Virus album photo msn comment je fait?
sisterdu973
-
sisterdu973 -
sisterdu973 -
***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.6.8.2520. For information, email support@simplysup.com
[Unregistered version]
Scan started at: 16/03/2008 12:56:34
Using Database v6950
Operating System: Windows XP SP2 [Windows XP Professional Service Pack 2 (Build 2600)]
File System: NTFS
Data directory: C:\Documents And Settings\Administrateur\Application Data\Simply Super Software\Trojan Remover\
Logfile directory: C:\Documents And Settings\Administrateur\Mes documents\Simply Super Software\Trojan Remover Logfiles\
Program directory: C:\Program Files\Trojan Remover\
Running with Administrator privileges
**************************************************
The following Anti-Malware program(s) are loaded:
Avast! Antivirus
**************************************************
**************************************************
12:56:34: Scanning ----------WIN.INI-----------
WIN.INI found in C:\WINDOWS
**************************************************
12:56:34: Scanning --------SYSTEM.INI---------
SYSTEM.INI found in C:\WINDOWS
**************************************************
12:56:34: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.
**************************************************
12:56:34: Scanning -----WINDOWS REGISTRY-----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
File: Explorer.exe
C:\WINDOWS\Explorer.exe
1037312 bytes
Created: 18/08/2006
Modified: 13/06/2007
Company: Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
File: C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\userinit.exe
25088 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
File: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlogon.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlogon.exe
59124 bytes
Created: 24/02/2008
Modified: 24/02/2008
Company:
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlogon.exe - file is excluded from scanning
----------
This key's "System" value appears to be blank
----------
This key's "UIHost" value calls the following program:
File: logonui.exe
C:\WINDOWS\system32\logonui.exe
5215744 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
Value Name: load
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: LClock
Value Data: \Windows\LClock\LClock.exe
C:\WINDOWS\LClock\LClock.exe
65536 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company:
--------------------
Value Name: AudioDeck
Value Data: C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
C:\Program Files\VIAudioi\SBADeck\ADeck.exe
-R- 540672 bytes
Created: 05/07/2007
Modified: 26/07/2006
Company: VIA Technologies, Inc.
--------------------
Value Name: NeroFilterCheck
Value Data: C:\WINDOWS\system32\NeroCheck.exe
C:\WINDOWS\system32\NeroCheck.exe
155648 bytes
Created: 06/07/2007
Modified: 09/07/2001
Company: Ahead Software Gmbh
--------------------
Value Name: WooCnxMon
Value Data: C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
24576 bytes
Created: 06/07/2007
Modified: 13/10/2004
Company:
--------------------
Value Name: SpeedTouch USB Diagnostics
Value Data: "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
866816 bytes
Created: 06/07/2007
Modified: 26/01/2004
Company: THOMSON Telecom Belgium
--------------------
Value Name: WOOWATCH
Value Data: C:\PROGRA~1\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\Watch.exe
24576 bytes
Created: 06/07/2007
Modified: 13/10/2004
Company: France Télécom R&D
--------------------
Value Name: WOOTASKBARICON
Value Data: C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
49152 bytes
Created: 06/07/2007
Modified: 13/10/2004
Company:
--------------------
Value Name: BluetoothAuthenticationAgent
Value Data: rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
C:\WINDOWS\system32\bthprops.cpl
110592 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
--------------------
Value Name: BigDogPath
Value Data: C:\WINDOWS\VM_STI.exe Philips SPC 200NC PC Camera
C:\WINDOWS\VM_STI.exe
40960 bytes
Created: 22/09/2007
Modified: 09/06/2004
Company: BIGDOG
--------------------
Value Name: avast!
