Spyware remover2009
Résolu/Fermé
whitetank
-
8 avril 2009 à 20:17
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 - 12 avril 2009 à 19:10
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 - 12 avril 2009 à 19:10
A voir également:
- Spyware remover2009
- Temu spyware - Guide
- Spyware gratuit - Télécharger - Antivirus & Antimalwares
- Spyware doctor - Télécharger - Antivirus & Antimalwares
- Spyware terminator - Télécharger - Antivirus & Antimalwares
- Spyware blaster - Télécharger - Antivirus & Antimalwares
30 réponses
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
8 avril 2009 à 20:22
8 avril 2009 à 20:22
Salut,
comme par faire ceci :
Important :
Désactive le "tea timer" de Spybot S&D en t'aidant de ce tuto animé (merci Balltrap ;) ) :
http://perso.orange.fr/rginformatique/section%20virus/demo%20spybot.htm
( sur la 1er image , clique sur "tea timer" pour lancer l'animation ).
En effet , il risque de géner dans le bon déroulement des outils de désinfections et dans la répartion du registre ...
Tu le réactiveras une fois qu'on aura finit de désinfecter ( et pas avant ! ) .
/!\ Mais attention :
à ce moment là, le " TeaTimer " de Spybot proposera, par le biais de plusieurs pop-up, d'accepter ou non des modifications de registre ( survenuent lors de la désinfection )
-> il faudra alors les accepter toutes sans exeptions !
Puis part la suite , il faudra rester vigilant lorsque le "TeaTimer" donnera des alertes : accepter une modification uniquement si on en connait la provenance .
Puis refais un scan avec Hijackthis et poste le nouveau rapport obtenue pour contrôle ...
On commencera le nettoyage ensuite ...
comme par faire ceci :
Important :
Désactive le "tea timer" de Spybot S&D en t'aidant de ce tuto animé (merci Balltrap ;) ) :
http://perso.orange.fr/rginformatique/section%20virus/demo%20spybot.htm
( sur la 1er image , clique sur "tea timer" pour lancer l'animation ).
En effet , il risque de géner dans le bon déroulement des outils de désinfections et dans la répartion du registre ...
Tu le réactiveras une fois qu'on aura finit de désinfecter ( et pas avant ! ) .
/!\ Mais attention :
à ce moment là, le " TeaTimer " de Spybot proposera, par le biais de plusieurs pop-up, d'accepter ou non des modifications de registre ( survenuent lors de la désinfection )
-> il faudra alors les accepter toutes sans exeptions !
Puis part la suite , il faudra rester vigilant lorsque le "TeaTimer" donnera des alertes : accepter une modification uniquement si on en connait la provenance .
Puis refais un scan avec Hijackthis et poste le nouveau rapport obtenue pour contrôle ...
On commencera le nettoyage ensuite ...
whitetank
Messages postés
19
Date d'inscription
mercredi 8 avril 2009
Statut
Membre
Dernière intervention
12 avril 2009
8 avril 2009 à 20:36
8 avril 2009 à 20:36
Salut,
merci pour ton aide.
J'ai désactivé TeaTimer et relancé HiJackThis. Voilà le résultat:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:34:30 PM, on 4/8/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\dlcicoms.exe
C:\WINDOWS\system32\userinit.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\nvraidservice.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\WINDOWS\autoclk.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Dell AIO Printer 946\dlcimon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\PROGRA~1\MICROS~3\Office12\OUTLOOK.EXE
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\agent.exe
C:\Program Files\Trend Micro\HijackThis\hjt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=5070320
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trooner.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=5070320
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.search.yahoo.com/search?fr=mcafee&p=%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre0.dll (file missing)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre0.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre0.dll (file missing)
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKLM\..\Run: [autoclk] autoclk.exe
O4 - HKLM\..\Run: [dlcimon.exe] "C:\Program Files\Dell AIO Printer 946\dlcimon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Dell Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [DLCICATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCItime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Labtec\Mouse\V3.0\moffice.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q c:\DOCUME~1\FRANCI~1\LOCALS~1\temp\HSPERF~1.SH! c:\DOCUME~1\FRANCI~1\LOCALS~1\temp\E4J1BD~1.SH! C:\DOCUME~1\FRANCI~1\LOCALS~1\TEMPOR~1\Content.IE5\9PF6XAOT\BROWSE~1.SH! C:\DOCUME~1\FRANCI~1\LOCALS~1\TEMPOR~1\Content.IE5\9PF6XAOT\THIRDP~1.SH!
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Nikon Monitor.lnk = C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?d4f21f14d17041248fb03e7907d8ad2d
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?d4f21f14d17041248fb03e7907d8ad2d
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Flash Decompiler SWF Capture tool - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Flash Decompiler SWF Capture tool menu - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9563.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: dlci_device - - C:\WINDOWS\system32\dlcicoms.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: MgiSvr - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
merci pour ton aide.
J'ai désactivé TeaTimer et relancé HiJackThis. Voilà le résultat:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:34:30 PM, on 4/8/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\dlcicoms.exe
C:\WINDOWS\system32\userinit.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\nvraidservice.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\WINDOWS\autoclk.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Dell AIO Printer 946\dlcimon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\PROGRA~1\MICROS~3\Office12\OUTLOOK.EXE
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\agent.exe
C:\Program Files\Trend Micro\HijackThis\hjt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=5070320
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trooner.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=5070320
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.search.yahoo.com/search?fr=mcafee&p=%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre0.dll (file missing)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre0.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre0.dll (file missing)
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKLM\..\Run: [autoclk] autoclk.exe
O4 - HKLM\..\Run: [dlcimon.exe] "C:\Program Files\Dell AIO Printer 946\dlcimon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Dell Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [DLCICATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCItime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Labtec\Mouse\V3.0\moffice.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q c:\DOCUME~1\FRANCI~1\LOCALS~1\temp\HSPERF~1.SH! c:\DOCUME~1\FRANCI~1\LOCALS~1\temp\E4J1BD~1.SH! C:\DOCUME~1\FRANCI~1\LOCALS~1\TEMPOR~1\Content.IE5\9PF6XAOT\BROWSE~1.SH! C:\DOCUME~1\FRANCI~1\LOCALS~1\TEMPOR~1\Content.IE5\9PF6XAOT\THIRDP~1.SH!
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Nikon Monitor.lnk = C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?d4f21f14d17041248fb03e7907d8ad2d
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?d4f21f14d17041248fb03e7907d8ad2d
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Flash Decompiler SWF Capture tool - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Flash Decompiler SWF Capture tool menu - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9563.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: dlci_device - - C:\WINDOWS\system32\dlcicoms.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: MgiSvr - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
8 avril 2009 à 21:37
8 avril 2009 à 21:37
Bien ...
on commence :
Télécharge ToolBar S&D ( de Eric_71/Team IDN ) sur ton bureau :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
( Tuto : https://sites.google.com/site/toolbarsd/aideenimages )
!! Déconnecte toi et ferme toutes tes applications en cours le temps de la manipe !!
* Double-clique sur ToolBar SD.exe pour lancer l'outil et laisse toi guider ...
--> Tapes directement sur 2 ( option " suppression " ) puis tape sur [Entrée].
Le nettoyage commence .
! ne touche à rien lors de la suppression !
Un rapport sera généré à la fin du processus : poste son contenu dans ta prochaine réponse
accompagné d'un nouveau rapport hijackthis pour analyse ...
( le rapport est en outre sauvegardé ici -> C:\TB.txt )
on commence :
Télécharge ToolBar S&D ( de Eric_71/Team IDN ) sur ton bureau :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
( Tuto : https://sites.google.com/site/toolbarsd/aideenimages )
!! Déconnecte toi et ferme toutes tes applications en cours le temps de la manipe !!
* Double-clique sur ToolBar SD.exe pour lancer l'outil et laisse toi guider ...
--> Tapes directement sur 2 ( option " suppression " ) puis tape sur [Entrée].
Le nettoyage commence .
! ne touche à rien lors de la suppression !
Un rapport sera généré à la fin du processus : poste son contenu dans ta prochaine réponse
accompagné d'un nouveau rapport hijackthis pour analyse ...
( le rapport est en outre sauvegardé ici -> C:\TB.txt )
whitetank
Messages postés
19
Date d'inscription
mercredi 8 avril 2009
Statut
Membre
Dernière intervention
12 avril 2009
8 avril 2009 à 23:14
8 avril 2009 à 23:14
Voici les rapports de Toolbar et de hijackthis
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6700 @ 2.66GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 1.4.1
USER : Francis Blanchard ( Administrator )
BOOT : Normal boot
Antivirus : McAfee VirusScan (Activated)
Firewall : McAfee Personal Firewall (Activated)
C:\ (Local Disk) - NTFS - Total:928 Go (Free:185 Go)
D:\ (CD or DVD)
E:\ (CD or DVD) - UDF - Total:4 Go (Free:0 Go)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)
Q:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( Wed 04/08/2009|22:52 )
-----------\\ SUPPRESSION
Supprime! - [Service] ASKService
Supprime! - C:\Program Files\AskBarDis\bar
Supprime! - C:\Program Files\AskBarDis\unins000.dat
Supprime! - C:\Program Files\AskBarDis\unins000.exe
Supprime! - C:\Program Files\AskBarDis
-----------\\ Recherche de Fichiers / Dossiers ...
C:\WINDOWS\iun6002.exe
-----------\\ Extensions
(Francis Blanchard) - {99B98C2C-7274-45a3-A640-D9DF1A1C8460} => cookieculler
(Francis Blanchard) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://fr.yahoo.com/"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Start Page"="https://www.msn.com/fr-fr/"
"Home_Page"="https://www.dell.com/fr-fr?c=fr&l=fr&s=gen&redirect=1"
"Help_Page"="http://support.euro.dell.com/segment.asp?country=FR&language=FR"
--------------------\\ Recherche d'autres infections
C:\WINDOWS\prefetch\WEBMEDIAPLAYER.EXE-216E8E59.pf
[b]==> EGDACCESS <==/b
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\FRANCI~1\Application Data\Azureus\torrents\[www.globalbolly.com]_Football_Manager_2008_(PC)_+_crack[globalbolly.com]_[mininova][1].torrent
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\Football Manager 2008 (PC) + crack
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\PES2009NOCD CRACK.rar
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\Football Manager 2008 (PC) + crack\fm.exe
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\Football Manager 2008 (PC) + crack\FM2008.iso
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\Football Manager 2008 (PC) + crack\How to get a Nintendo Wii for nothing (United Kingdom Residents only).rtf
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\Football Manager 2008 (PC) + crack\instructions.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r00
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r01
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r02
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r03
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r04
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r05
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r06
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r07
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r08
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r09
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r10
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.sfv
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Aerosoft - German Airports 2 - Dortmund v1.00\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Aerosoft - German Airports 2 - Dortmund v1.00\crack\Instructions.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Fs2004 & FSX Utility - Aerosoft - Pro Flight Emula\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Fs2004 & FSX Utility - Aerosoft - Pro Flight Emula\crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Fs2004 & FSX Utility - Aerosoft - Pro Flight Emula\crack\readme.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\FS2004 - Aerosoft - German Airports 2 - Cologne-Bonn v3.00\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\FS2004 - Aerosoft - German Airports 2 - Cologne-Bonn v3.00\crack\readme.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ground Environment 2006\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ground Environment 2006\crack\Backup
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ground Environment 2006\crack\GroundEnv.exe
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\MedKan Posts - Fs2004 Planes and Addons\PMDG 747-400\pmdg_747-crack.exe
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Super scenery pack\Active CameraV2 +crack&patch.zip
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Super scenery pack\UK2000_GatwickPro_crack.zip
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Brussels v1.1\Aerosoft - Brussels 2007 v1.1\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Brussels v1.1\Aerosoft - Brussels 2007 v1.1\crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Brussels v1.1\Aerosoft - Brussels 2007 v1.1\crack\readme.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Budapest 2007 v1.3\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Budapest 2007 v1.3\crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Budapest 2007 v1.3\crack\readme.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 2 - Cologne-Bonn v3.0\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 2 - Cologne-Bonn v3.0\crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 2 - Cologne-Bonn v3.0\crack\readme.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 2 - Dortmund v1.0\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 2 - Dortmund v1.0\crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 2 - Dortmund v1.0\crack\Instructions.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 2 - Hannover v3.0\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 2 - Hannover v3.0\crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 2 - Hannover v3.0\crack\patch.cmd
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 2 - Hannover v3.0\crack\readme.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 2 - Leipzig Halle v3.0\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 2 - Leipzig Halle v3.0\crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 2 - Leipzig Halle v3.0\crack\readme.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 3 - Hamburg\German Airports 3 - Hamburg (FS9 Only)\Crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 3 - Hamburg\German Airports 3 - Hamburg (FS9 Only)\Crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 3 - Paderborn-Lippstadt v1.0\CRACK
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 3 - Paderborn-Lippstadt v1.0\CRACK\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 3 - Paderborn-Lippstadt v1.0\CRACK\readme.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Lissabon 2008 V1.0\Aerosoft - Crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Lissabon 2008 V1.0\Aerosoft - Crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Lissabon 2008 V1.0\Aerosoft - Crack\readme.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Mega Airport Frankfurt v1.0\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Mega Airport Frankfurt v1.0\crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Mega Airport Frankfurt v1.0\crack\readme.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Mega Airport London Heathrow v1.1\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Mega Airport London Heathrow v1.1\crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Mega Airport London Heathrow v1.1\crack\Instructions.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Mega Airport Madrid Barajas v1.1\Aerosoft - Crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Mega Airport Madrid Barajas v1.1\Aerosoft - Crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Mega Airport Madrid Barajas v1.1\Aerosoft - Crack\readme.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Mega Airport Stockholm Arlanda v1.1\MASA\Crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Mega Airport Stockholm Arlanda v1.1\MASA\Crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Mega Airport Stockholm Arlanda v1.1\MASA\Crack\readme.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Scenery Germany - Bremen\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Scenery Germany - Bremen\crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Scenery Germany - Bremen\crack\patch.cmd
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Scenery Germany - Bremen\crack\readme.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Spanish Airports 2\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Spanish Airports 2\crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Spanish Airports 2\crack\readme.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\FS DreamTeam - O'Hare + Zurich\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\FS DreamTeam - O'Hare + Zurich\crack\bglman.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\FS DreamTeam - O'Hare + Zurich\crack\komu.rulez
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\PMDG - 747-400 Queen of the Skies v1.12\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\PMDG - 747-400 Queen of the Skies v1.12\crack\EnableButton.exe
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\PMDG - 747-400 Queen of the Skies v1.12\crack\PMDG744_744F.reg
C:\DOCUME~1\FRANCI~1\Mes documents\Mes fichiers re‡us\Call of Duty 4 Modern Warfare (2007) (Crackfix)
C:\DOCUME~1\FRANCI~1\Mes documents\Mes fichiers re‡us\FS2004_FS2002_FS2000_FS98_FS_Navigator_4.7_keygen.3384069.TPB.torrent
C:\DOCUME~1\FRANCI~1\Mes documents\Mes fichiers re‡us\anydvd\Patch\Gashliquor Crackware c 2008.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Mes fichiers re‡us\AVS Video Converter v6.2.4.330\Crack
C:\DOCUME~1\FRANCI~1\Mes documents\Mes fichiers re‡us\AVS Video Converter v6.2.4.330\Crack\AVSVideoConverter.exe
C:\DOCUME~1\FRANCI~1\Mes documents\Mes fichiers re‡us\Call of Duty 4 Modern Warfare (2007) (Crackfix)\rzr-cd4f.sfv
C:\DOCUME~1\FRANCI~1\Mes documents\Mes fichiers re‡us\Call of Duty 4 Modern Warfare (2007) (Crackfix)\rzr-cod4.exe
C:\DOCUME~1\FRANCI~1\Mes documents\Mes fichiers re‡us\Call of Duty 4 Modern Warfare (2007) (Crackfix)\rzr-cod4.nfo.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Mes fichiers re‡us\Collectorz.com.Music.Collector.Pro.v7.0.3-TE\Crack
C:\DOCUME~1\FRANCI~1\Mes documents\Mes fichiers re‡us\Flight Simulator X Deluxe with Expansion\De Crack voor Microsoft flight Simulator X Delux
C:\DOCUME~1\FRANCI~1\Mes documents\Mes fichiers re‡us\Monopoly Deluxe\Crack
C:\DOCUME~1\FRANCI~1\Mes documents\Mes fichiers re‡us\Nero 7 Premium Reloaded v7.5.1.1\Nero 7 Premium Reloaded V 7.5.1.1 Official Multilanguage Incl Keygen.iso
C:\DOCUME~1\FRANCI~1\Mes documents\My Games\Combat Flight Simulator 3\No CD crack
C:\DOCUME~1\FRANCI~1\Mes documents\My Games\Combat Flight Simulator 3\No_CDcrack_orginal.rar
C:\DOCUME~1\FRANCI~1\Mes documents\My Games\Combat Flight Simulator 3\No CD crack\cfs3.exe
C:\DOCUME~1\FRANCI~1\Mes documents\My Games\Combat Flight Simulator 3\No CD crack\Readme!.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Plug-in CS2\EyeCandy 5.0\Nature\keygen.exe
C:\DOCUME~1\FRANCI~1\Mes documents\Plug-in CS2\EyeCandy 5.0\Texture\keygen.exe
C:\DOCUME~1\FRANCI~1\Mes documents\UseNeXT\alt.binaries.cracks
C:\DOCUME~1\FRANCI~1\Mes documents\UseNeXT\alt.binaries.warez.flightsim\Aerosoft - Flight Operations Center\crack
C:\DOCUME~1\FRANCI~1\Mes documents\UseNeXT\alt.binaries.warez.flightsim\Aerosoft - Flight Operations Center\crack\crack
C:\DOCUME~1\FRANCI~1\Mes documents\UseNeXT\alt.binaries.warez.flightsim\Aerosoft - Flight Operations Center\crack\crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\UseNeXT\pierrot\Eminem\Eminem.-.Long.Time.No.See.Official.Mixtape.Bootleg.(2008).WwW.LanzamientosMp3.es\18-eminem-jimmy_crack_corn_feat_50_cent.mp3
C:\DOCUME~1\FRANCI~1\Mes documents\UseNeXT\pierrot\Eminem\Eminem_Presents_The_Re-Up-2006-RNS\08-eminem_and_50_cent-jimmy_crack_corn.mp3
C:\DOCUME~1\FRANCI~1\Mes documents\UseNeXT\pierrot\Fat Joe album\don cartagena\02_Fat_Joe-The_Crack_Attack-OSR.mp3
C:\DOCUME~1\FRANCI~1\Mes documents\UseNeXT\pierrot\mix-tape\j-love\J-Love_And_The_Game-West_Coast_Rebirth-(Bootleg)-2007-C4\23-the_game-crack_music.mp3
1 - "C:\ToolBar SD\TB_1.txt" - Wed 04/08/2009|23:03 - Option : [2]
-----------\\ Fin du rapport a 23:03:44.42
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:06:02 PM, on 4/8/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\dlcicoms.exe
C:\WINDOWS\system32\userinit.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\nvraidservice.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\WINDOWS\autoclk.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Dell AIO Printer 946\dlcimon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\hjt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=5070320
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=5070320
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.search.yahoo.com/search?fr=mcafee&p=%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre0.dll (file missing)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre0.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre0.dll (file missing)
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKLM\..\Run: [autoclk] autoclk.exe
O4 - HKLM\..\Run: [dlcimon.exe] "C:\Program Files\Dell AIO Printer 946\dlcimon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Dell Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [DLCICATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCItime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Labtec\Mouse\V3.0\moffice.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q c:\DOCUME~1\FRANCI~1\LOCALS~1\temp\HSPERF~1.SH! c:\DOCUME~1\FRANCI~1\LOCALS~1\temp\E4J1BD~1.SH! C:\DOCUME~1\FRANCI~1\LOCALS~1\TEMPOR~1\Content.IE5\9PF6XAOT\BROWSE~1.SH! C:\DOCUME~1\FRANCI~1\LOCALS~1\TEMPOR~1\Content.IE5\9PF6XAOT\THIRDP~1.SH!
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Nikon Monitor.lnk = C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?d4f21f14d17041248fb03e7907d8ad2d
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?d4f21f14d17041248fb03e7907d8ad2d
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Flash Decompiler SWF Capture tool - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Flash Decompiler SWF Capture tool menu - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9563.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: dlci_device - - C:\WINDOWS\system32\dlcicoms.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: MgiSvr - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6700 @ 2.66GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 1.4.1
USER : Francis Blanchard ( Administrator )
BOOT : Normal boot
Antivirus : McAfee VirusScan (Activated)
Firewall : McAfee Personal Firewall (Activated)
C:\ (Local Disk) - NTFS - Total:928 Go (Free:185 Go)
D:\ (CD or DVD)
E:\ (CD or DVD) - UDF - Total:4 Go (Free:0 Go)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)
Q:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( Wed 04/08/2009|22:52 )
-----------\\ SUPPRESSION
Supprime! - [Service] ASKService
Supprime! - C:\Program Files\AskBarDis\bar
Supprime! - C:\Program Files\AskBarDis\unins000.dat
Supprime! - C:\Program Files\AskBarDis\unins000.exe
Supprime! - C:\Program Files\AskBarDis
-----------\\ Recherche de Fichiers / Dossiers ...
C:\WINDOWS\iun6002.exe
-----------\\ Extensions
(Francis Blanchard) - {99B98C2C-7274-45a3-A640-D9DF1A1C8460} => cookieculler
(Francis Blanchard) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://fr.yahoo.com/"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Start Page"="https://www.msn.com/fr-fr/"
"Home_Page"="https://www.dell.com/fr-fr?c=fr&l=fr&s=gen&redirect=1"
"Help_Page"="http://support.euro.dell.com/segment.asp?country=FR&language=FR"
--------------------\\ Recherche d'autres infections
C:\WINDOWS\prefetch\WEBMEDIAPLAYER.EXE-216E8E59.pf
[b]==> EGDACCESS <==/b
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\FRANCI~1\Application Data\Azureus\torrents\[www.globalbolly.com]_Football_Manager_2008_(PC)_+_crack[globalbolly.com]_[mininova][1].torrent
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\Football Manager 2008 (PC) + crack
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\PES2009NOCD CRACK.rar
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\Football Manager 2008 (PC) + crack\fm.exe
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\Football Manager 2008 (PC) + crack\FM2008.iso
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\Football Manager 2008 (PC) + crack\How to get a Nintendo Wii for nothing (United Kingdom Residents only).rtf
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\Football Manager 2008 (PC) + crack\instructions.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r00
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r01
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r02
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r03
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r04
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r05
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r06
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r07
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r08
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r09
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.r10
C:\DOCUME~1\FRANCI~1\Mes documents\Azureus Downloads\FOOTBALL_MANAGER_2009[www.TmasGames.com]\FOOTBALL_MANAGER_2009-TL\CRACK\fm2009-crack&patch.sfv
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Aerosoft - German Airports 2 - Dortmund v1.00\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Aerosoft - German Airports 2 - Dortmund v1.00\crack\Instructions.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Fs2004 & FSX Utility - Aerosoft - Pro Flight Emula\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Fs2004 & FSX Utility - Aerosoft - Pro Flight Emula\crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Fs2004 & FSX Utility - Aerosoft - Pro Flight Emula\crack\readme.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\FS2004 - Aerosoft - German Airports 2 - Cologne-Bonn v3.00\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\FS2004 - Aerosoft - German Airports 2 - Cologne-Bonn v3.00\crack\readme.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ground Environment 2006\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ground Environment 2006\crack\Backup
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ground Environment 2006\crack\GroundEnv.exe
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\MedKan Posts - Fs2004 Planes and Addons\PMDG 747-400\pmdg_747-crack.exe
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Super scenery pack\Active CameraV2 +crack&patch.zip
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Super scenery pack\UK2000_GatwickPro_crack.zip
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Brussels v1.1\Aerosoft - Brussels 2007 v1.1\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Brussels v1.1\Aerosoft - Brussels 2007 v1.1\crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Brussels v1.1\Aerosoft - Brussels 2007 v1.1\crack\readme.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Budapest 2007 v1.3\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Budapest 2007 v1.3\crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Budapest 2007 v1.3\crack\readme.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 2 - Cologne-Bonn v3.0\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 2 - Cologne-Bonn v3.0\crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 2 - Cologne-Bonn v3.0\crack\readme.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 2 - Dortmund v1.0\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 2 - Dortmund v1.0\crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 2 - Dortmund v1.0\crack\Instructions.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 2 - Hannover v3.0\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 2 - Hannover v3.0\crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 2 - Hannover v3.0\crack\patch.cmd
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 2 - Hannover v3.0\crack\readme.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 2 - Leipzig Halle v3.0\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 2 - Leipzig Halle v3.0\crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 2 - Leipzig Halle v3.0\crack\readme.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 3 - Hamburg\German Airports 3 - Hamburg (FS9 Only)\Crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 3 - Hamburg\German Airports 3 - Hamburg (FS9 Only)\Crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 3 - Paderborn-Lippstadt v1.0\CRACK
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 3 - Paderborn-Lippstadt v1.0\CRACK\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - German Airports 3 - Paderborn-Lippstadt v1.0\CRACK\readme.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Lissabon 2008 V1.0\Aerosoft - Crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Lissabon 2008 V1.0\Aerosoft - Crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Lissabon 2008 V1.0\Aerosoft - Crack\readme.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Mega Airport Frankfurt v1.0\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Mega Airport Frankfurt v1.0\crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Mega Airport Frankfurt v1.0\crack\readme.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Mega Airport London Heathrow v1.1\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Mega Airport London Heathrow v1.1\crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Mega Airport London Heathrow v1.1\crack\Instructions.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Mega Airport Madrid Barajas v1.1\Aerosoft - Crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Mega Airport Madrid Barajas v1.1\Aerosoft - Crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Mega Airport Madrid Barajas v1.1\Aerosoft - Crack\readme.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Mega Airport Stockholm Arlanda v1.1\MASA\Crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Mega Airport Stockholm Arlanda v1.1\MASA\Crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Mega Airport Stockholm Arlanda v1.1\MASA\Crack\readme.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Scenery Germany - Bremen\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Scenery Germany - Bremen\crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Scenery Germany - Bremen\crack\patch.cmd
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Scenery Germany - Bremen\crack\readme.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Spanish Airports 2\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Spanish Airports 2\crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\Aerosoft - Spanish Airports 2\crack\readme.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\FS DreamTeam - O'Hare + Zurich\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\FS DreamTeam - O'Hare + Zurich\crack\bglman.dll
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\FS DreamTeam - O'Hare + Zurich\crack\komu.rulez
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\PMDG - 747-400 Queen of the Skies v1.12\crack
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\PMDG - 747-400 Queen of the Skies v1.12\crack\EnableButton.exe
C:\DOCUME~1\FRANCI~1\Mes documents\Flightsim\Ultimate Scenery and Aircraft Package\PMDG - 747-400 Queen of the Skies v1.12\crack\PMDG744_744F.reg
C:\DOCUME~1\FRANCI~1\Mes documents\Mes fichiers re‡us\Call of Duty 4 Modern Warfare (2007) (Crackfix)
C:\DOCUME~1\FRANCI~1\Mes documents\Mes fichiers re‡us\FS2004_FS2002_FS2000_FS98_FS_Navigator_4.7_keygen.3384069.TPB.torrent
C:\DOCUME~1\FRANCI~1\Mes documents\Mes fichiers re‡us\anydvd\Patch\Gashliquor Crackware c 2008.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Mes fichiers re‡us\AVS Video Converter v6.2.4.330\Crack
C:\DOCUME~1\FRANCI~1\Mes documents\Mes fichiers re‡us\AVS Video Converter v6.2.4.330\Crack\AVSVideoConverter.exe
C:\DOCUME~1\FRANCI~1\Mes documents\Mes fichiers re‡us\Call of Duty 4 Modern Warfare (2007) (Crackfix)\rzr-cd4f.sfv
C:\DOCUME~1\FRANCI~1\Mes documents\Mes fichiers re‡us\Call of Duty 4 Modern Warfare (2007) (Crackfix)\rzr-cod4.exe
C:\DOCUME~1\FRANCI~1\Mes documents\Mes fichiers re‡us\Call of Duty 4 Modern Warfare (2007) (Crackfix)\rzr-cod4.nfo.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Mes fichiers re‡us\Collectorz.com.Music.Collector.Pro.v7.0.3-TE\Crack
C:\DOCUME~1\FRANCI~1\Mes documents\Mes fichiers re‡us\Flight Simulator X Deluxe with Expansion\De Crack voor Microsoft flight Simulator X Delux
C:\DOCUME~1\FRANCI~1\Mes documents\Mes fichiers re‡us\Monopoly Deluxe\Crack
C:\DOCUME~1\FRANCI~1\Mes documents\Mes fichiers re‡us\Nero 7 Premium Reloaded v7.5.1.1\Nero 7 Premium Reloaded V 7.5.1.1 Official Multilanguage Incl Keygen.iso
C:\DOCUME~1\FRANCI~1\Mes documents\My Games\Combat Flight Simulator 3\No CD crack
C:\DOCUME~1\FRANCI~1\Mes documents\My Games\Combat Flight Simulator 3\No_CDcrack_orginal.rar
C:\DOCUME~1\FRANCI~1\Mes documents\My Games\Combat Flight Simulator 3\No CD crack\cfs3.exe
C:\DOCUME~1\FRANCI~1\Mes documents\My Games\Combat Flight Simulator 3\No CD crack\Readme!.txt
C:\DOCUME~1\FRANCI~1\Mes documents\Plug-in CS2\EyeCandy 5.0\Nature\keygen.exe
C:\DOCUME~1\FRANCI~1\Mes documents\Plug-in CS2\EyeCandy 5.0\Texture\keygen.exe
C:\DOCUME~1\FRANCI~1\Mes documents\UseNeXT\alt.binaries.cracks
C:\DOCUME~1\FRANCI~1\Mes documents\UseNeXT\alt.binaries.warez.flightsim\Aerosoft - Flight Operations Center\crack
C:\DOCUME~1\FRANCI~1\Mes documents\UseNeXT\alt.binaries.warez.flightsim\Aerosoft - Flight Operations Center\crack\crack
C:\DOCUME~1\FRANCI~1\Mes documents\UseNeXT\alt.binaries.warez.flightsim\Aerosoft - Flight Operations Center\crack\crack\ascrypt.dll
C:\DOCUME~1\FRANCI~1\Mes documents\UseNeXT\pierrot\Eminem\Eminem.-.Long.Time.No.See.Official.Mixtape.Bootleg.(2008).WwW.LanzamientosMp3.es\18-eminem-jimmy_crack_corn_feat_50_cent.mp3
C:\DOCUME~1\FRANCI~1\Mes documents\UseNeXT\pierrot\Eminem\Eminem_Presents_The_Re-Up-2006-RNS\08-eminem_and_50_cent-jimmy_crack_corn.mp3
C:\DOCUME~1\FRANCI~1\Mes documents\UseNeXT\pierrot\Fat Joe album\don cartagena\02_Fat_Joe-The_Crack_Attack-OSR.mp3
C:\DOCUME~1\FRANCI~1\Mes documents\UseNeXT\pierrot\mix-tape\j-love\J-Love_And_The_Game-West_Coast_Rebirth-(Bootleg)-2007-C4\23-the_game-crack_music.mp3
1 - "C:\ToolBar SD\TB_1.txt" - Wed 04/08/2009|23:03 - Option : [2]
-----------\\ Fin du rapport a 23:03:44.42
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:06:02 PM, on 4/8/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\dlcicoms.exe
C:\WINDOWS\system32\userinit.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\nvraidservice.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\WINDOWS\autoclk.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Dell AIO Printer 946\dlcimon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\hjt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=5070320
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=5070320
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.search.yahoo.com/search?fr=mcafee&p=%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre0.dll (file missing)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre0.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre0.dll (file missing)
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKLM\..\Run: [autoclk] autoclk.exe
O4 - HKLM\..\Run: [dlcimon.exe] "C:\Program Files\Dell AIO Printer 946\dlcimon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Dell Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [DLCICATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCItime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Labtec\Mouse\V3.0\moffice.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q c:\DOCUME~1\FRANCI~1\LOCALS~1\temp\HSPERF~1.SH! c:\DOCUME~1\FRANCI~1\LOCALS~1\temp\E4J1BD~1.SH! C:\DOCUME~1\FRANCI~1\LOCALS~1\TEMPOR~1\Content.IE5\9PF6XAOT\BROWSE~1.SH! C:\DOCUME~1\FRANCI~1\LOCALS~1\TEMPOR~1\Content.IE5\9PF6XAOT\THIRDP~1.SH!
