents and Settings\Lejeune\Application Data\Adobe
2009-01-15 19:31:30 ----RD---- C:\Program Files
2009-01-15 18:50:25 ----A---- C:\WINDOWS\win.ini
2009-01-15 18:33:03 ----SD---- C:\WINDOWS\Tasks
2009-01-15 18:31:57 ----D---- C:\Program Files\Mozilla Firefox
2009-01-15 18:30:22 ----D---- C:\WINDOWS\Registration
2009-01-15 18:30:17 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-15 18:30:01 ----AD---- C:\WINDOWS
2009-01-15 18:26:34 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-15 18:21:48 ----AD---- C:\VALUEADD
2009-01-15 18:12:55 ----HD---- C:\WINDOWS\inf
2009-01-15 06:57:00 ----D---- C:\WINDOWS\temp
2009-01-15 06:53:03 ----AD---- C:\WINDOWS\system32\drivers
2009-01-15 06:41:26 ----AD---- C:\WINDOWS\system32
2009-01-15 06:41:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-01-14 22:59:50 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-14 22:02:43 ----D---- C:\WINDOWS\Prefetch
2009-01-07 17:21:08 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-01-07 17:21:08 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-01-07 17:21:04 ----A---- C:\WINDOWS\system32\xmllite.dll
2009-01-07 17:20:38 ----A---- C:\WINDOWS\system32\nlsdl.dll
2009-01-07 17:20:36 ----A---- C:\WINDOWS\system32\normaliz.dll
2009-01-07 17:20:36 ----A---- C:\WINDOWS\system32\idndl.dll
2008-12-17 16:37:32 ----D---- C:\Program Files\Messenger Plus! Live
2008-12-17 14:52:05 ----D---- C:\WINDOWS\system32\DirectX
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-07-18 1621504]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-06 4284928]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-09-08 6144]
R3 psdfilter;psdfilter; \??\C:\WINDOWS\system32\Drivers\psdfilter.sys []
R3 psdvdisk;psdvdisk; \??\C:\WINDOWS\system32\Drivers\psdvdisk.sys []
R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-07-10 244864]
R3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2004-10-25 17664]
S3 GEMPC430;Lecteur de cartes à puce GEMPLUS GemPC430 USB; C:\WINDOWS\system32\DRIVERS\grclass.sys [2001-08-23 82560]
S3 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 402432]
S3 ZD1211U(ZyDAS);ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211u.sys [2005-10-04 280064]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73600]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcerMemUsageCheckService;Memory Check Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-05-11 28672]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-07-18 401408]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-13 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-02-17 73728]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-04-24 92008]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 gupdate1ca0a468d679126;Service Google Update (gupdate1ca0a468d679126); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-21 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-21 190448]
S2 Kwanzy Service;Kwanzy Service; C:\Documents and Settings\All Users\Application Data\Kwanzy\kwanzy131.exe [2009-11-26 46432]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Le voila dsl
Pas de soucis! Tu es pas mal infecté! ![:o]( ":o")
Fais ça:
Télécharger sur le bureau Malwarebyte's Anti-Malware
* Double-clic sur « mbam-setup » pour lancer l'installation
* Installer simplement sans rien modifier
* Quand le programme lancé ==> onglet « Mise à jour » cliquer sur ==> « Recherche de mise à jour »
Onglet « Recherche » ==> cocher « Exécuter un examen complet »
* Clic « Rechercher »
* Cocher tous les disque dur
* Clic « Lancer l'examen »
* En fin de scan , si infection trouvée
==> Clic « Afficher résultat »
* Fermer vos applications en cours
* Vérifier si tout est coché et clic « Supprimer la sélection »
* un rapport s'ouvre le copier et le coller dans la réponse
Fais ça:
Télécharger sur le bureau Malwarebyte's Anti-Malware
* Double-clic sur « mbam-setup » pour lancer l'installation
* Installer simplement sans rien modifier
* Quand le programme lancé ==> onglet « Mise à jour » cliquer sur ==> « Recherche de mise à jour »
Onglet « Recherche » ==> cocher « Exécuter un examen complet »
* Clic « Rechercher »
* Cocher tous les disque dur
* Clic « Lancer l'examen »
* En fin de scan , si infection trouvée
==> Clic « Afficher résultat »
* Fermer vos applications en cours
* Vérifier si tout est coché et clic « Supprimer la sélection »
* un rapport s'ouvre le copier et le coller dans la réponse
Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3570
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
15/01/2009 20:53:41
mbam-log-2009-01-15 (20-53-41).txt
Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Eléments examinés: 600481
Temps écoulé: 47 minute(s), 3 second(s)
Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 22
Valeur(s) du Registre infectée(s): 6
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 6
Fichier(s) infecté(s): 25
Processus mémoire infecté(s):
C:\Documents and Settings\Lejeune\Application Data\WhereSphere\wheresphere.exe (Adware.WhereSphere) -> Unloaded process successfully.