Value Data: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
79224 bytes
Created: 19/01/2008
Modified: 04/12/2007
Company: ALWIL Software
--------------------
Value Name: Flash Driver
Value Data: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlogon.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlogon.exe
59124 bytes
Created: 24/02/2008
Modified: 24/02/2008
Company:
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlogon.exe - file has been excluded from scanning
--------------------
Value Name: SearchSettings
Value Data: C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Search Settings\SearchSettings.exe
1036640 bytes
Created: 06/02/2008
Modified: 06/02/2008
Company: Vendio Services, Inc.
--------------------
Value Name: TrojanScanner
Value Data: C:\Program Files\Trojan Remover\Trjscan.exe
C:\Program Files\Trojan Remover\Trjscan.exe
872528 bytes
Created: 11/03/2008
Modified: 09/03/2008
Company: Simply Super Software
--------------------
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
This Registry Key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: MsnMsgr
Value Data: "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
C:\Program Files\MSN Messenger\MsnMsgr.Exe
5674352 bytes
Created: 19/01/2007
Modified: 19/01/2007
Company: Microsoft Corporation
--------------------
Value Name: swg
Value Data: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
68856 bytes
Created: 11/10/2007
Modified: 11/10/2007
Company: Google Inc.
--------------------
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
**************************************************
12:56:38: Scanning -----SHELLEXECUTEHOOKS-----
ValueName: {AEB6717E-7E19-11d0-97EE-00C04FD91972}
File: shell32.dll - this file is expected and has been left in place
----------
**************************************************
12:56:38: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------
**************************************************
12:56:38: Scanning -----ACTIVE SCREENSAVER-----
No active ScreenSaver found to scan.
**************************************************
12:56:38: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
Key: >{26923b43-4d38-484f-9b9e-de460746276c}
Path: %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
C:\WINDOWS\system32\shmgrate.exe
42496 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a}
Path: %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
C:\WINDOWS\system32\shmgrate.exe
42496 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: {44BBA840-CC51-11CF-AAFA-00AA00B6015C}
Path: "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
C:\Program Files\Outlook Express\setup50.exe
73728 bytes
Created: 05/07/2007
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: {44BBA842-CC51-11CF-AAFA-00AA00B6015B}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
C:\WINDOWS\system32\advpack.dll
101888 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: {6BF52A52-394A-11d3-B153-00C04F79FAA6}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
C:\WINDOWS\system32\advpack.dll - file already scanned
----------
Key: {7790769C-0471-11d2-AF11-00C04FA35D02}
Path: "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
C:\Program Files\Outlook Express\setup50.exe
73728 bytes
Created: 05/07/2007
Modified: 18/08/2006
Company: Microsoft Corporation
----------
**************************************************
12:56:39: Scanning ----- SERVICEDLL REGISTRY KEYS -----
Key: BthServ
Path: %SystemRoot%\System32\bthserv.dll
C:\WINDOWS\System32\bthserv.dll
30208 bytes
Created: 18/08/2006
Modified: 02/08/2006
Company: Microsoft Corporation
--------------------
Key: HidServ
%SystemRoot%\System32\hidserv.dll - file is globally excluded (file cannot be found)
--------------------
Key: WmdmPmSN
Path: C:\WINDOWS\system32\mspmsnsv.dll
C:\WINDOWS\system32\mspmsnsv.dll
26112 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
--------------------
**************************************************
12:56:41: Scanning ----- SERVICES REGISTRY KEYS -----
Key: alcan5wn
ImagePath: system32\DRIVERS\alcan5wn.sys
C:\WINDOWS\system32\DRIVERS\alcan5wn.sys