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Nikon Monitor.lnk = C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?d4f21f14d17041248fb03e7907d8ad2d
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?d4f21f14d17041248fb03e7907d8ad2d
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Flash Decompiler SWF Capture tool - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Flash Decompiler SWF Capture tool menu - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9563.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: dlci_device - - C:\WINDOWS\system32\dlcicoms.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: MgiSvr - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
8 avril 2009 à 23:40
8 avril 2009 à 23:40
bien ...
je te conseille vivement d'arrèter les cracks et autre salté du genre ! c'est la première cause d'infections ! ... Et il se cache surement dans l'un d'eux la source de tes ennuis ...
puis fais ceccei dans l'ordre :
1- Télécharge CCleaner :
http://www.commentcamarche.net/telecharger/telecharger 168 ccleaner
ou https://www.pcastuces.com/logitheque/ccleaner.htm
Ce logiciel va permettre de supprimer tous les fichiers temporaires et de corriger ton registre .
Lors de l'installation:
-choisis bien "français" en langue .
-avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires" sauf les 2 premières.
Un tuto ( aide ):
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm
---> Utilisation:
*Décocher dans le menu Options - sous-menu Avancé :
Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures .
! déconnecte toi et ferme toutes applications en cours !
* va dans "nettoyeur" : fais -analyse- puis -nettoyage-
* va dans "registre" : fais -chercher les erreurs- et -réparer toutes les erreurs-
( plusieurs fois jusqu'à ce qu'il n'y est plus d'erreur ) .
( CCleaner : soft à garder sur son PC , super utile pour de bons nettoyages ... )
===========================
2- Télécharge Navilog1 sur ton bureau :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
!! Déconnecte toi,désactive tes défenses( anti-virus,anti-spyware ) et ferme bien toutes tes applications le temps de la manipe !!
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
Laisse-toi guider. Au menu principal, choisis 1 et valide .
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le bloc-note va s'ouvrir.
Copie-colle l'intégralité de son contenu dans ta prochaine réponse et attends la suite .
(Le rapport est en outre sauvegardé à la racine du disque "C\:fixnavi.txt" )
TUTO (aide) : http://www.malekal.com/Adware.Magic_Control.php#mozTocId595901
je te conseille vivement d'arrèter les cracks et autre salté du genre ! c'est la première cause d'infections ! ... Et il se cache surement dans l'un d'eux la source de tes ennuis ...
puis fais ceccei dans l'ordre :
1- Télécharge CCleaner :
http://www.commentcamarche.net/telecharger/telecharger 168 ccleaner
ou https://www.pcastuces.com/logitheque/ccleaner.htm
Ce logiciel va permettre de supprimer tous les fichiers temporaires et de corriger ton registre .
Lors de l'installation:
-choisis bien "français" en langue .
-avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires" sauf les 2 premières.
Un tuto ( aide ):
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm
---> Utilisation:
*Décocher dans le menu Options - sous-menu Avancé :
Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures .
! déconnecte toi et ferme toutes applications en cours !
* va dans "nettoyeur" : fais -analyse- puis -nettoyage-
* va dans "registre" : fais -chercher les erreurs- et -réparer toutes les erreurs-
( plusieurs fois jusqu'à ce qu'il n'y est plus d'erreur ) .
( CCleaner : soft à garder sur son PC , super utile pour de bons nettoyages ... )
===========================
2- Télécharge Navilog1 sur ton bureau :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
!! Déconnecte toi,désactive tes défenses( anti-virus,anti-spyware ) et ferme bien toutes tes applications le temps de la manipe !!
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
Laisse-toi guider. Au menu principal, choisis 1 et valide .
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le bloc-note va s'ouvrir.
Copie-colle l'intégralité de son contenu dans ta prochaine réponse et attends la suite .
(Le rapport est en outre sauvegardé à la racine du disque "C\:fixnavi.txt" )
TUTO (aide) : http://www.malekal.com/Adware.Magic_Control.php#mozTocId595901
whitetank
Messages postés
19
Date d'inscription
mercredi 8 avril 2009
Statut
Membre
Dernière intervention
12 avril 2009
9 avril 2009 à 10:15
9 avril 2009 à 10:15
Voici l'analyse de Navilog1:
Search Navipromo version 3.7.6 commencé le Thu 04/09/2009 à 9:36:57.81
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 14.03.2009 à 18h00 par IL-MAFIOSO
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6700 @ 2.66GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 1.4.1
USER : Francis Blanchard ( Administrator )
BOOT : Normal boot
Antivirus : McAfee VirusScan (Not Activated)
Firewall : McAfee Personal Firewall (Not Activated)
C:\ (Local Disk) - NTFS - Total:928 Go (Free:185 Go)
D:\ (CD or DVD)
E:\ (CD or DVD) - UDF - Total:4 Go (Free:0 Go)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)
Q:\ (CD or DVD)
Recherche executé en mode normal
*** Recherche dossiers dans "C:\WINDOWS" ***
*** Recherche dossiers dans "C:\Program Files" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***
*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Francis Blanchard\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Francis Blanchard\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Francis Blanchard\menudm~1\progra~1" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\WINDOWS\system32" *
* Recherche dans "C:\Documents and Settings\Francis Blanchard\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *
*** Recherche fichiers ***
C:\WINDOWS\prefetch\WEBMEDIAPLAYER.EXE-216E8E59.pf trouvé !
*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\WINDOWS\system32" :
* Dans "C:\Documents and Settings\Francis Blanchard\locals~1\applic~1" :
* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :
3)Recherche Certificats :
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche autres dossiers et fichiers connus :
*** Analyse terminée le Thu 04/09/2009 à 10:07:25.59 ***
Search Navipromo version 3.7.6 commencé le Thu 04/09/2009 à 9:36:57.81
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 14.03.2009 à 18h00 par IL-MAFIOSO
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6700 @ 2.66GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 1.4.1
USER : Francis Blanchard ( Administrator )
BOOT : Normal boot
Antivirus : McAfee VirusScan (Not Activated)
Firewall : McAfee Personal Firewall (Not Activated)
C:\ (Local Disk) - NTFS - Total:928 Go (Free:185 Go)
D:\ (CD or DVD)
E:\ (CD or DVD) - UDF - Total:4 Go (Free:0 Go)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)
Q:\ (CD or DVD)
Recherche executé en mode normal
*** Recherche dossiers dans "C:\WINDOWS" ***
*** Recherche dossiers dans "C:\Program Files" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***
*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Francis Blanchard\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Francis Blanchard\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Francis Blanchard\menudm~1\progra~1" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\WINDOWS\system32" *
* Recherche dans "C:\Documents and Settings\Francis Blanchard\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *
*** Recherche fichiers ***
C:\WINDOWS\prefetch\WEBMEDIAPLAYER.EXE-216E8E59.pf trouvé !
*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\WINDOWS\system32" :
* Dans "C:\Documents and Settings\Francis Blanchard\locals~1\applic~1" :
* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :
3)Recherche Certificats :
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche autres dossiers et fichiers connus :
*** Analyse terminée le Thu 04/09/2009 à 10:07:25.59 ***
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
9 avril 2009 à 11:42
9 avril 2009 à 11:42
Salut,
dans l'ordre :
1- Télécharge OTMoveIt3 (de Old_Timer) sur ton Bureau.
http://oldtimer.geekstogo.com/OTMoveIt3.exe
! Déconnecte toi et ferme toutes tes applications en cours !
Double clique sur "OTMoveIt3.exe" pour ouvrir le prg .
Puis copie ce qui se trouve en citation ci-dessous,
et colle le dans le cadre de gauche de OTMoveIt3 :
Paste Instructions for items to be moved.
(ne touche à rien d'autre !)
-> clique sur MoveIt! pour lancer la suppression.
-> laisse travailler l'outil ...
( Note : ton bureau va disparaitre puis réapparaitre, c'est normal .)
-> une fois finis , un petite fenêtre s'ouvre : clique sur " Yes " .
Ton PC va redémarrer de lui même ...
-->Poste le contenu du rapport qui se trouve dans le dossier "C:\_OTMoveIt\MovedFiles"
( " xxxx2008_xxxxxx.log " où les "x" correspondent au jour et à l'heure de l'utilisation ).
=======================
2- Télécharge SmitfraudFix (de S!Ri, balltrap34 et moe31 ) :
http://siri.urz.free.fr/Fix/SmitfraudFix.exe
Installe le soft sur ton bureau ( et pas ailleurs! ) .
!! Déconnecte toi, ferme toutes tes applications et désactives tes défenses ( anti-virus ,anti-spyware,...) le temps de la manipe !!
Tuto ( aide ) : http://siri.urz.free.fr/Fix/SmitfraudFix.php
Autre tuto animé ( merci balltrapp34 ;) ) : http://pagesperso-orange.fr/rginformatique/section%20virus/smitfraudfix.htm
Utilisation ---> option 1 / Recherche :
Double-clique sur l'icône "Smitfraudfix.exe" et sélectionne 1 (et pas sur autre chose sans notre accord !) pour créer un rapport des fichiers responsables de l'infection.
Poste le rapport ( "rapport.txt" qui se trouve sous C\: ) et attends la suite ...
(Attention : "process.exe", un composant de l'outil, est détecté par certains antivirus comme étant un "RiskTool". Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité.)
dans l'ordre :
1- Télécharge OTMoveIt3 (de Old_Timer) sur ton Bureau.
http://oldtimer.geekstogo.com/OTMoveIt3.exe
! Déconnecte toi et ferme toutes tes applications en cours !
Double clique sur "OTMoveIt3.exe" pour ouvrir le prg .
Puis copie ce qui se trouve en citation ci-dessous,
:processes explorer.exe :Files C:\WINDOWS\prefetch\WEBMEDIAPLAYER.EXE-216E8E59.pf :Commands [purity] [emptytemp] [Reboot]
et colle le dans le cadre de gauche de OTMoveIt3 :
Paste Instructions for items to be moved.
(ne touche à rien d'autre !)
-> clique sur MoveIt! pour lancer la suppression.
-> laisse travailler l'outil ...
( Note : ton bureau va disparaitre puis réapparaitre, c'est normal .)
-> une fois finis , un petite fenêtre s'ouvre : clique sur " Yes " .
Ton PC va redémarrer de lui même ...
-->Poste le contenu du rapport qui se trouve dans le dossier "C:\_OTMoveIt\MovedFiles"
( " xxxx2008_xxxxxx.log " où les "x" correspondent au jour et à l'heure de l'utilisation ).
=======================
2- Télécharge SmitfraudFix (de S!Ri, balltrap34 et moe31 ) :
http://siri.urz.free.fr/Fix/SmitfraudFix.exe
Installe le soft sur ton bureau ( et pas ailleurs! ) .
!! Déconnecte toi, ferme toutes tes applications et désactives tes défenses ( anti-virus ,anti-spyware,...) le temps de la manipe !!
Tuto ( aide ) : http://siri.urz.free.fr/Fix/SmitfraudFix.php
Autre tuto animé ( merci balltrapp34 ;) ) : http://pagesperso-orange.fr/rginformatique/section%20virus/smitfraudfix.htm
Utilisation ---> option 1 / Recherche :
Double-clique sur l'icône "Smitfraudfix.exe" et sélectionne 1 (et pas sur autre chose sans notre accord !) pour créer un rapport des fichiers responsables de l'infection.
Poste le rapport ( "rapport.txt" qui se trouve sous C\: ) et attends la suite ...
(Attention : "process.exe", un composant de l'outil, est détecté par certains antivirus comme étant un "RiskTool". Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité.)
whitetank
Messages postés
19
Date d'inscription
mercredi 8 avril 2009
Statut
Membre
Dernière intervention
12 avril 2009
9 avril 2009 à 13:08
9 avril 2009 à 13:08
Salut,
encore merci pour ton aide.
Voilà les rapports de OTMoveIt3 et de SmitfraudFix.
Je dois te signaler que j'avais déjà supprimé C:\WINDOWS\prefetch\WEBMEDIAPLAYER.EXE-216E8E59.pf avec Navilog1.
========== PROCESSES ==========
Unable to kill process: explorer.exe
========== FILES ==========
File/Folder c:\windows\prefetch\webmediapayer.exe-216E8E59.pf not found.
========== COMMANDS ==========
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\Francis Blanchard\Local Settings\Temporary Internet Files\Content.IE5\QAUIMBC6\ute.do%253Bjsessionid%253DBD453B8AB51F52CB6EB9E495FE45F3E9[1].ned%253A8012%253Fdeparture%253Dmru%2526arrival%253Dcdg%2526departureDate%253D2007-09-26%2526x%253D13%2526y%253D13 scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Francis Blanchard\Local Settings\Temporary Internet Files\Content.IE5\E4RZ5IL7\ute.do%253Bjsessionid%253DBD453B8AB51F52CB6EB9E495FE45F3E9[1].ned%253A8012%253Fdeparture%253Dmru%2526arrival%253Dcdg%2526departureDate%253D2007-09-26%2526x%253D13%2526y%253D13 scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Francis Blanchard\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\mcafee_fbolwF402IgqUGR scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mcmsc_6XL28v0DSL0WkcV scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mcmsc_cTWYsznXPJfkP8w scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mcmsc_Q3GGndui2o14NRw scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_228.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_5jV9aAzV19A74tC scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_FYCv4Po8odIicWm scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_hM4lbHMWn5t5m2u scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_KUivv7RtXX2Oet9 scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_pibZUTHVvtFekhD scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_PKg0tybLWe8boOk scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_T1NJUKjKZBYZd4v scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
OTMoveIt3 by OldTimer - Version 1.0.10.0 log created on 04092009_121633
Files moved on Reboot...
File C:\Documents and Settings\Francis Blanchard\Local Settings\Temporary Internet Files\Content.IE5\QAUIMBC6\ute.do%253Bjsessionid%253DBD453B8AB51F52CB6EB9E495FE45F3E9[1].ned%253A8012%253Fdeparture%253Dmru%2526arrival%253Dcdg%2526departureDate%253D2007-09-26%2526x%253D13%2526y%253D13 not found!
File C:\Documents and Settings\Francis Blanchard\Local Settings\Temporary Internet Files\Content.IE5\E4RZ5IL7\ute.do%253Bjsessionid%253DBD453B8AB51F52CB6EB9E495FE45F3E9[1].ned%253A8012%253Fdeparture%253Dmru%2526arrival%253Dcdg%2526departureDate%253D2007-09-26%2526x%253D13%2526y%253D13 not found!
File C:\WINDOWS\temp\mcafee_fbolwF402IgqUGR not found!
File C:\WINDOWS\temp\mcmsc_6XL28v0DSL0WkcV not found!
File C:\WINDOWS\temp\mcmsc_cTWYsznXPJfkP8w not found!
File C:\WINDOWS\temp\mcmsc_Q3GGndui2o14NRw not found!
File C:\WINDOWS\temp\Perflib_Perfdata_228.dat not found!
C:\WINDOWS\temp\sqlite_5jV9aAzV19A74tC moved successfully.
C:\WINDOWS\temp\sqlite_FYCv4Po8odIicWm moved successfully.
C:\WINDOWS\temp\sqlite_hM4lbHMWn5t5m2u moved successfully.
File C:\WINDOWS\temp\sqlite_KUivv7RtXX2Oet9 not found!
File C:\WINDOWS\temp\sqlite_pibZUTHVvtFekhD not found!
File C:\WINDOWS\temp\sqlite_PKg0tybLWe8boOk not found!
File C:\WINDOWS\temp\sqlite_T1NJUKjKZBYZd4v not found!
SmitFraudFix v2.407
Rapport fait à 12:57:25.95, Thu 04/09/2009
Executé à partir de C:\Temp\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\userinit.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\dlcicoms.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\nvraidservice.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\WINDOWS\autoclk.exe
C:\Program Files\Dell AIO Printer 946\dlcimon.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Temp\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Francis Blanchard
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\FRANCI~1\LOCALS~1\Temp
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Francis Blanchard\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\FRANCI~1\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~1\\Google\\GOOGLE~1\\GOEC62~1.DLL "
"LoadAppInit_DLLs"=dword:00000001
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
»»»»»»»»»»»»»»»»»»»»»»»» RK
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» DNS
HKLM\SYSTEM\CCS\Services\Tcpip\..\{6E62F999-1FA1-4606-A457-792A867FC3B3}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CCS\Services\Tcpip\..\{EB15F001-7B06-4E5F-A81F-BB2AE91DD04D}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip\..\{6E62F999-1FA1-4606-A457-792A867FC3B3}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip\..\{EB15F001-7B06-4E5F-A81F-BB2AE91DD04D}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS2\Services\Tcpip\..\{6E62F999-1FA1-4606-A457-792A867FC3B3}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS2\Services\Tcpip\..\{EB15F001-7B06-4E5F-A81F-BB2AE91DD04D}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS3\Services\Tcpip\..\{6E62F999-1FA1-4606-A457-792A867FC3B3}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
encore merci pour ton aide.
Voilà les rapports de OTMoveIt3 et de SmitfraudFix.
Je dois te signaler que j'avais déjà supprimé C:\WINDOWS\prefetch\WEBMEDIAPLAYER.EXE-216E8E59.pf avec Navilog1.
========== PROCESSES ==========
Unable to kill process: explorer.exe
========== FILES ==========
File/Folder c:\windows\prefetch\webmediapayer.exe-216E8E59.pf not found.
========== COMMANDS ==========
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\Francis Blanchard\Local Settings\Temporary Internet Files\Content.IE5\QAUIMBC6\ute.do%253Bjsessionid%253DBD453B8AB51F52CB6EB9E495FE45F3E9[1].ned%253A8012%253Fdeparture%253Dmru%2526arrival%253Dcdg%2526departureDate%253D2007-09-26%2526x%253D13%2526y%253D13 scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Francis Blanchard\Local Settings\Temporary Internet Files\Content.IE5\E4RZ5IL7\ute.do%253Bjsessionid%253DBD453B8AB51F52CB6EB9E495FE45F3E9[1].ned%253A8012%253Fdeparture%253Dmru%2526arrival%253Dcdg%2526departureDate%253D2007-09-26%2526x%253D13%2526y%253D13 scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Francis Blanchard\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\mcafee_fbolwF402IgqUGR scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mcmsc_6XL28v0DSL0WkcV scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mcmsc_cTWYsznXPJfkP8w scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mcmsc_Q3GGndui2o14NRw scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_228.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_5jV9aAzV19A74tC scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_FYCv4Po8odIicWm scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_hM4lbHMWn5t5m2u scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_KUivv7RtXX2Oet9 scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_pibZUTHVvtFekhD scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_PKg0tybLWe8boOk scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_T1NJUKjKZBYZd4v scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
OTMoveIt3 by OldTimer - Version 1.0.10.0 log created on 04092009_121633
Files moved on Reboot...
File C:\Documents and Settings\Francis Blanchard\Local Settings\Temporary Internet Files\Content.IE5\QAUIMBC6\ute.do%253Bjsessionid%253DBD453B8AB51F52CB6EB9E495FE45F3E9[1].ned%253A8012%253Fdeparture%253Dmru%2526arrival%253Dcdg%2526departureDate%253D2007-09-26%2526x%253D13%2526y%253D13 not found!
File C:\Documents and Settings\Francis Blanchard\Local Settings\Temporary Internet Files\Content.IE5\E4RZ5IL7\ute.do%253Bjsessionid%253DBD453B8AB51F52CB6EB9E495FE45F3E9[1].ned%253A8012%253Fdeparture%253Dmru%2526arrival%253Dcdg%2526departureDate%253D2007-09-26%2526x%253D13%2526y%253D13 not found!
File C:\WINDOWS\temp\mcafee_fbolwF402IgqUGR not found!
File C:\WINDOWS\temp\mcmsc_6XL28v0DSL0WkcV not found!
File C:\WINDOWS\temp\mcmsc_cTWYsznXPJfkP8w not found!
File C:\WINDOWS\temp\mcmsc_Q3GGndui2o14NRw not found!
File C:\WINDOWS\temp\Perflib_Perfdata_228.dat not found!
C:\WINDOWS\temp\sqlite_5jV9aAzV19A74tC moved successfully.
C:\WINDOWS\temp\sqlite_FYCv4Po8odIicWm moved successfully.
C:\WINDOWS\temp\sqlite_hM4lbHMWn5t5m2u moved successfully.
File C:\WINDOWS\temp\sqlite_KUivv7RtXX2Oet9 not found!
File C:\WINDOWS\temp\sqlite_pibZUTHVvtFekhD not found!
File C:\WINDOWS\temp\sqlite_PKg0tybLWe8boOk not found!
File C:\WINDOWS\temp\sqlite_T1NJUKjKZBYZd4v not found!
SmitFraudFix v2.407
Rapport fait à 12:57:25.95, Thu 04/09/2009
Executé à partir de C:\Temp\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\userinit.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\dlcicoms.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\nvraidservice.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\WINDOWS\autoclk.exe
C:\Program Files\Dell AIO Printer 946\dlcimon.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Temp\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Francis Blanchard
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\FRANCI~1\LOCALS~1\Temp
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Francis Blanchard\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\FRANCI~1\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~1\\Google\\GOOGLE~1\\GOEC62~1.DLL "
"LoadAppInit_DLLs"=dword:00000001
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
»»»»»»»»»»»»»»»»»»»»»»»» RK
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» DNS
HKLM\SYSTEM\CCS\Services\Tcpip\..\{6E62F999-1FA1-4606-A457-792A867FC3B3}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CCS\Services\Tcpip\..\{EB15F001-7B06-4E5F-A81F-BB2AE91DD04D}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip\..\{6E62F999-1FA1-4606-A457-792A867FC3B3}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip\..\{EB15F001-7B06-4E5F-A81F-BB2AE91DD04D}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS2\Services\Tcpip\..\{6E62F999-1FA1-4606-A457-792A867FC3B3}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS2\Services\Tcpip\..\{EB15F001-7B06-4E5F-A81F-BB2AE91DD04D}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS3\Services\Tcpip\..\{6E62F999-1FA1-4606-A457-792A867FC3B3}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
9 avril 2009 à 15:23
9 avril 2009 à 15:23
Bien ... Smithfraud passe au travers ....
1- tu vas réutilisé Malwarebytes ainsi :
mets le à jour .
(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : https://www.malekal.com/tutorial-aboutbuster/ )
* Potasse le tuto pour te familiariser avec le prg :
https://forum.pcastuces.com/sujet.asp?f=31&s=3
( cela dis, il est très simple d'utilisation ).
! Déconnecte toi et ferme toutes applications en cours !
* Lance Malwarebyte's .
Fais un examen dit "Rapide" .
--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "résultat" .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .
Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !
Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date) pour analyse ...
============================
2- Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.
-> http://images.malwareremoval.com/random/RSIT.exe
! Ferme bien toutes tes applications en cours !
Double-clique sur " RSIT.exe " pour le lancer .
-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .
* Devant l'option "List files/folders created ..." , tu choisis : 2 months
* clique ensuite sur " Continue " pour lancer l'analyse ...
( Note : Si la dernière version de HijackThis n'est pas détectée sur ton PC, RSIT le téléchargera et te demandera d'accepter la licence.)
-> laisse faire le scan et ne touche pas au PC ...
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).
Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...
Important : poste un rapport, puis l'autre dans la réponse suivante ... si tu essaies de poster les deux en même temps,
cela risque d'être trop long pour le forum ...
Et si "log.txt" seul, ne passe pas non plus , fais le en 2 fois ... merci ...
( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
1- tu vas réutilisé Malwarebytes ainsi :
mets le à jour .
(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : https://www.malekal.com/tutorial-aboutbuster/ )
* Potasse le tuto pour te familiariser avec le prg :
https://forum.pcastuces.com/sujet.asp?f=31&s=3
( cela dis, il est très simple d'utilisation ).
! Déconnecte toi et ferme toutes applications en cours !
* Lance Malwarebyte's .
Fais un examen dit "Rapide" .
--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "résultat" .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .
Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !
Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date) pour analyse ...
============================
2- Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.
-> http://images.malwareremoval.com/random/RSIT.exe
! Ferme bien toutes tes applications en cours !
Double-clique sur " RSIT.exe " pour le lancer .
-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .
* Devant l'option "List files/folders created ..." , tu choisis : 2 months
* clique ensuite sur " Continue " pour lancer l'analyse ...
( Note : Si la dernière version de HijackThis n'est pas détectée sur ton PC, RSIT le téléchargera et te demandera d'accepter la licence.)
-> laisse faire le scan et ne touche pas au PC ...
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).
Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...
Important : poste un rapport, puis l'autre dans la réponse suivante ... si tu essaies de poster les deux en même temps,
cela risque d'être trop long pour le forum ...
Et si "log.txt" seul, ne passe pas non plus , fais le en 2 fois ... merci ...
( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
whitetank
Messages postés
19
Date d'inscription
mercredi 8 avril 2009
Statut
Membre
Dernière intervention
12 avril 2009
9 avril 2009 à 16:20
9 avril 2009 à 16:20
Voici la suite avec l'analyse de RSIT:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Francis Blanchard at 2009-04-09 16:14:06
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 190 GB (20%) free of 951 GB
Total RAM: 3069 MB (76% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\McDefragTask.job
C:\WINDOWS\tasks\SpyHunter Scanner.job
C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-12-18 817936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-11-07 1088296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mskapbho.dll [2009-01-09 246800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll [2009-01-16 58688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2007-01-20 2436160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-25 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2008-11-14 150032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-12-18 817936]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2008-11-14 150032]
SITEguard
{ecdee021-0d17-467f-a1ff-c7a115230949}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DMXLauncher"=C:\Program Files\Dell\Media Experience\DMXLauncher.exe [2005-10-05 94208]
"NVRaidService"=C:\WINDOWS\system32\nvraidservice.exe [2006-08-03 137216]
"DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2005-09-08 122940]
"ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe [2006-03-20 213936]
"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2006-03-20 86960]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-04-24 29744]
"Corel Photo Downloader"=C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe [2006-08-14 462336]
"autoclk"=C:\WINDOWS\autoclk.exe [2003-01-30 143360]
"dlcimon.exe"=C:\Program Files\Dell AIO Printer 946\dlcimon.exe [2006-12-08 435080]
"FaxCenterServer"=C:\Program Files\Dell Fax Solutions\fm3032.exe [2006-12-08 312200]
"nwiz"=nwiz.exe /install []
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2007-09-13 185632]
"SSBkgdUpdate"=C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-09-29 155648]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2009-01-08 645328]
"ArcSoft Connection Service"=C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe [2007-07-03 64000]
"NWEReboot"= []
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-06-29 8466432]
"DLCICATS"=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCItime.dll,_RunDLLEntry@16 []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"ISUSPM"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe [2006-03-20 213936]
"FLMOFFICE4DMOUSE"=C:\Program Files\Labtec\Mouse\V3.0\moffice.exe [2008-12-25 958464]
"SigmatelSysTrayApp"=C:\WINDOWS\stsystra.exe [2006-07-27 282624]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-03-12 342312]
"SpyHunter Security Suite"=C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe [2009-04-02 868352]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-20 68856]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-08-30 139264]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-11-07 21633320]
"DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2007-08-16 167368]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-12-09 234856]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2008-12-19 342848]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2009-02-23 203928]
"DelayShred"=c:\PROGRA~1\mcafee\mshr\ShrCL.EXE [2009-01-09 113168]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Device Detector 3.lnk - C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\Francis Blanchard\Menu Démarrer\Programmes\Démarrage
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
Nikon Monitor.lnk - C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-06 267304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 294400]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\WINDOWS\system32\dlcicoms.exe"="C:\WINDOWS\system32\dlcicoms.exe:*:Enabled:Lexmark Communications System"
"C:\Program Files\Dell AIO Printer 946\dlcimon.exe"="C:\Program Files\Dell AIO Printer 946\dlcimon.exe:*:Enabled:Device Monitor"
"C:\Program Files\Dell AIO Printer 946\DLCIaiox.exe"="C:\Program Files\Dell AIO Printer 946\DLCIaiox.exe:*:Enabled:All In One Center"
"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe"="C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe:*:Enabled:Microsoft Flight Simulator"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\Program Files\IVAO\IvAp\ivapnetint.exe"="C:\Program Files\IVAO\IvAp\ivapnetint.exe:*:Enabled:ivapnetint"
"C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Bohemia Interactive\ArmA\arma.exe"="C:\Program Files\Bohemia Interactive\ArmA\arma.exe:*:Enabled:ArmA"
"C:\Program Files\Cyanide\Pro Cycling Manager\Cym2005.exe"="C:\Program Files\Cyanide\Pro Cycling Manager\Cym2005.exe:*:Enabled:Pro Cycling Manager"
"C:\Program Files\Cyanide\GameCenter\GameCenter.exe"="C:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\UseNeXT\UseNeXT.exe"="C:\Program Files\UseNeXT\UseNeXT.exe:*:Enabled:UseNeXT"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
"C:\Program Files\adslTV\vlc.exe"="C:\Program Files\adslTV\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Dell Network Assistant\ezi_hnm2.exe"="C:\Program Files\Dell Network Assistant\ezi_hnm2.exe:*:Enabled:Dell Network Assistant"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe"="C:\Program Files\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe:*:Enabled:biahh"
"C:\Program Files\Sports Interactive\Football Manager 2009\fm.exe"="C:\Program Files\Sports Interactive\Football Manager 2009\fm.exe:*:Enabled:Football Manager 2009"
"C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe"="C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:*:Disabled:Football Manager 2008"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\IVAO\IvAi\IvAi.exe"="C:\Program Files\IVAO\IvAi\IvAi.exe:*:Enabled:IvAi - IVAO Interface"
"C:\Program Files\Aerosoft\FDC\Flightdeck_Companion.exe"="C:\Program Files\Aerosoft\FDC\Flightdeck_Companion.exe:*:Enabled:Flight Sim Addon"
"C:\Program Files\Fichiers communs\McAfee\MNA\McNASvc.exe"="C:\Program Files\Fichiers communs\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{76c2cbb1-094c-11dd-ac3e-0007cb0000ff}]
shell\AutoRun\command - F:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f426fd7f-e02e-11db-aa98-4d6564696130}]
shell\AutoRun\command - M:\autorun.exe
======File associations======
.scr - open - "%1" %*
======List of files/folders created in the last 2 months======
2009-04-09 16:14:06 ----D---- C:\rsit
2009-04-09 14:03:06 ----D---- C:\Program Files\AskBardis
2009-04-09 12:57:36 ----A---- C:\WINDOWS\system32\tmp.txt
2009-04-09 12:57:25 ----A---- C:\rapport.txt
2009-04-09 12:13:25 ----D---- C:\_OTMoveIt
2009-04-09 10:48:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-04-09 09:36:57 ----A---- C:\fixnavi.txt
2009-04-09 09:31:21 ----D---- C:\Program Files\Navilog1
2009-04-08 22:51:32 ----A---- C:\TB.txt
2009-04-08 22:45:45 ----D---- C:\ToolBar SD
2009-04-08 17:30:56 ----D---- C:\WINDOWS\AU_Temp
2009-04-08 17:30:44 ----D---- C:\WINDOWS\AU_Log
2009-04-08 17:30:42 ----A---- C:\xscan.txt
2009-04-08 17:30:40 ----A---- C:\WINDOWS\TMUPDATE.DLL
2009-04-08 17:30:39 ----A---- C:\WINDOWS\UNZIP.DLL
2009-04-08 17:30:39 ----A---- C:\WINDOWS\PATCH.EXE
2009-04-08 13:30:41 ----D---- C:\Program Files\Enigma Software Group
2009-04-08 09:36:34 ----D---- C:\Program Files\GRISOFT
2009-04-06 23:00:07 ----A---- C:\WINDOWS\eSellerateEngine.dll
2009-04-06 14:32:40 ----D---- C:\Program Files\iPod
2009-04-06 14:32:38 ----D---- C:\Program Files\iTunes
2009-04-06 14:32:38 ----D---- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-04-06 14:30:28 ----D---- C:\Program Files\QuickTime
2009-04-06 14:21:12 ----D---- C:\Program Files\Bonjour
2009-04-06 14:21:09 ----SHD---- C:\Config.Msi
2009-04-05 22:58:17 ----A---- C:\WINDOWS\uninstall_NewSpanishAirports.ini
2009-04-01 08:56:22 ----A---- C:\WINDOWS\system32\javaws.exe
2009-04-01 08:56:22 ----A---- C:\WINDOWS\system32\javaw.exe
2009-04-01 08:56:22 ----A---- C:\WINDOWS\system32\java.exe
2009-03-27 10:16:06 ----D---- C:\Documents and Settings\Francis Blanchard\Application Data\AVS4YOU
2009-03-27 10:16:01 ----D---- C:\Documents and Settings\All Users\Application Data\AVS4YOU
2009-03-27 10:14:51 ----D---- C:\Program Files\Fichiers communs\AVSMedia
2009-03-27 10:14:44 ----D---- C:\Program Files\AVS4YOU
2009-03-27 10:14:44 ----A---- C:\WINDOWS\system32\msxml3a.dll
2009-03-27 10:14:44 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2009-03-24 09:22:36 ----A---- C:\WINDOWS\system32\zlib1i.dll
2009-03-24 09:22:36 ----A---- C:\WINDOWS\system32\Unzip32.dll
2009-03-24 09:22:36 ----A---- C:\WINDOWS\system32\DSPing.dll
2009-03-24 09:22:36 ----A---- C:\WINDOWS\system32\CGZipLibrary.dll
2009-03-22 10:49:14 ----D---- C:\Program Files\Samsung
2009-03-22 10:49:14 ----D---- C:\Hermes
2009-03-22 10:49:14 ----D---- C:\Documents and Settings\All Users\Application Data\Samsung
2009-03-21 10:06:22 ----D---- C:\Documents and Settings\Francis Blanchard\Application Data\Samsung
2009-03-21 10:02:31 ----A---- C:\WINDOWS\system32\framedyn.dll
2009-03-21 10:02:12 ----D---- C:\WINDOWS\system32\Samsung_USB_Drivers
2009-03-20 10:22:30 ----A---- C:\WINDOWS\ModemLog_SAMSUNG CDMA Modem.txt
2009-03-19 02:58:55 ----A---- C:\WINDOWS\JeppView3.ini
2009-03-16 11:33:41 ----D---- C:\Program Files\Trojan Remover
2009-03-12 01:09:17 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-03-12 01:09:11 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-03-12 01:09:05 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-03-12 01:08:26 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$
2009-03-11 09:56:11 ----D---- C:\Program Files\WCG
2009-03-11 09:56:11 ----A---- C:\WINDOWS\system32\vbzlib1.dll
2009-03-06 14:49:20 ----D---- C:\Program Files\Navigraph
2009-03-06 14:49:20 ----D---- C:\Documents and Settings\Francis Blanchard\Application Data\Navigraph
2009-03-05 11:02:57 ----D---- C:\WINDOWS\system32\Kaspersky Lab
2009-03-04 17:59:05 ----D---- C:\Program Files\Trend Micro
2009-02-28 10:13:30 ----D---- C:\Program Files\Fichiers communs\PC Tools
2009-02-28 10:13:24 ----D---- C:\Documents and Settings\All Users\Application Data\PC Tools
2009-02-25 18:58:18 ----D---- C:\Program Files\free-downloads.net
2009-02-25 18:58:18 ----D---- C:\Program Files\Conduit
2009-02-25 18:56:51 ----D---- C:\Program Files\Alcohol Soft
2009-02-25 04:01:04 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-02-25 04:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-02-17 10:37:39 ----D---- C:\Documents and Settings\Francis Blanchard\Application Data\IvAi
2009-02-12 04:01:17 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-02-12 01:59:45 ----A---- C:\WINDOWS\system32\VB6DE.DLL
2009-02-12 01:59:36 ----A---- C:\WINDOWS\system32\WinWorX.dll
2009-02-12 01:59:36 ----A---- C:\WINDOWS\system32\sndspeed.dll
2009-02-12 01:59:30 ----A---- C:\WINDOWS\system32\zlib.dll
2009-02-11 04:02:28 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-02-11 04:02:06 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-02-11 04:01:37 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-02-11 04:01:20 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2009-02-10 16:59:17 ----D---- C:\Program Files\FS Addon Manager
2009-02-10 10:19:45 ----A---- C:\WINDOWS\UpdateClient.INI
2009-02-10 09:51:25 ----A---- C:\WINDOWS\InstallerStatus.ini
2009-02-10 09:50:52 ----A---- C:\WINDOWS\FliteStar.ini
2009-02-10 01:12:39 ----D---- C:\Rwy12 Object Placer v1.2
2009-02-10 01:07:29 ----D---- C:\rwy12
======List of files/folders modified in the last 2 months======
2009-04-09 16:13:33 ----D---- C:\WINDOWS\Temp
2009-04-09 16:11:47 ----D---- C:\Temp
2009-04-09 16:05:19 ----D---- C:\Documents and Settings\Francis Blanchard\Application Data\DNA
2009-04-09 16:02:17 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-04-09 15:57:44 ----D---- C:\Program Files\Dl_cats
2009-04-09 15:52:40 ----D---- C:\WINDOWS\system32
2009-04-09 15:11:09 ----D---- C:\Program Files\Mozilla Firefox
2009-04-09 15:10:30 ----A---- C:\WINDOWS\NeroDigital.ini
2009-04-09 14:03:06 ----RD---- C:\Program Files
2009-04-09 12:55:45 ----D---- C:\Documents and Settings\Francis Blanchard\Application Data\Skype
2009-04-09 12:55:03 ----D---- C:\WINDOWS\system32\drivers
2009-04-09 12:54:59 ----D---- C:\Program Files\DNA
2009-04-09 12:52:24 ----AD---- C:\WINDOWS
2009-04-09 12:52:10 ----SD---- C:\WINDOWS\Tasks
2009-04-09 12:51:03 ----D---- C:\WINDOWS\system32\CatRoot2
2009-04-09 10:51:15 ----D---- C:\Documents and Settings\Francis Blanchard\Application Data\skypePM
2009-04-09 10:50:02 ----D---- C:\WINDOWS\Prefetch
2009-04-09 10:42:15 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-04-08 21:28:05 ----D---- C:\Documents and Settings\Francis Blanchard\Application Data\dvdcss
2009-04-08 20:45:59 ----D---- C:\Documents and Settings\Francis Blanchard\Application Data\Azureus
2009-04-08 17:41:59 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-04-08 17:30:42 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-04-08 15:18:08 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-04-08 13:00:55 ----D---- C:\WINDOWS\Debug
2009-04-08 09:45:33 ----D---- C:\Program Files\Spyware Doctor
2009-04-08 09:42:34 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-04-08 08:02:49 ----RASH---- C:\boot.ini
2009-04-08 07:58:11 ----D---- C:\WINDOWS\Help
2009-04-07 21:56:02 ----A---- C:\WINDOWS\system32\userinit.exe
2009-04-06 23:18:53 ----HD---- C:\Program Files\InstallShield Installation Information
2009-04-06 14:33:21 ----SHD---- C:\WINDOWS\Installer
2009-04-06 14:32:55 ----HD---- C:\WINDOWS\inf
2009-04-06 14:32:54 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-04-06 14:32:39 ----D---- C:\Program Files\Fichiers communs\Apple
2009-04-05 22:59:12 ----A---- C:\WINDOWS\iun6002.exe
2009-04-05 22:19:54 ----D---- C:\Documents and Settings\Francis Blanchard\Application Data\Corel
2009-04-05 08:45:26 ----RSD---- C:\WINDOWS\Fonts
2009-04-04 00:16:07 ----D---- C:\Program Files\McAfee
2009-04-03 14:19:24 ----D---- C:\Documents and Settings\Francis Blanchard\Application Data\Mozilla
2009-04-02 12:27:55 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-04-02 02:19:10 ----D---- C:\Comptes
2009-04-01 08:56:14 ----D---- C:\Program Files\Java
2009-03-30 00:25:48 ----D---- C:\Program Files\adslTV
2009-03-29 14:19:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-03-28 11:34:47 ----A---- C:\WINDOWS\Idbase.ini
2009-03-27 10:14:51 ----D---- C:\Program Files\Fichiers communs
2009-03-26 21:40:36 ----D---- C:\Documents and Settings\Francis Blanchard\Application Data\teamspeak2
2009-03-26 04:50:11 ----D---- C:\Program Files\Logbook Pro
2009-03-26 04:49:57 ----A---- C:\WINDOWS\ODBC.INI
2009-03-22 01:23:45 ----D---- C:\Program Files\FSBuild
2009-03-21 15:39:22 ----D---- C:\WINDOWS\system32\CatRoot
2009-03-20 10:22:25 ----D---- C:\WINDOWS\system32\FxsTmp
2009-03-20 01:44:00 ----D---- C:\WINDOWS\network diagnostic
2009-03-19 18:07:55 ----A---- C:\WINDOWS\SimView.ini
2009-03-19 03:08:57 ----A---- C:\WINDOWS\JeppECData.ini
2009-03-19 02:59:05 ----A---- C:\WINDOWS\Jeppesen.ini
2009-03-19 02:56:41 ----D---- C:\Jeppesen
2009-03-19 00:45:53 ----D---- C:\WINDOWS\Minidump
2009-03-17 18:37:16 ----D---- C:\Program Files\a-squared Anti-Malware
2009-03-17 10:38:32 ----D---- C:\Program Files\CV Expert 3
2009-03-12 01:09:19 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-03-12 01:09:11 ----D---- C:\WINDOWS\WinSxS
2009-03-12 01:08:20 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-03-11 06:54:13 ----HD---- C:\WINDOWS\$hf_mig$
2009-03-09 05:19:08 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-03-06 04:00:32 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-03-06 04:00:32 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-03-05 23:26:23 ----D---- C:\Documents and Settings\Francis Blanchard\Application Data\UseNeXT
2009-02-27 10:37:30 ----D---- C:\Program Files\Azureus
2009-02-25 23:48:13 ----RSD---- C:\WINDOWS\assembly
2009-02-25 23:48:10 ----D---- C:\WINDOWS\system32\DirectX
2009-02-25 20:12:24 ----SD---- C:\Documents and Settings\Francis Blanchard\Application Data\Microsoft
2009-02-25 13:55:00 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-25 00:46:42 ----D---- C:\Program Files\DivX
2009-02-17 10:37:35 ----D---- C:\Program Files\IVAO
2009-02-17 01:02:05 ----D---- C:\Program Files\TuneVNAV Pro
2009-02-13 22:17:32 ----D---- C:\Program Files\FSC
2009-02-13 22:17:32 ----D---- C:\FLIGHTS
2009-02-13 00:06:40 ----D---- C:\Program Files\FTG-ACARS v2
2009-02-12 04:01:02 ----D---- C:\Program Files\Internet Explorer
2009-02-12 04:00:54 ----D---- C:\WINDOWS\ie7updates
2009-02-12 01:57:25 ----D---- C:\Program Files\Aerosoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgArCln;Avg Anti-Rootkit Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgArCln.sys [2007-01-18 3968]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-08-25 5628]
R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-08-25 22684]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2009-01-16 213640]
R1 MPFP;MPFP; C:\WINDOWS\System32\Drivers\Mpfp.sys [2008-10-23 120136]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-03-21 5632]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-09-08 25628]
R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-09-08 2496]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-09-08 86524]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-09-08 14684]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-09-08 6364]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-09-08 87036]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-09-08 94332]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-08-12 40544]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 ARCSOFTVIRTUALCAPTURE;Magic-i Virtual Driver; C:\WINDOWS\system32\DRIVERS\ArcSoftVirtualCapture.sys [2006-12-07 15104]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2006-03-09 143872]
R3 catchme;catchme; \??\C:\DOCUME~1\FRANCI~1\LOCALS~1\Temp\catchme.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-01-15 23848]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2009-01-16 79304]
R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2009-01-16 35272]
R3 moufiltr;Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\moufiltr.sys [2008-12-25 62592]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-06-29 6807328]
R3 rxpvbus;Reality XP Avionics Bus Driver; C:\WINDOWS\system32\DRIVERS\rxpvbus.sys [2005-08-28 44032]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-07-27 1171464]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2003-07-17 46167]
S3 a1ip76i3;a1ip76i3; C:\WINDOWS\system32\drivers\a1ip76i3.sys []
S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [2003-03-27 127145]
S3 apnit5rw;apnit5rw; C:\WINDOWS\system32\drivers\apnit5rw.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DSproct;DSproct; \??\C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys []
S3 E100B;Pilote de carte Intel (R) PRO; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-23 117760]
S3 fbxusb;Carte réseau virtuelle FreeBox USB; C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 21344]
S3 lac97inf;lac97inf; \??\C:\DOCUME~1\FRANCI~1\LOCALS~1\Temp\lac97inf.sys []
S3 mferkdk;McAfee Inc. mferkdk; C:\WINDOWS\system32\drivers\mferkdk.sys [2009-01-16 34216]
S3 mfesmfk;McAfee Inc. mfesmfk; C:\WINDOWS\system32\drivers\mfesmfk.sys [2009-01-16 40552]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NCHSSVAD;SoundTap Recorder; C:\WINDOWS\system32\drivers\nchssvad.sys [2008-11-03 27136]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 PAC207;Webcam 1200; C:\WINDOWS\system32\DRIVERS\PFC027.SYS [2007-06-29 611584]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2005-12-22 80272]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2005-12-22 10864]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2005-12-22 137884]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-11-07 32000]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 VNUSB;VN Series Device; C:\WINDOWS\system32\DRIVERS\VNUSB.sys [2006-04-07 38496]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Filtre de bus AGP Intel; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Filtre de bus AGP Compaq; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;Filtre de bus AGP ALI; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;Pilote de filtre du bus AMD AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-14 5504]
S4 sisagp;Filtre de bus AGP SIS; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 dlci_device;dlci_device; C:\WINDOWS\system32\dlcicoms.exe [2006-12-08 537480]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2008-12-05 206096]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2009-01-08 797864]
R2 McNASvc;McAfee Network Agent; c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe [2009-01-09 2482848]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe [2009-01-09 359952]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-01-16 144704]
R2 MgiSvr;MgiSvr; C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe [2006-11-13 76544]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2009-01-09 884360]
R2 MSK80Service;McAfee SpamKiller Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2009-01-09 26640]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-06-29 155716]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-11-09 66872]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 WSearch;Recherche Windows; C:\WINDOWS\system32\SearchIndexer.exe [2007-02-05 300032]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-03-12 656168]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-25 183280]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-03-25 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-04-24 29744]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2009-01-17 365072]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-08-23 724992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2009-01-07 348752]
S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2009-01-21 1095560]
S3 SonicStage Back-End Service;SonicStage Back-End Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe [2007-02-05 112184]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe [2007-02-05 75320]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2009-01-16 606736]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Francis Blanchard at 2009-04-09 16:14:06
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 190 GB (20%) free of 951 GB
Total RAM: 3069 MB (76% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\McDefragTask.job
C:\WINDOWS\tasks\SpyHunter Scanner.job
C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-12-18 817936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-11-07 1088296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mskapbho.dll [2009-01-09 246800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll [2009-01-16 58688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2007-01-20 2436160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-25 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2008-11-14 150032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-12-18 817936]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2008-11-14 150032]
SITEguard
{ecdee021-0d17-467f-a1ff-c7a115230949}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DMXLauncher"=C:\Program Files\Dell\Media Experience\DMXLauncher.exe [2005-10-05 94208]
"NVRaidService"=C:\WINDOWS\system32\nvraidservice.exe [2006-08-03 137216]
"DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2005-09-08 122940]
"ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe [2006-03-20 213936]
"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2006-03-20 86960]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-04-24 29744]
"Corel Photo Downloader"=C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe [2006-08-14 462336]
"autoclk"=C:\WINDOWS\autoclk.exe [2003-01-30 143360]
"dlcimon.exe"=C:\Program Files\Dell AIO Printer 946\dlcimon.exe [2006-12-08 435080]
"FaxCenterServer"=C:\Program Files\Dell Fax Solutions\fm3032.exe [2006-12-08 312200]
"nwiz"=nwiz.exe /install []
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2007-09-13 185632]
"SSBkgdUpdate"=C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-09-29 155648]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2009-01-08 645328]
"ArcSoft Connection Service"=C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe [2007-07-03 64000]
"NWEReboot"= []
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-06-29 8466432]
"DLCICATS"=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCItime.dll,_RunDLLEntry@16 []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"ISUSPM"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe [2006-03-20 213936]
"FLMOFFICE4DMOUSE"=C:\Program Files\Labtec\Mouse\V3.0\moffice.exe [2008-12-25 958464]
"SigmatelSysTrayApp"=C:\WINDOWS\stsystra.exe [2006-07-27 282624]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-03-12 342312]
"SpyHunter Security Suite"=C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe [2009-04-02 868352]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-20 68856]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-08-30 139264]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-11-07 21633320]
"DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2007-08-16 167368]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-12-09 234856]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2008-12-19 342848]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2009-02-23 203928]
"DelayShred"=c:\PROGRA~1\mcafee\mshr\ShrCL.EXE [2009-01-09 113168]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Device Detector 3.lnk - C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\Francis Blanchard\Menu Démarrer\Programmes\Démarrage
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
Nikon Monitor.lnk - C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-06 267304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 294400]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\WINDOWS\system32\dlcicoms.exe"="C:\WINDOWS\system32\dlcicoms.exe:*:Enabled:Lexmark Communications System"
"C:\Program Files\Dell AIO Printer 946\dlcimon.exe"="C:\Program Files\Dell AIO Printer 946\dlcimon.exe:*:Enabled:Device Monitor"
"C:\Program Files\Dell AIO Printer 946\DLCIaiox.exe"="C:\Program Files\Dell AIO Printer 946\DLCIaiox.exe:*:Enabled:All In One Center"
"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe"="C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe:*:Enabled:Microsoft Flight Simulator"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\Program Files\IVAO\IvAp\ivapnetint.exe"="C:\Program Files\IVAO\IvAp\ivapnetint.exe:*:Enabled:ivapnetint"
"C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Bohemia Interactive\ArmA\arma.exe"="C:\Program Files\Bohemia Interactive\ArmA\arma.exe:*:Enabled:ArmA"
"C:\Program Files\Cyanide\Pro Cycling Manager\Cym2005.exe"="C:\Program Files\Cyanide\Pro Cycling Manager\Cym2005.exe:*:Enabled:Pro Cycling Manager"
"C:\Program Files\Cyanide\GameCenter\GameCenter.exe"="C:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\UseNeXT\UseNeXT.exe"="C:\Program Files\UseNeXT\UseNeXT.exe:*:Enabled:UseNeXT"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
"C:\Program Files\adslTV\vlc.exe"="C:\Program Files\adslTV\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Dell Network Assistant\ezi_hnm2.exe"="C:\Program Files\Dell Network Assistant\ezi_hnm2.exe:*:Enabled:Dell Network Assistant"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe"="C:\Program Files\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe:*:Enabled:biahh"
"C:\Program Files\Sports Interactive\Football Manager 2009\fm.exe"="C:\Program Files\Sports Interactive\Football Manager 2009\fm.exe:*:Enabled:Football Manager 2009"
"C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe"="C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:*:Disabled:Football Manager 2008"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\IVAO\IvAi\IvAi.exe"="C:\Program Files\IVAO\IvAi\IvAi.exe:*:Enabled:IvAi - IVAO Interface"
"C:\Program Files\Aerosoft\FDC\Flightdeck_Companion.exe"="C:\Program Files\Aerosoft\FDC\Flightdeck_Companion.exe:*:Enabled:Flight Sim Addon"
"C:\Program Files\Fichiers communs\McAfee\MNA\McNASvc.exe"="C:\Program Files\Fichiers communs\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{76c2cbb1-094c-11dd-ac3e-0007cb0000ff}]
shell\AutoRun\command - F:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f426fd7f-e02e-11db-aa98-4d6564696130}]
shell\AutoRun\command - M:\autorun.exe
======File associations======
.scr - open - "%1" %*
======List of files/folders created in the last 2 months======
2009-04-09 16:14:06 ----D---- C:\rsit
2009-04-09 14:03:06 ----D---- C:\Program Files\AskBardis
2009-04-09 12:57:36 ----A---- C:\WINDOWS\system32\tmp.txt
2009-04-09 12:57:25 ----A---- C:\rapport.txt
2009-04-09 12:13:25 ----D---- C:\_OTMoveIt
2009-04-09 10:48:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-04-09 09:36:57 ----A---- C:\fixnavi.txt
2009-04-09 09:31:21 ----D---- C:\Program Files\Navilog1
2009-04-08 22:51:32 ----A---- C:\TB.txt
2009-04-08 22:45:45 ----D---- C:\ToolBar SD
2009-04-08 17:30:56 ----D---- C:\WINDOWS\AU_Temp
2009-04-08 17:30:44 ----D---- C:\WINDOWS\AU_Log
2009-04-08 17:30:42 ----A---- C:\xscan.txt
2009-04-08 17:30:40 ----A---- C:\WINDOWS\TMUPDATE.DLL
2009-04-08 17:30:39 ----A---- C:\WINDOWS\UNZIP.DLL
2009-04-08 17:30:39 ----A---- C:\WINDOWS\PATCH.EXE
2009-04-08 13:30:41 ----D---- C:\Program Files\Enigma Software Group
2009-04-08 09:36:34 ----D---- C:\Program Files\GRISOFT
2009-04-06 23:00:07 ----A---- C:\WINDOWS\eSellerateEngine.dll
2009-04-06 14:32:40 ----D---- C:\Program Files\iPod
2009-04-06 14:32:38 ----D---- C:\Program Files\iTunes
2009-04-06 14:32:38 ----D---- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-04-06 14:30:28 ----D---- C:\Program Files\QuickTime
2009-04-06 14:21:12 ----D---- C:\Program Files\Bonjour
2009-04-06 14:21:09 ----SHD---- C:\Config.Msi
2009-04-05 22:58:17 ----A---- C:\WINDOWS\uninstall_NewSpanishAirports.ini
2009-04-01 08:56:22 ----A---- C:\WINDOWS\system32\javaws.exe
2009-04-01 08:56:22 ----A---- C:\WINDOWS\system32\javaw.exe
2009-04-01 08:56:22 ----A---- C:\WINDOWS\system32\java.exe
2009-03-27 10:16:06 ----D---- C:\Documents and Settings\Francis Blanchard\Application Data\AVS4YOU
2009-03-27 10:16:01 ----D---- C:\Documents and Settings\All Users\Application Data\AVS4YOU
2009-03-27 10:14:51 ----D---- C:\Program Files\Fichiers communs\AVSMedia
2009-03-27 10:14:44 ----D---- C:\Program Files\AVS4YOU
2009-03-27 10:14:44 ----A---- C:\WINDOWS\system32\msxml3a.dll
2009-03-27 10:14:44 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2009-03-24 09:22:36 ----A---- C:\WINDOWS\system32\zlib1i.dll
2009-03-24 09:22:36 ----A---- C:\WINDOWS\system32\Unzip32.dll
2009-03-24 09:22:36 ----A---- C:\WINDOWS\system32\DSPing.dll
2009-03-24 09:22:36 ----A---- C:\WINDOWS\system32\CGZipLibrary.dll
2009-03-22 10:49:14 ----D---- C:\Program Files\Samsung
2009-03-22 10:49:14 ----D---- C:\Hermes
2009-03-22 10:49:14 ----D---- C:\Documents and Settings\All Users\Application Data\Samsung
2009-03-21 10:06:22 ----D---- C:\Documents and Settings\Francis Blanchard\Application Data\Samsung
2009-03-21 10:02:31 ----A---- C:\WINDOWS\system32\framedyn.dll
2009-03-21 10:02:12 ----D---- C:\WINDOWS\system32\Samsung_USB_Drivers
2009-03-20 10:22:30 ----A---- C:\WINDOWS\ModemLog_SAMSUNG CDMA Modem.txt
2009-03-19 02:58:55 ----A---- C:\WINDOWS\JeppView3.ini
2009-03-16 11:33:41 ----D---- C:\Program Files\Trojan Remover
2009-03-12 01:09:17 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-03-12 01:09:11 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-03-12 01:09:05 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-03-12 01:08:26 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$
2009-03-11 09:56:11 ----D---- C:\Program Files\WCG
2009-03-11 09:56:11 ----A---- C:\WINDOWS\system32\vbzlib1.dll
2009-03-06 14:49:20 ----D---- C:\Program Files\Navigraph
2009-03-06 14:49:20 ----D---- C:\Documents and Settings\Francis Blanchard\Application Data\Navigraph
2009-03-05 11:02:57 ----D---- C:\WINDOWS\system32\Kaspersky Lab
2009-03-04 17:59:05 ----D---- C:\Program Files\Trend Micro
2009-02-28 10:13:30 ----D---- C:\Program Files\Fichiers communs\PC Tools
2009-02-28 10:13:24 ----D---- C:\Documents and Settings\All Users\Application Data\PC Tools
2009-02-25 18:58:18 ----D---- C:\Program Files\free-downloads.net
2009-02-25 18:58:18 ----D---- C:\Program Files\Conduit
2009-02-25 18:56:51 ----D---- C:\Program Files\Alcohol Soft
2009-02-25 04:01:04 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-02-25 04:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-02-17 10:37:39 ----D---- C:\Documents and Settings\Francis Blanchard\Application Data\IvAi
2009-02-12 04:01:17 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-02-12 01:59:45 ----A---- C:\WINDOWS\system32\VB6DE.DLL
2009-02-12 01:59:36 ----A---- C:\WINDOWS\system32\WinWorX.dll
2009-02-12 01:59:36 ----A---- C:\WINDOWS\system32\sndspeed.dll
2009-02-12 01:59:30 ----A---- C:\WINDOWS\system32\zlib.dll
2009-02-11 04:02:28 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-02-11 04:02:06 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-02-11 04:01:37 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-02-11 04:01:20 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2009-02-10 16:59:17 ----D---- C:\Program Files\FS Addon Manager
2009-02-10 10:19:45 ----A---- C:\WINDOWS\UpdateClient.INI
2009-02-10 09:51:25 ----A---- C:\WINDOWS\InstallerStatus.ini
2009-02-10 09:50:52 ----A---- C:\WINDOWS\FliteStar.ini
2009-02-10 01:12:39 ----D---- C:\Rwy12 Object Placer v1.2
2009-02-10 01:07:29 ----D---- C:\rwy12
======List of files/folders modified in the last 2 months======
2009-04-09 16:13:33 ----D---- C:\WINDOWS\Temp
2009-04-09 16:11:47 ----D---- C:\Temp
2009-04-09 16:05:19 ----D---- C:\Documents and Settings\Francis Blanchard\Application Data\DNA
2009-04-09 16:02:17 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-04-09 15:57:44 ----D---- C:\Program Files\Dl_cats
2009-04-09 15:52:40 ----D---- C:\WINDOWS\system32
2009-04-09 15:11:09 ----D---- C:\Program Files\Mozilla Firefox
2009-04-09 15:10:30 ----A---- C:\WINDOWS\NeroDigital.ini
2009-04-09 14:03:06 ----RD---- C:\Program Files
2009-04-09 12:55:45 ----D---- C:\Documents and Settings\Francis Blanchard\Application Data\Skype
2009-04-09 12:55:03 ----D---- C:\WINDOWS\system32\drivers
2009-04-09 12:54:59 ----D---- C:\Program Files\DNA
2009-04-09 12:52:24 ----AD---- C:\WINDOWS
2009-04-09 12:52:10 ----SD---- C:\WINDOWS\Tasks
2009-04-09 12:51:03 ----D---- C:\WINDOWS\system32\CatRoot2
2009-04-09 10:51:15 ----D---- C:\Documents and Settings\Francis Blanchard\Application Data\skypePM
2009-04-09 10:50:02 ----D---- C:\WINDOWS\Prefetch
2009-04-09 10:42:15 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-04-08 21:28:05 ----D---- C:\Documents and Settings\Francis Blanchard\Application Data\dvdcss
2009-04-08 20:45:59 ----D---- C:\Documents and Settings\Francis Blanchard\Application Data\Azureus
2009-04-08 17:41:59 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-04-08 17:30:42 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-04-08 15:18:08 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-04-08 13:00:55 ----D---- C:\WINDOWS\Debug