C:\Documents and Settings\Lejeune\Application Data\Microsoft\Windows\oulwsv.exe (Trojan.Downloader) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\Program Files\Mozilla Firefox\components\wsff.dll (Adware.WhereSphere) -> Delete on reboot.
C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll (Trojan.FakeAlert) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{c2b5aab8-2183-4be7-81a6-f11493c45872} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c2b5aab8-2183-4be7-81a6-f11493c45872} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2b5aab8-2183-4be7-81a6-f11493c45872} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{6b0da396-2dee-e4c6-d02b-575ff7159670} (Adware.PlayMP3z) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\kwanzy (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{012eeb6c-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{012eeb6c-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{012eeb6c-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{012eeb6c-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{012eeb6d-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{012eeb6d-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{012eeb6d-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{012eeb6d-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wheresphere (Adware.WhereSphere) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Kwanzy (Adware.Kwanzy) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\WhereSphere (Adware.WhereSphere) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Kwanzy Service (Adware.Kwanzy) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AwesomeBestShoppingTipsProgram (Adware.PlayMP3z) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\RelatedPageInstall (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AppDataLow\HavingFunOnline (Adware.BHO.FL) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{146cabea-1007-d98f-47e0-71442ac2d3ec} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{146cabea-1007-d98f-47e0-71442ac2d3ec} (Adware.BHO) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{012eeb6c-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{012eeb6c-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wheresphere (Adware.WhereSphere) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sfkg6wipus (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus plus (Rogue.AntivirusPlus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus plus (Rogue.AntivirusPlus) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AntiVirus Plus (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Menu Démarrer\Programmes\AntiVirus Plus (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Application Data\WhereSphere (Adware.WhereSphere) -> Quarantined and deleted successfully.
C:\Program Files\Kwanzy (Adware.Kwanzy) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Kwanzy (Adware.Kwanzy) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus (Rogue.AntiVirusPlus) -> Delete on reboot.
Fichier(s) infecté(s):
C:\Program Files\Mozilla Firefox\components\wsff.dll (Adware.WhereSphere) -> Delete on reboot.
C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll (Trojan.FakeAlert) -> Delete on reboot.
C:\Documents and Settings\All Users\Application Data\Kwanzy\kwanzy131.exe (Adware.Kwanzy) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Mes documents\util\SMSMoveX800.exe (Worm.Koobface) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Mes documents\util\SMSMoveZ510.exe (Worm.Koobface) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Mes documents\util\SMSMoveD500.exe (Worm.Koobface) -> Quarantined and deleted successfully.
C:\Program Files\Kwanzy\kwanzy.exe (Adware.Kwanzy) -> Quarantined and deleted successfully.
C:\Program Files\Kwanzy\uninstall.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f978.dll (Adware.Mirar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AntiVirus Plus\AntiVirus Plus.lnk (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AntiVirus Plus\EULA.url (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Menu Démarrer\Programmes\AntiVirus Plus\AntiVirus Plus.lnk (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Menu Démarrer\Programmes\AntiVirus Plus\EULA.url (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Application Data\WhereSphere\config.cfg (Adware.WhereSphere) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Application Data\WhereSphere\WhereSphere.exe (Adware.WhereSphere) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Application Data\WhereSphere\WSUninstall.exe (Adware.WhereSphere) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Application Data\Microsoft\Windows\oulwsv.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Application Data\avp.ico (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Program Files\mozilla firefox\searchPlugins\kwanzy129.xml (Adware.Kwanzy) -> Quarantined and deleted successfully.