53600 bytes
Created: 06/07/2007
Modified: 08/12/2003
Company: THOMSON
----------
Key: aswUpdSv
ImagePath: "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
17272 bytes
Created: 19/01/2008
Modified: 04/12/2007
Company: ALWIL Software
----------
Key: avast! Antivirus
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashServ.exe"
C:\Program Files\Alwil Software\Avast4\ashServ.exe
140664 bytes
Created: 19/01/2008
Modified: 04/12/2007
Company: ALWIL Software
----------
Key: avast! Mail Scanner
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
247160 bytes
Created: 19/01/2008
Modified: 04/12/2007
Company: ALWIL Software
----------
Key: avast! Web Scanner
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
345464 bytes
Created: 19/01/2008
Modified: 04/12/2007
Company: ALWIL Software
----------
Key: AVWEBCAM
ImagePath: system32\DRIVERS\avwebcam.sys
C:\WINDOWS\system32\DRIVERS\avwebcam.sys
215552 bytes
Created: 20/11/2007
Modified: 22/11/2005
Company: Windows (R) 2000 DDK provider
----------
Key: BthEnum
ImagePath: system32\DRIVERS\BthEnum.sys
C:\WINDOWS\system32\DRIVERS\BthEnum.sys
17024 bytes
Created: 18/12/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: BTHMODEM
ImagePath: system32\DRIVERS\bthmodem.sys
C:\WINDOWS\system32\DRIVERS\bthmodem.sys
38016 bytes
Created: 18/12/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: BthPan
ImagePath: system32\DRIVERS\bthpan.sys
C:\WINDOWS\system32\DRIVERS\bthpan.sys
100992 bytes
Created: 18/12/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: BTHPORT
ImagePath: System32\Drivers\BTHport.sys
C:\WINDOWS\System32\Drivers\BTHport.sys
274944 bytes
Created: 18/12/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: BTHUSB
ImagePath: System32\Drivers\BTHUSB.sys
C:\WINDOWS\System32\Drivers\BTHUSB.sys
18944 bytes
Created: 18/12/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: FETNDISB
ImagePath: system32\DRIVERS\fetnd5b.sys
C:\WINDOWS\system32\DRIVERS\fetnd5b.sys
-R- 42496 bytes
Created: 05/07/2007
Modified: 15/04/2004
Company: VIA Technologies, Inc.
----------
Key: gagp30kx
ImagePath: system32\DRIVERS\gagp30kx.sys
C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
46464 bytes
Created: 05/07/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: GMSIPCI
ImagePath: \??\E:\INSTALL\GMSIPCI.SYS
E:\INSTALL\GMSIPCI.SYS - this file has been excluded from scanning
----------
Key: gusvc
ImagePath: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
138168 bytes
Created: 07/10/2007
Modified: 07/10/2007
Company: Google
----------
Key: HidBth
ImagePath: system32\DRIVERS\hidbth.sys
C:\WINDOWS\system32\DRIVERS\hidbth.sys
25856 bytes
Created: 18/12/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: LexBceS
ImagePath: C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXBCES.EXE
303104 bytes
Created: 25/02/2003
Modified: 25/02/2003
Company: Lexmark International, Inc.
----------
Key: LightScribeService
ImagePath: "C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe"
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
53248 bytes
Created: 22/09/2005
Modified: 22/09/2005
Company: Hewlett-Packard Company
----------
Key: ose
ImagePath: "C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE"
C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE
89136 bytes
Created: 28/07/2003
Modified: 28/07/2003
Company: Microsoft Corporation
----------
Key: prfldsvc
ImagePath: C:\WINDOWS\Private Folder\PrfldSvc.exe
C:\WINDOWS\Private Folder\PrfldSvc.exe
69632 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company:
----------
Key: Prvflder
ImagePath: system32\DRIVERS\prvflder.sys
C:\WINDOWS\system32\DRIVERS\prvflder.sys
70912 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Windows (R) 2000 DDK provider
----------
Key: RFCOMM
ImagePath: system32\DRIVERS\rfcomm.sys
C:\WINDOWS\system32\DRIVERS\rfcomm.sys
59648 bytes
Created: 18/12/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: Secdrv
ImagePath: system32\DRIVERS\secdrv.sys
C:\WINDOWS\system32\DRIVERS\secdrv.sys
20480 bytes
Created: 18/08/2006
Modified: 13/11/2007
Company: Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.
