Infection go.google
Résolu
serendipity
Messages postés
5
Statut
Membre
-
Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention -
Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention -
Bonsoir,
je me suis retrouvé infécté par go.google, et en cherchant sur internet j'ai réussi à telecharger avg rootkit.
j'ai scanner mon pc avec avg rootkit et je joins le rapport trouvé :
C:\WINDOWS\system32\drivers\TDSSmqct.sys
C:\WINDOWS\system32\drivers\TDSSmqct.sys
C:\WINDOWS\system32\TDSSarxx.dll
C:\WINDOWS\system32\TDSScfmm.dll
C:\WINDOWS\system32\TDSSkkai.log
C:\WINDOWS\system32\TDSSlxcp.dll
C:\WINDOWS\system32\TDSSotty.dll
C:\WINDOWS\system32\TDSSrpye.dat
C:\WINDOWS\system32\TDSSvoql.dll
j'ai essayé de les surpprimé mais avg met un message comme quoi c'est dangereu de l'effacer pour mon pc
donc puis je les supprimé sans m'inquiété du resultat ou ne dois je pas les touché ?
merci de votre aide
je me suis retrouvé infécté par go.google, et en cherchant sur internet j'ai réussi à telecharger avg rootkit.
j'ai scanner mon pc avec avg rootkit et je joins le rapport trouvé :
C:\WINDOWS\system32\drivers\TDSSmqct.sys
C:\WINDOWS\system32\drivers\TDSSmqct.sys
C:\WINDOWS\system32\TDSSarxx.dll
C:\WINDOWS\system32\TDSScfmm.dll
C:\WINDOWS\system32\TDSSkkai.log
C:\WINDOWS\system32\TDSSlxcp.dll
C:\WINDOWS\system32\TDSSotty.dll
C:\WINDOWS\system32\TDSSrpye.dat
C:\WINDOWS\system32\TDSSvoql.dll
j'ai essayé de les surpprimé mais avg met un message comme quoi c'est dangereu de l'effacer pour mon pc
donc puis je les supprimé sans m'inquiété du resultat ou ne dois je pas les touché ?
merci de votre aide
A voir également:
- Infection go.google
- Infection ad.doubleclick.net ✓ - Forum Virus
- Infection FileRepMetagen - Forum Virus
- Infection WonderShare ✓ - Forum Virus
- Infection winrmsrv ✓ - Forum Virus
- Infection fahcore_a8 ✓ - Forum Virus
10 réponses
Salut,
/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\
--> Télécharge ComboFix (de sUBs) sur ton Bureau.
--> Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
--> Il va te demander d'installer la console de récupération : accepte.
--> Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.
Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\
--> Télécharge ComboFix (de sUBs) sur ton Bureau.
--> Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
--> Il va te demander d'installer la console de récupération : accepte.
--> Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.
Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
re bonsoir,
je ne peut pas télécharger combofix car cela m'emmene sur un autre site a cause du virus, auriez-vous un autre logiciels pour vous faire un rapports ?
une autre question :
est-ce que le logiciels "HijackThis" peut faire l'affaire, car ce logiciels est déjà installé .
je ne peut pas télécharger combofix car cela m'emmene sur un autre site a cause du virus, auriez-vous un autre logiciels pour vous faire un rapports ?
une autre question :
est-ce que le logiciels "HijackThis" peut faire l'affaire, car ce logiciels est déjà installé .
bonsoir,
comme vous me l'avez demandé, voici tout le rapport de "COMBOFIX"
ComboFix 09-01-01.02 - j 2009-01-03 1:30:33.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1014.585 [GMT 1:00]
Lancé depuis: c:\downloads\CF-serendipity.exe
.
[i] ADS - WINDOWS: deleted 48 bytes in 1 streams. /i
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\Solt Lake Software
c:\documents and settings\j\Application Data\inst.exe
c:\documents and settings\j\Application Data\urlredir.cfg
c:\program files\FBrowserAdvisor
c:\program files\FBrowsingAdvisor
c:\program files\FBrowsingAdvisor\IXPCOMEvents.xpt
c:\program files\FBrowsingAdvisor\Logo.png
c:\program files\FBrowsingAdvisor\main.db
c:\program files\FBrowsingAdvisor\unins000.dat
c:\program files\FBrowsingAdvisor\unins000.exe
c:\program files\FBrowsingAdvisor\XPCOMEvents.dll
c:\windows\pack.epk
c:\windows\system32\404Fix.exe
c:\windows\system32\ckmwksy.dat
c:\windows\system32\ckmwksy_nav.dat
c:\windows\system32\ckmwksy_navps.dat
c:\windows\system32\csoaq.dat
c:\windows\system32\csoaq_nav.dat
c:\windows\system32\csoaq_navps.dat
c:\windows\system32\dcads-remove.exe
c:\windows\system32\DcadsSocial-uninstall.exe
c:\windows\system32\drivers\TDSSmqct.sys
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\kaoesus.dat
c:\windows\system32\kaoesus.exe
c:\windows\system32\kaoesus_nav.dat
c:\windows\system32\kaoesus_navps.dat
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\superiorads-uninst.exe
c:\windows\system32\TDSSarxx.dll
c:\windows\system32\TDSScfmm.dll
c:\windows\system32\TDSSkkai.log
c:\windows\system32\TDSSlxcp.dll
c:\windows\system32\TDSSnmxh.log
c:\windows\system32\TDSSotty.dll
c:\windows\system32\TDSSrpye.dat
c:\windows\system32\TDSSsahc.dll
c:\windows\system32\TDSSvoql.dll
c:\windows\system32\TDSSxhyf.log
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_TDSSserv.sys
-------\Legacy_TDSSserv.sys
-------\Legacy_BOONTY_GAMES
-------\Service_Boonty Games
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-03 au 2009-01-03 ))))))))))))))))))))))))))))))))))))
.
2009-01-02 16:41 . 2007-01-18 13:00 3,968 --a------ c:\windows\system32\drivers\AvgArCln.sys
2008-12-28 17:17 . 2008-12-12 00:57 78,336 --a------ c:\windows\system32\Agent.OMZ.Fix.exe
2008-12-28 12:27 . 2008-12-28 13:24 <REP> d-------- C:\csscod
2008-12-28 11:31 . 2008-12-28 11:31 <REP> d-------- c:\documents and settings\j\Application Data\Grisoft
2008-12-28 11:31 . 2007-05-30 13:10 10,872 --a------ c:\windows\system32\drivers\AvgAsCln.sys
2008-12-28 11:14 . 2008-12-28 11:14 <REP> d-------- c:\program files\XoftSpySE
2008-12-28 09:19 . 2008-12-28 09:20 <REP> d-------- c:\documents and settings\j\Application Data\PCErrorFix
2008-12-27 14:24 . 2008-12-27 14:24 <REP> d-------- c:\program files\iTunes
2008-12-27 14:24 . 2008-12-27 14:24 <REP> d-------- c:\program files\iPod
2008-12-27 14:24 . 2008-12-27 14:24 <REP> d-------- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-27 14:24 . 2008-04-17 13:12 107,368 --a------ c:\windows\system32\GEARAspi.dll
2008-12-27 14:24 . 2008-04-17 13:12 15,464 --a------ c:\windows\system32\drivers\GEARAspiWDM.sys
2008-12-27 14:23 . 2008-12-27 14:23 <REP> d-------- c:\program files\QuickTime
2008-12-27 14:23 . 2008-12-27 14:24 <REP> d-------- c:\documents and settings\All Users\Application Data\Apple Computer
2008-12-27 14:16 . 2008-12-27 14:24 <REP> d-------- c:\program files\Fichiers communs\Apple
2008-12-27 14:13 . 2008-12-27 14:13 <REP> d-------- c:\program files\Apple Software Update
2008-12-27 14:13 . 2008-12-27 14:13 <REP> d-------- c:\documents and settings\All Users\Application Data\Apple
2008-12-27 13:41 . 2008-12-27 13:49 <REP> d-------- c:\program files\QUAD Utilities
2008-12-27 12:44 . 2008-09-08 11:41 333,824 --------- c:\windows\system32\dllcache\srv.sys
2008-12-27 12:42 . 2008-09-15 16:26 1,846,528 --------- c:\windows\system32\dllcache\win32k.sys
2008-12-27 12:41 . 2008-08-14 14:23 2,191,232 --------- c:\windows\system32\dllcache\ntoskrnl.exe
2008-12-27 12:41 . 2008-08-14 14:23 2,147,328 --------- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-12-27 12:41 . 2008-08-14 14:23 2,068,096 --------- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-12-27 12:41 . 2008-08-14 14:23 2,025,984 --------- c:\windows\system32\dllcache\ntkrpamp.exe
2008-12-27 12:41 . 2008-09-04 18:16 1,106,944 --------- c:\windows\system32\dllcache\msxml3.dll
2008-12-27 12:41 . 2008-10-24 12:21 455,296 --------- c:\windows\system32\dllcache\mrxsmb.sys
2008-12-27 12:41 . 2008-10-15 17:35 337,408 --------- c:\windows\system32\dllcache\netapi32.dll
2008-12-27 10:55 . 2008-12-27 10:55 <REP> d-------- c:\program files\Fichiers communs\Wise Installation Wizard
2008-12-27 10:42 . 2008-12-27 10:56 <REP> d-------- c:\program files\Lavasoft
2008-12-24 12:50 . 2008-12-24 12:50 67 --a------ c:\windows\cdplayer.ini
2008-12-24 11:28 . 2008-12-24 11:28 <REP> d-------- c:\program files\Fichiers communs\xing shared
2008-12-24 11:27 . 2008-12-24 11:27 <REP> d-------- c:\program files\Real
2008-12-24 11:27 . 2008-12-24 11:28 <REP> d-------- c:\program files\Fichiers communs\Real
2008-12-24 00:47 . 2003-11-04 15:11 159,744 --a------ c:\windows\system32\lfpng13n.dll
2008-12-17 16:36 . 2008-12-17 16:36 33,846 --a------ c:\windows\system32\SpoonUninstall-dBpoweramp m4a Codec.bmp
2008-12-17 16:36 . 2008-12-17 16:36 3,625 --a------ c:\windows\system32\SpoonUninstall-dBpoweramp m4a Codec.dat
2008-12-17 16:27 . 2008-12-17 16:27 <REP> d-------- c:\program files\Illustrate
2008-12-17 16:27 . 2008-12-17 16:27 <REP> d-------- c:\documents and settings\j\Application Data\AccurateRip
2008-12-17 16:27 . 2008-12-17 16:36 1,073,528 --a------ c:\windows\system32\SpoonUninstall.exe
2008-12-17 16:27 . 2008-12-17 16:27 33,846 --a------ c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.bmp
2008-12-17 16:27 . 2008-12-17 16:27 13,785 --a------ c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-03 00:39 146,599,968 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-01-03 00:35 1,718,564 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-01-03 00:00 3,031,552 ----a-w c:\windows\Internet Logs\xDB6.tmp
2009-01-03 00:00 1,875,456 ----a-w c:\windows\Internet Logs\xDB7.tmp
2009-01-02 23:53 --------- d-----w c:\program files\Everest Poker
2009-01-02 14:32 37,440 ----a-w c:\windows\system32\drivers\pssdklbf.drv
2009-01-02 14:32 30,272 ----a-w c:\windows\system32\drivers\pssdk31.drv
2008-12-29 11:15 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-29 09:02 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-12-28 09:16 --------- d-----w c:\program files\CleanUp!