C:\Program Files\mozilla firefox\searchPlugins\kwanzy131.xml (Adware.Kwanzy) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Bureau\AntiVirus Plus.lnk (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Application Data\Microsoft\Internet Explorer\Quick Launch\AntiVirus Plus.lnk (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\AntiVirus Plus.lnk (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Menu Démarrer\Programmes\Démarrage\AntiVirus Plus.lnk (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\03-ByyQ.dll (Adware.BHO) -> Quarantined and deleted successfully.
Version de la base de données: 3570
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
15/01/2009 20:53:41
mbam-log-2009-01-15 (20-53-41).txt
Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Eléments examinés: 600481
Temps écoulé: 47 minute(s), 3 second(s)
Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 22
Valeur(s) du Registre infectée(s): 6
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 6
Fichier(s) infecté(s): 25
Processus mémoire infecté(s):
C:\Documents and Settings\Lejeune\Application Data\WhereSphere\wheresphere.exe (Adware.WhereSphere) -> Unloaded process successfully.
C:\Documents and Settings\Lejeune\Application Data\Microsoft\Windows\oulwsv.exe (Trojan.Downloader) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\Program Files\Mozilla Firefox\components\wsff.dll (Adware.WhereSphere) -> Delete on reboot.
C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll (Trojan.FakeAlert) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{c2b5aab8-2183-4be7-81a6-f11493c45872} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c2b5aab8-2183-4be7-81a6-f11493c45872} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2b5aab8-2183-4be7-81a6-f11493c45872} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{6b0da396-2dee-e4c6-d02b-575ff7159670} (Adware.PlayMP3z) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\kwanzy (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{012eeb6c-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{012eeb6c-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{012eeb6c-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{012eeb6c-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{012eeb6d-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{012eeb6d-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{012eeb6d-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{012eeb6d-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wheresphere (Adware.WhereSphere) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Kwanzy (Adware.Kwanzy) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\WhereSphere (Adware.WhereSphere) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Kwanzy Service (Adware.Kwanzy) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AwesomeBestShoppingTipsProgram (Adware.PlayMP3z) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\RelatedPageInstall (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AppDataLow\HavingFunOnline (Adware.BHO.FL) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{146cabea-1007-d98f-47e0-71442ac2d3ec} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{146cabea-1007-d98f-47e0-71442ac2d3ec} (Adware.BHO) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{012eeb6c-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{012eeb6c-1444-4a6a-8976-6c7a756612c0} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wheresphere (Adware.WhereSphere) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sfkg6wipus (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus plus (Rogue.AntivirusPlus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus plus (Rogue.AntivirusPlus) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AntiVirus Plus (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Menu Démarrer\Programmes\AntiVirus Plus (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Application Data\WhereSphere (Adware.WhereSphere) -> Quarantined and deleted successfully.
C:\Program Files\Kwanzy (Adware.Kwanzy) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Kwanzy (Adware.Kwanzy) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus (Rogue.AntiVirusPlus) -> Delete on reboot.
Fichier(s) infecté(s):
C:\Program Files\Mozilla Firefox\components\wsff.dll (Adware.WhereSphere) -> Delete on reboot.
C:\Documents and Settings\Lejeune\Application Data\AntiVirus Plus\AntiVirus Plus.70700.dll (Trojan.FakeAlert) -> Delete on reboot.
C:\Documents and Settings\All Users\Application Data\Kwanzy\kwanzy131.exe (Adware.Kwanzy) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Mes documents\util\SMSMoveX800.exe (Worm.Koobface) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Mes documents\util\SMSMoveZ510.exe (Worm.Koobface) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Mes documents\util\SMSMoveD500.exe (Worm.Koobface) -> Quarantined and deleted successfully.