----------
Key: sr
ImagePath: \SystemRoot\system32\DRIVERS\sr.sys
C:\WINDOWS\system32\DRIVERS\sr.sys
73600 bytes
Created: 05/07/2007
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: ssm_bus
ImagePath: system32\DRIVERS\ssm_bus.sys
C:\WINDOWS\system32\DRIVERS\ssm_bus.sys
58320 bytes
Created: 19/09/2007
Modified: 30/08/2005
Company: MCCI
----------
Key: ssm_mdfl
ImagePath: system32\DRIVERS\ssm_mdfl.sys
C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys
8336 bytes
Created: 19/09/2007
Modified: 30/08/2005
Company: MCCI
----------
Key: ssm_mdm
ImagePath: system32\DRIVERS\ssm_mdm.sys
C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys
94000 bytes
Created: 19/09/2007
Modified: 30/08/2005
Company: MCCI
----------
Key: SwPrv
ImagePath: C:\WINDOWS\system32\dllhost.exe /Processid:{66A60C2A-3CCA-4AD9-BE1B-76EC87362844}
C:\WINDOWS\system32\dllhost.exe
5120 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: usnjsvc
ImagePath: "C:\Program Files\MSN Messenger\usnsvc.exe"
C:\Program Files\MSN Messenger\usnsvc.exe
97136 bytes
Created: 19/01/2007
Modified: 19/01/2007
Company: Microsoft Corporation
----------
Key: VIAudio
ImagePath: system32\drivers\vinyl97.sys
C:\WINDOWS\system32\drivers\vinyl97.sys
-R- 204160 bytes
Created: 05/07/2007
Modified: 13/04/2006
Company: VIA Technologies, Inc.
----------
Key: ZSMC301b
ImagePath: System32\Drivers\usbVM31b.sys
C:\WINDOWS\System32\Drivers\usbVM31b.sys - this file has been excluded from scanning
----------
**************************************************
12:56:51: Scanning -----VXD ENTRIES-----
Checking the following VxD entries:
**************************************************
12:56:51: Scanning ----- WINLOGON\NOTIFY DLLS -----
**************************************************
12:56:51: Scanning ----- CONTEXTMENUHANDLERS -----
Key: avast
CLSID: {472083B0-C522-11CF-8763-00608CC02F24}
Path: C:\Program Files\Alwil Software\Avast4\ashShell.dll
C:\Program Files\Alwil Software\Avast4\ashShell.dll
75128 bytes
Created: 19/01/2008
Modified: 04/12/2007
Company: ALWIL Software
----------
Key: Fichiers hors connexion
CLSID: {750fdf0e-2a26-11d1-a3ea-080036587f03}
Path: %SystemRoot%\System32\cscui.dll
C:\WINDOWS\System32\cscui.dll
337920 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: Open With
CLSID: {09799AFB-AD67-11d1-ABCD-00C04FC30936}
Path: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: Open With EncryptionMenu
CLSID: {A470F8CF-A1E8-4f65-8335-227475AA5C46}
Path: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: Trojan Remover
CLSID: {52B87208-9CCF-42C9-B88E-069281105805}
Path: C:\PROGRA~1\TROJAN~1\Trshlex.dll
C:\PROGRA~1\TROJAN~1\Trshlex.dll
467552 bytes
Created: 11/03/2008
Modified: 05/02/2007
Company: Simply Super Software
----------
Key: {a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
Path: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
**************************************************
12:56:53: Scanning ----- FOLDER\COLUMNHANDLERS -----
Key: {0D2E74C4-3C34-11d2-A27E-00C04FC30871}
File: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: {24F14F01-7B1C-11d1-838f-0000F80461CF}
File: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: {24F14F02-7B1C-11d1-838f-0000F80461CF}
File: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: {66742402-F9B9-11D1-A202-0000F81FEDEE}
File: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
**************************************************
12:56:54: Scanning ----- BROWSER HELPER OBJECTS -----
Key: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
BHO: C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
50376 bytes
Created: 15/05/2003
Modified: 15/05/2003
Company: Adobe Systems Incorporated
----------
Key: {9030D464-4C02-4ABF-8ECC-5164760863C6}
BHO: C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
322368 bytes
Created: 31/08/2006
Modified: 31/08/2006
Company: Microsoft Corporation
----------
Key: {AA58ED58-01DD-4d91-8333-CF10577473F7}
BHO: c:\program files\google\googletoolbar1.dll
c:\program files\google\googletoolbar1.dll
-R- 2436160 bytes
Created: 07/10/2007
Modified: 07/10/2007
Company: Google Inc.