2009-04-08 09:45:33 ----D---- C:\Program Files\Spyware Doctor
2009-04-08 09:42:34 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-04-08 08:02:49 ----RASH---- C:\boot.ini
2009-04-08 07:58:11 ----D---- C:\WINDOWS\Help
2009-04-07 21:56:02 ----A---- C:\WINDOWS\system32\userinit.exe
2009-04-06 23:18:53 ----HD---- C:\Program Files\InstallShield Installation Information
2009-04-06 14:33:21 ----SHD---- C:\WINDOWS\Installer
2009-04-06 14:32:55 ----HD---- C:\WINDOWS\inf
2009-04-06 14:32:54 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-04-06 14:32:39 ----D---- C:\Program Files\Fichiers communs\Apple
2009-04-05 22:59:12 ----A---- C:\WINDOWS\iun6002.exe
2009-04-05 22:19:54 ----D---- C:\Documents and Settings\Francis Blanchard\Application Data\Corel
2009-04-05 08:45:26 ----RSD---- C:\WINDOWS\Fonts
2009-04-04 00:16:07 ----D---- C:\Program Files\McAfee
2009-04-03 14:19:24 ----D---- C:\Documents and Settings\Francis Blanchard\Application Data\Mozilla
2009-04-02 12:27:55 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-04-02 02:19:10 ----D---- C:\Comptes
2009-04-01 08:56:14 ----D---- C:\Program Files\Java
2009-03-30 00:25:48 ----D---- C:\Program Files\adslTV
2009-03-29 14:19:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-03-28 11:34:47 ----A---- C:\WINDOWS\Idbase.ini
2009-03-27 10:14:51 ----D---- C:\Program Files\Fichiers communs
2009-03-26 21:40:36 ----D---- C:\Documents and Settings\Francis Blanchard\Application Data\teamspeak2
2009-03-26 04:50:11 ----D---- C:\Program Files\Logbook Pro
2009-03-26 04:49:57 ----A---- C:\WINDOWS\ODBC.INI
2009-03-22 01:23:45 ----D---- C:\Program Files\FSBuild
2009-03-21 15:39:22 ----D---- C:\WINDOWS\system32\CatRoot
2009-03-20 10:22:25 ----D---- C:\WINDOWS\system32\FxsTmp
2009-03-20 01:44:00 ----D---- C:\WINDOWS\network diagnostic
2009-03-19 18:07:55 ----A---- C:\WINDOWS\SimView.ini
2009-03-19 03:08:57 ----A---- C:\WINDOWS\JeppECData.ini
2009-03-19 02:59:05 ----A---- C:\WINDOWS\Jeppesen.ini
2009-03-19 02:56:41 ----D---- C:\Jeppesen
2009-03-19 00:45:53 ----D---- C:\WINDOWS\Minidump
2009-03-17 18:37:16 ----D---- C:\Program Files\a-squared Anti-Malware
2009-03-17 10:38:32 ----D---- C:\Program Files\CV Expert 3
2009-03-12 01:09:19 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-03-12 01:09:11 ----D---- C:\WINDOWS\WinSxS
2009-03-12 01:08:20 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-03-11 06:54:13 ----HD---- C:\WINDOWS\$hf_mig$
2009-03-09 05:19:08 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-03-06 04:00:32 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-03-06 04:00:32 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-03-05 23:26:23 ----D---- C:\Documents and Settings\Francis Blanchard\Application Data\UseNeXT
2009-02-27 10:37:30 ----D---- C:\Program Files\Azureus
2009-02-25 23:48:13 ----RSD---- C:\WINDOWS\assembly
2009-02-25 23:48:10 ----D---- C:\WINDOWS\system32\DirectX
2009-02-25 20:12:24 ----SD---- C:\Documents and Settings\Francis Blanchard\Application Data\Microsoft
2009-02-25 13:55:00 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-25 00:46:42 ----D---- C:\Program Files\DivX
2009-02-17 10:37:35 ----D---- C:\Program Files\IVAO
2009-02-17 01:02:05 ----D---- C:\Program Files\TuneVNAV Pro
2009-02-13 22:17:32 ----D---- C:\Program Files\FSC
2009-02-13 22:17:32 ----D---- C:\FLIGHTS
2009-02-13 00:06:40 ----D---- C:\Program Files\FTG-ACARS v2
2009-02-12 04:01:02 ----D---- C:\Program Files\Internet Explorer
2009-02-12 04:00:54 ----D---- C:\WINDOWS\ie7updates
2009-02-12 01:57:25 ----D---- C:\Program Files\Aerosoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgArCln;Avg Anti-Rootkit Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgArCln.sys [2007-01-18 3968]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-08-25 5628]
R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-08-25 22684]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2009-01-16 213640]
R1 MPFP;MPFP; C:\WINDOWS\System32\Drivers\Mpfp.sys [2008-10-23 120136]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-03-21 5632]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-09-08 25628]
R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-09-08 2496]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-09-08 86524]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-09-08 14684]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-09-08 6364]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-09-08 87036]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-09-08 94332]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-08-12 40544]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 ARCSOFTVIRTUALCAPTURE;Magic-i Virtual Driver; C:\WINDOWS\system32\DRIVERS\ArcSoftVirtualCapture.sys [2006-12-07 15104]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2006-03-09 143872]
R3 catchme;catchme; \??\C:\DOCUME~1\FRANCI~1\LOCALS~1\Temp\catchme.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-01-15 23848]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2009-01-16 79304]
R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2009-01-16 35272]
R3 moufiltr;Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\moufiltr.sys [2008-12-25 62592]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-06-29 6807328]
R3 rxpvbus;Reality XP Avionics Bus Driver; C:\WINDOWS\system32\DRIVERS\rxpvbus.sys [2005-08-28 44032]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-07-27 1171464]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2003-07-17 46167]
S3 a1ip76i3;a1ip76i3; C:\WINDOWS\system32\drivers\a1ip76i3.sys []
S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [2003-03-27 127145]
S3 apnit5rw;apnit5rw; C:\WINDOWS\system32\drivers\apnit5rw.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DSproct;DSproct; \??\C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys []
S3 E100B;Pilote de carte Intel (R) PRO; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-23 117760]
S3 fbxusb;Carte réseau virtuelle FreeBox USB; C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 21344]
S3 lac97inf;lac97inf; \??\C:\DOCUME~1\FRANCI~1\LOCALS~1\Temp\lac97inf.sys []
S3 mferkdk;McAfee Inc. mferkdk; C:\WINDOWS\system32\drivers\mferkdk.sys [2009-01-16 34216]
S3 mfesmfk;McAfee Inc. mfesmfk; C:\WINDOWS\system32\drivers\mfesmfk.sys [2009-01-16 40552]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NCHSSVAD;SoundTap Recorder; C:\WINDOWS\system32\drivers\nchssvad.sys [2008-11-03 27136]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 PAC207;Webcam 1200; C:\WINDOWS\system32\DRIVERS\PFC027.SYS [2007-06-29 611584]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2005-12-22 80272]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2005-12-22 10864]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2005-12-22 137884]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-11-07 32000]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 VNUSB;VN Series Device; C:\WINDOWS\system32\DRIVERS\VNUSB.sys [2006-04-07 38496]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Filtre de bus AGP Intel; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Filtre de bus AGP Compaq; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;Filtre de bus AGP ALI; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;Pilote de filtre du bus AMD AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-14 5504]
S4 sisagp;Filtre de bus AGP SIS; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 dlci_device;dlci_device; C:\WINDOWS\system32\dlcicoms.exe [2006-12-08 537480]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2008-12-05 206096]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2009-01-08 797864]
R2 McNASvc;McAfee Network Agent; c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe [2009-01-09 2482848]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe [2009-01-09 359952]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-01-16 144704]
R2 MgiSvr;MgiSvr; C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe [2006-11-13 76544]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2009-01-09 884360]
R2 MSK80Service;McAfee SpamKiller Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2009-01-09 26640]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-06-29 155716]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-11-09 66872]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 WSearch;Recherche Windows; C:\WINDOWS\system32\SearchIndexer.exe [2007-02-05 300032]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-03-12 656168]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-25 183280]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-03-25 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-04-24 29744]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2009-01-17 365072]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-08-23 724992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2009-01-07 348752]
S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2009-01-21 1095560]
S3 SonicStage Back-End Service;SonicStage Back-End Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe [2007-02-05 112184]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe [2007-02-05 75320]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2009-01-16 606736]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
whitetank
Messages postés
19
Date d'inscription
mercredi 8 avril 2009
Statut
Membre
Dernière intervention
12 avril 2009
9 avril 2009 à 16:55
9 avril 2009 à 16:55
'avais oublié info.txt, le voici :
info.txt logfile of random's system information tool 1.06 2009-04-09 16:14:11
======Uninstall list======
Flight One Software Meridian 2004-->C:\WINDOWS\iun6002.exe "C:\Program Files\Microsoft Games\Flight Simulator 9\Merid.ini"
-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->Dummy
-->MsiExec /X{74224F8D-4A17-4816-9EDB-7BB854DE532C}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
737 Pilot in Command - 400/500 Upgrade-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal_737PIC.exe
737-300 Pilot in Command-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal_737-300PIC.exe
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /X{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
AC3Filter (remove only)-->C:\Program Files\AC3Filter\uninstall.exe
ActiveSky Version 6.5 and ActiveSky Graphics-->MsiExec.exe /X{0F0D371F-C111-4279-963A-04139A5E49DB}
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000101}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D}
Adobe Reader 8.1.4 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-0C40-4930-9AFE-113BCE553101}
adsl TV-->C:\Program Files\adslTV\Uninstal.exe
aerosoft's - aerosoft's Ibiza and Formentera - FS2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A6054E11-9CD7-4F04-92B2-1F7D3BA58C72}\Setup.exe" -uninst
aerosoft's - AES-Base&&AirportPack - FS2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{20A96613-3802-436C-842E-653C62FABA0D}\Setup.exe" -uninst
aerosoft's - Brussels 2007-->C:\Program Files\InstallShield Installation Information\{D4FB2856-E6EB-4864-A241-4587ED21A11B}\setup.exe -runfromtemp -l0x0009 -uninst -removeonly
aerosoft's - Budapest 2007 - FS2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0976C02C-0F73-447D-9657-5318C0C45A05}\Setup.exe" -uninst
aerosoft's - CanaryIslands 3.2 Update - FS2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2B0000B7-89C7-49FD-B9CC-139CA2456822}\Setup.exe" -uninst
aerosoft's - FDC Live Cockpit-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{126B6545-C321-4C22-A8C1-F59065A5E344}\Setup.exe" -uninst
aerosoft's - German Airports 2 - Cologne-Bonn - FS2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{46464A5D-7D14-41E3-9C26-E3C186F37D84}\Setup.exe" -uninst
aerosoft's - German Airports 2 - Dortmund-->C:\Program Files\InstallShield Installation Information\{3ABDFABB-FA48-4BCA-9ECC-3EFC1E5143D2}\setup.exe -runfromtemp -l0x0009 -uninst -removeonly
aerosoft's - German Airports 2 - Hannover - FS2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A9B9F552-FE23-40A5-9763-E61BA9A3E026}\Setup.exe" -uninst
aerosoft's - German Airports 2 - Leipzig - FS2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{705F27B3-5B35-4EC4-A258-BF16D83BE22B}\Setup.exe" -uninst
aerosoft's - German Airports 3 - Hamburg-->C:\Program Files\InstallShield Installation Information\{D234EAC0-7D49-492F-97EC-8FA09FD7C1C4}\setup.exe -runfromtemp -l0x0009 -removeonly
aerosoft's - German Airports 4 - FS2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{674D3526-6B4F-468A-9802-1130A39B1562}\Setup.exe" -uninst
aerosoft's - Lissabon 2008-->C:\Program Files\InstallShield Installation Information\{4C4494AC-E3E4-4675-8973-1B6403429C02}\setup.exe -runfromtemp -l0x0009 -uninst -removeonly
aerosoft's - London Heathrow 2008-->C:\Program Files\InstallShield Installation Information\{C0A6901F-C919-47A3-A4D9-E2056314086B}\setup.exe -runfromtemp -l0x0009 -uninst -removeonly
aerosoft's - Madrid 2008-->C:\Program Files\InstallShield Installation Information\{0FC39141-1BB8-4C29-9D74-A6710131B74F}\setup.exe -runfromtemp -l0x0009 -uninst -removeonly
aerosoft's - Manhattan - FS2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D0E5A0A5-9C8C-4389-893E-B9ED05AE98E0}\Setup.exe" -uninst
aerosoft's - Marseille2005 - FS2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0F5CECC1-FA4F-4DC9-A591-D3D46AE8C981}\Setup.exe" -uninst
aerosoft's - Mega Airport Frankfurt - FS2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D4E22434-1BCE-4C91-A1E4-FC352DFD4B3B}\Setup.exe" -uninst
aerosoft's - Mega Airport Paris CDG-->C:\Program Files\InstallShield Installation Information\{51D199F4-5593-4BC9-B2A5-BB1CDE0C894A}\setup.exe -runfromtemp -l0x0009 -removeonly
aerosoft's - Mega Airport Stockholm Arlanda-->C:\Program Files\InstallShield Installation Information\{D86B6E8D-F224-4BB6-B959-C8EDC5300B5D}\setup.exe -runfromtemp -l0x0009 -removeonly
aerosoft's - New Spanish Airports - FS2004-->"C:\Program Files\Microsoft Games\Flight Simulator 9\aerosoft\Uninstall.exe" "uninstall_NewSpanishAirports.ini" "C:\Program Files\Microsoft Games\Flight Simulator 9"
aerosoft's - Real Germany 1 - FS2004-->"C:\Program Files\Microsoft Games\Flight Simulator 9\aerosoft\Uninstall.exe" "uninstall_RG1.ini" "C:\Program Files\Microsoft Games\Flight Simulator 9"
aerosoft's - Real Germany 3 Update 1.2 - FS2004-->"C:\Program Files\Microsoft Games\Flight Simulator 9\aerosoft\Uninstall.exe" "uninstall_RG3.ini" "C:\Program Files\Microsoft Games\Flight Simulator 9"
aerosoft's - Scenery Germany - Bremen-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{19590C2B-8710-4DEB-BEC9-75491179BE7D}\Setup.exe" -uninst
aerosoft's - Spanish Airports 2 - FS2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{994B62F0-5F8F-4D5C-BAC6-754CCFD03766}\Setup.exe" -uninst
AFSD version 3.12-->"C:\Program Files\AFSD\unins000.exe"
Airbus Series Vol.1 Deluxe (FS2004)-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal_Airbus1_wilco.exe
AirNav Live Flight Tracker 6-->MsiExec.exe /I{19B11AFF-3AE3-448C-8A69-AEC463EDBB41}
AirNav Suite-->C:\WINDOWS\uninst.exe -f"C:\Program Files\AirNav Systems\AirNav Suite 4\DeIsL1.isu" -c"C:\Program Files\AirNav Systems\AirNav Suite 4\_ISREG32.DLL"
Alien Skin Eye Candy 5 Nature-->C:\PROGRA~1\Adobe\ADOBEP~1\MODULE~1\ALIENS~1\EYECAN~1\UNWISE.EXE C:\PROGRA~1\Adobe\ADOBEP~1\MODULE~1\ALIENS~1\EYECAN~1\INSTALL.LOG
Alien Skin Eye Candy 5 Textures-->C:\PROGRA~1\Adobe\ADOBEP~1\ALIENS~1\EYECAN~1\UNWISE.EXE C:\PROGRA~1\Adobe\ADOBEP~1\ALIENS~1\EYECAN~1\INSTALL.LOG
Alien Skin Xenofex 2.0-->C:\PROGRA~1\Adobe\ADOBEP~1\MODULE~1\XENOFE~1\UNWISE.EXE C:\PROGRA~1\Adobe\ADOBEP~1\MODULE~1\XENOFE~1\INSTALL.LOG
Analyseur et SDK MSXML 4.0 SP2-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Apple Mobile Device Support-->MsiExec.exe /I{162B71B8-8464-4680-A086-601D555B331D}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArcSoft Magic-i 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E655FA7-355E-49CB-B742-9508B8AA5C8B}\Setup.exe" -l0x40c
ArcSoft VideoImpression 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{244E21B9-164C-4EC1-AED8-9BD64161E66D}\Setup.exe" -l0x40c
ArcSoft WebCam Companion 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7814358B-1284-4305-AE5A-6667DBDF4771}\Setup.exe" -l0x40c
Assistant Avery 3.1-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{EB7A2041-6A16-4BAC-8079-43B985673C2C}
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
ATCsimulator2 by AEROSOFT Corporation-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\ATCsimulator2\ST6UNST.LOG"
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
AVG Anti-Rootkit Free-->C:\Program Files\GRISOFT\AVG Anti-Rootkit Free\Uninstall.exe
AVS Update Manager 1.0-->"C:\Program Files\AVS4YOU\AVSUpdateManger\unins000.exe"
AVS Video Converter 6-->"C:\Program Files\AVS4YOU\AVSVideoConverter6\unins000.exe"
AVS4YOU Software Navigator 1.3-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
Azureus-->C:\Program Files\Azureus\Uninstall.exe
Barre d'outils Outlook de Windows Live (Windows Live Toolbar)-->MsiExec.exe /X{6E15BEDF-7EB5-4010-998E-B430DB4EFE45}
Bloqueur de fenêtres pop-up (Windows Live Toolbar)-->MsiExec.exe /X{A425C250-A0E1-4D78-B1C1-A5CBC7385E7C}
Boeing B757-300 Lufthansa "Design Concept 2008"-->C:\Program Files\Microsoft Games\Flight Simulator 9\LH-757-Design2008-uninstall.exe
Bonfire Studio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{023C3C20-4625-11D0-86A0-00C0F003261B}\setup.exe"
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Broadcom Gigabit Integrated Controller-->MsiExec.exe /X{B7F54262-AB66-44B3-88BF-9FC69941B643}
Capture NX-->C:\Program Files\Nikon\Capture NX\uninstall.exe
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Comptes Bancaires 5.6-->"C:\Comptes\unins000.exe"
Corel Paint Shop Pro Photo XI-->MsiExec.exe /I{93A1B09E-BAFA-4628-A5B6-921CB026955A}
Corel Snapfire Plus-->MsiExec.exe /I{7ADE3A47-B425-45E9-8FF6-11BE2B775645}
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
CRJ Experience-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal.exe
CRJ New Generation-->C:\Program Files\Microsoft Games\Flight Simulator 9\crjng_uninstal.exe
CYUL v1.1.1 for FS9-->MsiExec.exe /X{4C9C5A71-3C7B-422D-B98D-4722CD1FE8B1}
DATA BECKER Ju 52 MFS Add-on-->"C:\Program Files\DATA BECKER\Ju 52 MFS Add-on\unins000.exe"
dBpoweramp FLAC Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp FLAC Codec.dat
dBpoweramp Music Converter-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.dat
Dell AIO Printer 946-->C:\Program Files\Dell AIO Printer 946\Install\x86\Uninst.exe
Dell CinePlayer-->MsiExec.exe /I{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}
Dell Fax PC-->C:\Program Files\Dell Fax Solutions\Install\x86\Uninst.exe /R:faxunst
Dell Support 3.2.1-->MsiExec.exe /X{CEE2252C-4035-4B27-8EC6-0B085DD3A413}
Denver-->C:\megaCITY\megaCITY-DEN\unins000.exe
Digimarc MyPictureMarc Watermarking Plugin-->C:\PROGRA~1\Digimarc\MYPICT~1\UNWISE.EXE C:\PROGRA~1\Digimarc\MYPICT~1\INSTALL.LOG
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
EAX4 Unified Redist-->MsiExec.exe /X{89661B04-C646-4412-B6D3-5E19F02F1F37}
EPSON CardMonitor-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{109D28C7-FB38-483A-9C91-001CB59E2699}\SETUP.EXE" -l0x40c uninst
EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON PhotoQuicker3.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65F5B7AF-3363-11D7-BB6B-00018021113F}\SETUP.EXE" -l0x40c uninst
EPSON PhotoStarter3.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C48817E7-AA05-4151-A99D-1E1E550CE801}\SETUP.EXE" -l0x40c uninst
EPSON PRINT Image Framer Tool2.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23B59ED4-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x40c anything
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
Flight Environment-->C:\WINDOWS\iun6002.exe "C:\Program Files\Microsoft Games\Flight Simulator 9\FSWater_10.ini"
FlightMediterranee BasePack-->C:\Program Files\Microsoft Games\Flight Simulator 9\uninstal_fmbp.exe
FlightZone 02: Portland-->C:\Program Files\Microsoft Games\Flight Simulator 9\FSFZone02_uninst.exe
FM Modifier 2.25-->MsiExec.exe /I{AE86AE81-CD7F-496F-A39F-0210C985E71B}
FMRTE-->MsiExec.exe /I{BD10681F-2764-4600-885C-62F658BB3D3F}
Football Manager 2009-->"C:\Program Files\Sports Interactive\Football Manager 2009\Uninstall_Football Manager 2009\Uninstall Football Manager 2009.exe"
FPtoFMC 1.0.15-->"C:\Program Files\FPtoFMC\unins000.exe"
Free - Kit de connexion-->C:\Program Files\Free.fr\uninstall.exe
FS Aircraft Shutdown-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\FS Aircraft Shutdown\ST6UNST.LOG"
FS Quality - Capetown Intl - DF Malan FACT 2004-->C:\Program Files\Microsoft Games\Flight Simulator 9\UnInstall_12345.exe
FSBuild 2-->C:\Program Files\FSBuild\UnInstall_19636.exe
FSD Cheyenne LS 400-->C:\PROGRAM FILES\MICROSOFT GAMES\FLIGHT SIMULATOR 9\C400x.exe
FSDat version 2.56-->"C:\Program Files\HSSoftware\unins000.exe"
FSDreamTeam Ohare9 1.1-->"C:\Program Files\Microsoft Games\Flight Simulator 9\unins001.exe"
FSDreamTeam Zurich9 1.3-->"C:\Program Files\Microsoft Games\Flight Simulator 9\unins000.exe"
FSNavigator-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2F76FF6D-B992-4FD9-8686-F09F868B2C58}\Setup.exe" -l0x9
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
Grenoble-Isere-->"C:\Program Files\Microsoft Games\Flight Simulator 9\FSAddon\Grenoble-Isere\UninsHs.exe" /u1=Grenoble-Isere FS9
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Internet Access-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{75AECBC5-B17D-424B-B847-D7B72B6CB97C}\setup.exe" -l0x40c
iTunes-->MsiExec.exe /I{C26B06A9-27BB-45B0-9873-9C623EC2BA38}
IvAc v1.1.12 (b183)-->"C:\Program Files\IVAO\IvAc\unins000.exe"
IvAe v1.0.2 (b311)-->"C:\Program Files\IVAO\IvAe\unins000.exe"
IvAi v0.3.2-->"C:\Program Files\IVAO\IvAi\unins000.exe"
IvAp v1.3.8 (b2150)-->"C:\Program Files\IVAO\IvAp\unins000.exe"
J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Jasc Paint Shop Photo Album 5-->MsiExec.exe /I{4192EAC0-6B36-4723-B216-D0E86E7757AC}
Jasc Paint Shop Pro Studio, Dell Editon-->MsiExec.exe /I{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}
Java 2 Runtime Environment, SE v1.4.2_17-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142170}
Java 2 SDK, SE v1.4.2_17-->MsiExec.exe /I{35A3A4F4-B792-11D6-A78A-00B0D0142170}
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
JeppTerrain-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7D28A0F2-349E-11D3-A90C-0090270E86DC}\setup.exe" -uninst
JeppView / JeppView FliteDeck-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6E0D150E-E486-4D20-BB7F-E091032C34D9}\setup.exe" -l0x9 AnyText
Just Flight C-130 Hercules v1.00-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C94BBD66-ACC9-41F9-85E7-4C046397BF58}\setup.exe" -l0x40c
Kaspersky Online Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
KATL Atlanta-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstall KATL.exe
KDEN Denver-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstall KDEN.exe
KDTW Detroit-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstall KDTW.exe
KEWR Newark-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstall KEWR.exe
KIND v1.1.1 2009 for FS9-->MsiExec.exe /I{CBA7F867-DB37-4C94-9F49-C5466C56F4B0}
KIND v1.1.1 for FS9-->MsiExec.exe /I{50AE42F5-82B0-4648-B49D-F1C39701D7EF}
KLGA La Guardia-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstall KLGA.exe
KMSP v1.1.1 for FS2004-->MsiExec.exe /I{98297A57-368B-4FC3-A236-5BDEBB0C3702}
KMSY New Orleans-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstall KMSY.exe
KSDF v1.1.1 for FS9-->MsiExec.exe /I{4C0B08ED-5FD2-48EB-8700-0763198FE699}
LA AURORA VIRTUAL for FS2004-->C:\Program Files\Microsoft Games\Flight simulator 9\Uninstal.exe
La Baie du Mont-St-Michel-->C:\Program Files\Microsoft Games\Flight Simulator 9\uninstal_montstmichel.exe
La Guadeloupe-->C:\Program Files\Microsoft Games\Flight Simulator 9\uninstal_guadeloupe.exe
La Réunion-->C:\Program Files\Microsoft Games\Flight Simulator 9\uninstal_reunion.exe
Labtec Mouse Software 3.0-->C:\Program Files\Labtec\Mouse\V3.0\uninst00.exe
Lame ACM MP3 Codec-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\WINDOWS\INF\LameACM.inf
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Lernout & Hauspie TruVoice American English TTS Engine-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\tv_enua.inf, Uninstall
Logbook Pro 1.10.3x-->MsiExec.exe /X{6E6E7A7C-51F4-4C53-8485-1B085B4CA9AE}
Logbook Pro for Windows-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{5BCB8AF9-C74D-42CA-B194-705B083DF242}
MagicMask-->C:\WINDOWS\uninst.exe -f"c:\program files\adobe\adobe photoshop cs2\modules externes\ChromaGraphics\DeIsL1.isu"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
McAfee SecurityCenter-->C:\Program Files\McAfee\MSC\mcuninst.exe
MCU-->MsiExec.exe /I{D2988E9B-C73F-422C-AD4B-A66EBE257120}
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Flight Simulator X: Acceleration-->C:\WINDOWS\system32\msiexec.exe /qb /l*vx "%TEMP%\FlightSimUninstall.log" /uninstall {A9729B90-D37B-4A69-B66A-7436AC1F7274}
Microsoft Flight Simulator X: Acceleration-->MsiExec.exe /I{A9729B90-D37B-4A69-B66A-7436AC1F7274}
Microsoft Flight Simulator X-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{9527A496-5DF9-412A-ADC7-168BA5379CA6}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Speech Recognition Engine 4.0 (English)-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mscsrgpc.inf, Uninstall.NT
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.0.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MTL v3.0.3-->"C:\Program Files\IVAO\IvAp\unins001.exe"
muvee autoProducer 6.1-->C:\Program Files\InstallShield Installation Information\{7B312BFD-6C04-4409-AB6F-DD41CCD67463}\setup.exe -runfromtemp -l0x040c -removeonly
muvee Chinese New Year stylePack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{30DD1AA5-7308-4C20-AC4E-64E22E60E977}\Setup.exe" -l0x40c
muvee Christmas stylePack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{231FB9C0-4ABF-439E-8D24-C006D2252360}\Setup.exe" -l0x40c
muvee coolStyles 1 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{92518780-C904-409C-B674-528822FEA6E2}\Setup.exe" -l0x40c
muvee coolStyles 2 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AFB057E3-03AF-420D-9E85-F846739CE211}\Setup.exe" -l0x40c
muvee corePack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1B0BD0D6-D7D1-4D49-9815-5A85081ECC45}\Setup.exe" -l0x40c
muvee efx stylePack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{05F6E091-D014-41AA-AC4F-E3F7AECA9F3D}\Setup.exe" -l0x9
muvee Halloween stylePack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BB66B899-A0E2-48F3-856B-D6053ECF03E0}\Setup.exe" -l0x40c
muvee Keep It All stylePack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C2912FA4-7263-4F0E-831F-0BF0160CFA28}\Setup.exe" -l0x40c
muvee Kids stylePack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{886EA322-81B7-4DB8-BA8E-5300243A3CFD}\Setup.exe" -l0x40c
muvee photoMemories stylePack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2C14545B-8EE2-4994-B0C0-07A666DB37B9}\Setup.exe" -l0x40c
muvee Pro Modern stylePack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A1686DD-E593-4556-8BD1-426A3F28A263}\Setup.exe" -l0x40c
muvee Soccer stylePack -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4314E111-3621-4613-BD2B-0736DA8EFAA9}\Setup.exe" -l0x9
muvee Vacation stylePack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B161ECA6-72D1-4A52-AF38-595294D02783}\Setup.exe" -l0x9
muvee Valentine stylePack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A03087D3-3E28-4FCE-9799-59A314AC95E2}\Setup.exe" -l0x40c
muvee Wedding stylePack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1280C463-4130-422D-9D66-4E1F669DAB02}\Setup.exe" -l0x40c
Navigraph nDAC 3-->MsiExec.exe /X{304A07DC-4B92-49C6-BC06-DDB8044E91C1}
Navilog1 3.7.6-->"C:\Program Files\Navilog1\unins000.exe"
Nero 7 Premium-->MsiExec.exe /I{B123EBD8-89B7-4834-B06D-F758815E1036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
nik Color Efex Pro 2.0 Complete-->C:\WINDOWS\unvise32.exe C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\nik Color Efex Pro 2.0 Complete\uninstal.log
nik ColorEfexPro -->C:\WINDOWS\unvise32.exe C:\PROGRAM FILES\ADOBE\ADOBE PHOTOSHOP CS2\MODULES EXTERNES\uninstal.log
nik ColorEfexPro 2.0-->C:\WINDOWS\unvise32.exe C:\Program Files\Fichiers communs\Nikon\Filters\nik ColorEfexPro 2.0\uninstal.log
Nikon FotoShare-->C:\Program Files\Nikon\FotoShare\Uninstal.exe C:\PROGRA~1\Nikon\FOTOSH~1\INSTALL.LOG
Nikon Message Center-->MsiExec.exe /X{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
NVIDIA PhysX v8.04.25-->MsiExec.exe /X{74224F8D-4A17-4816-9EDB-7BB854DE532C}
OneCare Advisor (Windows Live Toolbar)-->MsiExec.exe /X{6D7F8D4B-D1A4-402A-973E-31E90940E585}
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
OpenMG Limited Patch 4.7-07-14-05-01-->C:\Program Files\Fichiers communs\Sony Shared\OpenMG\HotFixes\HotFix4.7-07-14-05-01\HotFixSetup\setup.exe /u
OpenMG Secure Module 4.7.00-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{CCD663AE-610D-4BDF-AAB0-E914B044527D} UNINSTALL
OpenOffice.org Installer 1.0-->MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Oxemis Video Library-->MsiExec.exe /X{BEA7AB47-1FDF-4348-BDBB-758D05FF74AA}
Personal Ancestral File 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D94A8E22-DF2B-4107-9E51-608A60A7671D}\Setup.exe"
Picture Control Utility-->MsiExec.exe /X{87441A59-5E64-4096-A170-14EFE67200C3}
PIF DESIGNER2.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7BD0A2D8-4EA0-43C6-BDF8-DDA87B8031C6}\SETUP.EXE" -l0x40c anything
Pilotes privés 2 pour FS2004-->MsiExec.exe /I{898EFD46-9162-43F7-BE9F-32260B7047D4}
Pilotes régionaux pour FS2004-->MsiExec.exe /X{4A4D0F20-E8C4-4D49-8153-FBEEEA685286}
PM Guide de référence-->C:\Program Files\EPSON\TPMANUAL\PM\REF_G\DOCUNINS.EXE
PM Guide des logiciels-->C:\Program Files\EPSON\TPMANUAL\PM\PQU_G\DOCUNINS.EXE
Print to Fax-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5BF2B19D-9C79-492A-8969-F059F06A627F}\setup.exe" -l0x40c ControlPanel
Programme de désinstallation de McAfee-->C:\PROGRA~1\McAfee.com\Shared\mcappins.exe /v=3 /uninstall=1 /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\comrem.dll::uninstall.htm
PSS Boeing 777 Multipack-->C:\WINDOWS\iun6002.exe "C:\Program Files\Microsoft Games\Flight Simulator 9\pss777_irunin.ini"
PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Radar v2.0 for FS2004-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal_Radar.exe
Radio Media Player-->C:\Program Files\Windows Media Player\Plugins\Radios Media Player\uninst.exe
Ready for Pushback V2_10 Full Version-->C:\Program Files\Microsoft Games\Flight Simulator 9\RFP_V2_Upgrade_Unistaller.exe
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Rennes St-Jacques-->C:\Program Files\Microsoft Games\Flight Simulator 9\uninstall_rennes.exe
Roxio DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Roxio MyDVD LE-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Roxio RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Roxio RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Roxio RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
SAGEM F@st 800-908-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\Setup.exe" -l0x40c
SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
SAMSUNG PC Studio 2.0.9-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /M{D48C9BFC-FBCF-4F29-B97D-822ED6D497FE}
SearchAssist-->C:\DELL\SearchAssist\UninstSA.bat
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Security Update for Visio 2007 (KB947590)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
SigmaTel Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x40c -remove -removeonly
Silent Hunter 4 Wolves of the Pacific-->C:\Program Files\InstallShield Installation Information\{0D005F09-A5F4-473B-A901-5735C6AF5628}\setup.exe -runfromtemp -l0x040c -removeonly
SimCharts 3.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{61812F6F-0705-4B20-B914-32C1E3C155C7}\Setup.exe" -l0x9
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SLD Codec Pack-->C:\Program Files\SLD Codec Pack\uninstall.exe
Sonic Activation Module-->MsiExec.exe /I{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}
Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
SonicStage 4.3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A0EB195B-5876-48E6-879D-33D4B2102610}\setup.exe" -l0x40c UNINSTALL -removeonly
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SpyHunter-->"C:\Program Files\Enigma Software Group\SpyHunter\Uninstall.exe" "C:\Program Files\Enigma Software Group\SpyHunter\install.log" -u
Spyware Doctor 6.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG
SubDownloader2-->"C:\Program Files\SubDownloader2\uninstall.exe"
SubSync-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\SubSync\ST6UNST.LOG"
TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
TJSJ San Juan-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstall TJSJ.exe
Tom Clancy's Splinter Cell Double Agent-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAD1691A-FA24-4B95-9009-3257B8440ECC}\setup.exe" -l0x40c -removeonly
TomTom HOME 2.5.2.60-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
TuneVNAV Pro-->"C:\WINDOWS\TuneVNAV Pro\uninstall.exe" "/U:C:\Program Files\TuneVNAV Pro\Uninstall\uninstall.xml"
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb962871)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {297857BF-4011-449B-BD74-DB64D182821C}
URL Assistant-->regsvr32 /u /s "C:\Program Files\BAE\BAE.dll"
UseNeXT-->"C:\Program Files\UseNeXT\unins002.exe"
Vancouver+-->C:\Program Files\InstallShield Installation Information\{2DA3BD92-EEB7-43C8-8E5C-629BCBC0A0EE}\setup.exe -runfromtemp -l0x0009 -removeonly
VC_MergeModuleToMSI-->MsiExec.exe /I{900A92BA-19EF-4A34-86CF-7B6C85BDD971}
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VideoLAN VLC media player 0.8.6b-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VobSub v2.23 (Remove Only)-->"C:\Program Files\Gabest\VobSub\uninstall.exe"
Vuze-->C:\Program Files\Azureus\uninstall.exe
Webcam 1200-->C:\Program Files\InstallShield Installation Information\{66D475AE-F18B-43A0-8BAF-61AF4403E339}\setup.exe -runfromtemp -l0x040c -removeonly
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Desktop Search 3.01-->"C:\WINDOWS\$NtUninstallKB917013$\spuninst\spuninst.exe"
Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Live Toolbar-->"C:\Program Files\Windows Live Toolbar\UnInstall.exe" {0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
Windows Live Toolbar-->MsiExec.exe /X{0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
World Clearance Generator V3.1.18-->"C:\Program Files\WCG\unins000.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
X-treme King Air B200 v.2.0.1-->C:\WINDOWS\iun6002.exe "C:\Program Files\Microsoft Games\Flight Simulator 9\Aeroworx\B200\irunin.ini"
Xvid 1.1.2 final uninstall-->"C:\Program Files\Xvid\unins000.exe"
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
======Hosts File======
127.0.0.1 localhost
10.10.10.10 sams.nikonimaging.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
======Security center information======
AV: McAfee VirusScan (disabled)
FW: McAfee Personal Firewall (disabled)
======System event log======
Computer Name: DHKZMT2J
Event Code: 7
Message: Le périphérique \Device\CdRom0 comporte un bloc défectueux.