C:\Program Files\Kwanzy\kwanzy.exe (Adware.Kwanzy) -> Quarantined and deleted successfully.
C:\Program Files\Kwanzy\uninstall.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f978.dll (Adware.Mirar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AntiVirus Plus\AntiVirus Plus.lnk (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AntiVirus Plus\EULA.url (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Menu Démarrer\Programmes\AntiVirus Plus\AntiVirus Plus.lnk (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Menu Démarrer\Programmes\AntiVirus Plus\EULA.url (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Application Data\WhereSphere\config.cfg (Adware.WhereSphere) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Application Data\WhereSphere\WhereSphere.exe (Adware.WhereSphere) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Application Data\WhereSphere\WSUninstall.exe (Adware.WhereSphere) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Application Data\Microsoft\Windows\oulwsv.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Application Data\avp.ico (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Program Files\mozilla firefox\searchPlugins\kwanzy129.xml (Adware.Kwanzy) -> Quarantined and deleted successfully.
C:\Program Files\mozilla firefox\searchPlugins\kwanzy131.xml (Adware.Kwanzy) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Bureau\AntiVirus Plus.lnk (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Application Data\Microsoft\Internet Explorer\Quick Launch\AntiVirus Plus.lnk (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\AntiVirus Plus.lnk (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lejeune\Menu Démarrer\Programmes\Démarrage\AntiVirus Plus.lnk (Rogue.AntiVirusPlus) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\03-ByyQ.dll (Adware.BHO) -> Quarantined and deleted successfully.
Logfile of random's system information tool 1.06 (written by random/random)
Run by Lejeune at 2010-01-15 21:01:49
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 50 GB (68%) free of 73 GB
Total RAM: 2815 MB (75% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:01:58, on 15/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Lejeune\Bureau\RSIT.exe
C:\Program Files\trend micro\Lejeune.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://moteur.chat-land.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S8F.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.chat-land.org
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate1ca0a468d679126) (gupdate1ca0a468d679126) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
--
End of file - 8756 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-13 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-07-21 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-13 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-13 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar.dll [2006-03-08 106496]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584]
"LaunchApp"=Alaunch []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-01 16208384]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]
"IMEKRMIG6.1"=C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [2004-08-10 44032]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-10 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"Acer Empowering Technology Monitor"=C:\WINDOWS\system32\SysMonitor.exe [2006-04-18 49152]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2006-06-01 413696]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2006-03-17 345088]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"EPSON Stylus DX4400 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [2007-03-01 180736]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-21 39408]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWQueuedReporting]
C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe [2007-02-26 437160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe [2005-11-10 36975]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-04-24 251240]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
Acer WLAN 11g USB Dongle.lnk - C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-07-18 86016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1be4f3d0-5259-11de-b91a-001e2a4bebd5}]
shell\AutoRun\command - J:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eaaed366-d2a2-11dd-b853-001e2a4bebd5}]
shell\AutoRun\command - J:\InstallTomTomHOME.exe
======List of files/folders created in the last 1 months======
2010-01-14 20:33:44 ----A---- C:\WINDOWS\system32\y-W-MOG7b.exe
2010-01-13 22:39:30 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-13 22:38:57 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2009-12-28 18:02:30 ----D---- C:\Documents and Settings\Lejeune\Application Data\Audacity
======List of files/folders modified in the last 1 months======
2010-01-15 21:01:51 ----D---- C:\Program Files\trend micro
2010-01-15 21:01:31 ----D---- C:\WINDOWS\temp
2010-01-15 21:01:28 ----SD---- C:\WINDOWS\Tasks
2010-01-14 21:55:21 ----SHD---- C:\WINDOWS\Installer
2010-01-14 21:55:21 ----SHD---- C:\Config.Msi
2010-01-14 21:55:16 ----RSD---- C:\WINDOWS\assembly