----------
Key: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
BHO: C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
325048 bytes
Created: 11/10/2007
Modified: 11/10/2007
Company: Google Inc.
----------
Key: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
BHO: C:\Program Files\Windows Live Toolbar\msntb.dll
C:\Program Files\Windows Live Toolbar\msntb.dll
546320 bytes
Created: 19/10/2007
Modified: 19/10/2007
Company: Microsoft Corporation
----------
Key: {E312764E-7706-43F1-8DAB-FCDD2B1E416D}
BHO: C:\Program Files\Search Settings\kb126\SearchSettings.dll
C:\Program Files\Search Settings\kb126\SearchSettings.dll
1160544 bytes
Created: 06/02/2008
Modified: 06/02/2008
Company: Vendio Services, Inc.
----------
**************************************************
12:56:55: Scanning ----- SHELLSERVICEOBJECTS -----
Key: PostBootReminder
CLSID: {7849596a-48ea-486e-8937-a2a3009f31a9}
Path: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: CDBurn
CLSID: {fbeb8a05-beee-4442-804e-409d6c4515e9}
Path: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: WebCheck
CLSID: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
Path: %SystemRoot%\system32\webcheck.dll
C:\WINDOWS\system32\webcheck.dll
407040 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: SysTray
CLSID: {35CEC8A3-2BE6-11D2-8773-92E220524153}
Path: C:\WINDOWS\system32\stobject.dll
C:\WINDOWS\system32\stobject.dll
103936 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
**************************************************
12:56:55: Scanning ----- SHAREDTASKSCHEDULER ENTRIES -----
Value: {438755C2-A8BA-11D1-B96B-00A0C90312E1}
Comment: Pré-chargeur Browseui
File: %SystemRoot%\system32\browseui.dll
C:\WINDOWS\system32\browseui.dll
1024000 bytes
Created: 18/08/2006
Modified: 07/12/2007
Company: Microsoft Corporation
----------
Value: {8C7461EF-2B13-11d2-BE35-3078302C2030}
Comment: Démon de cache des catégories de composant
File: %SystemRoot%\system32\browseui.dll
C:\WINDOWS\system32\browseui.dll
1024000 bytes
Created: 18/08/2006
Modified: 07/12/2007
Company: Microsoft Corporation
----------
**************************************************
12:56:56: Scanning ----- IMAGEFILE DEBUGGERS -----
No "Debugger" entries found.