2008-12-27 13:24 --------- d-----w c:\documents and settings\j\Application Data\Apple Computer
2008-12-27 09:56 --------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft
2008-12-26 11:00 --------- d-----w c:\documents and settings\All Users\Application Data\avg8
2008-12-25 19:27 --------- d-----w c:\program files\DivX
2008-12-23 20:27 --------- d-----w c:\program files\eMule
2008-12-21 02:45 4,125,872 ----a-w c:\windows\Internet Logs\tvDebug.zip
2008-12-10 22:17 --------- d-----w c:\program files\LimeWire
2008-11-29 08:23 2,997,248 ----a-w c:\windows\Internet Logs\xDB4.tmp
2008-11-29 08:23 1,757,696 ----a-w c:\windows\Internet Logs\xDB5.tmp
2008-11-26 13:41 --------- d-----w c:\program files\tmplus
2008-11-24 23:38 3,132,416 ----a-w c:\windows\Internet Logs\xDB3.tmp
2008-11-22 16:12 --------- d-----w c:\documents and settings\All Users\Application Data\MumboJumbo
2008-11-22 16:11 --------- d-----w c:\program files\Games
2008-11-21 13:17 --------- d-----w c:\documents and settings\All Users\Application Data\DVD Shrink
2008-11-21 13:15 --------- d-----w c:\program files\Elaborate Bytes
2008-11-21 12:58 --------- d-----w c:\program files\Java
2008-11-06 08:48 --------- d-----w c:\program files\Yahoo!
2008-11-03 19:43 --------- d-----w c:\program files\BitComet
2008-11-03 19:41 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-03 19:41 --------- d-----w c:\documents and settings\j\Application Data\Yahoo!
2008-10-15 14:19 3,259,904 ----a-w c:\windows\Internet Logs\xDB1.tmp
2008-10-15 14:19 1,629,696 ----a-w c:\windows\Internet Logs\xDB2.tmp
2008-09-20 08:35 7,329,699 ----a-w c:\program files\dvdshrink_3.2.0.16_fr.zip
2008-05-04 08:01 94,208 ----a-w c:\documents and settings\j\Application Data\ezplay.sys
2008-05-04 08:01 47,360 ----a-w c:\documents and settings\j\Application Data\pcouffin.sys
2007-08-23 17:10 369,024 ----a-w c:\program files\ImportContacts.exe
2008-09-01 14:16 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008090120080902\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-10-28 94208]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
"LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2005-06-08 196608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-11-03 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-11-03 118784]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-01-05 761946]
"SSUtility"="c:\addon\Fujitsu\SSUtility\FJSSDMN.exe" [2006-07-22 233472]
"PSUtility"="c:\addon\Fujitsu\PSUtility\TrayManager.exe" [2006-07-05 118784]
"LoadFUJ02E3"="c:\program files\Fujitsu\FUJ02E3\FUJ02E3.exe" [2006-04-20 73728]
"IndicatorUtility"="c:\addon\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe" [2005-08-09 81920]
"LoadFujitsuQuickTouch"="c:\addon\Fujitsu\Application Panel\QuickTouch.exe" [2005-07-21 353792]
"LoadBtnHnd"="c:\program files\Fujitsu\BtnHnd\BtnHnd.exe" [2005-07-21 61440]
"LtMoh"="c:\program files\ltmoh\Ltmoh.exe" [2005-05-18 188416]
"Omnipage"="c:\program files\ScanSoft\OmniPageSE\opware32.exe" [2002-06-03 49152]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"AzAgent"="c:\program files\Companion Photo\AzAgent.exe" [2006-09-07 778240]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-06-08 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-06-08 217088]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-11-27 1261336]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2003-06-25 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-10-23 233472]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-07-28 188416]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-12-24 185872]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
"!AVG Anti-Spyware"="c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 6731312]
"RTHDCPL"="RTHDCPL.EXE" [2006-03-07 c:\windows\RTHDCPL.EXE]
"AGRSMMSG"="AGRSMMSG.exe" [2006-06-29 c:\windows\AGRSMMSG.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\j\Menu D‚marrer\Programmes\D‚marrage\
Outil de notification Live Search.lnk - c:\documents and settings\j\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [2008-12-30 143360]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\FJWSEL]
2006-06-29 13:45 32768 c:\windows\system32\FJWSWNP.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PSUTY]
2006-06-02 15:04 32768 c:\windows\system32\PSUWNP.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\[u]0/ulsdelete
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"24334:TCP"= 24334:TCP:BitComet 24334 TCP
"24334:UDP"= 24334:UDP:BitComet 24334 UDP
R0 FJGSDisk;G-Sensor Application Filter Driver;c:\windows\system32\DRIVERS\FJGSDisk.sys [2007-04-19 7168]
R0 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2media.sys [2005-07-08 34176]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\DRIVERS\o2sd.sys [2005-09-23 28544]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-05-24 97928]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-07-11 875288]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-07-04 231704]
R2 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2008-05-24 76040]
R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\DRIVERS\FUJ02E3.sys [2007-02-26 4864]
S3 PsSdk31;PsSdk31;\??\c:\windows\system32\Drivers\pssdk31.drv [2008-09-19 30272]
S3 PsSdkLBF;PsSdkLBF;\??\c:\windows\system32\Drivers\pssdklbf.drv [2008-09-19 37440]
S3 UsbSagCom;Mobile Device Full USB Driver;c:\windows\system32\DRIVERS\UsbSagCom.sys [2007-06-29 51712]
.
Contenu du dossier 'Tâches planifiées'
2008-12-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
2008-12-28 c:\windows\Tasks\PCErrorFix Scheduled Scan.job
- c:\program files\PCErrorFix\PCErrorFix.exe []
2008-12-28 c:\windows\Tasks\PCErrorFix Scheduled Scan.job
- c:\program files\PCErrorFix []
2009-01-02 c:\windows\Tasks\WebReg 20080709144206.job
- c:\program files\Hewlett-Packard\webreg\bin\hpqwrg.exe [2002-10-16 14:39]
.
- - - - ORPHELINS SUPPRIMES - - - -
BHO-{1D8282E6-BC4F-469B-AAED-7E4FF077AD93} - (no file)
BHO-{5ABBD91B-0215-2FE1-7A7E-753F05B40CB8} - (no file)
BHO-{6FC3C36D-7635-4D43-BA62-0D9D2F2CD06E} - (no file)
Toolbar-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mDefault_Page_URL = hxxp://fr.yahoo.com
mStart Page = hxxp://fr.yahoo.com
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = localhost
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
c:\windows\Downloaded Program Files\InstallerControl.dll - O16 -: CabBuilder
hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
c:\windows\Downloaded Program Files\OSDED4D.OSD
c:\windows\bdoscandellang.ini - c:\windows\bdoscandel.exe
c:\windows\Downloaded Program Files\live.ini
c:\windows\Downloaded Program Files\scanoptions.tsi
c:\windows\Downloaded Program Files\lang.ini
c:\windows\Downloaded Program Files\ipsupd.dll
c:\windows\Downloaded Program Files\bdupd.dll
c:\windows\Downloaded Program Files\libfn.dll
c:\windows\Downloaded Program Files\bdcore.dll
c:\windows\Downloaded Program Files\oscan8.ocx
O16 -: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
c:\windows\Downloaded Program Files\oscan8.inf
c:\windows\Downloaded Program Files\csswlng.dll - c:\windows\Downloaded Program Files\cssweb.dll
O16 -: {6CCE3920-3183-4B3D-808A-B12EB769DE12}
hxxp://www.commandondemand.com/eval/cod/cabs/cssweb.cab
c:\windows\Downloaded Program Files\cssweb.inf
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-03 01:37:41
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PsSdk31]
"ImagePath"="\??\c:\windows\system32\Drivers\pssdk31.drv"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PsSdkLBF]
"ImagePath"="\??\c:\windows\system32\Drivers\pssdklbf.drv"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(888)
c:\windows\system32\FJWSWNP.dll
c:\windows\system32\PSUWNP.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\ZoneLabs\vsmon.exe
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\windows\system32\scardsvr.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\program files\Network Associates\VirusScan\VsTskMgr.exe
c:\windows\system32\o2flash.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\documents and settings\j\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
c:\program files\Logitech\Video\FxSvr2.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Heure de fin: 2009-01-03 1:42:38 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-01-03 00:42:30
Avant-CF: 36,074,745,856 octets libres
Après-CF: 36,054,843,392 octets libres
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
317 --- E O F --- 2008-12-27 11:56:40
Merci d'avance pour votre aide !
comme vous me l'avez demandé, voici tout le rapport de "COMBOFIX"
ComboFix 09-01-01.02 - j 2009-01-03 1:30:33.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1014.585 [GMT 1:00]
Lancé depuis: c:\downloads\CF-serendipity.exe
.
[i] ADS - WINDOWS: deleted 48 bytes in 1 streams. /i
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\Solt Lake Software
c:\documents and settings\j\Application Data\inst.exe
c:\documents and settings\j\Application Data\urlredir.cfg
c:\program files\FBrowserAdvisor
c:\program files\FBrowsingAdvisor
c:\program files\FBrowsingAdvisor\IXPCOMEvents.xpt
c:\program files\FBrowsingAdvisor\Logo.png
c:\program files\FBrowsingAdvisor\main.db
c:\program files\FBrowsingAdvisor\unins000.dat
c:\program files\FBrowsingAdvisor\unins000.exe
c:\program files\FBrowsingAdvisor\XPCOMEvents.dll
c:\windows\pack.epk
c:\windows\system32\404Fix.exe
c:\windows\system32\ckmwksy.dat
c:\windows\system32\ckmwksy_nav.dat
c:\windows\system32\ckmwksy_navps.dat
c:\windows\system32\csoaq.dat
c:\windows\system32\csoaq_nav.dat
c:\windows\system32\csoaq_navps.dat
c:\windows\system32\dcads-remove.exe
c:\windows\system32\DcadsSocial-uninstall.exe
c:\windows\system32\drivers\TDSSmqct.sys
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\kaoesus.dat
c:\windows\system32\kaoesus.exe
c:\windows\system32\kaoesus_nav.dat
c:\windows\system32\kaoesus_navps.dat
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\superiorads-uninst.exe
c:\windows\system32\TDSSarxx.dll
c:\windows\system32\TDSScfmm.dll
c:\windows\system32\TDSSkkai.log
c:\windows\system32\TDSSlxcp.dll
c:\windows\system32\TDSSnmxh.log
c:\windows\system32\TDSSotty.dll
c:\windows\system32\TDSSrpye.dat
c:\windows\system32\TDSSsahc.dll
c:\windows\system32\TDSSvoql.dll
c:\windows\system32\TDSSxhyf.log
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_TDSSserv.sys
-------\Legacy_TDSSserv.sys
-------\Legacy_BOONTY_GAMES
-------\Service_Boonty Games
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-03 au 2009-01-03 ))))))))))))))))))))))))))))))))))))
.