Record Number: 50505
Source Name: Cdrom
Time Written: 20090319170906.000000+060
Event Type: erreur
User:
Computer Name: DHKZMT2J
Event Code: 7
Message: Le périphérique \Device\CdRom0 comporte un bloc défectueux.
Record Number: 50504
Source Name: Cdrom
Time Written: 20090319170902.000000+060
Event Type: erreur
User:
Computer Name: DHKZMT2J
Event Code: 7
Message: Le périphérique \Device\CdRom0 comporte un bloc défectueux.
Record Number: 50503
Source Name: Cdrom
Time Written: 20090319170859.000000+060
Event Type: erreur
User:
Computer Name: DHKZMT2J
Event Code: 7
Message: Le périphérique \Device\CdRom0 comporte un bloc défectueux.
Record Number: 50502
Source Name: Cdrom
Time Written: 20090319170855.000000+060
Event Type: erreur
User:
Computer Name: DHKZMT2J
Event Code: 7
Message: Le périphérique \Device\CdRom0 comporte un bloc défectueux.
Record Number: 50501
Source Name: Cdrom
Time Written: 20090319170852.000000+060
Event Type: erreur
User:
=====Application event log=====
Computer Name: DHKZMT2J
Event Code: 1002
Message: Erreur d’analyse du schéma de propriété « C:\WINDOWS\system32\PROPSYS.dll,WindowsPropertyDescriptions » : liste de types énumérés non valide pour la propriété « System.Photo.GainControl ».
Record Number: 9727
Source Name: Microsoft-Windows-propsys
Time Written: 20081219025656.000000+060
Event Type: Informations
User:
Computer Name: DHKZMT2J
Event Code: 1005
Message: Propriété non valide omise du schéma « C:\WINDOWS\system32\PROPSYS.dll,WindowsPropertyDescriptions » : « System.Photo.GainControl » (fmtid=« {FA304789-00C7-4D80-904A-1E4DCC7265AA} » pid=« 100 ») Éditeur : « Microsoft » Produit : « Windows » URL : « »
Record Number: 9726
Source Name: Microsoft-Windows-propsys
Time Written: 20081219025420.000000+060
Event Type: Informations
User:
Computer Name: DHKZMT2J
Event Code: 1002
Message: Erreur d’analyse du schéma de propriété « C:\WINDOWS\system32\PROPSYS.dll,WindowsPropertyDescriptions » : liste de types énumérés non valide pour la propriété « System.Photo.GainControl ».
Record Number: 9725
Source Name: Microsoft-Windows-propsys
Time Written: 20081219025420.000000+060
Event Type: Informations
User:
Computer Name: DHKZMT2J
Event Code: 1005
Message: Propriété non valide omise du schéma « C:\WINDOWS\system32\PROPSYS.dll,WindowsPropertyDescriptions » : « System.Photo.GainControl » (fmtid=« {FA304789-00C7-4D80-904A-1E4DCC7265AA} » pid=« 100 ») Éditeur : « Microsoft » Produit : « Windows » URL : « »
Record Number: 9724
Source Name: Microsoft-Windows-propsys
Time Written: 20081219025316.000000+060
Event Type: Informations
User:
Computer Name: DHKZMT2J
Event Code: 1002
Message: Erreur d’analyse du schéma de propriété « C:\WINDOWS\system32\PROPSYS.dll,WindowsPropertyDescriptions » : liste de types énumérés non valide pour la propriété « System.Photo.GainControl ».
Record Number: 9723
Source Name: Microsoft-Windows-propsys
Time Written: 20081219025316.000000+060
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\Roxio Shared\DLLShared\;C:\Program Files\Fichiers communs\Adobe\AGL;C:\Program Files\Samsung\Samsung PC Studio 3\;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=C:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2009-04-09 16:14:11
======Uninstall list======
Flight One Software Meridian 2004-->C:\WINDOWS\iun6002.exe "C:\Program Files\Microsoft Games\Flight Simulator 9\Merid.ini"
-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->Dummy
-->MsiExec /X{74224F8D-4A17-4816-9EDB-7BB854DE532C}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
737 Pilot in Command - 400/500 Upgrade-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal_737PIC.exe
737-300 Pilot in Command-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal_737-300PIC.exe
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /X{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
AC3Filter (remove only)-->C:\Program Files\AC3Filter\uninstall.exe
ActiveSky Version 6.5 and ActiveSky Graphics-->MsiExec.exe /X{0F0D371F-C111-4279-963A-04139A5E49DB}
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000101}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D}
Adobe Reader 8.1.4 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-0C40-4930-9AFE-113BCE553101}
adsl TV-->C:\Program Files\adslTV\Uninstal.exe
aerosoft's - aerosoft's Ibiza and Formentera - FS2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A6054E11-9CD7-4F04-92B2-1F7D3BA58C72}\Setup.exe" -uninst
aerosoft's - AES-Base&&AirportPack - FS2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{20A96613-3802-436C-842E-653C62FABA0D}\Setup.exe" -uninst
aerosoft's - Brussels 2007-->C:\Program Files\InstallShield Installation Information\{D4FB2856-E6EB-4864-A241-4587ED21A11B}\setup.exe -runfromtemp -l0x0009 -uninst -removeonly
aerosoft's - Budapest 2007 - FS2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0976C02C-0F73-447D-9657-5318C0C45A05}\Setup.exe" -uninst
aerosoft's - CanaryIslands 3.2 Update - FS2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2B0000B7-89C7-49FD-B9CC-139CA2456822}\Setup.exe" -uninst
aerosoft's - FDC Live Cockpit-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{126B6545-C321-4C22-A8C1-F59065A5E344}\Setup.exe" -uninst
aerosoft's - German Airports 2 - Cologne-Bonn - FS2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{46464A5D-7D14-41E3-9C26-E3C186F37D84}\Setup.exe" -uninst
aerosoft's - German Airports 2 - Dortmund-->C:\Program Files\InstallShield Installation Information\{3ABDFABB-FA48-4BCA-9ECC-3EFC1E5143D2}\setup.exe -runfromtemp -l0x0009 -uninst -removeonly
aerosoft's - German Airports 2 - Hannover - FS2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A9B9F552-FE23-40A5-9763-E61BA9A3E026}\Setup.exe" -uninst
aerosoft's - German Airports 2 - Leipzig - FS2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{705F27B3-5B35-4EC4-A258-BF16D83BE22B}\Setup.exe" -uninst
aerosoft's - German Airports 3 - Hamburg-->C:\Program Files\InstallShield Installation Information\{D234EAC0-7D49-492F-97EC-8FA09FD7C1C4}\setup.exe -runfromtemp -l0x0009 -removeonly
aerosoft's - German Airports 4 - FS2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{674D3526-6B4F-468A-9802-1130A39B1562}\Setup.exe" -uninst
aerosoft's - Lissabon 2008-->C:\Program Files\InstallShield Installation Information\{4C4494AC-E3E4-4675-8973-1B6403429C02}\setup.exe -runfromtemp -l0x0009 -uninst -removeonly
aerosoft's - London Heathrow 2008-->C:\Program Files\InstallShield Installation Information\{C0A6901F-C919-47A3-A4D9-E2056314086B}\setup.exe -runfromtemp -l0x0009 -uninst -removeonly
aerosoft's - Madrid 2008-->C:\Program Files\InstallShield Installation Information\{0FC39141-1BB8-4C29-9D74-A6710131B74F}\setup.exe -runfromtemp -l0x0009 -uninst -removeonly
aerosoft's - Manhattan - FS2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D0E5A0A5-9C8C-4389-893E-B9ED05AE98E0}\Setup.exe" -uninst
aerosoft's - Marseille2005 - FS2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0F5CECC1-FA4F-4DC9-A591-D3D46AE8C981}\Setup.exe" -uninst
aerosoft's - Mega Airport Frankfurt - FS2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D4E22434-1BCE-4C91-A1E4-FC352DFD4B3B}\Setup.exe" -uninst
aerosoft's - Mega Airport Paris CDG-->C:\Program Files\InstallShield Installation Information\{51D199F4-5593-4BC9-B2A5-BB1CDE0C894A}\setup.exe -runfromtemp -l0x0009 -removeonly
aerosoft's - Mega Airport Stockholm Arlanda-->C:\Program Files\InstallShield Installation Information\{D86B6E8D-F224-4BB6-B959-C8EDC5300B5D}\setup.exe -runfromtemp -l0x0009 -removeonly
aerosoft's - New Spanish Airports - FS2004-->"C:\Program Files\Microsoft Games\Flight Simulator 9\aerosoft\Uninstall.exe" "uninstall_NewSpanishAirports.ini" "C:\Program Files\Microsoft Games\Flight Simulator 9"
aerosoft's - Real Germany 1 - FS2004-->"C:\Program Files\Microsoft Games\Flight Simulator 9\aerosoft\Uninstall.exe" "uninstall_RG1.ini" "C:\Program Files\Microsoft Games\Flight Simulator 9"
aerosoft's - Real Germany 3 Update 1.2 - FS2004-->"C:\Program Files\Microsoft Games\Flight Simulator 9\aerosoft\Uninstall.exe" "uninstall_RG3.ini" "C:\Program Files\Microsoft Games\Flight Simulator 9"
aerosoft's - Scenery Germany - Bremen-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{19590C2B-8710-4DEB-BEC9-75491179BE7D}\Setup.exe" -uninst
aerosoft's - Spanish Airports 2 - FS2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{994B62F0-5F8F-4D5C-BAC6-754CCFD03766}\Setup.exe" -uninst
AFSD version 3.12-->"C:\Program Files\AFSD\unins000.exe"
Airbus Series Vol.1 Deluxe (FS2004)-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal_Airbus1_wilco.exe
AirNav Live Flight Tracker 6-->MsiExec.exe /I{19B11AFF-3AE3-448C-8A69-AEC463EDBB41}
AirNav Suite-->C:\WINDOWS\uninst.exe -f"C:\Program Files\AirNav Systems\AirNav Suite 4\DeIsL1.isu" -c"C:\Program Files\AirNav Systems\AirNav Suite 4\_ISREG32.DLL"
Alien Skin Eye Candy 5 Nature-->C:\PROGRA~1\Adobe\ADOBEP~1\MODULE~1\ALIENS~1\EYECAN~1\UNWISE.EXE C:\PROGRA~1\Adobe\ADOBEP~1\MODULE~1\ALIENS~1\EYECAN~1\INSTALL.LOG
Alien Skin Eye Candy 5 Textures-->C:\PROGRA~1\Adobe\ADOBEP~1\ALIENS~1\EYECAN~1\UNWISE.EXE C:\PROGRA~1\Adobe\ADOBEP~1\ALIENS~1\EYECAN~1\INSTALL.LOG
Alien Skin Xenofex 2.0-->C:\PROGRA~1\Adobe\ADOBEP~1\MODULE~1\XENOFE~1\UNWISE.EXE C:\PROGRA~1\Adobe\ADOBEP~1\MODULE~1\XENOFE~1\INSTALL.LOG
Analyseur et SDK MSXML 4.0 SP2-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Apple Mobile Device Support-->MsiExec.exe /I{162B71B8-8464-4680-A086-601D555B331D}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArcSoft Magic-i 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E655FA7-355E-49CB-B742-9508B8AA5C8B}\Setup.exe" -l0x40c
ArcSoft VideoImpression 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{244E21B9-164C-4EC1-AED8-9BD64161E66D}\Setup.exe" -l0x40c
ArcSoft WebCam Companion 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7814358B-1284-4305-AE5A-6667DBDF4771}\Setup.exe" -l0x40c
Assistant Avery 3.1-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{EB7A2041-6A16-4BAC-8079-43B985673C2C}
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
ATCsimulator2 by AEROSOFT Corporation-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\ATCsimulator2\ST6UNST.LOG"
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
AVG Anti-Rootkit Free-->C:\Program Files\GRISOFT\AVG Anti-Rootkit Free\Uninstall.exe
AVS Update Manager 1.0-->"C:\Program Files\AVS4YOU\AVSUpdateManger\unins000.exe"
AVS Video Converter 6-->"C:\Program Files\AVS4YOU\AVSVideoConverter6\unins000.exe"
AVS4YOU Software Navigator 1.3-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
Azureus-->C:\Program Files\Azureus\Uninstall.exe
Barre d'outils Outlook de Windows Live (Windows Live Toolbar)-->MsiExec.exe /X{6E15BEDF-7EB5-4010-998E-B430DB4EFE45}
Bloqueur de fenêtres pop-up (Windows Live Toolbar)-->MsiExec.exe /X{A425C250-A0E1-4D78-B1C1-A5CBC7385E7C}
Boeing B757-300 Lufthansa "Design Concept 2008"-->C:\Program Files\Microsoft Games\Flight Simulator 9\LH-757-Design2008-uninstall.exe
Bonfire Studio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{023C3C20-4625-11D0-86A0-00C0F003261B}\setup.exe"
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Broadcom Gigabit Integrated Controller-->MsiExec.exe /X{B7F54262-AB66-44B3-88BF-9FC69941B643}
Capture NX-->C:\Program Files\Nikon\Capture NX\uninstall.exe
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Comptes Bancaires 5.6-->"C:\Comptes\unins000.exe"
Corel Paint Shop Pro Photo XI-->MsiExec.exe /I{93A1B09E-BAFA-4628-A5B6-921CB026955A}
Corel Snapfire Plus-->MsiExec.exe /I{7ADE3A47-B425-45E9-8FF6-11BE2B775645}
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
CRJ Experience-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal.exe
CRJ New Generation-->C:\Program Files\Microsoft Games\Flight Simulator 9\crjng_uninstal.exe
CYUL v1.1.1 for FS9-->MsiExec.exe /X{4C9C5A71-3C7B-422D-B98D-4722CD1FE8B1}
DATA BECKER Ju 52 MFS Add-on-->"C:\Program Files\DATA BECKER\Ju 52 MFS Add-on\unins000.exe"
dBpoweramp FLAC Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp FLAC Codec.dat
dBpoweramp Music Converter-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.dat
Dell AIO Printer 946-->C:\Program Files\Dell AIO Printer 946\Install\x86\Uninst.exe
Dell CinePlayer-->MsiExec.exe /I{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}
Dell Fax PC-->C:\Program Files\Dell Fax Solutions\Install\x86\Uninst.exe /R:faxunst
Dell Support 3.2.1-->MsiExec.exe /X{CEE2252C-4035-4B27-8EC6-0B085DD3A413}
Denver-->C:\megaCITY\megaCITY-DEN\unins000.exe
Digimarc MyPictureMarc Watermarking Plugin-->C:\PROGRA~1\Digimarc\MYPICT~1\UNWISE.EXE C:\PROGRA~1\Digimarc\MYPICT~1\INSTALL.LOG
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
EAX4 Unified Redist-->MsiExec.exe /X{89661B04-C646-4412-B6D3-5E19F02F1F37}
EPSON CardMonitor-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{109D28C7-FB38-483A-9C91-001CB59E2699}\SETUP.EXE" -l0x40c uninst
EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON PhotoQuicker3.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65F5B7AF-3363-11D7-BB6B-00018021113F}\SETUP.EXE" -l0x40c uninst
EPSON PhotoStarter3.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C48817E7-AA05-4151-A99D-1E1E550CE801}\SETUP.EXE" -l0x40c uninst
EPSON PRINT Image Framer Tool2.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23B59ED4-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x40c anything
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
Flight Environment-->C:\WINDOWS\iun6002.exe "C:\Program Files\Microsoft Games\Flight Simulator 9\FSWater_10.ini"
FlightMediterranee BasePack-->C:\Program Files\Microsoft Games\Flight Simulator 9\uninstal_fmbp.exe
FlightZone 02: Portland-->C:\Program Files\Microsoft Games\Flight Simulator 9\FSFZone02_uninst.exe
FM Modifier 2.25-->MsiExec.exe /I{AE86AE81-CD7F-496F-A39F-0210C985E71B}
FMRTE-->MsiExec.exe /I{BD10681F-2764-4600-885C-62F658BB3D3F}
Football Manager 2009-->"C:\Program Files\Sports Interactive\Football Manager 2009\Uninstall_Football Manager 2009\Uninstall Football Manager 2009.exe"
FPtoFMC 1.0.15-->"C:\Program Files\FPtoFMC\unins000.exe"
Free - Kit de connexion-->C:\Program Files\Free.fr\uninstall.exe
FS Aircraft Shutdown-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\FS Aircraft Shutdown\ST6UNST.LOG"
FS Quality - Capetown Intl - DF Malan FACT 2004-->C:\Program Files\Microsoft Games\Flight Simulator 9\UnInstall_12345.exe
FSBuild 2-->C:\Program Files\FSBuild\UnInstall_19636.exe
FSD Cheyenne LS 400-->C:\PROGRAM FILES\MICROSOFT GAMES\FLIGHT SIMULATOR 9\C400x.exe
FSDat version 2.56-->"C:\Program Files\HSSoftware\unins000.exe"
FSDreamTeam Ohare9 1.1-->"C:\Program Files\Microsoft Games\Flight Simulator 9\unins001.exe"
FSDreamTeam Zurich9 1.3-->"C:\Program Files\Microsoft Games\Flight Simulator 9\unins000.exe"
FSNavigator-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2F76FF6D-B992-4FD9-8686-F09F868B2C58}\Setup.exe" -l0x9
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
Grenoble-Isere-->"C:\Program Files\Microsoft Games\Flight Simulator 9\FSAddon\Grenoble-Isere\UninsHs.exe" /u1=Grenoble-Isere FS9
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Internet Access-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{75AECBC5-B17D-424B-B847-D7B72B6CB97C}\setup.exe" -l0x40c
iTunes-->MsiExec.exe /I{C26B06A9-27BB-45B0-9873-9C623EC2BA38}
IvAc v1.1.12 (b183)-->"C:\Program Files\IVAO\IvAc\unins000.exe"
IvAe v1.0.2 (b311)-->"C:\Program Files\IVAO\IvAe\unins000.exe"
IvAi v0.3.2-->"C:\Program Files\IVAO\IvAi\unins000.exe"
IvAp v1.3.8 (b2150)-->"C:\Program Files\IVAO\IvAp\unins000.exe"
J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Jasc Paint Shop Photo Album 5-->MsiExec.exe /I{4192EAC0-6B36-4723-B216-D0E86E7757AC}
Jasc Paint Shop Pro Studio, Dell Editon-->MsiExec.exe /I{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}
Java 2 Runtime Environment, SE v1.4.2_17-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142170}
Java 2 SDK, SE v1.4.2_17-->MsiExec.exe /I{35A3A4F4-B792-11D6-A78A-00B0D0142170}
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
JeppTerrain-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7D28A0F2-349E-11D3-A90C-0090270E86DC}\setup.exe" -uninst
JeppView / JeppView FliteDeck-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6E0D150E-E486-4D20-BB7F-E091032C34D9}\setup.exe" -l0x9 AnyText
Just Flight C-130 Hercules v1.00-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C94BBD66-ACC9-41F9-85E7-4C046397BF58}\setup.exe" -l0x40c
Kaspersky Online Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
KATL Atlanta-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstall KATL.exe
KDEN Denver-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstall KDEN.exe
KDTW Detroit-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstall KDTW.exe
KEWR Newark-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstall KEWR.exe
KIND v1.1.1 2009 for FS9-->MsiExec.exe /I{CBA7F867-DB37-4C94-9F49-C5466C56F4B0}
KIND v1.1.1 for FS9-->MsiExec.exe /I{50AE42F5-82B0-4648-B49D-F1C39701D7EF}
KLGA La Guardia-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstall KLGA.exe
KMSP v1.1.1 for FS2004-->MsiExec.exe /I{98297A57-368B-4FC3-A236-5BDEBB0C3702}
KMSY New Orleans-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstall KMSY.exe
KSDF v1.1.1 for FS9-->MsiExec.exe /I{4C0B08ED-5FD2-48EB-8700-0763198FE699}
LA AURORA VIRTUAL for FS2004-->C:\Program Files\Microsoft Games\Flight simulator 9\Uninstal.exe
La Baie du Mont-St-Michel-->C:\Program Files\Microsoft Games\Flight Simulator 9\uninstal_montstmichel.exe
La Guadeloupe-->C:\Program Files\Microsoft Games\Flight Simulator 9\uninstal_guadeloupe.exe
La Réunion-->C:\Program Files\Microsoft Games\Flight Simulator 9\uninstal_reunion.exe
Labtec Mouse Software 3.0-->C:\Program Files\Labtec\Mouse\V3.0\uninst00.exe
Lame ACM MP3 Codec-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\WINDOWS\INF\LameACM.inf
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Lernout & Hauspie TruVoice American English TTS Engine-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\tv_enua.inf, Uninstall
Logbook Pro 1.10.3x-->MsiExec.exe /X{6E6E7A7C-51F4-4C53-8485-1B085B4CA9AE}
Logbook Pro for Windows-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{5BCB8AF9-C74D-42CA-B194-705B083DF242}
MagicMask-->C:\WINDOWS\uninst.exe -f"c:\program files\adobe\adobe photoshop cs2\modules externes\ChromaGraphics\DeIsL1.isu"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
McAfee SecurityCenter-->C:\Program Files\McAfee\MSC\mcuninst.exe
MCU-->MsiExec.exe /I{D2988E9B-C73F-422C-AD4B-A66EBE257120}
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Flight Simulator X: Acceleration-->C:\WINDOWS\system32\msiexec.exe /qb /l*vx "%TEMP%\FlightSimUninstall.log" /uninstall {A9729B90-D37B-4A69-B66A-7436AC1F7274}
Microsoft Flight Simulator X: Acceleration-->MsiExec.exe /I{A9729B90-D37B-4A69-B66A-7436AC1F7274}
Microsoft Flight Simulator X-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{9527A496-5DF9-412A-ADC7-168BA5379CA6}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Speech Recognition Engine 4.0 (English)-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mscsrgpc.inf, Uninstall.NT
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.0.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MTL v3.0.3-->"C:\Program Files\IVAO\IvAp\unins001.exe"
muvee autoProducer 6.1-->C:\Program Files\InstallShield Installation Information\{7B312BFD-6C04-4409-AB6F-DD41CCD67463}\setup.exe -runfromtemp -l0x040c -removeonly
muvee Chinese New Year stylePack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{30DD1AA5-7308-4C20-AC4E-64E22E60E977}\Setup.exe" -l0x40c
muvee Christmas stylePack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{231FB9C0-4ABF-439E-8D24-C006D2252360}\Setup.exe" -l0x40c
muvee coolStyles 1 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{92518780-C904-409C-B674-528822FEA6E2}\Setup.exe" -l0x40c
muvee coolStyles 2 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AFB057E3-03AF-420D-9E85-F846739CE211}\Setup.exe" -l0x40c
muvee corePack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1B0BD0D6-D7D1-4D49-9815-5A85081ECC45}\Setup.exe" -l0x40c
muvee efx stylePack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{05F6E091-D014-41AA-AC4F-E3F7AECA9F3D}\Setup.exe" -l0x9
muvee Halloween stylePack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BB66B899-A0E2-48F3-856B-D6053ECF03E0}\Setup.exe" -l0x40c
muvee Keep It All stylePack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C2912FA4-7263-4F0E-831F-0BF0160CFA28}\Setup.exe" -l0x40c
muvee Kids stylePack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{886EA322-81B7-4DB8-BA8E-5300243A3CFD}\Setup.exe" -l0x40c
muvee photoMemories stylePack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2C14545B-8EE2-4994-B0C0-07A666DB37B9}\Setup.exe" -l0x40c
muvee Pro Modern stylePack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A1686DD-E593-4556-8BD1-426A3F28A263}\Setup.exe" -l0x40c
muvee Soccer stylePack -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4314E111-3621-4613-BD2B-0736DA8EFAA9}\Setup.exe" -l0x9
muvee Vacation stylePack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B161ECA6-72D1-4A52-AF38-595294D02783}\Setup.exe" -l0x9
muvee Valentine stylePack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A03087D3-3E28-4FCE-9799-59A314AC95E2}\Setup.exe" -l0x40c
muvee Wedding stylePack-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1280C463-4130-422D-9D66-4E1F669DAB02}\Setup.exe" -l0x40c
Navigraph nDAC 3-->MsiExec.exe /X{304A07DC-4B92-49C6-BC06-DDB8044E91C1}
Navilog1 3.7.6-->"C:\Program Files\Navilog1\unins000.exe"
Nero 7 Premium-->MsiExec.exe /I{B123EBD8-89B7-4834-B06D-F758815E1036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
nik Color Efex Pro 2.0 Complete-->C:\WINDOWS\unvise32.exe C:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\nik Color Efex Pro 2.0 Complete\uninstal.log
nik ColorEfexPro -->C:\WINDOWS\unvise32.exe C:\PROGRAM FILES\ADOBE\ADOBE PHOTOSHOP CS2\MODULES EXTERNES\uninstal.log
nik ColorEfexPro 2.0-->C:\WINDOWS\unvise32.exe C:\Program Files\Fichiers communs\Nikon\Filters\nik ColorEfexPro 2.0\uninstal.log
Nikon FotoShare-->C:\Program Files\Nikon\FotoShare\Uninstal.exe C:\PROGRA~1\Nikon\FOTOSH~1\INSTALL.LOG
Nikon Message Center-->MsiExec.exe /X{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
NVIDIA PhysX v8.04.25-->MsiExec.exe /X{74224F8D-4A17-4816-9EDB-7BB854DE532C}
OneCare Advisor (Windows Live Toolbar)-->MsiExec.exe /X{6D7F8D4B-D1A4-402A-973E-31E90940E585}
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
OpenMG Limited Patch 4.7-07-14-05-01-->C:\Program Files\Fichiers communs\Sony Shared\OpenMG\HotFixes\HotFix4.7-07-14-05-01\HotFixSetup\setup.exe /u
OpenMG Secure Module 4.7.00-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{CCD663AE-610D-4BDF-AAB0-E914B044527D} UNINSTALL
OpenOffice.org Installer 1.0-->MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Oxemis Video Library-->MsiExec.exe /X{BEA7AB47-1FDF-4348-BDBB-758D05FF74AA}
Personal Ancestral File 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D94A8E22-DF2B-4107-9E51-608A60A7671D}\Setup.exe"
Picture Control Utility-->MsiExec.exe /X{87441A59-5E64-4096-A170-14EFE67200C3}
PIF DESIGNER2.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7BD0A2D8-4EA0-43C6-BDF8-DDA87B8031C6}\SETUP.EXE" -l0x40c anything
Pilotes privés 2 pour FS2004-->MsiExec.exe /I{898EFD46-9162-43F7-BE9F-32260B7047D4}
Pilotes régionaux pour FS2004-->MsiExec.exe /X{4A4D0F20-E8C4-4D49-8153-FBEEEA685286}
PM Guide de référence-->C:\Program Files\EPSON\TPMANUAL\PM\REF_G\DOCUNINS.EXE
PM Guide des logiciels-->C:\Program Files\EPSON\TPMANUAL\PM\PQU_G\DOCUNINS.EXE
Print to Fax-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5BF2B19D-9C79-492A-8969-F059F06A627F}\setup.exe" -l0x40c ControlPanel
Programme de désinstallation de McAfee-->C:\PROGRA~1\McAfee.com\Shared\mcappins.exe /v=3 /uninstall=1 /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\comrem.dll::uninstall.htm
PSS Boeing 777 Multipack-->C:\WINDOWS\iun6002.exe "C:\Program Files\Microsoft Games\Flight Simulator 9\pss777_irunin.ini"
PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Radar v2.0 for FS2004-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal_Radar.exe
Radio Media Player-->C:\Program Files\Windows Media Player\Plugins\Radios Media Player\uninst.exe
Ready for Pushback V2_10 Full Version-->C:\Program Files\Microsoft Games\Flight Simulator 9\RFP_V2_Upgrade_Unistaller.exe
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Rennes St-Jacques-->C:\Program Files\Microsoft Games\Flight Simulator 9\uninstall_rennes.exe
Roxio DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Roxio MyDVD LE-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Roxio RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Roxio RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Roxio RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
SAGEM F@st 800-908-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\Setup.exe" -l0x40c
SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
SAMSUNG PC Studio 2.0.9-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /M{D48C9BFC-FBCF-4F29-B97D-822ED6D497FE}
SearchAssist-->C:\DELL\SearchAssist\UninstSA.bat
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Security Update for Visio 2007 (KB947590)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
SigmaTel Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x40c -remove -removeonly
Silent Hunter 4 Wolves of the Pacific-->C:\Program Files\InstallShield Installation Information\{0D005F09-A5F4-473B-A901-5735C6AF5628}\setup.exe -runfromtemp -l0x040c -removeonly
SimCharts 3.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{61812F6F-0705-4B20-B914-32C1E3C155C7}\Setup.exe" -l0x9
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SLD Codec Pack-->C:\Program Files\SLD Codec Pack\uninstall.exe
Sonic Activation Module-->MsiExec.exe /I{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}
Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
SonicStage 4.3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A0EB195B-5876-48E6-879D-33D4B2102610}\setup.exe" -l0x40c UNINSTALL -removeonly
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SpyHunter-->"C:\Program Files\Enigma Software Group\SpyHunter\Uninstall.exe" "C:\Program Files\Enigma Software Group\SpyHunter\install.log" -u
Spyware Doctor 6.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG
SubDownloader2-->"C:\Program Files\SubDownloader2\uninstall.exe"
SubSync-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\SubSync\ST6UNST.LOG"
TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
TJSJ San Juan-->C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstall TJSJ.exe
Tom Clancy's Splinter Cell Double Agent-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAD1691A-FA24-4B95-9009-3257B8440ECC}\setup.exe" -l0x40c -removeonly
TomTom HOME 2.5.2.60-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
TuneVNAV Pro-->"C:\WINDOWS\TuneVNAV Pro\uninstall.exe" "/U:C:\Program Files\TuneVNAV Pro\Uninstall\uninstall.xml"
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb962871)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {297857BF-4011-449B-BD74-DB64D182821C}
URL Assistant-->regsvr32 /u /s "C:\Program Files\BAE\BAE.dll"
UseNeXT-->"C:\Program Files\UseNeXT\unins002.exe"
Vancouver+-->C:\Program Files\InstallShield Installation Information\{2DA3BD92-EEB7-43C8-8E5C-629BCBC0A0EE}\setup.exe -runfromtemp -l0x0009 -removeonly
VC_MergeModuleToMSI-->MsiExec.exe /I{900A92BA-19EF-4A34-86CF-7B6C85BDD971}
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VideoLAN VLC media player 0.8.6b-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VobSub v2.23 (Remove Only)-->"C:\Program Files\Gabest\VobSub\uninstall.exe"
Vuze-->C:\Program Files\Azureus\uninstall.exe
Webcam 1200-->C:\Program Files\InstallShield Installation Information\{66D475AE-F18B-43A0-8BAF-61AF4403E339}\setup.exe -runfromtemp -l0x040c -removeonly
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Desktop Search 3.01-->"C:\WINDOWS\$NtUninstallKB917013$\spuninst\spuninst.exe"
Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Live Toolbar-->"C:\Program Files\Windows Live Toolbar\UnInstall.exe" {0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
Windows Live Toolbar-->MsiExec.exe /X{0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
World Clearance Generator V3.1.18-->"C:\Program Files\WCG\unins000.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
X-treme King Air B200 v.2.0.1-->C:\WINDOWS\iun6002.exe "C:\Program Files\Microsoft Games\Flight Simulator 9\Aeroworx\B200\irunin.ini"
Xvid 1.1.2 final uninstall-->"C:\Program Files\Xvid\unins000.exe"
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
======Hosts File======
127.0.0.1 localhost
10.10.10.10 sams.nikonimaging.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
======Security center information======
AV: McAfee VirusScan (disabled)
FW: McAfee Personal Firewall (disabled)
======System event log======
Computer Name: DHKZMT2J
Event Code: 7
Message: Le périphérique \Device\CdRom0 comporte un bloc défectueux.