2010-01-13 22:39:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-13 22:39:29 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-13 22:39:03 ----A---- C:\WINDOWS\imsins.BAK
2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe
2009-12-28 23:57:07 ----D---- C:\Documents and Settings\Lejeune\Application Data\LimeWire
2009-12-24 09:26:48 ----SD---- C:\Documents and Settings\Lejeune\Application Data\Microsoft
2009-12-22 22:14:30 ----D---- C:\Program Files\MSECache
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-07-18 1621504]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-06 4284928]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-09-08 6144]
R3 psdfilter;psdfilter; \??\C:\WINDOWS\system32\Drivers\psdfilter.sys []
R3 psdvdisk;psdvdisk; \??\C:\WINDOWS\system32\Drivers\psdvdisk.sys []
R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-07-10 244864]
R3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2004-10-25 17664]
S3 GEMPC430;Lecteur de cartes à puce GEMPLUS GemPC430 USB; C:\WINDOWS\system32\DRIVERS\grclass.sys [2001-08-23 82560]
S3 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 402432]
S3 ZD1211U(ZyDAS);ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211u.sys [2005-10-04 280064]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73600]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcerMemUsageCheckService;Memory Check Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-05-11 28672]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-07-18 401408]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-13 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-02-17 73728]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-04-24 92008]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 gupdate1ca0a468d679126;Service Google Update (gupdate1ca0a468d679126); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-21 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-21 190448]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Il y a que celui ci qui a apparu lorsque j'ai refait le RSIT
Run by Lejeune at 2010-01-15 21:01:49
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 50 GB (68%) free of 73 GB
Total RAM: 2815 MB (75% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:01:58, on 15/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Lejeune\Bureau\RSIT.exe
C:\Program Files\trend micro\Lejeune.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://moteur.chat-land.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S8F.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.chat-land.org
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate1ca0a468d679126) (gupdate1ca0a468d679126) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
--
End of file - 8756 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-13 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-07-21 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-13 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-13 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar.dll [2006-03-08 106496]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584]
"LaunchApp"=Alaunch []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-01 16208384]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]
"IMEKRMIG6.1"=C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [2004-08-10 44032]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-10 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"Acer Empowering Technology Monitor"=C:\WINDOWS\system32\SysMonitor.exe [2006-04-18 49152]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2006-06-01 413696]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2006-03-17 345088]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"EPSON Stylus DX4400 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [2007-03-01 180736]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-21 39408]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWQueuedReporting]
C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe [2007-02-26 437160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe [2005-11-10 36975]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-04-24 251240]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
Acer WLAN 11g USB Dongle.lnk - C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-07-18 86016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1be4f3d0-5259-11de-b91a-001e2a4bebd5}]
shell\AutoRun\command - J:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eaaed366-d2a2-11dd-b853-001e2a4bebd5}]
shell\AutoRun\command - J:\InstallTomTomHOME.exe
======List of files/folders created in the last 1 months======
2010-01-14 20:33:44 ----A---- C:\WINDOWS\system32\y-W-MOG7b.exe
2010-01-13 22:39:30 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-13 22:38:57 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2009-12-28 18:02:30 ----D---- C:\Documents and Settings\Lejeune\Application Data\Audacity
======List of files/folders modified in the last 1 months======
2010-01-15 21:01:51 ----D---- C:\Program Files\trend micro
2010-01-15 21:01:31 ----D---- C:\WINDOWS\temp
2010-01-15 21:01:28 ----SD---- C:\WINDOWS\Tasks