2009-01-02 16:41 . 2007-01-18 13:00 3,968 --a------ c:\windows\system32\drivers\AvgArCln.sys
2008-12-28 17:17 . 2008-12-12 00:57 78,336 --a------ c:\windows\system32\Agent.OMZ.Fix.exe
2008-12-28 12:27 . 2008-12-28 13:24 <REP> d-------- C:\csscod
2008-12-28 11:31 . 2008-12-28 11:31 <REP> d-------- c:\documents and settings\j\Application Data\Grisoft
2008-12-28 11:31 . 2007-05-30 13:10 10,872 --a------ c:\windows\system32\drivers\AvgAsCln.sys
2008-12-28 11:14 . 2008-12-28 11:14 <REP> d-------- c:\program files\XoftSpySE
2008-12-28 09:19 . 2008-12-28 09:20 <REP> d-------- c:\documents and settings\j\Application Data\PCErrorFix
2008-12-27 14:24 . 2008-12-27 14:24 <REP> d-------- c:\program files\iTunes
2008-12-27 14:24 . 2008-12-27 14:24 <REP> d-------- c:\program files\iPod
2008-12-27 14:24 . 2008-12-27 14:24 <REP> d-------- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-27 14:24 . 2008-04-17 13:12 107,368 --a------ c:\windows\system32\GEARAspi.dll
2008-12-27 14:24 . 2008-04-17 13:12 15,464 --a------ c:\windows\system32\drivers\GEARAspiWDM.sys
2008-12-27 14:23 . 2008-12-27 14:23 <REP> d-------- c:\program files\QuickTime
2008-12-27 14:23 . 2008-12-27 14:24 <REP> d-------- c:\documents and settings\All Users\Application Data\Apple Computer
2008-12-27 14:16 . 2008-12-27 14:24 <REP> d-------- c:\program files\Fichiers communs\Apple
2008-12-27 14:13 . 2008-12-27 14:13 <REP> d-------- c:\program files\Apple Software Update
2008-12-27 14:13 . 2008-12-27 14:13 <REP> d-------- c:\documents and settings\All Users\Application Data\Apple
2008-12-27 13:41 . 2008-12-27 13:49 <REP> d-------- c:\program files\QUAD Utilities
2008-12-27 12:44 . 2008-09-08 11:41 333,824 --------- c:\windows\system32\dllcache\srv.sys
2008-12-27 12:42 . 2008-09-15 16:26 1,846,528 --------- c:\windows\system32\dllcache\win32k.sys
2008-12-27 12:41 . 2008-08-14 14:23 2,191,232 --------- c:\windows\system32\dllcache\ntoskrnl.exe
2008-12-27 12:41 . 2008-08-14 14:23 2,147,328 --------- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-12-27 12:41 . 2008-08-14 14:23 2,068,096 --------- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-12-27 12:41 . 2008-08-14 14:23 2,025,984 --------- c:\windows\system32\dllcache\ntkrpamp.exe
2008-12-27 12:41 . 2008-09-04 18:16 1,106,944 --------- c:\windows\system32\dllcache\msxml3.dll
2008-12-27 12:41 . 2008-10-24 12:21 455,296 --------- c:\windows\system32\dllcache\mrxsmb.sys
2008-12-27 12:41 . 2008-10-15 17:35 337,408 --------- c:\windows\system32\dllcache\netapi32.dll
2008-12-27 10:55 . 2008-12-27 10:55 <REP> d-------- c:\program files\Fichiers communs\Wise Installation Wizard
2008-12-27 10:42 . 2008-12-27 10:56 <REP> d-------- c:\program files\Lavasoft
2008-12-24 12:50 . 2008-12-24 12:50 67 --a------ c:\windows\cdplayer.ini
2008-12-24 11:28 . 2008-12-24 11:28 <REP> d-------- c:\program files\Fichiers communs\xing shared
2008-12-24 11:27 . 2008-12-24 11:27 <REP> d-------- c:\program files\Real
2008-12-24 11:27 . 2008-12-24 11:28 <REP> d-------- c:\program files\Fichiers communs\Real
2008-12-24 00:47 . 2003-11-04 15:11 159,744 --a------ c:\windows\system32\lfpng13n.dll
2008-12-17 16:36 . 2008-12-17 16:36 33,846 --a------ c:\windows\system32\SpoonUninstall-dBpoweramp m4a Codec.bmp
2008-12-17 16:36 . 2008-12-17 16:36 3,625 --a------ c:\windows\system32\SpoonUninstall-dBpoweramp m4a Codec.dat
2008-12-17 16:27 . 2008-12-17 16:27 <REP> d-------- c:\program files\Illustrate
2008-12-17 16:27 . 2008-12-17 16:27 <REP> d-------- c:\documents and settings\j\Application Data\AccurateRip
2008-12-17 16:27 . 2008-12-17 16:36 1,073,528 --a------ c:\windows\system32\SpoonUninstall.exe
2008-12-17 16:27 . 2008-12-17 16:27 33,846 --a------ c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.bmp
2008-12-17 16:27 . 2008-12-17 16:27 13,785 --a------ c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-03 00:39 146,599,968 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-01-03 00:35 1,718,564 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-01-03 00:00 3,031,552 ----a-w c:\windows\Internet Logs\xDB6.tmp
2009-01-03 00:00 1,875,456 ----a-w c:\windows\Internet Logs\xDB7.tmp
2009-01-02 23:53 --------- d-----w c:\program files\Everest Poker
2009-01-02 14:32 37,440 ----a-w c:\windows\system32\drivers\pssdklbf.drv
2009-01-02 14:32 30,272 ----a-w c:\windows\system32\drivers\pssdk31.drv
2008-12-29 11:15 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-29 09:02 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-12-28 09:16 --------- d-----w c:\program files\CleanUp!
2008-12-27 13:24 --------- d-----w c:\documents and settings\j\Application Data\Apple Computer
2008-12-27 09:56 --------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft
2008-12-26 11:00 --------- d-----w c:\documents and settings\All Users\Application Data\avg8
2008-12-25 19:27 --------- d-----w c:\program files\DivX
2008-12-23 20:27 --------- d-----w c:\program files\eMule
2008-12-21 02:45 4,125,872 ----a-w c:\windows\Internet Logs\tvDebug.zip
2008-12-10 22:17 --------- d-----w c:\program files\LimeWire
2008-11-29 08:23 2,997,248 ----a-w c:\windows\Internet Logs\xDB4.tmp
2008-11-29 08:23 1,757,696 ----a-w c:\windows\Internet Logs\xDB5.tmp
2008-11-26 13:41 --------- d-----w c:\program files\tmplus
2008-11-24 23:38 3,132,416 ----a-w c:\windows\Internet Logs\xDB3.tmp
2008-11-22 16:12 --------- d-----w c:\documents and settings\All Users\Application Data\MumboJumbo
2008-11-22 16:11 --------- d-----w c:\program files\Games
2008-11-21 13:17 --------- d-----w c:\documents and settings\All Users\Application Data\DVD Shrink
2008-11-21 13:15 --------- d-----w c:\program files\Elaborate Bytes
2008-11-21 12:58 --------- d-----w c:\program files\Java
2008-11-06 08:48 --------- d-----w c:\program files\Yahoo!
2008-11-03 19:43 --------- d-----w c:\program files\BitComet
2008-11-03 19:41 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-03 19:41 --------- d-----w c:\documents and settings\j\Application Data\Yahoo!
2008-10-15 14:19 3,259,904 ----a-w c:\windows\Internet Logs\xDB1.tmp
2008-10-15 14:19 1,629,696 ----a-w c:\windows\Internet Logs\xDB2.tmp
2008-09-20 08:35 7,329,699 ----a-w c:\program files\dvdshrink_3.2.0.16_fr.zip
2008-05-04 08:01 94,208 ----a-w c:\documents and settings\j\Application Data\ezplay.sys
2008-05-04 08:01 47,360 ----a-w c:\documents and settings\j\Application Data\pcouffin.sys
2007-08-23 17:10 369,024 ----a-w c:\program files\ImportContacts.exe
2008-09-01 14:16 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008090120080902\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-10-28 94208]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
"LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2005-06-08 196608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-11-03 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-11-03 118784]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-01-05 761946]
"SSUtility"="c:\addon\Fujitsu\SSUtility\FJSSDMN.exe" [2006-07-22 233472]
"PSUtility"="c:\addon\Fujitsu\PSUtility\TrayManager.exe" [2006-07-05 118784]
"LoadFUJ02E3"="c:\program files\Fujitsu\FUJ02E3\FUJ02E3.exe" [2006-04-20 73728]
"IndicatorUtility"="c:\addon\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe" [2005-08-09 81920]
"LoadFujitsuQuickTouch"="c:\addon\Fujitsu\Application Panel\QuickTouch.exe" [2005-07-21 353792]
"LoadBtnHnd"="c:\program files\Fujitsu\BtnHnd\BtnHnd.exe" [2005-07-21 61440]
"LtMoh"="c:\program files\ltmoh\Ltmoh.exe" [2005-05-18 188416]
"Omnipage"="c:\program files\ScanSoft\OmniPageSE\opware32.exe" [2002-06-03 49152]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"AzAgent"="c:\program files\Companion Photo\AzAgent.exe" [2006-09-07 778240]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-06-08 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-06-08 217088]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-11-27 1261336]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2003-06-25 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-10-23 233472]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-07-28 188416]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-12-24 185872]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
"!AVG Anti-Spyware"="c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 6731312]
"RTHDCPL"="RTHDCPL.EXE" [2006-03-07 c:\windows\RTHDCPL.EXE]
"AGRSMMSG"="AGRSMMSG.exe" [2006-06-29 c:\windows\AGRSMMSG.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\j\Menu D‚marrer\Programmes\D‚marrage\
Outil de notification Live Search.lnk - c:\documents and settings\j\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [2008-12-30 143360]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\FJWSEL]
2006-06-29 13:45 32768 c:\windows\system32\FJWSWNP.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PSUTY]
2006-06-02 15:04 32768 c:\windows\system32\PSUWNP.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\[u]0/ulsdelete
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"24334:TCP"= 24334:TCP:BitComet 24334 TCP
"24334:UDP"= 24334:UDP:BitComet 24334 UDP
R0 FJGSDisk;G-Sensor Application Filter Driver;c:\windows\system32\DRIVERS\FJGSDisk.sys [2007-04-19 7168]
R0 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2media.sys [2005-07-08 34176]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\DRIVERS\o2sd.sys [2005-09-23 28544]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-05-24 97928]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-07-11 875288]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-07-04 231704]
R2 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2008-05-24 76040]
R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\DRIVERS\FUJ02E3.sys [2007-02-26 4864]
S3 PsSdk31;PsSdk31;\??\c:\windows\system32\Drivers\pssdk31.drv [2008-09-19 30272]
S3 PsSdkLBF;PsSdkLBF;\??\c:\windows\system32\Drivers\pssdklbf.drv [2008-09-19 37440]
S3 UsbSagCom;Mobile Device Full USB Driver;c:\windows\system32\DRIVERS\UsbSagCom.sys [2007-06-29 51712]
.
Contenu du dossier 'Tâches planifiées'
2008-12-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
2008-12-28 c:\windows\Tasks\PCErrorFix Scheduled Scan.job
- c:\program files\PCErrorFix\PCErrorFix.exe []
2008-12-28 c:\windows\Tasks\PCErrorFix Scheduled Scan.job
- c:\program files\PCErrorFix []
2009-01-02 c:\windows\Tasks\WebReg 20080709144206.job
- c:\program files\Hewlett-Packard\webreg\bin\hpqwrg.exe [2002-10-16 14:39]
.
- - - - ORPHELINS SUPPRIMES - - - -
BHO-{1D8282E6-BC4F-469B-AAED-7E4FF077AD93} - (no file)
BHO-{5ABBD91B-0215-2FE1-7A7E-753F05B40CB8} - (no file)
BHO-{6FC3C36D-7635-4D43-BA62-0D9D2F2CD06E} - (no file)
Toolbar-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mDefault_Page_URL = hxxp://fr.yahoo.com
mStart Page = hxxp://fr.yahoo.com
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = localhost
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
c:\windows\Downloaded Program Files\InstallerControl.dll - O16 -: CabBuilder
hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
c:\windows\Downloaded Program Files\OSDED4D.OSD
c:\windows\bdoscandellang.ini - c:\windows\bdoscandel.exe
c:\windows\Downloaded Program Files\live.ini
c:\windows\Downloaded Program Files\scanoptions.tsi
c:\windows\Downloaded Program Files\lang.ini
c:\windows\Downloaded Program Files\ipsupd.dll
c:\windows\Downloaded Program Files\bdupd.dll
c:\windows\Downloaded Program Files\libfn.dll
c:\windows\Downloaded Program Files\bdcore.dll
c:\windows\Downloaded Program Files\oscan8.ocx
O16 -: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
c:\windows\Downloaded Program Files\oscan8.inf
c:\windows\Downloaded Program Files\csswlng.dll - c:\windows\Downloaded Program Files\cssweb.dll
O16 -: {6CCE3920-3183-4B3D-808A-B12EB769DE12}
hxxp://www.commandondemand.com/eval/cod/cabs/cssweb.cab
c:\windows\Downloaded Program Files\cssweb.inf
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-03 01:37:41
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PsSdk31]
"ImagePath"="\??\c:\windows\system32\Drivers\pssdk31.drv"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PsSdkLBF]
"ImagePath"="\??\c:\windows\system32\Drivers\pssdklbf.drv"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(888)
c:\windows\system32\FJWSWNP.dll
c:\windows\system32\PSUWNP.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\ZoneLabs\vsmon.exe
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\windows\system32\scardsvr.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\program files\Network Associates\VirusScan\VsTskMgr.exe
c:\windows\system32\o2flash.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\documents and settings\j\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
c:\program files\Logitech\Video\FxSvr2.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Heure de fin: 2009-01-03 1:42:38 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-01-03 00:42:30
Avant-CF: 36,074,745,856 octets libres
Après-CF: 36,054,843,392 octets libres
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
317 --- E O F --- 2008-12-27 11:56:40
Merci d'avance pour votre aide !