Record Number: 50505
Source Name: Cdrom
Time Written: 20090319170906.000000+060
Event Type: erreur
User:
Computer Name: DHKZMT2J
Event Code: 7
Message: Le périphérique \Device\CdRom0 comporte un bloc défectueux.
Record Number: 50504
Source Name: Cdrom
Time Written: 20090319170902.000000+060
Event Type: erreur
User:
Computer Name: DHKZMT2J
Event Code: 7
Message: Le périphérique \Device\CdRom0 comporte un bloc défectueux.
Record Number: 50503
Source Name: Cdrom
Time Written: 20090319170859.000000+060
Event Type: erreur
User:
Computer Name: DHKZMT2J
Event Code: 7
Message: Le périphérique \Device\CdRom0 comporte un bloc défectueux.
Record Number: 50502
Source Name: Cdrom
Time Written: 20090319170855.000000+060
Event Type: erreur
User:
Computer Name: DHKZMT2J
Event Code: 7
Message: Le périphérique \Device\CdRom0 comporte un bloc défectueux.
Record Number: 50501
Source Name: Cdrom
Time Written: 20090319170852.000000+060
Event Type: erreur
User:
=====Application event log=====
Computer Name: DHKZMT2J
Event Code: 1002
Message: Erreur d’analyse du schéma de propriété « C:\WINDOWS\system32\PROPSYS.dll,WindowsPropertyDescriptions » : liste de types énumérés non valide pour la propriété « System.Photo.GainControl ».
Record Number: 9727
Source Name: Microsoft-Windows-propsys
Time Written: 20081219025656.000000+060
Event Type: Informations
User:
Computer Name: DHKZMT2J
Event Code: 1005
Message: Propriété non valide omise du schéma « C:\WINDOWS\system32\PROPSYS.dll,WindowsPropertyDescriptions » : « System.Photo.GainControl » (fmtid=« {FA304789-00C7-4D80-904A-1E4DCC7265AA} » pid=« 100 ») Éditeur : « Microsoft » Produit : « Windows » URL : « »
Record Number: 9726
Source Name: Microsoft-Windows-propsys
Time Written: 20081219025420.000000+060
Event Type: Informations
User:
Computer Name: DHKZMT2J
Event Code: 1002
Message: Erreur d’analyse du schéma de propriété « C:\WINDOWS\system32\PROPSYS.dll,WindowsPropertyDescriptions » : liste de types énumérés non valide pour la propriété « System.Photo.GainControl ».
Record Number: 9725
Source Name: Microsoft-Windows-propsys
Time Written: 20081219025420.000000+060
Event Type: Informations
User:
Computer Name: DHKZMT2J
Event Code: 1005
Message: Propriété non valide omise du schéma « C:\WINDOWS\system32\PROPSYS.dll,WindowsPropertyDescriptions » : « System.Photo.GainControl » (fmtid=« {FA304789-00C7-4D80-904A-1E4DCC7265AA} » pid=« 100 ») Éditeur : « Microsoft » Produit : « Windows » URL : « »
Record Number: 9724
Source Name: Microsoft-Windows-propsys
Time Written: 20081219025316.000000+060
Event Type: Informations
User:
Computer Name: DHKZMT2J
Event Code: 1002
Message: Erreur d’analyse du schéma de propriété « C:\WINDOWS\system32\PROPSYS.dll,WindowsPropertyDescriptions » : liste de types énumérés non valide pour la propriété « System.Photo.GainControl ».
Record Number: 9723
Source Name: Microsoft-Windows-propsys
Time Written: 20081219025316.000000+060
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\Roxio Shared\DLLShared\;C:\Program Files\Fichiers communs\Adobe\AGL;C:\Program Files\Samsung\Samsung PC Studio 3\;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=C:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
whitetank
Messages postés
19
Date d'inscription
mercredi 8 avril 2009
Statut
Membre
Dernière intervention
12 avril 2009
9 avril 2009 à 16:18
9 avril 2009 à 16:18
Voilà le compte-rendu de Malewarebytes:
Malwarebytes' Anti-Malware 1.36
Version de la base de données: 1958
Windows 5.1.2600 Service Pack 3
4/9/2009 4:08:37 PM
mbam-log-2009-04-09 (16-08-37).txt
Type de recherche: Examen rapide
Eléments examinés: 85887
Temps écoulé: 4 minute(s), 3 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\userinit.exe -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Malwarebytes' Anti-Malware 1.36
Version de la base de données: 1958
Windows 5.1.2600 Service Pack 3
4/9/2009 4:08:37 PM
mbam-log-2009-04-09 (16-08-37).txt
Type de recherche: Examen rapide
Eléments examinés: 85887
Temps écoulé: 4 minute(s), 3 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\userinit.exe -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
9 avril 2009 à 18:08
9 avril 2009 à 18:08
bien ....
dans l'ordre :
1- ! Déconnecte toi et ferme toutes tes applications en cours !
Double clique sur "OTMoveIt3.exe" pour ouvrir le prg .
Puis copie ce qui se trouve en citation ci-dessous,
et colle le dans le cadre de gauche de OTMoveIt3 :
Paste Instructions for items to be moved.
(ne touche à rien d'autre !)
-> clique sur MoveIt! pour lancer la suppression.
-> laisse travailler l'outil ...
( Note : ton bureau va disparaitre puis réapparaitre, c'est normal .)
-> une fois finis , un petite fenêtre s'ouvre : clique sur " Yes " .
Ton PC va redémarrer de lui même ...
-->Poste le contenu du rapport qui se trouve dans le dossier "C:\_OTMoveIt\MovedFiles"
( " xxxx2008_xxxxxx.log " où les "x" correspondent au jour et à l'heure de l'utilisation ).
===============================
2- Télécharge ComboFix (par sUBs) sur ton Bureau (et pas ailleurs !):
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
* Impératif :
Branche toutes tes unités externes à ton PC (clé USB, DD externe, flash disk, lecteur MP3, etc...) succeptibles d'avoir été infectés ( mais sans les ouvrir ! ) . Bien vérifier que rien ne soit " bloqué en écriture " ( petit loquet sur certaines clé usb ... ) et que les DD externes soient bien sûr alimentés électriquement ...
--------------------------------- [ ! ATTENTION ! ] ------------------------------------------
!! Déconnecte toi,ferme tes applications en cours ( ainsi que ton navigateur ) et DESACTIVE TOUTES TES DEFENSES (anti-virus, guarde anti spy-ware, pare-feu) le temps de la manipe :
en effet , activés, ils pourraient gêner fortement la procédure de recherche et de nettoyage de l'outil ( voir planter le PC )...Tu les réactiveras donc après !!
--->Important : si tu rencontres des difficultés à ce niveau là, fais m'en part avant de poursuivre ...
Tuto ( aide ) ici : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
Note : pour XP, bien installer la Console de Récupération de Windows comme il est indiqué dans le tuto ci-dessus ...
--------------------------------------------------------------------------------------------
* Ensuite :
double-clique sur l'icône "combofix.exe" pour lancer l'outil .
Appuie sur la touche Y (Yes) pour démarrer le scan .
Notes importantes :
-> n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi .
-> Il se peut que le PC redémarre de lui même ( pour finaliser le nettoyage ) , laisse le faire .
-> Si l'outil t'anonce ceci : "combofix a détecté la présence de rootkit et a besoin de faire redémarer votre machine", tu acceptes ...
-> si un message d'erreur windows apparait à un momment : clique sur la croix rouge en haut à droite de la fenêtre pour la fermer ( et pas sur autre chose ! sinon pas de rapport ... )
Le rapport sera crée ici : C:\Combofix.txt
Réactive bien tes défenses .
Poste le rapport Combofix pour analyse ...
dans l'ordre :
1- ! Déconnecte toi et ferme toutes tes applications en cours !
Double clique sur "OTMoveIt3.exe" pour ouvrir le prg .
Puis copie ce qui se trouve en citation ci-dessous,
:processes explorer.exe :Files C:\Program Files\AskBardis C:\WINDOWS\system32\tmp.txt :Commands [emptytemp] [Reboot]
et colle le dans le cadre de gauche de OTMoveIt3 :
Paste Instructions for items to be moved.
(ne touche à rien d'autre !)
-> clique sur MoveIt! pour lancer la suppression.
-> laisse travailler l'outil ...
( Note : ton bureau va disparaitre puis réapparaitre, c'est normal .)
-> une fois finis , un petite fenêtre s'ouvre : clique sur " Yes " .
Ton PC va redémarrer de lui même ...
-->Poste le contenu du rapport qui se trouve dans le dossier "C:\_OTMoveIt\MovedFiles"
( " xxxx2008_xxxxxx.log " où les "x" correspondent au jour et à l'heure de l'utilisation ).
===============================
2- Télécharge ComboFix (par sUBs) sur ton Bureau (et pas ailleurs !):
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
* Impératif :
Branche toutes tes unités externes à ton PC (clé USB, DD externe, flash disk, lecteur MP3, etc...) succeptibles d'avoir été infectés ( mais sans les ouvrir ! ) . Bien vérifier que rien ne soit " bloqué en écriture " ( petit loquet sur certaines clé usb ... ) et que les DD externes soient bien sûr alimentés électriquement ...
--------------------------------- [ ! ATTENTION ! ] ------------------------------------------
!! Déconnecte toi,ferme tes applications en cours ( ainsi que ton navigateur ) et DESACTIVE TOUTES TES DEFENSES (anti-virus, guarde anti spy-ware, pare-feu) le temps de la manipe :
en effet , activés, ils pourraient gêner fortement la procédure de recherche et de nettoyage de l'outil ( voir planter le PC )...Tu les réactiveras donc après !!
--->Important : si tu rencontres des difficultés à ce niveau là, fais m'en part avant de poursuivre ...
Tuto ( aide ) ici : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
Note : pour XP, bien installer la Console de Récupération de Windows comme il est indiqué dans le tuto ci-dessus ...
--------------------------------------------------------------------------------------------
* Ensuite :
double-clique sur l'icône "combofix.exe" pour lancer l'outil .
Appuie sur la touche Y (Yes) pour démarrer le scan .
Notes importantes :
-> n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi .
-> Il se peut que le PC redémarre de lui même ( pour finaliser le nettoyage ) , laisse le faire .
-> Si l'outil t'anonce ceci : "combofix a détecté la présence de rootkit et a besoin de faire redémarer votre machine", tu acceptes ...
-> si un message d'erreur windows apparait à un momment : clique sur la croix rouge en haut à droite de la fenêtre pour la fermer ( et pas sur autre chose ! sinon pas de rapport ... )
Le rapport sera crée ici : C:\Combofix.txt
Réactive bien tes défenses .
Poste le rapport Combofix pour analyse ...
whitetank
Messages postés
19
Date d'inscription
mercredi 8 avril 2009
Statut
Membre
Dernière intervention
12 avril 2009
9 avril 2009 à 21:20
9 avril 2009 à 21:20
Voici le rapport de OTMoveIt3:
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
C:\Program Files\AskBardis\bar\Settings moved successfully.
C:\Program Files\AskBardis\bar moved successfully.
C:\Program Files\AskBardis moved successfully.
C:\WINDOWS\system32\tmp.txt moved successfully.
========== COMMANDS ==========
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\Francis Blanchard\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\mcafee_J3usXLgcK6MOWe2 scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mcmsc_4I1UVLcmyy4yJlX scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mcmsc_aYKFTzVd1JfZeUI scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mcmsc_cNXtNWKBLtNGbV6 scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mcmsc_VrRfBjLXNmGqYRb scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_7f4.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_0oqot8VMAoo9dze scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_Lf5J3Jd8SN1yYA5 scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_LoN9GLDI3QnZuIA scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_p20OCQ7mmTJuJk9 scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_pQm7IlpNajv0y5s scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_Vx1IbZctW5bCVgi scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_xSayfDulbgptKhQ scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
OTMoveIt3 by OldTimer - Version 1.0.10.0 log created on 04092009_201123
Files moved on Reboot...
File C:\WINDOWS\temp\mcafee_J3usXLgcK6MOWe2 not found!
File C:\WINDOWS\temp\mcmsc_4I1UVLcmyy4yJlX not found!
File C:\WINDOWS\temp\mcmsc_aYKFTzVd1JfZeUI not found!
File C:\WINDOWS\temp\mcmsc_cNXtNWKBLtNGbV6 not found!
File C:\WINDOWS\temp\mcmsc_VrRfBjLXNmGqYRb not found!
File C:\WINDOWS\temp\Perflib_Perfdata_7f4.dat not found!
C:\WINDOWS\temp\sqlite_0oqot8VMAoo9dze moved successfully.
File C:\WINDOWS\temp\sqlite_Lf5J3Jd8SN1yYA5 not found!
File C:\WINDOWS\temp\sqlite_LoN9GLDI3QnZuIA not found!
File C:\WINDOWS\temp\sqlite_p20OCQ7mmTJuJk9 not found!
File C:\WINDOWS\temp\sqlite_pQm7IlpNajv0y5s not found!
C:\WINDOWS\temp\sqlite_Vx1IbZctW5bCVgi moved successfully.
C:\WINDOWS\temp\sqlite_xSayfDulbgptKhQ moved successfully.
et le rapport de ComboFix
ComboFix 09-04-04.01 - Francis Blanchard 2009-04-09 20:44:24.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.3069.2461 [GMT 2:00]
Lancé depuis: c:\documents and settings\Francis Blanchard\Bureau\ComboFix.exe
AV: McAfee VirusScan *On-access scanning disabled* (Updated)
FW: McAfee Personal Firewall *disabled*
* Un nouveau point de restauration a été créé
.
[i] ADS - WINDOWS: deleted 24 bytes in 1 streams. /i
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\INSTALL.LOG
c:\windows\patch.exe
c:\windows\system32\acelumkr.ini
c:\windows\system32\eckohwoa.ini
c:\windows\system32\fbnbfxyn.ini
c:\windows\system32\gvqubusm.ini
c:\windows\system32\mjqkwwfb.ini
c:\windows\system32\qbumkooj.ini
c:\windows\system32\rharvkcv.ini
c:\windows\system32\SCLabel.ocx
c:\windows\system32\tmp.reg
c:\windows\system32\tmp67.tmp
c:\windows\system32\tmp71.tmp
c:\windows\system32\vbzlib1.dll
c:\windows\system32\wwcxnnkn.ini
[color=blue]Une copie infectée de c:\windows\system32\userinit.exe a été trouvée et désinfectée
opie restaurée à partir de - c:\qoobox\Quarantine\C\WINDOWS\system32\userinit.exe.vir/COLOR
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_PACKET
((((((((((((((((((((((((((((( Fichiers créés du 2009-03-09 au 2009-04-09 ))))))))))))))))))))))))))))))))))))
.
2009-04-09 16:14 . 2009-04-09 16:14 <REP> d-------- C:\rsit
2009-04-09 16:11 . 2009-04-09 16:11 781,909 --a------ c:\temp\RSIT.exe
2009-04-09 12:57 . 2009-04-09 12:59 <REP> d-------- c:\temp\SmitfraudFix
2009-04-09 12:13 . 2009-04-09 12:13 <REP> d-------- C:\_OTMoveIt
2009-04-09 12:04 . 2009-04-09 12:04 1,830,642 --a------ c:\temp\SmitfraudFix.exe
2009-04-09 12:03 . 2009-04-09 12:04 389,632 --a------ c:\temp\OTMoveIt3.exe
2009-04-09 09:31 . 2009-04-09 18:05 <REP> d-------- c:\program files\Navilog1
2009-04-09 09:27 . 2009-04-09 09:27 578,067 --a------ c:\temp\Navilog1.exe
2009-04-08 22:45 . 2009-04-08 23:03 <REP> d-------- C:\ToolBar SD
2009-04-08 17:35 . 2009-04-08 17:36 16,409,960 --a------ c:\temp\spybotsd162.exe
2009-04-08 17:30 . 2009-04-08 17:30 <REP> d-------- c:\windows\AU_Temp
2009-04-08 17:30 . 2009-04-08 17:30 <REP> d-------- c:\windows\AU_Log
2009-04-08 17:30 . 2009-04-08 17:30 507,904 --a------ c:\windows\TMUPDATE.DLL
2009-04-08 17:30 . 2009-04-08 17:30 69,689 --a------ c:\windows\UNZIP.DLL
2009-04-08 13:30 . 2009-04-09 17:09 <REP> d-------- c:\program files\Enigma Software Group
2009-04-08 09:36 . 2007-01-18 14:00 3,968 --a------ c:\windows\system32\drivers\AvgArCln.sys
2009-04-06 23:00 . 2007-03-05 10:51 360,580 --a------ c:\windows\eSellerateEngine.dll
2009-04-06 14:32 . 2009-04-06 14:32 <REP> d-------- c:\program files\iTunes
2009-04-06 14:32 . 2009-04-06 14:32 <REP> d-------- c:\program files\iPod
2009-04-06 14:32 . 2009-04-06 14:32 <REP> d-------- c:\documents and settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-04-06 14:30 . 2009-04-06 14:31 <REP> d-------- c:\program files\QuickTime
2009-04-06 14:21 . 2009-04-06 14:21 <REP> d-------- c:\program files\Bonjour
2009-04-05 22:58 . 2004-09-02 11:45 2,950 --a------ c:\windows\uninstall_NewSpanishAirports.ini
2009-04-03 23:43 . 2009-04-03 23:43 <REP> d-------- c:\temp\A330PNL
2009-04-02 16:04 . 2009-03-31 06:52 <REP> d-------- c:\temp\Tor Browser
2009-04-02 08:40 . 2009-04-02 08:40 7,618,040 --a------ c:\temp\Firefox Setup 3.0.8.exe
2009-04-02 08:35 . 2009-04-02 08:35 15,894,339 --a------ c:\temp\tor-browser-1.1.11_fr.exe
2009-04-02 08:32 . 2009-04-02 08:32 8,350,750 --a------ c:\temp\vidalia-bundle-0.2.0.34-0.1.10.exe
2009-03-31 20:54 . 2009-03-31 20:56 1,328 --a------ C:\FSUIPC_reg.bin
2009-03-27 10:16 . 2009-03-27 10:16 <REP> d-------- c:\documents and settings\Francis Blanchard\Application Data\AVS4YOU
2009-03-27 10:16 . 2009-03-27 10:16 <REP> d-------- c:\documents and settings\All Users\Application Data\AVS4YOU
2009-03-27 10:14 . 2009-03-27 14:52 <REP> d-------- c:\program files\Fichiers communs\AVSMedia
2009-03-27 10:14 . 2009-03-27 14:52 <REP> d-------- c:\program files\AVS4YOU
2009-03-27 10:14 . 2009-01-28 20:49 1,700,352 --a------ c:\windows\system32\GdiPlus.dll
2009-03-27 10:14 . 2009-01-28 20:49 24,576 --a------ c:\windows\system32\msxml3a.dll
2009-03-24 09:22 . 2007-09-09 15:29 143,360 --a------ c:\windows\system32\Unzip32.dll
2009-03-24 09:22 . 2007-09-09 15:29 57,344 --a------ c:\windows\system32\zlib1i.dll
2009-03-24 09:22 . 2007-09-09 15:29 57,344 --a------ c:\windows\system32\CGZipLibrary.dll
2009-03-24 09:22 . 2007-09-09 15:29 49,152 --a------ c:\windows\system32\DSPing.dll
2009-03-22 10:49 . 2009-03-22 10:49 <REP> d-------- c:\program files\Samsung
2009-03-22 10:49 . 2009-03-22 10:49 <REP> d-------- C:\Hermes
2009-03-22 10:49 . 2009-03-22 10:49 <REP> d-------- c:\documents and settings\All Users\Application Data\Samsung
2009-03-21 15:37 . 2005-12-22 13:24 137,884 --a------ c:\windows\system32\drivers\sscdmdm.sys
2009-03-21 15:37 . 2005-12-22 13:24 80,272 --a------ c:\windows\system32\drivers\sscdbus.sys
2009-03-21 15:37 . 2005-12-22 13:24 11,877 --a------ c:\windows\system32\drivers\sscdcmnt.sys
2009-03-21 15:37 . 2005-12-22 13:24 11,877 --a------ c:\windows\system32\drivers\sscdcm.sys
2009-03-21 15:37 . 2005-12-22 13:24 11,188 --a------ c:\windows\system32\drivers\sscdwhnt.sys
2009-03-21 15:37 . 2005-12-22 13:24 11,188 --a------ c:\windows\system32\drivers\sscdwh.sys
2009-03-21 15:37 . 2005-12-22 13:24 10,864 --a------ c:\windows\system32\drivers\sscdmdfl.sys
2009-03-21 10:06 . 2009-03-22 10:44 <REP> d-------- c:\documents and settings\Francis Blanchard\Application Data\Samsung
2009-03-21 10:02 . 2009-03-21 15:37 <REP> d-------- c:\windows\system32\Samsung_USB_Drivers
2009-03-21 10:02 . 2006-05-03 23:53 174,592 --a------ c:\windows\system32\framedyn.dll
2009-03-21 10:02 . 2005-08-28 21:51 766 --a------ c:\windows\system32\Uninstall.ico
2009-03-21 10:01 . 2009-03-21 15:56 5,632 --a------ c:\windows\system32\drivers\StarOpen.sys
2009-03-19 09:25 . 2009-03-19 09:25 917,504 --a------ c:\windows\system32\FLASH.OCX
2009-03-19 02:58 . 2009-03-19 02:59 25 --a------ c:\windows\JeppView3.ini
2009-03-16 11:33 . 2009-03-17 18:40 <REP> d-------- c:\program files\Trojan Remover
2009-03-15 00:39 . 2009-03-15 00:39 <REP> d-------- c:\documents and settings\Administrateur\Application Data\Malwarebytes
2009-03-11 09:56 . 2009-03-11 09:56 <REP> d-------- c:\program files\WCG
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-09 18:50 --------- d-----w c:\documents and settings\Francis Blanchard\Application Data\Skype
2009-04-09 18:49 --------- d-----w c:\program files\DNA
2009-04-09 18:49 --------- d-----w c:\program files\Dl_cats
2009-04-09 18:49 --------- d-----w c:\documents and settings\Francis Blanchard\Application Data\DNA
2009-04-09 15:57 --------- d-----w c:\documents and settings\Francis Blanchard\Application Data\skypePM
2009-04-09 15:54 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-04-09 15:09 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-04-09 14:19 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2009-04-09 14:02 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-04-09 13:32 --------- d-----w c:\documents and settings\LocalService\Application Data\SACore
2009-04-08 19:28 --------- d-----w c:\documents and settings\Francis Blanchard\Application Data\dvdcss
2009-04-08 18:45 --------- d-----w c:\documents and settings\Francis Blanchard\Application Data\Azureus
2009-04-08 13:33 --------- d-----w c:\program files\free-downloads.net
2009-04-08 07:45 --------- d-----w c:\program files\Spyware Doctor
2009-04-08 07:42 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-04-08 07:20 130,424 ----a-w c:\windows\system32\drivers\PCTCore.sys
2009-04-06 21:18 --------- d--h--w c:\program files\InstallShield Installation Information
2009-04-06 13:32 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-06 13:32 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-04-06 12:32 --------- d-----w c:\program files\Fichiers communs\Apple
2009-04-05 20:59 737,280 ----a-w c:\windows\iun6002.exe
2009-04-05 20:21 9,074 --sha-w c:\windows\system32\KGyGaAvL.sys
2009-04-05 20:19 --------- d-----w c:\documents and settings\Francis Blanchard\Application Data\Corel
2009-04-03 22:16 --------- d-----w c:\program files\McAfee
2009-04-02 10:27 --------- d-----w c:\documents and settings\All Users\Application Data\McAfee
2009-04-01 06:56 --------- d-----w c:\program files\Java
2009-03-29 22:25 --------- d-----w c:\program files\adslTV
2009-03-26 19:40 --------- d-----w c:\documents and settings\Francis Blanchard\Application Data\teamspeak2
2009-03-26 02:50 --------- d-----w c:\program files\Logbook Pro
2009-03-21 23:23 --------- d-----w c:\program files\FSBuild
2009-03-17 16:37 --------- d-----w c:\program files\a-squared Anti-Malware
2009-03-17 08:38 --------- d-----w c:\program files\CV Expert 3
2009-03-13 22:44 368 ----a-w C:\temp.reg
2009-03-11 23:08 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-03-09 03:19 410,984 ----a-w c:\windows\system32\deploytk.dll
2009-03-06 18:44 20 ---h--w c:\documents and settings\All Users\Application Data\PKP_DLdw.DAT
2009-03-06 12:49 --------- d-----w c:\program files\Navigraph
2009-03-06 12:49 --------- d-----w c:\documents and settings\Francis Blanchard\Application Data\Navigraph
2009-03-05 21:26 --------- d-----w c:\documents and settings\Francis Blanchard\Application Data\UseNeXT
2009-03-05 15:55 20 ---h--w c:\documents and settings\All Users\Application Data\PKP_DLbz.DAT
2009-03-04 15:59 --------- d-----w c:\program files\Trend Micro
2009-02-28 08:14 --------- d-----w c:\program files\Fichiers communs\PC Tools
2009-02-28 08:13 --------- d-----w c:\documents and settings\All Users\Application Data\PC Tools
2009-02-27 08:37 --------- d-----w c:\program files\Azureus
2009-02-25 16:58 --------- d-----w c:\program files\Conduit
2009-02-25 16:56 --------- d-----w c:\program files\Alcohol Soft
2009-02-24 22:46 --------- d-----w c:\program files\DivX
2009-02-17 08:38 --------- d-----w c:\documents and settings\Francis Blanchard\Application Data\IvAi
2009-02-17 08:37 --------- d-----w c:\program files\IVAO
2009-02-16 23:02 --------- d-----w c:\program files\TuneVNAV Pro
2009-02-13 20:17 --------- d-----w c:\program files\FSC
2009-02-12 22:06 --------- d-----w c:\program files\FTG-ACARS v2
2009-02-11 23:57 --------- d-----w c:\program files\Aerosoft
2009-02-10 22:33 --------- d-----w c:\program files\FS Addon Manager
2009-02-09 17:27 278,528 ----a-w c:\windows\system32\livesnth.dll
2009-02-09 17:27 203,776 ----a-w c:\windows\system32\clrviddc.dll
2009-02-09 17:23 --------- d-----w c:\program files\Windows Media Connect 2
2009-02-09 14:05 1,846,912 ----a-w c:\windows\system32\win32k.sys
2009-01-14 02:19 32 ----a-w c:\documents and settings\All Users\Application Data\ezsid.dat
2008-11-09 13:51 22,328 ----a-w c:\documents and settings\Francis Blanchard\Application Data\PnkBstrK.sys
2008-06-03 13:42 20 ---h--w c:\documents and settings\All Users\Application Data\PKP_DLdu.DAT
2008-01-10 14:51 88,794 ----a-w c:\program files\DFB58BRXPR3Uninstal.exe
2007-11-12 11:11 2,838 ----a-w c:\documents and settings\Francis Blanchard\Application Data\SAS7_000.DAT
2007-08-04 15:31 1 ----a-w c:\documents and settings\Francis Blanchard\SI.bin
2007-05-31 13:35 0 ----a-w c:\documents and settings\Francis Blanchard\Application Data\wklnhst.dat
1998-09-25 12:16 270,848 ----a-w c:\program files\UNWISE.EXE
2008-04-24 08:32 122,880 ----a-w c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2007-12-29 00:41 61 --sh--w c:\windows\cnerolf.bin
2007-03-25 20:05 61 --sh--w c:\windows\cnerolf.dat
2008-09-23 22:22 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008092420080925\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-20 68856]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-08-30 139264]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-07 21633320]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-08-16 167368]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\HOMERunner.exe" [2008-12-09 234856]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2008-12-19 342848]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-02-23 203928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2006-08-03 137216]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [2006-03-20 213936]
"ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2006-03-20 86960]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-04-24 29744]
"Corel Photo Downloader"="c:\program files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe" [2006-08-14 462336]
"dlcimon.exe"="c:\program files\Dell AIO Printer 946\dlcimon.exe" [2006-12-08 435080]
"FaxCenterServer"="c:\program files\Dell Fax Solutions\fm3032.exe" [2006-12-08 312200]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-13 185632]
"SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 155648]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-01-08 645328]
"ArcSoft Connection Service"="c:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2007-07-03 64000]
"NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-29 8466432]
"DLCICATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLCItime.dll" [2006-10-21 73728]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"ISUSPM"="c:\program files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" [2006-03-20 213936]
"FLMOFFICE4DMOUSE"="c:\program files\Labtec\Mouse\V3.0\moffice.exe" [2008-12-25 958464]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-03-12 342312]
"autoclk"="autoclk.exe" [2003-01-30 c:\windows\autoclk.exe]
"nwiz"="nwiz.exe" [2007-06-29 c:\windows\system32\nwiz.exe]
"SigmatelSysTrayApp"="stsystra.exe" [2006-07-27 c:\windows\stsystra.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Francis Blanchard\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
Nikon Monitor.lnk - c:\program files\Fichiers communs\Nikon\Monitor\NkMonitor.exe [2007-06-14 479232]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Device Detector 3.lnk - c:\program files\Olympus\DeviceDetector\DevDtct2.exe [2007-04-12 118784]
DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-908\dslmon.exe [2007-03-23 962663]
NkbMonitor.exe.lnk - c:\program files\Nikon\PictureProject\NkbMonitor.exe [2007-03-24 118784]
Windows Desktop Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2007-02-05 118784]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3acm"= l3codecp.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\WINDOWS\\system32\\dlcicoms.exe"=
"c:\\Program Files\\Dell AIO Printer 946\\dlcimon.exe"=
"c:\\Program Files\\Dell AIO Printer 946\\DLCIaiox.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\\Program Files\\Microsoft Games\\Flight Simulator 9\\fs9.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\IVAO\\IvAp\\ivapnetint.exe"=
"c:\\StubInstaller.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\UseNeXT\\UseNeXT.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\adslTV\\adsltv.exe"=
"c:\\Program Files\\adslTV\\vlc.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Sports Interactive\\Football Manager 2009\\fm.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\IVAO\\IvAi\\IvAi.exe"=
"c:\\Program Files\\Aerosoft\\FDC\\Flightdeck_Companion.exe"=
"c:\\Program Files\\Fichiers communs\\McAfee\\MNA\\McNASvc.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-02-28 130424]
R2 dlci_device;dlci_device;c:\windows\system32\dlcicoms.exe -service --> c:\windows\system32\dlcicoms.exe -service [?]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [2008-10-01 206096]
R3 rxpvbus;Reality XP Avionics Bus Driver;c:\windows\system32\drivers\rxpvbus.sys [2005-08-28 44032]
S3 fbxusb;Carte réseau virtuelle FreeBox USB;c:\windows\system32\drivers\fbxusb32.sys [2004-10-20 21344]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2007-03-20 29744]
S3 lac97inf;lac97inf;\??\c:\docume~1\FRANCI~1\LOCALS~1\Temp\lac97inf.sys --> c:\docume~1\FRANCI~1\LOCALS~1\Temp\lac97inf.sys [?]