2010-01-14 21:55:21 ----SHD---- C:\WINDOWS\Installer
2010-01-14 21:55:21 ----SHD---- C:\Config.Msi
2010-01-14 21:55:16 ----RSD---- C:\WINDOWS\assembly
2010-01-13 22:39:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-13 22:39:29 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-13 22:39:03 ----A---- C:\WINDOWS\imsins.BAK
2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe
2009-12-28 23:57:07 ----D---- C:\Documents and Settings\Lejeune\Application Data\LimeWire
2009-12-24 09:26:48 ----SD---- C:\Documents and Settings\Lejeune\Application Data\Microsoft
2009-12-22 22:14:30 ----D---- C:\Program Files\MSECache
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-07-18 1621504]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-06 4284928]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-09-08 6144]
R3 psdfilter;psdfilter; \??\C:\WINDOWS\system32\Drivers\psdfilter.sys []
R3 psdvdisk;psdvdisk; \??\C:\WINDOWS\system32\Drivers\psdvdisk.sys []
R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-07-10 244864]
R3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2004-10-25 17664]
S3 GEMPC430;Lecteur de cartes à puce GEMPLUS GemPC430 USB; C:\WINDOWS\system32\DRIVERS\grclass.sys [2001-08-23 82560]
S3 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 402432]
S3 ZD1211U(ZyDAS);ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211u.sys [2005-10-04 280064]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73600]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcerMemUsageCheckService;Memory Check Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-05-11 28672]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-07-18 401408]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-13 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-02-17 73728]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-04-24 92008]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 gupdate1ca0a468d679126;Service Google Update (gupdate1ca0a468d679126); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-21 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-21 190448]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Il y a que celui ci qui a apparu lorsque j'ai refait le RSIT
Télécharger sur le bureau « OTMoveIt.exe »
* Copier ce texte
* Double-clic sur OTMoveIt.exe
* Dans le cadre de Gauche « Paste Instructions for Items to be Moved » ==> clic-droit ==> coller
* Clic « MoveIt! »
* si redémarrage demandé==> Clic : « YES »
* Un rapport dans ==> C:\_OTMoveIt\MovedFiles\date du jour à copier/coller dans la réponse (format du type => mmjjaaaa_hhmmss.log)
===
Redémarre et dis si tu as encore des soucis![;)]( ";)")
* Copier ce texte
:Processes
explorer.exe
:Files
C:\WINDOWS\system32\y-W-MOG7b.exe
:Commands
[emptytemp]
[start explorer]
[Reboot]
explorer.exe
:Files
C:\WINDOWS\system32\y-W-MOG7b.exe
:Commands
[emptytemp]
[start explorer]
[Reboot]
* Double-clic sur OTMoveIt.exe
* Dans le cadre de Gauche « Paste Instructions for Items to be Moved » ==> clic-droit ==> coller
* Clic « MoveIt! »
* si redémarrage demandé==> Clic : « YES »
* Un rapport dans ==> C:\_OTMoveIt\MovedFiles\date du jour à copier/coller dans la réponse (format du type => mmjjaaaa_hhmmss.log)
===
Redémarre et dis si tu as encore des soucis
Laisse tomber ![:lol:]( ":lol:")
ça voulait dire de poster le rapport et j'indiquais où il se trouvait!
===
1/ Pour supprimer les utilitaires téléchargés:
* Télécharge ToolsCleaner2 sur ton bureau
* Double-clique sur « Toolscleaner.exe »
* Clique sur « restauration » pour créer un point de restauration.
* Puis clique sur « recherche »
* Quand la recherche sera terminée, clique sur « suppression ».
* A la fin (il y aura des indications dans le cadre en-dessous), clique sur « quitter » et poste le rapport qui se trouve dans « C:\Tcleaner.txt »
* Clique droit sur son icône => « supprimer »
2/ Pour supprimer les fichiers temporaires (à utiliser régulièrement!):
Télécharge sur le bureau « ATF-Cleaner »
* Double-clic dessus
* Sous l'onglet « Main », choisis« Select All »
* Clique sur le bouton « Empty Selected »
* Patiente le temps du nettoyage, puis « Ok »
** Note: Le prochain démarrage du PC sera un peu plus long, le prefetch ayant été vidé
-----
3/ Désactiver et réactiver la restauration système:
- sous xp:
* Clique-Droit sur Poste de Travail
* Clique « Propriétés »
* Clique « Restauration du système »
* Cocher : « Désactiver la restauration système sur tous les lecteurs »
* Valider en cliquant sur « OK »
-> Redémarrer le pc
* Et même manoeuvre en décochant pour rétablir la restauration
* Puis Menu Démarrer ==> Tous les programmes ==> Accessoires ==> Outils système ==> Restauration système
* Clique « Créer un nouveau point de restauration »
** note => le nom donné n’a aucune importance
- sous vista:
* Clique sur Démarrer
* Clique-droit sur « Ordinateur »
* Clique « Propriétés »
* Clique « Protection du système »
* Décocher : « C »
* Valider en cliquant sur « OK »
-> Redémarrer le pc
* Et même manoeuvre en recochant pour rétablir la restauration
* Puis de même et cliquer « créer » pour établir un nouveau point de restauration
-----
4/ Garder malwarebytes' et penser à faire des scans réguliers avec ce dernier!