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
● Télécharge AD-Remover (de Cyrildu17 / C_XX) sur ton Bureau.
/!\ Déconnecte-toi et ferme toutes applications en cours /!\
● Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).
● Double-clique sur l'icône Ad-remover située sur ton Bureau.
● Au menu principal, choisis l'option "A".
● Poste le rapport qui apparaît à la fin.
(Le rapport est sauvegardé aussi sous C:\Ad-report(date).log)
(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
Note :
"Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
/!\ Déconnecte-toi et ferme toutes applications en cours /!\
● Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).
● Double-clique sur l'icône Ad-remover située sur ton Bureau.
● Au menu principal, choisis l'option "A".
● Poste le rapport qui apparaît à la fin.
(Le rapport est sauvegardé aussi sous C:\Ad-report(date).log)
(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
Note :
"Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
voila le rapport :
------- Logfile of AD-Remover 1.0.8.4 by C_XX | ONLY XP/VISTA -------
# START at: 3:44:10 | Sam 03/01/2009 | Microsoft® Windows XP™ SP3 (v5.1.2600)
# BOOT MODE: Normal
# OPTION: Scan | EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
# PC: FSC571215072602 | USER: j ( Current user is an administrator)
# DRIVE(S):
- C:\ (File System: NTFS)
# Internet Explorer v7.0.5730.11
# RUNNING PROCESSES: 60
+-----------------------| Boonty/Boonty Games Elements found :
.
HKLM\Software\Boonty
.
C:\Program Files\BoontyGames
C:\Program Files\BoontyGames\Components
C:\Program Files\BoontyGames\Luxor 2
C:\Program Files\BoontyGames\Components\bureau.url
C:\Program Files\BoontyGames\Components\Joystick.ico
C:\Program Files\BoontyGames\Components\start.url
C:\Program Files\BoontyGames\Luxor 2\3rdparty.gvf
C:\Program Files\BoontyGames\Luxor 2\assets
C:\Program Files\BoontyGames\Luxor 2\data.mjz
C:\Program Files\BoontyGames\Luxor 2\DSETUP.dll
C:\Program Files\BoontyGames\Luxor 2\engine.dll
C:\Program Files\BoontyGames\Luxor 2\Fenetre.bmp
C:\Program Files\BoontyGames\Luxor 2\fenetrepop.bmp
C:\Program Files\BoontyGames\Luxor 2\file.dll
C:\Program Files\BoontyGames\Luxor 2\FLEXnet Activation Service Installer.dll
C:\Program Files\BoontyGames\Luxor 2\fmodex.dll
C:\Program Files\BoontyGames\Luxor 2\gfx.dll
C:\Program Files\BoontyGames\Luxor 2\gfx_dd7.dll
C:\Program Files\BoontyGames\Luxor 2\gfx_dx10.dll
C:\Program Files\BoontyGames\Luxor 2\gfx_dx8.dll
C:\Program Files\BoontyGames\Luxor 2\gfx_dx9.dll
C:\Program Files\BoontyGames\Luxor 2\gfx_ogl.dll
C:\Program Files\BoontyGames\Luxor 2\img_jpg.dll
C:\Program Files\BoontyGames\Luxor 2\img_png.dll
C:\Program Files\BoontyGames\Luxor 2\img_tga.dll
C:\Program Files\BoontyGames\Luxor 2\locale
C:\Program Files\BoontyGames\Luxor 2\logger.dll
C:\Program Files\BoontyGames\Luxor 2\luxor2.exe
C:\Program Files\BoontyGames\Luxor 2\platform.dll
C:\Program Files\BoontyGames\Luxor 2\Read_Me.html
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML
C:\Program Files\BoontyGames\Luxor 2\snd3d.dll
C:\Program Files\BoontyGames\Luxor 2\snd3d_fmod.dll
C:\Program Files\BoontyGames\Luxor 2\SpMU.lnk
C:\Program Files\BoontyGames\Luxor 2\thread.dll
C:\Program Files\BoontyGames\Luxor 2\trial.ini
C:\Program Files\BoontyGames\Luxor 2\unins000.dat
C:\Program Files\BoontyGames\Luxor 2\unins000.exe
C:\Program Files\BoontyGames\Luxor 2\website.url
C:\Program Files\BoontyGames\Luxor 2\assets\splashscreen.jpg
C:\Program Files\BoontyGames\Luxor 2\assets\Thumbs.db
C:\Program Files\BoontyGames\Luxor 2\locale\english.mjz
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\buy_connectionrequired.html
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\connectionrequired.html
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\css
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\js
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\manualtransaction.html
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\pageerror.html
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\pleasewait.html
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\repairstart.html
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\thankyou.html
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\transfailure.html
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\trialexit.html
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\trialexpired.html
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\trialstart.html
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\~pleasewait.html
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\css\ShellStyle.css
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\css\ShellStyle_de.css
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\css\ShellStyle_en.css
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\css\ShellStyle_fr.css
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\css\ShellStyle_it.css
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\css\ShellStyle_nl.css
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\css\ShellStyle_po.css
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\css\ShellStyle_sp.css
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bg_nomjeu.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bg_table.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgDELOCK.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgDELOCK_Bottom.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgDELOCK_Coin.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgDELOCK_Left.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgDELOCK_Right.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgERROR.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgERROR_Bottom.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgERROR_Coin.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgERROR_Left.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgERROR_Right.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgOK.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgOK_Bottom.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgOK_Coin.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgOK_Left.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgOK_Right.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgREDUC.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgREDUC_Bottom.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgREDUC_Coin.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgREDUC_Left.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgREDUC_Right.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgSECURE.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgSECURE_Bottom.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgSECURE_Coin.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgSECURE_Left.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgSECURE_Right.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgSUPPORT.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgSUPPORT_Bottom.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgSUPPORT_Coin.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgSUPPORT_Left.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgSUPPORT_Right.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocBkg.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocBottom.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocBottomLeft.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocBottomLeftC.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocBottomLeftCN.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocBottomLeftCR.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocBottomRight.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocCoinCadenas.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocError.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocExpiredTop.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocJouezMiddle.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocJouezTop.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocLeft.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocMiddle.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocRight.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocTop.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocTopLeft.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocTopRight.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\boontysecure.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\Bottom.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\BottomLeft.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\BottomLeftEast.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\BottomLeftNorth.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\BottomRight.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\BottomRightNorth.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\BottomRightWest.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btAcheterLeft.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btAcheterMiddle.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btAcheterRight.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\BtBlueLeft.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\BtBlueMiddle.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\BtBlueRight.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btJouerLeft.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btJouerMiddle.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btJouerRight.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\BtnBuyExit.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btn_acheter.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btn_fermer.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btn_infos.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btn_jouer.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btn_nomjeu2.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btn_reactiver.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btn_reduc.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btn_suivant.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btn_suivant2.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\BtYellowLeft.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\BtYellowMiddle.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\BtYellowQuestion.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\BtYellowRight.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\ButtonBkgLeft_Off.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\ButtonBkgLeft_On.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\ButtonBkgMiddle_Off.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\ButtonBkgMiddle_On.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\ButtonBkgRight_Off.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\ButtonBkgRight_On.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\CacheImgJeu.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\caddie.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\cadenas.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\CloseOff.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\CloseOn.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\fleche.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\flechetrial.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\greypoint.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\jeu.jpg
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\jouer_gratuitement.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\Left.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\MaximizeOff.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\MaximizeOn.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\MinimizeOff.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\MinimizeOn.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\PopBottom.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\PopBottomLeft.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\PopBottomRight.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\PopLeft.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\PopRight.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\PopTop.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\PopTopLeft.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\PopTopRight.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\Right.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\scroll.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\scroll_bkg.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\separator2.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\separatorEnd.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\separatorMiddle.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\separatorStart.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\Shell_popup_03.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\Shell_popup_06.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\Shell_popup_08.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\Shell_popup_09.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\spacer.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\test.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\Top.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\TopLeft.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\TopLeftSouth.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\TopRight.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\TopRightWest.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\transp.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\wait.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\js\ShellScripts.js
C:\Program Files\Fichiers communs\BOONTY Shared
C:\Program Files\Fichiers communs\BOONTY Shared\Service
C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
C:\Documents and Settings\All Users\Application Data\BOONTY
C:\Documents and Settings\All Users\Application Data\BOONTY\Licenses
C:\Documents and Settings\All Users\Application Data\BOONTY\Licenses\B4BF5000.dat
C:\Documents and Settings\All Users\MENUDM~1\PROGRA~1\BoontyGames
C:\Documents and Settings\All Users\MENUDM~1\PROGRA~1\BoontyGames\ Downloadable games.lnk
C:\Documents and Settings\All Users\MENUDM~1\PROGRA~1\BoontyGames\Luxor 2
C:\Documents and Settings\All Users\MENUDM~1\PROGRA~1\BoontyGames\Luxor 2\ Play.lnk
C:\Documents and Settings\All Users\MENUDM~1\PROGRA~1\BoontyGames\Luxor 2\ User Manual.lnk
C:\Documents and Settings\All Users\MENUDM~1\PROGRA~1\BoontyGames\Luxor 2\ Website.lnk
+-----------------------| Eorezo Elements found :
.
.
+-----------------------| Everest Poker Elements found :
.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Everest Poker
.