S3 PAC207;Webcam 1200;c:\windows\system32\drivers\PFC027.SYS [2008-06-24 611584]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2008-03-23 348752]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{76c2cbb1-094c-11dd-ac3e-0007cb0000ff}]
\Shell\AutoRun\command - F:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f426fd7f-e02e-11db-aa98-4d6564696130}]
\Shell\AutoRun\command - M:\autorun.exe
.
Contenu du dossier 'Tâches planifiées'
2009-04-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 13:34]
2009-04-09 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-25 00:01]
2009-02-15 c:\windows\Tasks\McDefragTask.job
- c:\program files\mcafee\mqc\QcConsol.exe [2009-01-09 10:53]
2009-04-08 c:\windows\Tasks\SpyHunter Scanner.job
- c:\program files\Enigma Software Group\SpyHunter\SpyHunter3.exe []
2009-04-09 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 12:20]
.
- - - - ORPHELINS SUPPRIMES - - - -
URLSearchHooks-{ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
BHO-{ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
Toolbar-SITEguard - (no file)
Toolbar-{ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
WebBrowser-{ECDEE021-0D17-467F-A1FF-C7A115230949} - (no file)
WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file)
HKLM-Run-NWEReboot - (no file)
.
------- Examen supplémentaire -------
.
uStart Page = www.google.fr/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mWindow Title =
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://fr.search.yahoo.com/search?fr=mcafee&p=%s
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Ouvrir dans un nouvel onglet d'arrière-plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?d4f21f14d17041248fb03e7907d8ad2d
IE: Ouvrir dans un nouvel onglet de premier plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?d4f21f14d17041248fb03e7907d8ad2d
Trusted Zone: internet
Trusted Zone: mcafee.com
FF - ProfilePath - c:\documents and settings\Francis Blanchard\Application Data\Mozilla\Firefox\Profiles\jbudey5c.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Ask
FF - prefs.js: browser.startup.homepage - hxxp://www.daemon-search.com/startpage
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10611&gct=&gc=1&q=
FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npExentCtl.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
---- PARAMETRES FIREFOX ----
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-09 20:49:02
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLCICATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLCItime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-1107185126-3764182311-2499372541-1005\Software\G*e*n*i*e*"!\FM Genie Scout 2009]
"GameDir"="c:\\Documents and Settings\\Francis Blanchard\\Mes documents\\Sports Interactive\\Football Manager 2009\\games"
"ShortlistDir"=""
"ScreenshotsDir"="c:\\Documents and Settings\\Francis Blanchard\\Mes documents\\Sports Interactive\\Football Manager 2009"
"SaveDir"="c:\\Documents and Settings\\Francis Blanchard\\Mes documents\\Sports Interactive\\Football Manager 2009\\"
"HistoryDir"="c:\\Documents and Settings\\Francis Blanchard\\Mes documents\\Sports Interactive\\Football Manager 2009\\FM Genie Scout 2009\\History Points"
"LangDB"="c:\\Program Files\\Sports Interactive\\Football Manager 2009\\data\\updates\\update-910\\db\\910\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"SkinName"="Champions League"
"LastUpdateCheck"=dword:00009b7f
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"Version"=dword:00000062
"UniqueID"="F4-A100-EB1F"
"Currency"=dword:00000056
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
[HKEY_USERS\S-1-5-21-1107185126-3764182311-2499372541-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'explorer.exe'(3368)
c:\program files\McAfee\SiteAdvisor\saHook.dll
c:\program files\Labtec\Mouse\V3.0\MOUDL32A.DLL
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\dlcicoms.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\progra~1\McAfee\MSC\mcmscsvc.exe
c:\program files\Fichiers communs\McAfee\MNA\McNASvc.exe
c:\progra~1\FICHIE~1\McAfee\McProxy\McProxy.exe
c:\progra~1\McAfee\VIRUSS~1\Mcshield.exe
c:\program files\ArcSoft\Magic-i 3\uMgiSvr.exe
c:\program files\McAfee\MPF\MpfSrv.exe
c:\program files\McAfee\MSK\msksrver.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\system32\searchindexer.exe
c:\progra~1\McAfee.com\Agent\mcagent.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Labtec\Mouse\V3.0\mouse32a.exe
c:\program files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\windows\system32\searchprotocolhost.exe
c:\windows\system32\searchfilterhost.exe
.
**************************************************************************
.
Heure de fin: 2009-04-09 21:06:24 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-04-09 19:06:17
Avant-CF: 198,981,574,656 octets libres
Après-CF: 198,848,901,120 octets libres
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect /NoExecute=OptOut
412 --- E O F --- 2009-03-21 08:06:13
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
C:\Program Files\AskBardis\bar\Settings moved successfully.
C:\Program Files\AskBardis\bar moved successfully.
C:\Program Files\AskBardis moved successfully.
C:\WINDOWS\system32\tmp.txt moved successfully.
========== COMMANDS ==========
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\Francis Blanchard\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\mcafee_J3usXLgcK6MOWe2 scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mcmsc_4I1UVLcmyy4yJlX scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mcmsc_aYKFTzVd1JfZeUI scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mcmsc_cNXtNWKBLtNGbV6 scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mcmsc_VrRfBjLXNmGqYRb scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_7f4.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_0oqot8VMAoo9dze scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_Lf5J3Jd8SN1yYA5 scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_LoN9GLDI3QnZuIA scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_p20OCQ7mmTJuJk9 scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_pQm7IlpNajv0y5s scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_Vx1IbZctW5bCVgi scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_xSayfDulbgptKhQ scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
OTMoveIt3 by OldTimer - Version 1.0.10.0 log created on 04092009_201123
Files moved on Reboot...
File C:\WINDOWS\temp\mcafee_J3usXLgcK6MOWe2 not found!
File C:\WINDOWS\temp\mcmsc_4I1UVLcmyy4yJlX not found!
File C:\WINDOWS\temp\mcmsc_aYKFTzVd1JfZeUI not found!
File C:\WINDOWS\temp\mcmsc_cNXtNWKBLtNGbV6 not found!
File C:\WINDOWS\temp\mcmsc_VrRfBjLXNmGqYRb not found!
File C:\WINDOWS\temp\Perflib_Perfdata_7f4.dat not found!
C:\WINDOWS\temp\sqlite_0oqot8VMAoo9dze moved successfully.
File C:\WINDOWS\temp\sqlite_Lf5J3Jd8SN1yYA5 not found!
File C:\WINDOWS\temp\sqlite_LoN9GLDI3QnZuIA not found!
File C:\WINDOWS\temp\sqlite_p20OCQ7mmTJuJk9 not found!
File C:\WINDOWS\temp\sqlite_pQm7IlpNajv0y5s not found!
C:\WINDOWS\temp\sqlite_Vx1IbZctW5bCVgi moved successfully.
C:\WINDOWS\temp\sqlite_xSayfDulbgptKhQ moved successfully.
et le rapport de ComboFix
ComboFix 09-04-04.01 - Francis Blanchard 2009-04-09 20:44:24.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.3069.2461 [GMT 2:00]
Lancé depuis: c:\documents and settings\Francis Blanchard\Bureau\ComboFix.exe
AV: McAfee VirusScan *On-access scanning disabled* (Updated)
FW: McAfee Personal Firewall *disabled*
* Un nouveau point de restauration a été créé
.
[i] ADS - WINDOWS: deleted 24 bytes in 1 streams. /i
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\INSTALL.LOG
c:\windows\patch.exe
c:\windows\system32\acelumkr.ini
c:\windows\system32\eckohwoa.ini
c:\windows\system32\fbnbfxyn.ini
c:\windows\system32\gvqubusm.ini
c:\windows\system32\mjqkwwfb.ini
c:\windows\system32\qbumkooj.ini
c:\windows\system32\rharvkcv.ini
c:\windows\system32\SCLabel.ocx
c:\windows\system32\tmp.reg
c:\windows\system32\tmp67.tmp
c:\windows\system32\tmp71.tmp
c:\windows\system32\vbzlib1.dll
c:\windows\system32\wwcxnnkn.ini
[color=blue]Une copie infectée de c:\windows\system32\userinit.exe a été trouvée et désinfectée
opie restaurée à partir de - c:\qoobox\Quarantine\C\WINDOWS\system32\userinit.exe.vir/COLOR
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_PACKET
((((((((((((((((((((((((((((( Fichiers créés du 2009-03-09 au 2009-04-09 ))))))))))))))))))))))))))))))))))))
.
2009-04-09 16:14 . 2009-04-09 16:14 <REP> d-------- C:\rsit
2009-04-09 16:11 . 2009-04-09 16:11 781,909 --a------ c:\temp\RSIT.exe
2009-04-09 12:57 . 2009-04-09 12:59 <REP> d-------- c:\temp\SmitfraudFix
2009-04-09 12:13 . 2009-04-09 12:13 <REP> d-------- C:\_OTMoveIt
2009-04-09 12:04 . 2009-04-09 12:04 1,830,642 --a------ c:\temp\SmitfraudFix.exe
2009-04-09 12:03 . 2009-04-09 12:04 389,632 --a------ c:\temp\OTMoveIt3.exe
2009-04-09 09:31 . 2009-04-09 18:05 <REP> d-------- c:\program files\Navilog1
2009-04-09 09:27 . 2009-04-09 09:27 578,067 --a------ c:\temp\Navilog1.exe
2009-04-08 22:45 . 2009-04-08 23:03 <REP> d-------- C:\ToolBar SD
2009-04-08 17:35 . 2009-04-08 17:36 16,409,960 --a------ c:\temp\spybotsd162.exe
2009-04-08 17:30 . 2009-04-08 17:30 <REP> d-------- c:\windows\AU_Temp
2009-04-08 17:30 . 2009-04-08 17:30 <REP> d-------- c:\windows\AU_Log
2009-04-08 17:30 . 2009-04-08 17:30 507,904 --a------ c:\windows\TMUPDATE.DLL
2009-04-08 17:30 . 2009-04-08 17:30 69,689 --a------ c:\windows\UNZIP.DLL
2009-04-08 13:30 . 2009-04-09 17:09 <REP> d-------- c:\program files\Enigma Software Group
2009-04-08 09:36 . 2007-01-18 14:00 3,968 --a------ c:\windows\system32\drivers\AvgArCln.sys
2009-04-06 23:00 . 2007-03-05 10:51 360,580 --a------ c:\windows\eSellerateEngine.dll
2009-04-06 14:32 . 2009-04-06 14:32 <REP> d-------- c:\program files\iTunes
2009-04-06 14:32 . 2009-04-06 14:32 <REP> d-------- c:\program files\iPod
2009-04-06 14:32 . 2009-04-06 14:32 <REP> d-------- c:\documents and settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-04-06 14:30 . 2009-04-06 14:31 <REP> d-------- c:\program files\QuickTime
2009-04-06 14:21 . 2009-04-06 14:21 <REP> d-------- c:\program files\Bonjour
2009-04-05 22:58 . 2004-09-02 11:45 2,950 --a------ c:\windows\uninstall_NewSpanishAirports.ini
2009-04-03 23:43 . 2009-04-03 23:43 <REP> d-------- c:\temp\A330PNL
2009-04-02 16:04 . 2009-03-31 06:52 <REP> d-------- c:\temp\Tor Browser
2009-04-02 08:40 . 2009-04-02 08:40 7,618,040 --a------ c:\temp\Firefox Setup 3.0.8.exe
2009-04-02 08:35 . 2009-04-02 08:35 15,894,339 --a------ c:\temp\tor-browser-1.1.11_fr.exe
2009-04-02 08:32 . 2009-04-02 08:32 8,350,750 --a------ c:\temp\vidalia-bundle-0.2.0.34-0.1.10.exe
2009-03-31 20:54 . 2009-03-31 20:56 1,328 --a------ C:\FSUIPC_reg.bin
2009-03-27 10:16 . 2009-03-27 10:16 <REP> d-------- c:\documents and settings\Francis Blanchard\Application Data\AVS4YOU
2009-03-27 10:16 . 2009-03-27 10:16 <REP> d-------- c:\documents and settings\All Users\Application Data\AVS4YOU
2009-03-27 10:14 . 2009-03-27 14:52 <REP> d-------- c:\program files\Fichiers communs\AVSMedia
2009-03-27 10:14 . 2009-03-27 14:52 <REP> d-------- c:\program files\AVS4YOU
2009-03-27 10:14 . 2009-01-28 20:49 1,700,352 --a------ c:\windows\system32\GdiPlus.dll
2009-03-27 10:14 . 2009-01-28 20:49 24,576 --a------ c:\windows\system32\msxml3a.dll
2009-03-24 09:22 . 2007-09-09 15:29 143,360 --a------ c:\windows\system32\Unzip32.dll
2009-03-24 09:22 . 2007-09-09 15:29 57,344 --a------ c:\windows\system32\zlib1i.dll
2009-03-24 09:22 . 2007-09-09 15:29 57,344 --a------ c:\windows\system32\CGZipLibrary.dll
2009-03-24 09:22 . 2007-09-09 15:29 49,152 --a------ c:\windows\system32\DSPing.dll
2009-03-22 10:49 . 2009-03-22 10:49 <REP> d-------- c:\program files\Samsung
2009-03-22 10:49 . 2009-03-22 10:49 <REP> d-------- C:\Hermes
2009-03-22 10:49 . 2009-03-22 10:49 <REP> d-------- c:\documents and settings\All Users\Application Data\Samsung
2009-03-21 15:37 . 2005-12-22 13:24 137,884 --a------ c:\windows\system32\drivers\sscdmdm.sys
2009-03-21 15:37 . 2005-12-22 13:24 80,272 --a------ c:\windows\system32\drivers\sscdbus.sys
2009-03-21 15:37 . 2005-12-22 13:24 11,877 --a------ c:\windows\system32\drivers\sscdcmnt.sys
2009-03-21 15:37 . 2005-12-22 13:24 11,877 --a------ c:\windows\system32\drivers\sscdcm.sys
2009-03-21 15:37 . 2005-12-22 13:24 11,188 --a------ c:\windows\system32\drivers\sscdwhnt.sys
2009-03-21 15:37 . 2005-12-22 13:24 11,188 --a------ c:\windows\system32\drivers\sscdwh.sys
2009-03-21 15:37 . 2005-12-22 13:24 10,864 --a------ c:\windows\system32\drivers\sscdmdfl.sys
2009-03-21 10:06 . 2009-03-22 10:44 <REP> d-------- c:\documents and settings\Francis Blanchard\Application Data\Samsung
2009-03-21 10:02 . 2009-03-21 15:37 <REP> d-------- c:\windows\system32\Samsung_USB_Drivers
2009-03-21 10:02 . 2006-05-03 23:53 174,592 --a------ c:\windows\system32\framedyn.dll
2009-03-21 10:02 . 2005-08-28 21:51 766 --a------ c:\windows\system32\Uninstall.ico
2009-03-21 10:01 . 2009-03-21 15:56 5,632 --a------ c:\windows\system32\drivers\StarOpen.sys
2009-03-19 09:25 . 2009-03-19 09:25 917,504 --a------ c:\windows\system32\FLASH.OCX
2009-03-19 02:58 . 2009-03-19 02:59 25 --a------ c:\windows\JeppView3.ini
2009-03-16 11:33 . 2009-03-17 18:40 <REP> d-------- c:\program files\Trojan Remover
2009-03-15 00:39 . 2009-03-15 00:39 <REP> d-------- c:\documents and settings\Administrateur\Application Data\Malwarebytes
2009-03-11 09:56 . 2009-03-11 09:56 <REP> d-------- c:\program files\WCG
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-09 18:50 --------- d-----w c:\documents and settings\Francis Blanchard\Application Data\Skype
2009-04-09 18:49 --------- d-----w c:\program files\DNA
2009-04-09 18:49 --------- d-----w c:\program files\Dl_cats
2009-04-09 18:49 --------- d-----w c:\documents and settings\Francis Blanchard\Application Data\DNA
2009-04-09 15:57 --------- d-----w c:\documents and settings\Francis Blanchard\Application Data\skypePM
2009-04-09 15:54 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-04-09 15:09 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-04-09 14:19 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2009-04-09 14:02 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-04-09 13:32 --------- d-----w c:\documents and settings\LocalService\Application Data\SACore
2009-04-08 19:28 --------- d-----w c:\documents and settings\Francis Blanchard\Application Data\dvdcss
2009-04-08 18:45 --------- d-----w c:\documents and settings\Francis Blanchard\Application Data\Azureus
2009-04-08 13:33 --------- d-----w c:\program files\free-downloads.net
2009-04-08 07:45 --------- d-----w c:\program files\Spyware Doctor
2009-04-08 07:42 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-04-08 07:20 130,424 ----a-w c:\windows\system32\drivers\PCTCore.sys
2009-04-06 21:18 --------- d--h--w c:\program files\InstallShield Installation Information
2009-04-06 13:32 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-06 13:32 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-04-06 12:32 --------- d-----w c:\program files\Fichiers communs\Apple
2009-04-05 20:59 737,280 ----a-w c:\windows\iun6002.exe
2009-04-05 20:21 9,074 --sha-w c:\windows\system32\KGyGaAvL.sys
2009-04-05 20:19 --------- d-----w c:\documents and settings\Francis Blanchard\Application Data\Corel
2009-04-03 22:16 --------- d-----w c:\program files\McAfee
2009-04-02 10:27 --------- d-----w c:\documents and settings\All Users\Application Data\McAfee
2009-04-01 06:56 --------- d-----w c:\program files\Java
2009-03-29 22:25 --------- d-----w c:\program files\adslTV
2009-03-26 19:40 --------- d-----w c:\documents and settings\Francis Blanchard\Application Data\teamspeak2
2009-03-26 02:50 --------- d-----w c:\program files\Logbook Pro
2009-03-21 23:23 --------- d-----w c:\program files\FSBuild
2009-03-17 16:37 --------- d-----w c:\program files\a-squared Anti-Malware
2009-03-17 08:38 --------- d-----w c:\program files\CV Expert 3
2009-03-13 22:44 368 ----a-w C:\temp.reg
2009-03-11 23:08 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-03-09 03:19 410,984 ----a-w c:\windows\system32\deploytk.dll
2009-03-06 18:44 20 ---h--w c:\documents and settings\All Users\Application Data\PKP_DLdw.DAT
2009-03-06 12:49 --------- d-----w c:\program files\Navigraph
2009-03-06 12:49 --------- d-----w c:\documents and settings\Francis Blanchard\Application Data\Navigraph
2009-03-05 21:26 --------- d-----w c:\documents and settings\Francis Blanchard\Application Data\UseNeXT
2009-03-05 15:55 20 ---h--w c:\documents and settings\All Users\Application Data\PKP_DLbz.DAT
2009-03-04 15:59 --------- d-----w c:\program files\Trend Micro
2009-02-28 08:14 --------- d-----w c:\program files\Fichiers communs\PC Tools
2009-02-28 08:13 --------- d-----w c:\documents and settings\All Users\Application Data\PC Tools
2009-02-27 08:37 --------- d-----w c:\program files\Azureus
2009-02-25 16:58 --------- d-----w c:\program files\Conduit
2009-02-25 16:56 --------- d-----w c:\program files\Alcohol Soft
2009-02-24 22:46 --------- d-----w c:\program files\DivX
2009-02-17 08:38 --------- d-----w c:\documents and settings\Francis Blanchard\Application Data\IvAi
2009-02-17 08:37 --------- d-----w c:\program files\IVAO
2009-02-16 23:02 --------- d-----w c:\program files\TuneVNAV Pro
2009-02-13 20:17 --------- d-----w c:\program files\FSC
2009-02-12 22:06 --------- d-----w c:\program files\FTG-ACARS v2
2009-02-11 23:57 --------- d-----w c:\program files\Aerosoft
2009-02-10 22:33 --------- d-----w c:\program files\FS Addon Manager
2009-02-09 17:27 278,528 ----a-w c:\windows\system32\livesnth.dll
2009-02-09 17:27 203,776 ----a-w c:\windows\system32\clrviddc.dll
2009-02-09 17:23 --------- d-----w c:\program files\Windows Media Connect 2
2009-02-09 14:05 1,846,912 ----a-w c:\windows\system32\win32k.sys
2009-01-14 02:19 32 ----a-w c:\documents and settings\All Users\Application Data\ezsid.dat
2008-11-09 13:51 22,328 ----a-w c:\documents and settings\Francis Blanchard\Application Data\PnkBstrK.sys
2008-06-03 13:42 20 ---h--w c:\documents and settings\All Users\Application Data\PKP_DLdu.DAT
2008-01-10 14:51 88,794 ----a-w c:\program files\DFB58BRXPR3Uninstal.exe
2007-11-12 11:11 2,838 ----a-w c:\documents and settings\Francis Blanchard\Application Data\SAS7_000.DAT
2007-08-04 15:31 1 ----a-w c:\documents and settings\Francis Blanchard\SI.bin
2007-05-31 13:35 0 ----a-w c:\documents and settings\Francis Blanchard\Application Data\wklnhst.dat
1998-09-25 12:16 270,848 ----a-w c:\program files\UNWISE.EXE
2008-04-24 08:32 122,880 ----a-w c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2007-12-29 00:41 61 --sh--w c:\windows\cnerolf.bin
2007-03-25 20:05 61 --sh--w c:\windows\cnerolf.dat
2008-09-23 22:22 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008092420080925\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-20 68856]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-08-30 139264]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-07 21633320]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-08-16 167368]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\HOMERunner.exe" [2008-12-09 234856]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2008-12-19 342848]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-02-23 203928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2006-08-03 137216]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [2006-03-20 213936]
"ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2006-03-20 86960]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-04-24 29744]
"Corel Photo Downloader"="c:\program files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe" [2006-08-14 462336]
"dlcimon.exe"="c:\program files\Dell AIO Printer 946\dlcimon.exe" [2006-12-08 435080]
"FaxCenterServer"="c:\program files\Dell Fax Solutions\fm3032.exe" [2006-12-08 312200]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-13 185632]
"SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 155648]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-01-08 645328]
"ArcSoft Connection Service"="c:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2007-07-03 64000]
"NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-29 8466432]
"DLCICATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLCItime.dll" [2006-10-21 73728]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"ISUSPM"="c:\program files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" [2006-03-20 213936]
"FLMOFFICE4DMOUSE"="c:\program files\Labtec\Mouse\V3.0\moffice.exe" [2008-12-25 958464]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-03-12 342312]
"autoclk"="autoclk.exe" [2003-01-30 c:\windows\autoclk.exe]
"nwiz"="nwiz.exe" [2007-06-29 c:\windows\system32\nwiz.exe]
"SigmatelSysTrayApp"="stsystra.exe" [2006-07-27 c:\windows\stsystra.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Francis Blanchard\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
Nikon Monitor.lnk - c:\program files\Fichiers communs\Nikon\Monitor\NkMonitor.exe [2007-06-14 479232]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Device Detector 3.lnk - c:\program files\Olympus\DeviceDetector\DevDtct2.exe [2007-04-12 118784]
DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-908\dslmon.exe [2007-03-23 962663]
NkbMonitor.exe.lnk - c:\program files\Nikon\PictureProject\NkbMonitor.exe [2007-03-24 118784]
Windows Desktop Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2007-02-05 118784]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3acm"= l3codecp.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\WINDOWS\\system32\\dlcicoms.exe"=
"c:\\Program Files\\Dell AIO Printer 946\\dlcimon.exe"=
"c:\\Program Files\\Dell AIO Printer 946\\DLCIaiox.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\\Program Files\\Microsoft Games\\Flight Simulator 9\\fs9.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\IVAO\\IvAp\\ivapnetint.exe"=
"c:\\StubInstaller.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\UseNeXT\\UseNeXT.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\adslTV\\adsltv.exe"=
"c:\\Program Files\\adslTV\\vlc.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Sports Interactive\\Football Manager 2009\\fm.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\IVAO\\IvAi\\IvAi.exe"=
"c:\\Program Files\\Aerosoft\\FDC\\Flightdeck_Companion.exe"=
"c:\\Program Files\\Fichiers communs\\McAfee\\MNA\\McNASvc.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-02-28 130424]
R2 dlci_device;dlci_device;c:\windows\system32\dlcicoms.exe -service --> c:\windows\system32\dlcicoms.exe -service [?]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [2008-10-01 206096]
R3 rxpvbus;Reality XP Avionics Bus Driver;c:\windows\system32\drivers\rxpvbus.sys [2005-08-28 44032]
S3 fbxusb;Carte réseau virtuelle FreeBox USB;c:\windows\system32\drivers\fbxusb32.sys [2004-10-20 21344]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2007-03-20 29744]
S3 lac97inf;lac97inf;\??\c:\docume~1\FRANCI~1\LOCALS~1\Temp\lac97inf.sys --> c:\docume~1\FRANCI~1\LOCALS~1\Temp\lac97inf.sys [?]
S3 PAC207;Webcam 1200;c:\windows\system32\drivers\PFC027.SYS [2008-06-24 611584]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2008-03-23 348752]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{76c2cbb1-094c-11dd-ac3e-0007cb0000ff}]
\Shell\AutoRun\command - F:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f426fd7f-e02e-11db-aa98-4d6564696130}]
\Shell\AutoRun\command - M:\autorun.exe
.
Contenu du dossier 'Tâches planifiées'
2009-04-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 13:34]
2009-04-09 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-25 00:01]
2009-02-15 c:\windows\Tasks\McDefragTask.job
- c:\program files\mcafee\mqc\QcConsol.exe [2009-01-09 10:53]
2009-04-08 c:\windows\Tasks\SpyHunter Scanner.job
- c:\program files\Enigma Software Group\SpyHunter\SpyHunter3.exe []
2009-04-09 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 12:20]
.
- - - - ORPHELINS SUPPRIMES - - - -
URLSearchHooks-{ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
BHO-{ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
Toolbar-SITEguard - (no file)
Toolbar-{ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
WebBrowser-{ECDEE021-0D17-467F-A1FF-C7A115230949} - (no file)
WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file)
HKLM-Run-NWEReboot - (no file)
.