=> Tuto malwarebytes'
-----
5/ Un dossier sur les infections à lire si ça t'interesse => Lien
-----
6/ Problème résolu?
Alors penser à mettre le sujet en résolu en éditant ton titre!![:clin:]( ":clin:")
ça voulait dire de poster le rapport et j'indiquais où il se trouvait!===
1/ Pour supprimer les utilitaires téléchargés:
* Télécharge ToolsCleaner2 sur ton bureau
* Double-clique sur « Toolscleaner.exe »
* Clique sur « restauration » pour créer un point de restauration.
* Puis clique sur « recherche »
* Quand la recherche sera terminée, clique sur « suppression ».
* A la fin (il y aura des indications dans le cadre en-dessous), clique sur « quitter » et poste le rapport qui se trouve dans « C:\Tcleaner.txt »
* Clique droit sur son icône => « supprimer »
2/ Pour supprimer les fichiers temporaires (à utiliser régulièrement!):
Télécharge sur le bureau « ATF-Cleaner »
* Double-clic dessus
* Sous l'onglet « Main », choisis« Select All »
* Clique sur le bouton « Empty Selected »
* Patiente le temps du nettoyage, puis « Ok »
** Note: Le prochain démarrage du PC sera un peu plus long, le prefetch ayant été vidé
-----
3/ Désactiver et réactiver la restauration système:
- sous xp:
* Clique-Droit sur Poste de Travail
* Clique « Propriétés »
* Clique « Restauration du système »
* Cocher : « Désactiver la restauration système sur tous les lecteurs »
* Valider en cliquant sur « OK »
-> Redémarrer le pc
* Et même manoeuvre en décochant pour rétablir la restauration
* Puis Menu Démarrer ==> Tous les programmes ==> Accessoires ==> Outils système ==> Restauration système
* Clique « Créer un nouveau point de restauration »
** note => le nom donné n’a aucune importance
- sous vista:
* Clique sur Démarrer
* Clique-droit sur « Ordinateur »
* Clique « Propriétés »
* Clique « Protection du système »
* Décocher : « C »
* Valider en cliquant sur « OK »
-> Redémarrer le pc
* Et même manoeuvre en recochant pour rétablir la restauration
* Puis de même et cliquer « créer » pour établir un nouveau point de restauration
-----
4/ Garder malwarebytes' et penser à faire des scans réguliers avec ce dernier!
=> Tuto malwarebytes'
-----
5/ Un dossier sur les infections à lire si ça t'interesse => Lien
-----
6/ Problème résolu?
Alors penser à mettre le sujet en résolu en éditant ton titre!
!!
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumInstallation Kaspersky anti-virus et internet sécurité 2012
- SolutionsMon ordinateur portable ne s'allume plus, est-ce l'antivirus ?
- ForumSuppression de mes données photo et vidéo par mon anti-virus
- Solutionsmon antivirus bitdefender ne veut plus démarrer
- Forumantivirus norton 2012
- Forum[résolu ] Détection du virus :TR / Aluroot.b.63. avec antivirus Avira.
- ForumProbleme de fichier MOM.implementation + probleme a instalé antivirus
- Solutionsbonjourj'ai installer plusieurs anti-virus gratuitement et je voudrais savoir comment les desactiv
- SolutionsQuel est le meilleur antivirus pour windows 7
- Voir plus