C:\log_lobby_dumper.txt
C:\log_lobby.txt
C:\Program Files\Everest Poker
C:\Program Files\Everest Poker\casino.exe
C:\Program Files\Everest Poker\cstart-tmp.exe
C:\Program Files\Everest Poker\cstart.exe
C:\Program Files\Everest Poker\data
C:\Program Files\Everest Poker\Everest Poker.exe
C:\Program Files\Everest Poker\gvbase.dll
C:\Program Files\Everest Poker\gvcrt.dll
C:\Program Files\Everest Poker\gvgfx-dib.dll
C:\Program Files\Everest Poker\gvgfx.dll
C:\Program Files\Everest Poker\gvmain.dll
C:\Program Files\Everest Poker\gvmain.exe
C:\Program Files\Everest Poker\gvnetwork.dll
C:\Program Files\Everest Poker\gvsound.dll
C:\Program Files\Everest Poker\history
C:\Program Files\Everest Poker\init.ini
C:\Program Files\Everest Poker\log.dat
C:\Program Files\Everest Poker\settings.ini
C:\Program Files\Everest Poker\toc_fr.ini
C:\Program Files\Everest Poker\var
C:\Program Files\Everest Poker\data\fonts
C:\Program Files\Everest Poker\data\mp-lobby
C:\Program Files\Everest Poker\data\mp-poker
C:\Program Files\Everest Poker\data\shared
C:\Program Files\Everest Poker\data\startup
C:\Program Files\Everest Poker\data\fonts\kgp-en.ttf
C:\Program Files\Everest Poker\data\mp-lobby\fr.gvt
C:\Program Files\Everest Poker\data\mp-lobby\shared.gvt
C:\Program Files\Everest Poker\data\mp-poker\background
C:\Program Files\Everest Poker\data\mp-poker\fr
C:\Program Files\Everest Poker\data\mp-poker\shared.gvt
C:\Program Files\Everest Poker\data\mp-poker\background\default.gvt
C:\Program Files\Everest Poker\data\mp-poker\fr\bitmaps.gvt
C:\Program Files\Everest Poker\data\mp-poker\fr\mp-poker_strings.txt
C:\Program Files\Everest Poker\data\mp-poker\fr\mp-poker_tutorial.txt
C:\Program Files\Everest Poker\data\shared\fr
C:\Program Files\Everest Poker\data\shared\shared
C:\Program Files\Everest Poker\data\shared\fr\country.txt
C:\Program Files\Everest Poker\data\shared\fr\language.txt
C:\Program Files\Everest Poker\data\shared\fr\ordinal.txt
C:\Program Files\Everest Poker\data\shared\shared\bitmaps
C:\Program Files\Everest Poker\data\shared\shared\sounds
C:\Program Files\Everest Poker\data\shared\shared\bitmaps\btn_scroll.gvt
C:\Program Files\Everest Poker\data\shared\shared\bitmaps\check.art
C:\Program Files\Everest Poker\data\shared\shared\bitmaps\chips.art
C:\Program Files\Everest Poker\data\shared\shared\sounds\button.ogg
C:\Program Files\Everest Poker\data\shared\shared\sounds\carddeal.ogg
C:\Program Files\Everest Poker\data\shared\shared\sounds\cardflip.ogg
C:\Program Files\Everest Poker\data\shared\shared\sounds\chipclick.ogg
C:\Program Files\Everest Poker\data\startup\en
C:\Program Files\Everest Poker\data\startup\fr
C:\Program Files\Everest Poker\data\startup\shared
C:\Program Files\Everest Poker\data\startup\en\startup_strings.txt
C:\Program Files\Everest Poker\data\startup\fr\cstart.txt
C:\Program Files\Everest Poker\data\startup\fr\startup_strings.txt
C:\Program Files\Everest Poker\data\startup\shared\bitmaps
C:\Program Files\Everest Poker\data\startup\shared\icons
C:\Program Files\Everest Poker\data\startup\shared\sounds
C:\Program Files\Everest Poker\data\startup\shared\bitmaps\splash_poker.art
C:\Program Files\Everest Poker\data\startup\shared\icons\ep.ico
C:\Program Files\Everest Poker\data\startup\shared\sounds\alert.ogg
C:\Program Files\Everest Poker\history\1000.txt
C:\Program Files\Everest Poker\history\1002.txt
C:\Program Files\Everest Poker\history\1003.txt
C:\Program Files\Everest Poker\history\1006.txt
C:\Program Files\Everest Poker\history\1007.txt
C:\Program Files\Everest Poker\history\1010.txt
C:\Program Files\Everest Poker\history\1012.txt
C:\Program Files\Everest Poker\history\1013.txt
C:\Program Files\Everest Poker\history\1016.txt
C:\Program Files\Everest Poker\history\1018.txt
C:\Program Files\Everest Poker\history\1020.txt
C:\Program Files\Everest Poker\history\1023.txt
C:\Program Files\Everest Poker\history\1025.txt
C:\Program Files\Everest Poker\history\1027.txt
C:\Program Files\Everest Poker\history\1028.txt
C:\Program Files\Everest Poker\history\1029.txt
C:\Program Files\Everest Poker\history\1032.txt
C:\Program Files\Everest Poker\history\1034.txt
C:\Program Files\Everest Poker\history\1037.txt
C:\Program Files\Everest Poker\history\1040.txt
C:\Program Files\Everest Poker\history\1043.txt
C:\Program Files\Everest Poker\history\1044.txt
C:\Program Files\Everest Poker\history\1046.txt
C:\Program Files\Everest Poker\history\1050.txt
C:\Program Files\Everest Poker\history\1052.txt
C:\Program Files\Everest Poker\history\1053.txt
C:\Program Files\Everest Poker\history\1055.txt
C:\Program Files\Everest Poker\history\1058.txt
C:\Program Files\Everest Poker\history\1061.txt
C:\Program Files\Everest Poker\history\1062.txt
C:\Program Files\Everest Poker\history\1064.txt
C:\Program Files\Everest Poker\history\1067.txt
C:\Program Files\Everest Poker\history\1069.txt
C:\Program Files\Everest Poker\history\1072.txt
C:\Program Files\Everest Poker\history\1073.txt
C:\Program Files\Everest Poker\history\1075.txt
C:\Program Files\Everest Poker\history\1076.txt
C:\Program Files\Everest Poker\history\1082.txt
C:\Program Files\Everest Poker\history\1083.txt
C:\Program Files\Everest Poker\history\1085.txt
C:\Program Files\Everest Poker\history\1089.txt
C:\Program Files\Everest Poker\history\1092.txt
C:\Program Files\Everest Poker\history\1094.txt
C:\Program Files\Everest Poker\history\1095.txt
C:\Program Files\Everest Poker\history\1097.txt
C:\Program Files\Everest Poker\history\1102.txt
C:\Program Files\Everest Poker\history\1106.txt
C:\Program Files\Everest Poker\history\1108.txt
C:\Program Files\Everest Poker\history\1111.txt
C:\Program Files\Everest Poker\history\1113.txt
C:\Program Files\Everest Poker\history\1116.txt
C:\Program Files\Everest Poker\history\1120.txt
C:\Program Files\Everest Poker\history\1121.txt
C:\Program Files\Everest Poker\history\1122.txt
C:\Program Files\Everest Poker\history\1125.txt
C:\Program Files\Everest Poker\history\1129.txt
C:\Program Files\Everest Poker\history\1131.txt
C:\Program Files\Everest Poker\history\1135.txt
C:\Program Files\Everest Poker\history\1140.txt
C:\Program Files\Everest Poker\history\1147.txt
C:\Program Files\Everest Poker\history\1154.txt
C:\Program Files\Everest Poker\history\1155.txt
C:\Program Files\Everest Poker\history\1156.txt
C:\Program Files\Everest Poker\history\1161.txt
C:\Program Files\Everest Poker\history\1163.txt
C:\Program Files\Everest Poker\history\1170.txt
C:\Program Files\Everest Poker\history\1173.txt
C:\Program Files\Everest Poker\history\1179.txt
C:\Program Files\Everest Poker\history\1187.txt
C:\Program Files\Everest Poker\history\1189.txt
C:\Program Files\Everest Poker\history\1190.txt
C:\Program Files\Everest Poker\history\1194.txt
C:\Program Files\Everest Poker\history\1195.txt
C:\Program Files\Everest Poker\history\1199.txt
C:\Program Files\Everest Poker\history\1202.txt
C:\Program Files\Everest Poker\history\1206.txt
C:\Program Files\Everest Poker\history\1213.txt
C:\Program Files\Everest Poker\history\1214.txt
C:\Program Files\Everest Poker\history\1227.txt
C:\Program Files\Everest Poker\history\1231.txt
C:\Program Files\Everest Poker\history\1236.txt
C:\Program Files\Everest Poker\history\1237.txt
C:\Program Files\Everest Poker\history\1238.txt
C:\Program Files\Everest Poker\history\1241.txt
C:\Program Files\Everest Poker\history\1247.txt
C:\Program Files\Everest Poker\history\1249.txt
C:\Program Files\Everest Poker\history\1251.txt
C:\Program Files\Everest Poker\history\1254.txt
C:\Program Files\Everest Poker\history\1259.txt
C:\Program Files\Everest Poker\history\1262.txt
C:\Program Files\Everest Poker\history\1265.txt
C:\Program Files\Everest Poker\history\1268.txt
C:\Program Files\Everest Poker\history\1274.txt
C:\Program Files\Everest Poker\history\1275.txt
C:\Program Files\Everest Poker\history\1278.txt
C:\Program Files\Everest Poker\history\1282.txt
C:\Program Files\Everest Poker\history\1288.txt
C:\Program Files\Everest Poker\history\1290.txt
C:\Program Files\Everest Poker\history\1293.txt
C:\Program Files\Everest Poker\history\1294.txt
C:\Program Files\Everest Poker\history\1295.txt
C:\Program Files\Everest Poker\history\1297.txt
C:\Program Files\Everest Poker\history\1304.txt
C:\Program Files\Everest Poker\history\1306.txt
C:\Program Files\Everest Poker\history\1307.txt
C:\Program Files\Everest Poker\history\1312.txt
C:\Program Files\Everest Poker\history\1313.txt
C:\Program Files\Everest Poker\history\1314.txt
C:\Program Files\Everest Poker\history\1315.txt
C:\Program Files\Everest Poker\history\1320.txt
C:\Program Files\Everest Poker\history\1321.txt
C:\Program Files\Everest Poker\history\1322.txt
C:\Program Files\Everest Poker\history\1323.txt
C:\Program Files\Everest Poker\history\1325.txt
C:\Program Files\Everest Poker\history\1329.txt
C:\Program Files\Everest Poker\history\1330.txt
C:\Program Files\Everest Poker\history\1331.txt
C:\Program Files\Everest Poker\history\1332.txt
C:\Program Files\Everest Poker\history\1333.txt
C:\Program Files\Everest Poker\history\1334.txt
C:\Program Files\Everest Poker\history\1335.txt
C:\Program Files\Everest Poker\history\1336.txt
C:\Program Files\Everest Poker\history\1339.txt
C:\Program Files\Everest Poker\history\1340.txt
C:\Program Files\Everest Poker\history\1341.txt
C:\Program Files\Everest Poker\history\1342.txt
C:\Program Files\Everest Poker\history\1343.txt
C:\Program Files\Everest Poker\history\1347.txt
C:\Program Files\Everest Poker\history\1349.txt
C:\Program Files\Everest Poker\history\1351.txt
C:\Program Files\Everest Poker\history\1352.txt
C:\Program Files\Everest Poker\history\1353.txt
C:\Program Files\Everest Poker\history\1356.txt
C:\Program Files\Everest Poker\history\1360.txt
C:\Program Files\Everest Poker\history\1361.txt
C:\Program Files\Everest Poker\history\1362.txt
C:\Program Files\Everest Poker\history\1364.txt
C:\Program Files\Everest Poker\history\1365.txt
C:\Program Files\Everest Poker\history\1369.txt
C:\Program Files\Everest Poker\history\1370.txt
C:\Program Files\Everest Poker\history\1371.txt
C:\Program Files\Everest Poker\history\1372.txt
C:\Program Files\Everest Poker\history\1375.txt
C:\Program Files\Everest Poker\history\1376.txt
C:\Program Files\Everest Poker\history\1377.txt
C:\Program Files\Everest Poker\history\1378.txt
C:\Program Files\Everest Poker\history\1381.txt
C:\Program Files\Everest Poker\history\1382.txt
C:\Program Files\Everest Poker\history\1385.txt
C:\Program Files\Everest Poker\history\1386.txt
C:\Program Files\Everest Poker\history\1389.txt
C:\Program Files\Everest Poker\history\1390.txt
C:\Program Files\Everest Poker\history\1392.txt
C:\Program Files\Everest Poker\history\1393.txt
C:\Program Files\Everest Poker\history\1395.txt
C:\Program Files\Everest Poker\history\1396.txt
C:\Program Files\Everest Poker\history\1397.txt
C:\Program Files\Everest Poker\history\1399.txt
C:\Program Files\Everest Poker\history\1402.txt
C:\Program Files\Everest Poker\history\1403.txt
C:\Program Files\Everest Poker\history\1404.txt
C:\Program Files\Everest Poker\history\1405.txt
C:\Program Files\Everest Poker\history\1406.txt
C:\Program Files\Everest Poker\history\1407.txt
C:\Program Files\Everest Poker\history\1409.txt
C:\Program Files\Everest Poker\history\1410.txt
C:\Program Files\Everest Poker\history\1411.txt
C:\Program Files\Everest Poker\history\1413.txt
C:\Program Files\Everest Poker\history\1414.txt
C:\Program Files\Everest Poker\history\1417.txt
C:\Program Files\Everest Poker\history\1418.txt
C:\Program Files\Everest Poker\history\1419.txt
C:\Program Files\Everest Poker\history\1420.txt
C:\Program Files\Everest Poker\history\1421.txt
C:\Program Files\Everest Poker\history\1422.txt
C:\Program Files\Everest Poker\history\1423.txt
C:\Program Files\Everest Poker\history\1424.txt
C:\Program Files\Everest Poker\history\1431.txt
C:\Program Files\Everest Poker\history\1434.txt
C:\Program Files\Everest Poker\history\1435.txt
C:\Program Files\Everest Poker\history\1436.txt
C:\Program Files\Everest Poker\history\1437.txt
C:\Program Files\Everest Poker\history\1438.txt
C:\Program Files\Everest Poker\history\1439.txt
C:\Program Files\Everest Poker\history\890.txt
C:\Program Files\Everest Poker\history\892.txt
C:\Program Files\Everest Poker\history\893.txt
C:\Program Files\Everest Poker\history\895.txt
C:\Program Files\Everest Poker\history\896.txt
C:\Program Files\Everest Poker\history\897.txt
C:\Program Files\Everest Poker\history\898.txt
C:\Program Files\Everest Poker\history\899.txt
C:\Program Files\Everest Poker\history\900.txt
C:\Program Files\Everest Poker\history\902.txt
C:\Program Files\Everest Poker\history\904.txt
C:\Program Files\Everest Poker\history\905.txt
C:\Program Files\Everest Poker\history\909.txt
C:\Program Files\Everest Poker\history\910.txt
C:\Program Files\Everest Poker\history\911.txt
C:\Program Files\Everest Poker\history\913.txt
C:\Program Files\Everest Poker\history\914.txt
C:\Program Files\Everest Poker\history\916.txt
C:\Program Files\Everest Poker\history\918.txt
C:\Program Files\Everest Poker\history\920.txt
C:\Program Files\Everest Poker\history\923.txt
C:\Program Files\Everest Poker\history\924.txt
C:\Program Files\Everest Poker\history\925.txt
C:\Program Files\Everest Poker\history\926.txt
C:\Program Files\Everest Poker\history\927.txt
C:\Program Files\Everest Poker\history\928.txt
C:\Program Files\Everest Poker\history\931.txt
C:\Program Files\Everest Poker\history\932.txt
C:\Program Files\Everest Poker\history\934.txt
C:\Program Files\Everest Poker\history\936.txt
C:\Program Files\Everest Poker\history\938.txt
C:\Program Files\Everest Poker\history\939.txt
C:\Program Files\Everest Poker\history\942.txt
C:\Program Files\Everest Poker\history\943.txt
C:\Program Files\Everest Poker\history\944.txt
C:\Program Files\Everest Poker\history\946.txt
C:\Program Files\Everest Poker\history\947.txt
C:\Program Files\Everest Poker\history\949.txt
C:\Program Files\Everest Poker\history\952.txt
C:\Program Files\Everest Poker\history\957.txt
C:\Program Files\Everest Poker\history\960.txt
C:\Program Files\Everest Poker\history\961.txt
C:\Program Files\Everest Poker\history\963.txt
C:\Program Files\Everest Poker\history\964.txt
C:\Program Files\Everest Poker\history\966.txt
C:\Program Files\Everest Poker\history\968.txt
C:\Program Files\Everest Poker\history\972.txt
C:\Program Files\Everest Poker\history\973.txt
C:\Program Files\Everest Poker\history\974.txt
C:\Program Files\Everest Poker\history\975.txt
C:\Program Files\Everest Poker\history\978.txt
C:\Program Files\Everest Poker\history\979.txt
C:\Program Files\Everest Poker\history\981.txt
C:\Program Files\Everest Poker\history\986.txt
C:\Program Files\Everest Poker\history\989.txt
C:\Program Files\Everest Poker\history\990.txt
C:\Program Files\Everest Poker\history\991.txt
C:\Program Files\Everest Poker\history\993.txt
C:\Program Files\Everest Poker\history\995.txt
C:\Program Files\Everest Poker\history\996.txt
C:\Program Files\Everest Poker\var\content-fr.dat
C:\Documents and Settings\All Users\MENUDM~1\PROGRA~1\Everest Poker
C:\Documents and Settings\All Users\MENUDM~1\PROGRA~1\Everest Poker\Everest Poker.lnk
C:\Documents and Settings\All Users\MENUDM~1\PROGRA~1\Everest Poker\Uninstall Everest Poker.lnk
+-----------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements found :
.
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
.
+-----------------------| It's TV Elements found :
.
+-----------------------| Sweetim Elements found :
.
HKCR\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
HKLM\~\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