------- Examen supplémentaire -------
.
uStart Page = www.google.fr/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mWindow Title =
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://fr.search.yahoo.com/search?fr=mcafee&p=%s
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Ouvrir dans un nouvel onglet d'arrière-plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?d4f21f14d17041248fb03e7907d8ad2d
IE: Ouvrir dans un nouvel onglet de premier plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?d4f21f14d17041248fb03e7907d8ad2d
Trusted Zone: internet
Trusted Zone: mcafee.com
FF - ProfilePath - c:\documents and settings\Francis Blanchard\Application Data\Mozilla\Firefox\Profiles\jbudey5c.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Ask
FF - prefs.js: browser.startup.homepage - hxxp://www.daemon-search.com/startpage
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10611&gct=&gc=1&q=
FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npExentCtl.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
---- PARAMETRES FIREFOX ----
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-09 20:49:02
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLCICATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLCItime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-1107185126-3764182311-2499372541-1005\Software\G*e*n*i*e*"!\FM Genie Scout 2009]
"GameDir"="c:\\Documents and Settings\\Francis Blanchard\\Mes documents\\Sports Interactive\\Football Manager 2009\\games"
"ShortlistDir"=""
"ScreenshotsDir"="c:\\Documents and Settings\\Francis Blanchard\\Mes documents\\Sports Interactive\\Football Manager 2009"
"SaveDir"="c:\\Documents and Settings\\Francis Blanchard\\Mes documents\\Sports Interactive\\Football Manager 2009\\"
"HistoryDir"="c:\\Documents and Settings\\Francis Blanchard\\Mes documents\\Sports Interactive\\Football Manager 2009\\FM Genie Scout 2009\\History Points"
"LangDB"="c:\\Program Files\\Sports Interactive\\Football Manager 2009\\data\\updates\\update-910\\db\\910\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"SkinName"="Champions League"
"LastUpdateCheck"=dword:00009b7f
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"Version"=dword:00000062
"UniqueID"="F4-A100-EB1F"
"Currency"=dword:00000056
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
[HKEY_USERS\S-1-5-21-1107185126-3764182311-2499372541-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'explorer.exe'(3368)
c:\program files\McAfee\SiteAdvisor\saHook.dll
c:\program files\Labtec\Mouse\V3.0\MOUDL32A.DLL
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\dlcicoms.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\progra~1\McAfee\MSC\mcmscsvc.exe
c:\program files\Fichiers communs\McAfee\MNA\McNASvc.exe
c:\progra~1\FICHIE~1\McAfee\McProxy\McProxy.exe
c:\progra~1\McAfee\VIRUSS~1\Mcshield.exe
c:\program files\ArcSoft\Magic-i 3\uMgiSvr.exe
c:\program files\McAfee\MPF\MpfSrv.exe
c:\program files\McAfee\MSK\msksrver.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\system32\searchindexer.exe
c:\progra~1\McAfee.com\Agent\mcagent.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Labtec\Mouse\V3.0\mouse32a.exe
c:\program files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\windows\system32\searchprotocolhost.exe
c:\windows\system32\searchfilterhost.exe
.
**************************************************************************
.
Heure de fin: 2009-04-09 21:06:24 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-04-09 19:06:17
Avant-CF: 198,981,574,656 octets libres
Après-CF: 198,848,901,120 octets libres
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect /NoExecute=OptOut
412 --- E O F --- 2009-03-21 08:06:13
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
9 avril 2009 à 21:56
9 avril 2009 à 21:56
Bien ... on avance ... ;)
Dis moi , tu as ton CD original de Windows ? ...
Refais un coup de CCleaner ( registre compris ) .
puis fait ceci dans l'ordre :
1- Avoir accès aux fichiers cachés :
Va dans Menu Démarrer->Poste de travail->Outils->Options des dossiers...->Affichage
* "Afficher les fichiers et dossiers cachés" ---> coché
* "Masquer les extensions des fichiers dont le type est connu" ---> décoché
* "masquer les fichiers du système" ---> décoché
-> valide la modif ( "appliquer" puis "ok" ).
( tu remetteras les paramètres de départ une fois la désinfection terminée , pas avant ... )
2- Rends toi sur ce site :
https://www.virustotal.com/gui/
Copies ce qui suit et colles le dans l'espace pour la recherche :
c:\windows\JeppView3.ini
Clique sur Send File ( = " Envoyer le fichier " ).
Un rapport va s'élaborer ligne à ligne.
Attends bien la fin ... Il doit comprendre la taille du fichier envoyé.
Sauvegarde le rapport avec le bloc-note.
Copie le dans ta prochaine réponse ...
( Si VirusTotal indique que le fichier a déjà été analysé, clique sur le bouton Ré-analyse le fichier maintenant )
Fais de même pour :
c:\windows\system32\zlib1i.dll
c:\windows\system32\DSPing.dll
c:\windows\iun6002.exe
Poste moi donc ces 4 rapports ( surtout le début avec le listing des AV , et en précisant bien au début de chacuns à quel fichier ils correspondent ) et attends la suite ...
une fois ces rapports postés , fais la suite :
======================
3- Télécharge UsbFix ( de C_XX & Chiquitine29 ) sur ton bureau :
> http://sd-1.archive-host.com/membres/up/127028005715545653/UsbFix.exe
! Déconnecte toi d'internet et ferme toutes applications en cours !
--> Double-clique sur l' .exe pour lancer l'installation de l'outil ( ne touche pas aux paramètres d'installe ) .
Impératif :
Branche toutes tes unités externes à ton PC (clé USB, DD externe, flash disk, lecteur MP3, etc...) succeptibles d'avoir été infectés, ainsi que les CD et DVD rom dont tu te sers éventuellement le plus souvent ( mais sans les ouvrir ! ) .
# Double clique sur le raccourci UsbFix présent sur ton bureau pour lancer l'outil.
# Choisis l' option 1 ( Recherche )
# Laisse travailler l'outil et ne touche à rien pendant le scan .
# Une fois terminé, poste le rapport UsbFix.txt qui apparaitra.
Le rapport est en outre sauvegardé à la racine du disque maitre ( C:\UsbFix.txt ).
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note :
"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Dis moi , tu as ton CD original de Windows ? ...
Refais un coup de CCleaner ( registre compris ) .
puis fait ceci dans l'ordre :
1- Avoir accès aux fichiers cachés :
Va dans Menu Démarrer->Poste de travail->Outils->Options des dossiers...->Affichage
* "Afficher les fichiers et dossiers cachés" ---> coché
* "Masquer les extensions des fichiers dont le type est connu" ---> décoché
* "masquer les fichiers du système" ---> décoché
-> valide la modif ( "appliquer" puis "ok" ).
( tu remetteras les paramètres de départ une fois la désinfection terminée , pas avant ... )
2- Rends toi sur ce site :
https://www.virustotal.com/gui/
Copies ce qui suit et colles le dans l'espace pour la recherche :
c:\windows\JeppView3.ini
Clique sur Send File ( = " Envoyer le fichier " ).
Un rapport va s'élaborer ligne à ligne.
Attends bien la fin ... Il doit comprendre la taille du fichier envoyé.
Sauvegarde le rapport avec le bloc-note.
Copie le dans ta prochaine réponse ...
( Si VirusTotal indique que le fichier a déjà été analysé, clique sur le bouton Ré-analyse le fichier maintenant )
Fais de même pour :
c:\windows\system32\zlib1i.dll
c:\windows\system32\DSPing.dll
c:\windows\iun6002.exe
Poste moi donc ces 4 rapports ( surtout le début avec le listing des AV , et en précisant bien au début de chacuns à quel fichier ils correspondent ) et attends la suite ...
une fois ces rapports postés , fais la suite :
======================
3- Télécharge UsbFix ( de C_XX & Chiquitine29 ) sur ton bureau :
> http://sd-1.archive-host.com/membres/up/127028005715545653/UsbFix.exe
! Déconnecte toi d'internet et ferme toutes applications en cours !
--> Double-clique sur l' .exe pour lancer l'installation de l'outil ( ne touche pas aux paramètres d'installe ) .
Impératif :
Branche toutes tes unités externes à ton PC (clé USB, DD externe, flash disk, lecteur MP3, etc...) succeptibles d'avoir été infectés, ainsi que les CD et DVD rom dont tu te sers éventuellement le plus souvent ( mais sans les ouvrir ! ) .
# Double clique sur le raccourci UsbFix présent sur ton bureau pour lancer l'outil.
# Choisis l' option 1 ( Recherche )
# Laisse travailler l'outil et ne touche à rien pendant le scan .
# Une fois terminé, poste le rapport UsbFix.txt qui apparaitra.
Le rapport est en outre sauvegardé à la racine du disque maitre ( C:\UsbFix.txt ).
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note :
"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
whitetank
Messages postés
19
Date d'inscription
mercredi 8 avril 2009
Statut
Membre
Dernière intervention
12 avril 2009
9 avril 2009 à 22:34
9 avril 2009 à 22:34
1- oui, j'ai le CD original de Windows XP Professional Service Pack 2
2- j'ai lancé CCleaner comme indiqué
3- Accès aux fichiers cachés : OK
4- sur le site virustotal.com, voilà ce que cela donne quand j'envoie les fichiers :
Exception
Please report failure as: ErrorTime= "Apr 09 22:27:40"
2- j'ai lancé CCleaner comme indiqué
3- Accès aux fichiers cachés : OK
4- sur le site virustotal.com, voilà ce que cela donne quand j'envoie les fichiers :
Exception
Please report failure as: ErrorTime= "Apr 09 22:27:40"
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
9 avril 2009 à 22:36
9 avril 2009 à 22:36
vu ...
essaye la même chose sur ce site alors :
> https://virusscan.jotti.org/
- Tout en haut de la page dans le cadre à côté de "Parcourir", copie/colle ceci :
c:\windows\JeppView3.ini
- Clique sur "submit" ( toujours en haut à droite )
- Le scan va se lancer, ça va prendre un petit instant .
- Une fois terminé, en bas, tu as le résultat du scan :
-> copie/colle le résultat complet du scan dans ta prochaine réponse .
( Aide : https://www.malekal.com/scan-antivirus-ligne-nod32/#mozTocId662799 )
Puis fais de même avec :
c:\windows\system32\zlib1i.dll
c:\windows\system32\DSPing.dll
c:\windows\iun6002.exe
Poste moi donc ces 4 rapports pour annalyse et attends la suite ....
essaye la même chose sur ce site alors :
> https://virusscan.jotti.org/
- Tout en haut de la page dans le cadre à côté de "Parcourir", copie/colle ceci :
c:\windows\JeppView3.ini
- Clique sur "submit" ( toujours en haut à droite )
- Le scan va se lancer, ça va prendre un petit instant .
- Une fois terminé, en bas, tu as le résultat du scan :
-> copie/colle le résultat complet du scan dans ta prochaine réponse .
( Aide : https://www.malekal.com/scan-antivirus-ligne-nod32/#mozTocId662799 )
Puis fais de même avec :
c:\windows\system32\zlib1i.dll
c:\windows\system32\DSPing.dll
c:\windows\iun6002.exe
Poste moi donc ces 4 rapports pour annalyse et attends la suite ....
whitetank
Messages postés
19
Date d'inscription
mercredi 8 avril 2009
Statut
Membre
Dernière intervention
12 avril 2009
9 avril 2009 à 23:13
9 avril 2009 à 23:13
Rapport UsbFix:
############################## [ UsbFix V3.005 ]
# User : Francis Blanchard (Administrateurs) # DHKZMT2J
# Update on 08/04/09 by C_XX & Chiquitine29
# Start at: 11:09:29 PM | 4/9/2009
# Intel(R) Core(TM)2 CPU 6700 @ 2.66GHz
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.11
# Windows Firewall Status : Enabled
# AV : McAfee VirusScan [ (!) Disabled | Updated ]
# FW : McAfee Personal Firewall[ (!) Disabled ]
# C:\ # Disque fixe local # 928.47 Go (185.21 Go free) # NTFS
# D:\ # Disque CD-ROM
# E:\ # Disque CD-ROM # 691.36 Mo (0 Mo free) [Monsieur Ibrahim] # CDFS
# G:\ # Disque amovible
# H:\ # Disque amovible
# I:\ # Disque amovible
# J:\ # Disque amovible
# Q:\ # Disque CD-ROM
############################## [ Processus actifs ]
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\dlcicoms.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\nvraidservice.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\WINDOWS\autoclk.exe
C:\Program Files\Dell AIO Printer 946\dlcimon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe
C:\Program Files\Labtec\Mouse\V3.0\moffice.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Labtec\Mouse\V3.0\MOUSE32A.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## [ Registre # Startup ]
HKCU_Main: "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
HKCU_Main: "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
HKCU_Main: "Start Page"="www.google.fr/"
HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
HKLM_Run: DMXLauncher=C:\Program Files\Dell\Media Experience\DMXLauncher.exe
HKLM_Run: NVRaidService=C:\WINDOWS\system32\nvraidservice.exe
HKLM_Run: DLA=C:\WINDOWS\System32\DLA\DLACTRLW.EXE
HKLM_Run: ISUSPM Startup=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
HKLM_Run: ISUSScheduler="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
HKLM_Run: Google Desktop Search="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
HKLM_Run: Corel Photo Downloader=C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
HKLM_Run: autoclk=autoclk.exe
HKLM_Run: dlcimon.exe="C:\Program Files\Dell AIO Printer 946\dlcimon.exe"
HKLM_Run: FaxCenterServer="C:\Program Files\Dell Fax Solutions\fm3032.exe" /s
HKLM_Run: nwiz=nwiz.exe /install
HKLM_Run: TkBellExe="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
HKLM_Run: SSBkgdUpdate=C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
HKLM_Run: mcagent_exe="C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM_Run: ArcSoft Connection Service=C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
HKLM_Run: NeroFilterCheck=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
HKLM_Run: NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM_Run: DLCICATS=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCItime.dll,_RunDLLEntry@16
HKLM_Run: Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
HKLM_Run: ISUSPM="C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -scheduler
HKLM_Run: FLMOFFICE4DMOUSE=C:\Program Files\Labtec\Mouse\V3.0\moffice.exe
HKLM_Run: SigmatelSysTrayApp=stsystra.exe
HKLM_Run: SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
HKLM_Run: QuickTime Task="C:\Program Files\QuickTime\qttask.exe" -atboottime
HKLM_Run: iTunesHelper="C:\Program Files\iTunes\iTunesHelper.exe"
HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKCU_Run: swg=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKCU_Run: MsnMsgr="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
HKCU_Run: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
HKCU_Run: Skype="C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
HKCU_Run: DAEMON Tools="C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
HKCU_Run: TomTomHOME.exe="C:\Program Files\TomTom HOME 2\HOMERunner.exe"
HKCU_Run: BitTorrent DNA="C:\Program Files\DNA\btdna.exe"
HKCU_Run: ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
HKCU_Run: AlcoholAutomount="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
HKLM_System: "DisableRegistryTools"=dword:00000000
HKCU_plorer: "NoDriveTypeAutoRun"=dword:00000143
HKCU_plorer: "NoDriveAutoRun"=dword:03ffffff
HKCU_plorer: "NoDrives"=dword:00000000
HKLM_plorer: "HonorAutoRunSetting"=dword:00000001
HKLM_plorer: "NoDriveTypeAutoRun"=dword:00000143
HKLM_plorer: "NoDriveAutoRun"=dword:03ffffff
HKLM_plorer: "NoDrives"=dword:00000000
################## [ Informations ]
################## [ Fichiers # Dossiers infectieux ]
################## [ Registre # Clés infectieuses ]
# -> Not Found !
################## [ Registre # Mountpoint2 ]
Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{76c2cbb1-094c-11dd-ac3e-0007cb0000ff}\Shell\AutoRun\command
Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f426fd7f-e02e-11db-aa98-4d6564696130}\Shell\AutoRun\command
################## [ ! Fin du rapport # UsbFix V3.005 ! ]
############################## [ UsbFix V3.005 ]
# User : Francis Blanchard (Administrateurs) # DHKZMT2J
# Update on 08/04/09 by C_XX & Chiquitine29
# Start at: 11:09:29 PM | 4/9/2009
# Intel(R) Core(TM)2 CPU 6700 @ 2.66GHz
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.11
# Windows Firewall Status : Enabled
# AV : McAfee VirusScan [ (!) Disabled | Updated ]
# FW : McAfee Personal Firewall[ (!) Disabled ]
# C:\ # Disque fixe local # 928.47 Go (185.21 Go free) # NTFS
# D:\ # Disque CD-ROM
# E:\ # Disque CD-ROM # 691.36 Mo (0 Mo free) [Monsieur Ibrahim] # CDFS
# G:\ # Disque amovible
# H:\ # Disque amovible
# I:\ # Disque amovible
# J:\ # Disque amovible
# Q:\ # Disque CD-ROM
############################## [ Processus actifs ]
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\dlcicoms.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\nvraidservice.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\WINDOWS\autoclk.exe
C:\Program Files\Dell AIO Printer 946\dlcimon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe
C:\Program Files\Labtec\Mouse\V3.0\moffice.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Labtec\Mouse\V3.0\MOUSE32A.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## [ Registre # Startup ]
HKCU_Main: "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
HKCU_Main: "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
HKCU_Main: "Start Page"="www.google.fr/"
HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
HKLM_Run: DMXLauncher=C:\Program Files\Dell\Media Experience\DMXLauncher.exe
HKLM_Run: NVRaidService=C:\WINDOWS\system32\nvraidservice.exe
HKLM_Run: DLA=C:\WINDOWS\System32\DLA\DLACTRLW.EXE
HKLM_Run: ISUSPM Startup=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
HKLM_Run: ISUSScheduler="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
HKLM_Run: Google Desktop Search="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
HKLM_Run: Corel Photo Downloader=C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
HKLM_Run: autoclk=autoclk.exe
HKLM_Run: dlcimon.exe="C:\Program Files\Dell AIO Printer 946\dlcimon.exe"
HKLM_Run: FaxCenterServer="C:\Program Files\Dell Fax Solutions\fm3032.exe" /s
HKLM_Run: nwiz=nwiz.exe /install
HKLM_Run: TkBellExe="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
HKLM_Run: SSBkgdUpdate=C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot
HKLM_Run: mcagent_exe="C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM_Run: ArcSoft Connection Service=C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
HKLM_Run: NeroFilterCheck=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
HKLM_Run: NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM_Run: DLCICATS=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCItime.dll,_RunDLLEntry@16
HKLM_Run: Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
HKLM_Run: ISUSPM="C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -scheduler
HKLM_Run: FLMOFFICE4DMOUSE=C:\Program Files\Labtec\Mouse\V3.0\moffice.exe
HKLM_Run: SigmatelSysTrayApp=stsystra.exe
HKLM_Run: SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
HKLM_Run: QuickTime Task="C:\Program Files\QuickTime\qttask.exe" -atboottime
HKLM_Run: iTunesHelper="C:\Program Files\iTunes\iTunesHelper.exe"
HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKCU_Run: swg=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKCU_Run: MsnMsgr="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
HKCU_Run: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
HKCU_Run: Skype="C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
HKCU_Run: DAEMON Tools="C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
HKCU_Run: TomTomHOME.exe="C:\Program Files\TomTom HOME 2\HOMERunner.exe"
HKCU_Run: BitTorrent DNA="C:\Program Files\DNA\btdna.exe"
HKCU_Run: ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
HKCU_Run: AlcoholAutomount="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
HKLM_System: "DisableRegistryTools"=dword:00000000
HKCU_plorer: "NoDriveTypeAutoRun"=dword:00000143
HKCU_plorer: "NoDriveAutoRun"=dword:03ffffff
HKCU_plorer: "NoDrives"=dword:00000000
HKLM_plorer: "HonorAutoRunSetting"=dword:00000001
HKLM_plorer: "NoDriveTypeAutoRun"=dword:00000143
HKLM_plorer: "NoDriveAutoRun"=dword:03ffffff
HKLM_plorer: "NoDrives"=dword:00000000
################## [ Informations ]
################## [ Fichiers # Dossiers infectieux ]
################## [ Registre # Clés infectieuses ]
# -> Not Found !
################## [ Registre # Mountpoint2 ]
Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{76c2cbb1-094c-11dd-ac3e-0007cb0000ff}\Shell\AutoRun\command
Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f426fd7f-e02e-11db-aa98-4d6564696130}\Shell\AutoRun\command
################## [ ! Fin du rapport # UsbFix V3.005 ! ]
whitetank
Messages postés
19
Date d'inscription
mercredi 8 avril 2009
Statut
Membre
Dernière intervention
12 avril 2009
9 avril 2009 à 23:05
9 avril 2009 à 23:05
Voila les résultats des 4 scans:
File: JeppView3.ini
Status: OK
MD5: 812a6cd670605d86e4b834883470c633
Packers detected: -
Scanner results
Scan taken on 09 Apr 2009 20:41:35 (GMT)
A-Squared Found nothing
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found nothing
Ikarus Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Quick Heal Found nothing
Sophos Antivirus Found nothing
VirusBuster Found nothing
VBA32 Found nothing
File: zlib1i.dll
Status: OK(Note: file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5: 01dc495ac7867dddf69698e98ede41ae
Packers detected: -
Scanner results
Scan taken on 09 Apr 2009 20:47:33 (GMT)
A-Squared Found nothing
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found nothing
Ikarus Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Quick Heal Found nothing
Sophos Antivirus Found nothing
VirusBuster Found nothing
VBA32 Found nothing
File: DSPing.dll
Status: OK
MD5: 677352206b5108df8bf690c3f3d22e14
Packers detected: -
Scanner results
Scan taken on 09 Apr 2009 20:52:28 (GMT)
A-Squared Found nothing
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found nothing
Ikarus Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Quick Heal Found nothing
Sophos Antivirus Found nothing
VirusBuster Found nothing
VBA32 Found nothing
File: iun6002.exe
Status: OK(Note: file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5: 456462905091db042141487fe030e3c9
Packers detected: -
Scanner results
Scan taken on 09 Apr 2009 20:56:57 (GMT)
A-Squared Found nothing
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found nothing
Ikarus Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Quick Heal Found nothing
Sophos Antivirus Found nothing
VirusBuster Found nothing
VBA32 Found nothing
Je lance maintenant USBFix et je t'envoie le rapport ensuite
File: JeppView3.ini
Status: OK
MD5: 812a6cd670605d86e4b834883470c633
Packers detected: -
Scanner results
Scan taken on 09 Apr 2009 20:41:35 (GMT)
A-Squared Found nothing
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found nothing
Ikarus Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Quick Heal Found nothing
Sophos Antivirus Found nothing
VirusBuster Found nothing
VBA32 Found nothing
File: zlib1i.dll
Status: OK(Note: file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5: 01dc495ac7867dddf69698e98ede41ae
Packers detected: -
Scanner results
Scan taken on 09 Apr 2009 20:47:33 (GMT)
A-Squared Found nothing
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found nothing
Ikarus Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Quick Heal Found nothing
Sophos Antivirus Found nothing
VirusBuster Found nothing
VBA32 Found nothing
File: DSPing.dll
Status: OK
MD5: 677352206b5108df8bf690c3f3d22e14
Packers detected: -
Scanner results
Scan taken on 09 Apr 2009 20:52:28 (GMT)
A-Squared Found nothing
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found nothing
Ikarus Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Quick Heal Found nothing
Sophos Antivirus Found nothing
VirusBuster Found nothing
VBA32 Found nothing
File: iun6002.exe
Status: OK(Note: file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5: 456462905091db042141487fe030e3c9
Packers detected: -
Scanner results
Scan taken on 09 Apr 2009 20:56:57 (GMT)
A-Squared Found nothing
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found nothing
Ikarus Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Quick Heal Found nothing
Sophos Antivirus Found nothing
VirusBuster Found nothing
VBA32 Found nothing
Je lance maintenant USBFix et je t'envoie le rapport ensuite
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
9 avril 2009 à 23:21
9 avril 2009 à 23:21
Bien ...
la suite dans l'ordre :
1- ! Déconnecte toi d'internet et ferme toutes applications en cours !
Impératif :
Branche toutes tes unités externes à ton PC (clé USB, DD externe, flash disk, lecteur MP3, etc...) succeptibles d'avoir été infectés, ainsi que les CD et DVD rom dont tu te sers éventuellement le plus souvent ( mais sans les ouvrir ! ) .
# Double clique sur le raccourci UsbFix présent sur ton bureau pour lancer l'outil .
# Cette fois ci , tu choisis l' option 2 ( Suppression ) .
> Ton bureau disparaitra et le pc redémarrera ( c'est normal ).
# Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil et ne touche à rien .
# Une fois terminé, poste le nouveau rapport UsbFix.txt qui apparaitra avec le bureau .
( Le rapport est en outre sauvegardé à la racine du disque maitre > C:\UsbFix.txt ).
=======================
2- Télécharge Ad-remover ( de C_XX ) sur ton bureau ( et pas ailleurs!) :
http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe
! Déconnecte toi et ferme toutes application en cours ( navigarteur compris ) !
* Clique sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installe par défaut .
* Double-clique sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .
* Au menu principal choisis l'option "A" et tape sur [entrée] .
Laisse travailler l'outil et ne touche à rien ...
--> Poste le rapport qui apparait à la fin .
( le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note :
"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Site de l'auteur > http://pagesperso-orange.fr/FindyKill.Ad.Remover/
la suite dans l'ordre :
1- ! Déconnecte toi d'internet et ferme toutes applications en cours !
Impératif :
Branche toutes tes unités externes à ton PC (clé USB, DD externe, flash disk, lecteur MP3, etc...) succeptibles d'avoir été infectés, ainsi que les CD et DVD rom dont tu te sers éventuellement le plus souvent ( mais sans les ouvrir ! ) .
# Double clique sur le raccourci UsbFix présent sur ton bureau pour lancer l'outil .
# Cette fois ci , tu choisis l' option 2 ( Suppression ) .
> Ton bureau disparaitra et le pc redémarrera ( c'est normal ).
# Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil et ne touche à rien .
# Une fois terminé, poste le nouveau rapport UsbFix.txt qui apparaitra avec le bureau .
( Le rapport est en outre sauvegardé à la racine du disque maitre > C:\UsbFix.txt ).
=======================
2- Télécharge Ad-remover ( de C_XX ) sur ton bureau ( et pas ailleurs!) :
http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe
! Déconnecte toi et ferme toutes application en cours ( navigarteur compris ) !
* Clique sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installe par défaut .
* Double-clique sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .
* Au menu principal choisis l'option "A" et tape sur [entrée] .
Laisse travailler l'outil et ne touche à rien ...
--> Poste le rapport qui apparait à la fin .
( le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note :
"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Site de l'auteur > http://pagesperso-orange.fr/FindyKill.Ad.Remover/
whitetank
Messages postés
19
Date d'inscription
mercredi 8 avril 2009
Statut
Membre
Dernière intervention
12 avril 2009
10 avril 2009 à 00:32
10 avril 2009 à 00:32
Voici le rapport de UsbFix:
############################## [ UsbFix V3.005 ]
# User : Francis Blanchard (Administrateurs) # DHKZMT2J
# Update on 08/04/09 by C_XX & Chiquitine29
# Start at: 11:44:09 PM | 4/9/2009
# Intel(R) Core(TM)2 CPU 6700 @ 2.66GHz
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.11
# Windows Firewall Status : Enabled
# AV : McAfee VirusScan [ (!) Disabled | Updated ]
# FW : McAfee Personal Firewall[ (!) Disabled ]
# C:\ # Disque fixe local # 928.47 Go (185.19 Go free) # NTFS
# D:\ # Disque CD-ROM
# E:\ # Disque CD-ROM # 691.36 Mo (0 Mo free) [Monsieur Ibrahim] # CDFS
# G:\ # Disque amovible
# H:\ # Disque amovible
# I:\ # Disque amovible
# J:\ # Disque amovible
# Q:\ # Disque CD-ROM
############################## [ Processus actifs ]
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\dlcicoms.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wscntfy.exe
################## [ Fichiers # Dossiers infectieux ]
################## [ Registre # Clés infectieuses ]
# -> Not Found !
################## [ Registre # Mountpoint2 ]
Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{76c2cbb1-094c-11dd-ac3e-0007cb0000ff}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f426fd7f-e02e-11db-aa98-4d6564696130}\Shell\AutoRun\command
################## [ Listing des fichiers présent ]
C:\AUTOEXEC.BAT
C:\NTDETECT.COM
C:\StubInstaller.exe
C:\Winamp Pro v5.35.1305.exe
C:\boot.ini
C:\fsb_wpos.ini
C:\megaCITY.ini
################## [ ! Fin du rapport # UsbFix V3.005 ! ]
Ad-remover ne fonctionne pas: aprés avoir tapé A comme option, la fenêtre se ferme et plus rien ne se passe....
############################## [ UsbFix V3.005 ]
# User : Francis Blanchard (Administrateurs) # DHKZMT2J
# Update on 08/04/09 by C_XX & Chiquitine29
# Start at: 11:44:09 PM | 4/9/2009
# Intel(R) Core(TM)2 CPU 6700 @ 2.66GHz
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.11
# Windows Firewall Status : Enabled
# AV : McAfee VirusScan [ (!) Disabled | Updated ]
# FW : McAfee Personal Firewall[ (!) Disabled ]
# C:\ # Disque fixe local # 928.47 Go (185.19 Go free) # NTFS
# D:\ # Disque CD-ROM
# E:\ # Disque CD-ROM # 691.36 Mo (0 Mo free) [Monsieur Ibrahim] # CDFS
# G:\ # Disque amovible
# H:\ # Disque amovible
# I:\ # Disque amovible
# J:\ # Disque amovible
# Q:\ # Disque CD-ROM
############################## [ Processus actifs ]
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\dlcicoms.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wscntfy.exe
################## [ Fichiers # Dossiers infectieux ]
################## [ Registre # Clés infectieuses ]
# -> Not Found !
################## [ Registre # Mountpoint2 ]
Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{76c2cbb1-094c-11dd-ac3e-0007cb0000ff}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f426fd7f-e02e-11db-aa98-4d6564696130}\Shell\AutoRun\command
################## [ Listing des fichiers présent ]
C:\AUTOEXEC.BAT
C:\NTDETECT.COM
C:\StubInstaller.exe
C:\Winamp Pro v5.35.1305.exe
C:\boot.ini
C:\fsb_wpos.ini
C:\megaCITY.ini
################## [ ! Fin du rapport # UsbFix V3.005 ! ]
Ad-remover ne fonctionne pas: aprés avoir tapé A comme option, la fenêtre se ferme et plus rien ne se passe....
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
10 avril 2009 à 00:51
10 avril 2009 à 00:51
re,
pour ad-remover > supprime le entièrement > redémare le PC > désactive McAfee le temps de la manipe > rétécharge Ad-R et retente le coup ....
pour ad-remover > supprime le entièrement > redémare le PC > désactive McAfee le temps de la manipe > rétécharge Ad-R et retente le coup ....
whitetank
Messages postés
19
Date d'inscription
mercredi 8 avril 2009
Statut
Membre
Dernière intervention
12 avril 2009
10 avril 2009 à 09:02
10 avril 2009 à 09:02
salut,
ça ne marche pas malgré toutes les manips
ça ne marche pas malgré toutes les manips
whitetank
Messages postés
19
Date d'inscription
mercredi 8 avril 2009
Statut
Membre
Dernière intervention
12 avril 2009
10 avril 2009 à 08:58
10 avril 2009 à 08:58
salut,
ça ne marche malgré toutes manips, oups!!!
ça ne marche malgré toutes manips, oups!!!