HKLM\~\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
HKLM\~\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
HKLM\~\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
HKLM\~\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
HKLM\~\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
HKLM\~\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
HKLM\~\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
HKLM\~\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
HKLM\~\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
HKLM\~\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
HKLM\~\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
HKLM\~\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\~\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
HKLM\~\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
HKLM\~\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
.
C:\WINDOWS\Installer\{11964613-805F-432D-A12B-169554B793E7}\ARPPRODUCTICON.exe
C:\WINDOWS\Installer\{59971D79-8111-42C2-9E40-883A0C277E78}\ARPPRODUCTICON.exe
C:\WINDOWS\Installer\{70B6A483-F815-4879-9AA4-3DCE9BCC61A0}\ARPPRODUCTICON.exe
C:\WINDOWS\Installer\{79821CAD-999C-443D-B420-96F914C84E27}\ARPPRODUCTICON.exe
C:\WINDOWS\Installer\{C985153C-3801-EB63-1432-088E71801036}\ARPPRODUCTICON.exe
C:\WINDOWS\Installer\{FE5D756F-71E1-47C4-972A-D6775344B40B}\ARPPRODUCTICON.exe
+-----------------------| ADDED SCAN :
+--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]
Start Page : hxxp://www.google.com/
+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]
Start Page : hxxp://fr.yahoo.com
+---------------------------------------------------------------------------+
[~34041 bytes] - "C:\AD-report-Scan-03.01.2009.log"
# END at: 3:44:46 | 03/01/2009 - Time elapsed: 35.2 seconds
+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 580 lines ]
+---------------------------------------------------------------------------+
------- Logfile of AD-Remover 1.0.8.4 by C_XX | ONLY XP/VISTA -------
# START at: 3:44:10 | Sam 03/01/2009 | Microsoft® Windows XP™ SP3 (v5.1.2600)
# BOOT MODE: Normal
# OPTION: Scan | EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
# PC: FSC571215072602 | USER: j ( Current user is an administrator)
# DRIVE(S):
- C:\ (File System: NTFS)
# Internet Explorer v7.0.5730.11
# RUNNING PROCESSES: 60
+-----------------------| Boonty/Boonty Games Elements found :
.
HKLM\Software\Boonty
.
C:\Program Files\BoontyGames
C:\Program Files\BoontyGames\Components
C:\Program Files\BoontyGames\Luxor 2
C:\Program Files\BoontyGames\Components\bureau.url
C:\Program Files\BoontyGames\Components\Joystick.ico
C:\Program Files\BoontyGames\Components\start.url
C:\Program Files\BoontyGames\Luxor 2\3rdparty.gvf
C:\Program Files\BoontyGames\Luxor 2\assets
C:\Program Files\BoontyGames\Luxor 2\data.mjz
C:\Program Files\BoontyGames\Luxor 2\DSETUP.dll
C:\Program Files\BoontyGames\Luxor 2\engine.dll
C:\Program Files\BoontyGames\Luxor 2\Fenetre.bmp
C:\Program Files\BoontyGames\Luxor 2\fenetrepop.bmp
C:\Program Files\BoontyGames\Luxor 2\file.dll
C:\Program Files\BoontyGames\Luxor 2\FLEXnet Activation Service Installer.dll
C:\Program Files\BoontyGames\Luxor 2\fmodex.dll
C:\Program Files\BoontyGames\Luxor 2\gfx.dll
C:\Program Files\BoontyGames\Luxor 2\gfx_dd7.dll
C:\Program Files\BoontyGames\Luxor 2\gfx_dx10.dll
C:\Program Files\BoontyGames\Luxor 2\gfx_dx8.dll
C:\Program Files\BoontyGames\Luxor 2\gfx_dx9.dll
C:\Program Files\BoontyGames\Luxor 2\gfx_ogl.dll
C:\Program Files\BoontyGames\Luxor 2\img_jpg.dll
C:\Program Files\BoontyGames\Luxor 2\img_png.dll
C:\Program Files\BoontyGames\Luxor 2\img_tga.dll
C:\Program Files\BoontyGames\Luxor 2\locale
C:\Program Files\BoontyGames\Luxor 2\logger.dll
C:\Program Files\BoontyGames\Luxor 2\luxor2.exe
C:\Program Files\BoontyGames\Luxor 2\platform.dll
C:\Program Files\BoontyGames\Luxor 2\Read_Me.html
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML
C:\Program Files\BoontyGames\Luxor 2\snd3d.dll
C:\Program Files\BoontyGames\Luxor 2\snd3d_fmod.dll
C:\Program Files\BoontyGames\Luxor 2\SpMU.lnk
C:\Program Files\BoontyGames\Luxor 2\thread.dll
C:\Program Files\BoontyGames\Luxor 2\trial.ini
C:\Program Files\BoontyGames\Luxor 2\unins000.dat
C:\Program Files\BoontyGames\Luxor 2\unins000.exe
C:\Program Files\BoontyGames\Luxor 2\website.url
C:\Program Files\BoontyGames\Luxor 2\assets\splashscreen.jpg
C:\Program Files\BoontyGames\Luxor 2\assets\Thumbs.db
C:\Program Files\BoontyGames\Luxor 2\locale\english.mjz
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\buy_connectionrequired.html
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\connectionrequired.html
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\css
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\js
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\manualtransaction.html
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\pageerror.html
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\pleasewait.html
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\repairstart.html
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\thankyou.html
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\transfailure.html
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\trialexit.html
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\trialexpired.html
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\trialstart.html
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\~pleasewait.html
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\css\ShellStyle.css
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\css\ShellStyle_de.css
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\css\ShellStyle_en.css
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\css\ShellStyle_fr.css
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\css\ShellStyle_it.css
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\css\ShellStyle_nl.css
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\css\ShellStyle_po.css
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\css\ShellStyle_sp.css
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bg_nomjeu.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bg_table.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgDELOCK.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgDELOCK_Bottom.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgDELOCK_Coin.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgDELOCK_Left.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgDELOCK_Right.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgERROR.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgERROR_Bottom.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgERROR_Coin.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgERROR_Left.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgERROR_Right.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgOK.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgOK_Bottom.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgOK_Coin.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgOK_Left.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgOK_Right.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgREDUC.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgREDUC_Bottom.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgREDUC_Coin.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgREDUC_Left.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgREDUC_Right.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgSECURE.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgSECURE_Bottom.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgSECURE_Coin.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgSECURE_Left.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgSECURE_Right.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgSUPPORT.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgSUPPORT_Bottom.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgSUPPORT_Coin.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgSUPPORT_Left.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\bkgSUPPORT_Right.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocBkg.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocBottom.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocBottomLeft.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocBottomLeftC.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocBottomLeftCN.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocBottomLeftCR.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocBottomRight.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocCoinCadenas.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocError.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocExpiredTop.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocJouezMiddle.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocJouezTop.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocLeft.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocMiddle.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocRight.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocTop.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocTopLeft.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\blocTopRight.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\boontysecure.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\Bottom.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\BottomLeft.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\BottomLeftEast.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\BottomLeftNorth.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\BottomRight.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\BottomRightNorth.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\BottomRightWest.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btAcheterLeft.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btAcheterMiddle.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btAcheterRight.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\BtBlueLeft.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\BtBlueMiddle.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\BtBlueRight.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btJouerLeft.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btJouerMiddle.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btJouerRight.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\BtnBuyExit.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btn_acheter.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btn_fermer.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btn_infos.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btn_jouer.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btn_nomjeu2.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btn_reactiver.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btn_reduc.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btn_suivant.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\btn_suivant2.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\BtYellowLeft.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\BtYellowMiddle.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\BtYellowQuestion.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\BtYellowRight.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\ButtonBkgLeft_Off.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\ButtonBkgLeft_On.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\ButtonBkgMiddle_Off.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\ButtonBkgMiddle_On.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\ButtonBkgRight_Off.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\ButtonBkgRight_On.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\CacheImgJeu.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\caddie.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\cadenas.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\CloseOff.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\CloseOn.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\fleche.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\flechetrial.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\greypoint.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\jeu.jpg
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\jouer_gratuitement.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\Left.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\MaximizeOff.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\MaximizeOn.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\MinimizeOff.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\MinimizeOn.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\PopBottom.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\PopBottomLeft.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\PopBottomRight.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\PopLeft.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\PopRight.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\PopTop.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\PopTopLeft.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\PopTopRight.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\Right.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\scroll.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\scroll_bkg.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\separator2.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\separatorEnd.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\separatorMiddle.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\separatorStart.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\Shell_popup_03.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\Shell_popup_06.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\Shell_popup_08.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\Shell_popup_09.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\spacer.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\test.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\Top.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\TopLeft.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\TopLeftSouth.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\TopRight.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\TopRightWest.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\transp.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\Images\wait.gif
C:\Program Files\BoontyGames\Luxor 2\SHELL_DEFAULT_HTML\js\ShellScripts.js
C:\Program Files\Fichiers communs\BOONTY Shared
C:\Program Files\Fichiers communs\BOONTY Shared\Service
C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
C:\Documents and Settings\All Users\Application Data\BOONTY
C:\Documents and Settings\All Users\Application Data\BOONTY\Licenses
C:\Documents and Settings\All Users\Application Data\BOONTY\Licenses\B4BF5000.dat
C:\Documents and Settings\All Users\MENUDM~1\PROGRA~1\BoontyGames
C:\Documents and Settings\All Users\MENUDM~1\PROGRA~1\BoontyGames\ Downloadable games.lnk
C:\Documents and Settings\All Users\MENUDM~1\PROGRA~1\BoontyGames\Luxor 2
C:\Documents and Settings\All Users\MENUDM~1\PROGRA~1\BoontyGames\Luxor 2\ Play.lnk
C:\Documents and Settings\All Users\MENUDM~1\PROGRA~1\BoontyGames\Luxor 2\ User Manual.lnk
C:\Documents and Settings\All Users\MENUDM~1\PROGRA~1\BoontyGames\Luxor 2\ Website.lnk
+-----------------------| Eorezo Elements found :
.
.
+-----------------------| Everest Poker Elements found :
.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Everest Poker
.
C:\log_lobby_dumper.txt
C:\log_lobby.txt
C:\Program Files\Everest Poker
C:\Program Files\Everest Poker\casino.exe
C:\Program Files\Everest Poker\cstart-tmp.exe
C:\Program Files\Everest Poker\cstart.exe
C:\Program Files\Everest Poker\data
C:\Program Files\Everest Poker\Everest Poker.exe
C:\Program Files\Everest Poker\gvbase.dll
C:\Program Files\Everest Poker\gvcrt.dll
C:\Program Files\Everest Poker\gvgfx-dib.dll
C:\Program Files\Everest Poker\gvgfx.dll
C:\Program Files\Everest Poker\gvmain.dll
C:\Program Files\Everest Poker\gvmain.exe
C:\Program Files\Everest Poker\gvnetwork.dll
C:\Program Files\Everest Poker\gvsound.dll
C:\Program Files\Everest Poker\history
C:\Program Files\Everest Poker\init.ini
C:\Program Files\Everest Poker\log.dat
C:\Program Files\Everest Poker\settings.ini
C:\Program Files\Everest Poker\toc_fr.ini
C:\Program Files\Everest Poker\var
C:\Program Files\Everest Poker\data\fonts
C:\Program Files\Everest Poker\data\mp-lobby
C:\Program Files\Everest Poker\data\mp-poker
C:\Program Files\Everest Poker\data\shared
C:\Program Files\Everest Poker\data\startup
C:\Program Files\Everest Poker\data\fonts\kgp-en.ttf
C:\Program Files\Everest Poker\data\mp-lobby\fr.gvt
C:\Program Files\Everest Poker\data\mp-lobby\shared.gvt
C:\Program Files\Everest Poker\data\mp-poker\background
C:\Program Files\Everest Poker\data\mp-poker\fr
C:\Program Files\Everest Poker\data\mp-poker\shared.gvt
C:\Program Files\Everest Poker\data\mp-poker\background\default.gvt
C:\Program Files\Everest Poker\data\mp-poker\fr\bitmaps.gvt
C:\Program Files\Everest Poker\data\mp-poker\fr\mp-poker_strings.txt
C:\Program Files\Everest Poker\data\mp-poker\fr\mp-poker_tutorial.txt
C:\Program Files\Everest Poker\data\shared\fr
C:\Program Files\Everest Poker\data\shared\shared
C:\Program Files\Everest Poker\data\shared\fr\country.txt
C:\Program Files\Everest Poker\data\shared\fr\language.txt
C:\Program Files\Everest Poker\data\shared\fr\ordinal.txt
C:\Program Files\Everest Poker\data\shared\shared\bitmaps
C:\Program Files\Everest Poker\data\shared\shared\sounds
C:\Program Files\Everest Poker\data\shared\shared\bitmaps\btn_scroll.gvt
C:\Program Files\Everest Poker\data\shared\shared\bitmaps\check.art
C:\Program Files\Everest Poker\data\shared\shared\bitmaps\chips.art
C:\Program Files\Everest Poker\data\shared\shared\sounds\button.ogg
C:\Program Files\Everest Poker\data\shared\shared\sounds\carddeal.ogg
C:\Program Files\Everest Poker\data\shared\shared\sounds\cardflip.ogg
C:\Program Files\Everest Poker\data\shared\shared\sounds\chipclick.ogg
C:\Program Files\Everest Poker\data\startup\en
C:\Program Files\Everest Poker\data\startup\fr
C:\Program Files\Everest Poker\data\startup\shared
C:\Program Files\Everest Poker\data\startup\en\startup_strings.txt
C:\Program Files\Everest Poker\data\startup\fr\cstart.txt
C:\Program Files\Everest Poker\data\startup\fr\startup_strings.txt
C:\Program Files\Everest Poker\data\startup\shared\bitmaps
C:\Program Files\Everest Poker\data\startup\shared\icons
C:\Program Files\Everest Poker\data\startup\shared\sounds
C:\Program Files\Everest Poker\data\startup\shared\bitmaps\splash_poker.art
C:\Program Files\Everest Poker\data\startup\shared\icons\ep.ico
C:\Program Files\Everest Poker\data\startup\shared\sounds\alert.ogg
C:\Program Files\Everest Poker\history\1000.txt
C:\Program Files\Everest Poker\history\1002.txt
C:\Program Files\Everest Poker\history\1003.txt
C:\Program Files\Everest Poker\history\1006.txt
C:\Program Files\Everest Poker\history\1007.txt
C:\Program Files\Everest Poker\history\1010.txt
C:\Program Files\Everest Poker\history\1012.txt
C:\Program Files\Everest Poker\history\1013.txt
C:\Program Files\Everest Poker\history\1016.txt
C:\Program Files\Everest Poker\history\1018.txt
C:\Program Files\Everest Poker\history\1020.txt
C:\Program Files\Everest Poker\history\1023.txt
C:\Program Files\Everest Poker\history\1025.txt
C:\Program Files\Everest Poker\history\1027.txt
C:\Program Files\Everest Poker\history\1028.txt
C:\Program Files\Everest Poker\history\1029.txt
C:\Program Files\Everest Poker\history\1032.txt
C:\Program Files\Everest Poker\history\1034.txt
C:\Program Files\Everest Poker\history\1037.txt
C:\Program Files\Everest Poker\history\1040.txt
C:\Program Files\Everest Poker\history\1043.txt
C:\Program Files\Everest Poker\history\1044.txt
C:\Program Files\Everest Poker\history\1046.txt
C:\Program Files\Everest Poker\history\1050.txt
C:\Program Files\Everest Poker\history\1052.txt
C:\Program Files\Everest Poker\history\1053.txt
C:\Program Files\Everest Poker\history\1055.txt
C:\Program Files\Everest Poker\history\1058.txt
C:\Program Files\Everest Poker\history\1061.txt
C:\Program Files\Everest Poker\history\1062.txt
C:\Program Files\Everest Poker\history\1064.txt
C:\Program Files\Everest Poker\history\1067.txt
C:\Program Files\Everest Poker\history\1069.txt
C:\Program Files\Everest Poker\history\1072.txt
C:\Program Files\Everest Poker\history\1073.txt
C:\Program Files\Everest Poker\history\1075.txt
C:\Program Files\Everest Poker\history\1076.txt
C:\Program Files\Everest Poker\history\1082.txt
C:\Program Files\Everest Poker\history\1083.txt
C:\Program Files\Everest Poker\history\1085.txt
C:\Program Files\Everest Poker\history\1089.txt
C:\Program Files\Everest Poker\history\1092.txt
C:\Program Files\Everest Poker\history\1094.txt
C:\Program Files\Everest Poker\history\1095.txt
C:\Program Files\Everest Poker\history\1097.txt
C:\Program Files\Everest Poker\history\1102.txt
C:\Program Files\Everest Poker\history\1106.txt
C:\Program Files\Everest Poker\history\1108.txt
C:\Program Files\Everest Poker\history\1111.txt
C:\Program Files\Everest Poker\history\1113.txt
C:\Program Files\Everest Poker\history\1116.txt
C:\Program Files\Everest Poker\history\1120.txt
C:\Program Files\Everest Poker\history\1121.txt
C:\Program Files\Everest Poker\history\1122.txt
C:\Program Files\Everest Poker\history\1125.txt
C:\Program Files\Everest Poker\history\1129.txt
C:\Program Files\Everest Poker\history\1131.txt
C:\Program Files\Everest Poker\history\1135.txt
C:\Program Files\Everest Poker\history\1140.txt
C:\Program Files\Everest Poker\history\1147.txt
C:\Program Files\Everest Poker\history\1154.txt
C:\Program Files\Everest Poker\history\1155.txt
C:\Program Files\Everest Poker\history\1156.txt
C:\Program Files\Everest Poker\history\1161.txt
C:\Program Files\Everest Poker\history\1163.txt
C:\Program Files\Everest Poker\history\1170.txt
C:\Program Files\Everest Poker\history\1173.txt
C:\Program Files\Everest Poker\history\1179.txt
C:\Program Files\Everest Poker\history\1187.txt
C:\Program Files\Everest Poker\history\1189.txt
C:\Program Files\Everest Poker\history\1190.txt
C:\Program Files\Everest Poker\history\1194.txt
C:\Program Files\Everest Poker\history\1195.txt
C:\Program Files\Everest Poker\history\1199.txt
C:\Program Files\Everest Poker\history\1202.txt
C:\Program Files\Everest Poker\history\1206.txt
C:\Program Files\Everest Poker\history\1213.txt
C:\Program Files\Everest Poker\history\1214.txt
C:\Program Files\Everest Poker\history\1227.txt
C:\Program Files\Everest Poker\history\1231.txt
C:\Program Files\Everest Poker\history\1236.txt
C:\Program Files\Everest Poker\history\1237.txt
C:\Program Files\Everest Poker\history\1238.txt
C:\Program Files\Everest Poker\history\1241.txt
C:\Program Files\Everest Poker\history\1247.txt
C:\Program Files\Everest Poker\history\1249.txt
C:\Program Files\Everest Poker\history\1251.txt
C:\Program Files\Everest Poker\history\1254.txt
C:\Program Files\Everest Poker\history\1259.txt
C:\Program Files\Everest Poker\history\1262.txt
C:\Program Files\Everest Poker\history\1265.txt
C:\Program Files\Everest Poker\history\1268.txt
C:\Program Files\Everest Poker\history\1274.txt
C:\Program Files\Everest Poker\history\1275.txt
C:\Program Files\Everest Poker\history\1278.txt
C:\Program Files\Everest Poker\history\1282.txt
C:\Program Files\Everest Poker\history\1288.txt
C:\Program Files\Everest Poker\history\1290.txt
C:\Program Files\Everest Poker\history\1293.txt
C:\Program Files\Everest Poker\history\1294.txt
C:\Program Files\Everest Poker\history\1295.txt
C:\Program Files\Everest Poker\history\1297.txt
C:\Program Files\Everest Poker\history\1304.txt
C:\Program Files\Everest Poker\history\1306.txt
C:\Program Files\Everest Poker\history\1307.txt
C:\Program Files\Everest Poker\history\1312.txt
C:\Program Files\Everest Poker\history\1313.txt
C:\Program Files\Everest Poker\history\1314.txt
C:\Program Files\Everest Poker\history\1315.txt
C:\Program Files\Everest Poker\history\1320.txt
C:\Program Files\Everest Poker\history\1321.txt
C:\Program Files\Everest Poker\history\1322.txt
C:\Program Files\Everest Poker\history\1323.txt
C:\Program Files\Everest Poker\history\1325.txt
C:\Program Files\Everest Poker\history\1329.txt
C:\Program Files\Everest Poker\history\1330.txt
C:\Program Files\Everest Poker\history\1331.txt
C:\Program Files\Everest Poker\history\1332.txt
C:\Program Files\Everest Poker\history\1333.txt
C:\Program Files\Everest Poker\history\1334.txt
C:\Program Files\Everest Poker\history\1335.txt
C:\Program Files\Everest Poker\history\1336.txt
C:\Program Files\Everest Poker\history\1339.txt
C:\Program Files\Everest Poker\history\1340.txt
C:\Program Files\Everest Poker\history\1341.txt
C:\Program Files\Everest Poker\history\1342.txt
C:\Program Files\Everest Poker\history\1343.txt
C:\Program Files\Everest Poker\history\1347.txt
C:\Program Files\Everest Poker\history\1349.txt
C:\Program Files\Everest Poker\history\1351.txt
C:\Program Files\Everest Poker\history\1352.txt
C:\Program Files\Everest Poker\history\1353.txt
C:\Program Files\Everest Poker\history\1356.txt
C:\Program Files\Everest Poker\history\1360.txt
C:\Program Files\Everest Poker\history\1361.txt
C:\Program Files\Everest Poker\history\1362.txt
C:\Program Files\Everest Poker\history\1364.txt
C:\Program Files\Everest Poker\history\1365.txt
C:\Program Files\Everest Poker\history\1369.txt
C:\Program Files\Everest Poker\history\1370.txt
C:\Program Files\Everest Poker\history\1371.txt
C:\Program Files\Everest Poker\history\1372.txt
C:\Program Files\Everest Poker\history\1375.txt
C:\Program Files\Everest Poker\history\1376.txt
C:\Program Files\Everest Poker\history\1377.txt
C:\Program Files\Everest Poker\history\1378.txt
C:\Program Files\Everest Poker\history\1381.txt
C:\Program Files\Everest Poker\history\1382.txt
C:\Program Files\Everest Poker\history\1385.txt
C:\Program Files\Everest Poker\history\1386.txt
C:\Program Files\Everest Poker\history\1389.txt
C:\Program Files\Everest Poker\history\1390.txt
C:\Program Files\Everest Poker\history\1392.txt
C:\Program Files\Everest Poker\history\1393.txt
C:\Program Files\Everest Poker\history\1395.txt
C:\Program Files\Everest Poker\history\1396.txt
C:\Program Files\Everest Poker\history\1397.txt
C:\Program Files\Everest Poker\history\1399.txt
C:\Program Files\Everest Poker\history\1402.txt
C:\Program Files\Everest Poker\history\1403.txt
C:\Program Files\Everest Poker\history\1404.txt
C:\Program Files\Everest Poker\history\1405.txt
C:\Program Files\Everest Poker\history\1406.txt
C:\Program Files\Everest Poker\history\1407.txt
C:\Program Files\Everest Poker\history\1409.txt
C:\Program Files\Everest Poker\history\1410.txt
C:\Program Files\Everest Poker\history\1411.txt
C:\Program Files\Everest Poker\history\1413.txt
C:\Program Files\Everest Poker\history\1414.txt
C:\Program Files\Everest Poker\history\1417.txt
C:\Program Files\Everest Poker\history\1418.txt
C:\Program Files\Everest Poker\history\1419.txt
C:\Program Files\Everest Poker\history\1420.txt
C:\Program Files\Everest Poker\history\1421.txt
C:\Program Files\Everest Poker\history\1422.txt
C:\Program Files\Everest Poker\history\1423.txt
C:\Program Files\Everest Poker\history\1424.txt
C:\Program Files\Everest Poker\history\1431.txt
C:\Program Files\Everest Poker\history\1434.txt
C:\Program Files\Everest Poker\history\1435.txt
C:\Program Files\Everest Poker\history\1436.txt
C:\Program Files\Everest Poker\history\1437.txt
C:\Program Files\Everest Poker\history\1438.txt
C:\Program Files\Everest Poker\history\1439.txt
C:\Program Files\Everest Poker\history\890.txt
C:\Program Files\Everest Poker\history\892.txt
C:\Program Files\Everest Poker\history\893.txt
C:\Program Files\Everest Poker\history\895.txt
C:\Program Files\Everest Poker\history\896.txt
C:\Program Files\Everest Poker\history\897.txt
C:\Program Files\Everest Poker\history\898.txt
C:\Program Files\Everest Poker\history\899.txt
C:\Program Files\Everest Poker\history\900.txt
C:\Program Files\Everest Poker\history\902.txt
C:\Program Files\Everest Poker\history\904.txt
C:\Program Files\Everest Poker\history\905.txt
C:\Program Files\Everest Poker\history\909.txt
C:\Program Files\Everest Poker\history\910.txt
C:\Program Files\Everest Poker\history\911.txt
C:\Program Files\Everest Poker\history\913.txt
C:\Program Files\Everest Poker\history\914.txt
C:\Program Files\Everest Poker\history\916.txt
C:\Program Files\Everest Poker\history\918.txt
C:\Program Files\Everest Poker\history\920.txt
C:\Program Files\Everest Poker\history\923.txt
C:\Program Files\Everest Poker\history\924.txt
C:\Program Files\Everest Poker\history\925.txt
C:\Program Files\Everest Poker\history\926.txt
C:\Program Files\Everest Poker\history\927.txt
C:\Program Files\Everest Poker\history\928.txt
C:\Program Files\Everest Poker\history\931.txt
C:\Program Files\Everest Poker\history\932.txt
C:\Program Files\Everest Poker\history\934.txt
C:\Program Files\Everest Poker\history\936.txt
C:\Program Files\Everest Poker\history\938.txt
C:\Program Files\Everest Poker\history\939.txt
C:\Program Files\Everest Poker\history\942.txt
C:\Program Files\Everest Poker\history\943.txt
C:\Program Files\Everest Poker\history\944.txt
C:\Program Files\Everest Poker\history\946.txt
C:\Program Files\Everest Poker\history\947.txt
C:\Program Files\Everest Poker\history\949.txt
C:\Program Files\Everest Poker\history\952.txt
C:\Program Files\Everest Poker\history\957.txt
C:\Program Files\Everest Poker\history\960.txt
C:\Program Files\Everest Poker\history\961.txt
C:\Program Files\Everest Poker\history\963.txt
C:\Program Files\Everest Poker\history\964.txt
C:\Program Files\Everest Poker\history\966.txt
C:\Program Files\Everest Poker\history\968.txt
C:\Program Files\Everest Poker\history\972.txt
C:\Program Files\Everest Poker\history\973.txt
C:\Program Files\Everest Poker\history\974.txt
C:\Program Files\Everest Poker\history\975.txt
C:\Program Files\Everest Poker\history\978.txt
C:\Program Files\Everest Poker\history\979.txt
C:\Program Files\Everest Poker\history\981.txt
C:\Program Files\Everest Poker\history\986.txt
C:\Program Files\Everest Poker\history\989.txt
C:\Program Files\Everest Poker\history\990.txt
C:\Program Files\Everest Poker\history\991.txt
C:\Program Files\Everest Poker\history\993.txt
C:\Program Files\Everest Poker\history\995.txt
C:\Program Files\Everest Poker\history\996.txt
C:\Program Files\Everest Poker\var\content-fr.dat
C:\Documents and Settings\All Users\MENUDM~1\PROGRA~1\Everest Poker
C:\Documents and Settings\All Users\MENUDM~1\PROGRA~1\Everest Poker\Everest Poker.lnk
C:\Documents and Settings\All Users\MENUDM~1\PROGRA~1\Everest Poker\Uninstall Everest Poker.lnk
+-----------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements found :
.
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
.
+-----------------------| It's TV Elements found :
.
+-----------------------| Sweetim Elements found :
.
HKCR\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
HKLM\~\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
HKLM\~\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
HKLM\~\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
HKLM\~\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
HKLM\~\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
HKLM\~\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
HKLM\~\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
HKLM\~\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
HKLM\~\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
HKLM\~\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
HKLM\~\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
HKLM\~\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
HKLM\~\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\~\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
HKLM\~\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
HKLM\~\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
.
C:\WINDOWS\Installer\{11964613-805F-432D-A12B-169554B793E7}\ARPPRODUCTICON.exe
C:\WINDOWS\Installer\{59971D79-8111-42C2-9E40-883A0C277E78}\ARPPRODUCTICON.exe
C:\WINDOWS\Installer\{70B6A483-F815-4879-9AA4-3DCE9BCC61A0}\ARPPRODUCTICON.exe
C:\WINDOWS\Installer\{79821CAD-999C-443D-B420-96F914C84E27}\ARPPRODUCTICON.exe
C:\WINDOWS\Installer\{C985153C-3801-EB63-1432-088E71801036}\ARPPRODUCTICON.exe
C:\WINDOWS\Installer\{FE5D756F-71E1-47C4-972A-D6775344B40B}\ARPPRODUCTICON.exe
+-----------------------| ADDED SCAN :
+--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]
Start Page : hxxp://www.google.com/
+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]
Start Page : hxxp://fr.yahoo.com
+---------------------------------------------------------------------------+
[~34041 bytes] - "C:\AD-report-Scan-03.01.2009.log"
# END at: 3:44:46 | 03/01/2009 - Time elapsed: 35.2 seconds
+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 580 lines ]
+---------------------------------------------------------------------------+
/!\ Déconnecte-toi et ferme toutes applications en cours /!\
● Double-clique sur AD-Remover pour le lancer : au menu principal, choisis l'option B.
● Coche A à l'écran de sélection :
http://sd-1.archive-host.com/membres/up/16506160323759868/Capturer-ADR.JPG
● Puis choisis S, le programme va travailler.
● Poste le rapport qui apparaît à la fin.
(Le rapport est sauvegardé aussi sous C:\Ad-report.log)
/!\ Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide) /!\
● Double-clique sur AD-Remover pour le lancer : au menu principal, choisis l'option B.
● Coche A à l'écran de sélection :
http://sd-1.archive-host.com/membres/up/16506160323759868/Capturer-ADR.JPG
● Puis choisis S, le programme va travailler.
● Poste le rapport qui apparaît à la fin.
(Le rapport est sauvegardé aussi sous C:\Ad-report.log)
/!\ Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide) /!\
je te remerci beaucoup car ton aide à était precieuse
je te souhaite avec un peu de retard une trés bonne année et tous mes meilleurs voeux
et en te remercian encore
je te souhaite avec un peu de retard une trés bonne année et tous mes meilleurs voeux
et en te remercian encore