**************************************************
12:56:56: Scanning ----- APPINIT_DLLS -----
The AppInit_DLLs value is blank
**************************************************
12:56:56: Scanning ----- SECURITY PROVIDER DLLS -----
DLL: msapsspc.dll
C:\WINDOWS\system32\msapsspc.dll
86016 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
DLL: schannel.dll
C:\WINDOWS\system32\schannel.dll
144896 bytes
Created: 18/08/2006
Modified: 25/04/2007
Company: Microsoft Corporation
----------
DLL: digest.dll
C:\WINDOWS\system32\digest.dll
68608 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
DLL: msnsspc.dll
C:\WINDOWS\system32\msnsspc.dll
290816 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
**************************************************
12:56:56: Scanning ------ USER STARTUP GROUPS ------
Checking Startup Group for All Users
[C:\WINDOWS\Profiles\All Users\Start Menu\Programs\StartUp]
No Startup files for All Users were located to check
**************************************************
12:56:56: Scanning ------ COMMON STARTUP GROUP ------
[C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage]
The Common Startup Group attempts to load the following file(s) at boot time:
C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop.ini
-HS- 84 bytes
Created: 05/07/2007
Modified: 05/07/2007
Company:
--------------------
C:\Program Files\FinePixViewerS\QuickDCF2.exe
303104 bytes
Created: 21/02/2008
Modified: 30/01/2007
Company: FUJIFILM Corporation
Exif Launcher S.lnk - links to C:\Program Files\FinePixViewerS\QuickDCF2.exe
--------------------
C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin.exe
282624 bytes
Created: 22/09/2007
Modified: 24/12/2004
Company:
TrayMin.lnk - links to C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin.exe
--------------------
**************************************************
No User Startup Groups were located to check
**************************************************
12:56:57: Scanning ----- SCHEDULED TASKS -----
Taskname: Vérifier les mises à jour de Windows Live Toolbar.job
File: C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
99856 bytes
Created: 19/10/2007
Modified: 19/10/2007
Company: Microsoft Corporation
Parameters: [blank]
Next Run Time: 16/03/2008 13:33:00
Status: La tâche n'a pas encore été exécutée
Creator: SYSTEM
Comments: [blank]
----------
**************************************************
12:56:57: ----- ADDITIONAL CHECKS -----
PE386 rootkit checks completed
----------
Winlogon registry rootkit checks completed
----------
Heuristic checks for hidden files/drivers completed
----------
Layered Service Provider entries checks completed
---------
Windows Explorer Policies checks completed
----------
Desktop Wallpaper: C:\Documents And Settings\Administrateur\Mes documents\Mes images\loving anabelle.bmp
C:\Documents And Settings\Administrateur\Mes documents\Mes images\loving anabelle.bmp
2359350 bytes
Created: 15/03/2008
Modified: 15/03/2008
Company:
----------
Additional file checks completed
---------
**************************************************
12:56:58: Scanning ----- RUNNING PROCESSES -----
[Only loaded modules not scanned already
during this scan will be scanned here]
C:\WINDOWS\System32\smss.exe
[1 loaded module]
--------------------
C:\WINDOWS\system32\csrss.exe
[11 loaded modules in total]
--------------------
C:\WINDOWS\system32\winlogon.exe
[62 loaded modules in total]
--------------------
C:\WINDOWS\system32\services.exe
[34 loaded modules in total]
--------------------
C:\WINDOWS\system32\lsass.exe
[49 loaded modules in total]
--------------------
C:\WINDOWS\system32\svchost.exe
[31 loaded modules in total]
--------------------
C:\WINDOWS\system32\svchost.exe
[38 loaded modules in total]
--------------------
C:\WINDOWS\System32\svchost.exe
[142 loaded modules in total]
--------------------
C:\WINDOWS\system32\svchost.exe
[29 loaded modules in total]
--------------------
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
[16 loaded modules in total]
--------------------
C:\Program Files\Alwil Software\Avast4\ashServ.exe
[59 loaded modules in total]
--------------------
C:\WINDOWS\system32\LEXBCES.EXE
[25 loaded modules in total]
--------------------
C:\WINDOWS\system32\spoolsv.exe
[58 loaded modules in total]
--------------------
C:\WINDOWS\system32\LEXPPS.EXE
[20 loaded modules in total]
--------------------
C:\WINDOWS\system32\svchost.exe
[32 loaded modules in total]
--------------------
C:\WINDOWS\system32\svchost.exe
[31 loaded modules in total]
--------------------
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
[9 loaded modules in total]
--------------------
C:\WINDOWS\Private Folder\PrfldSvc.exe
[7 loaded modules in total]
--------------------
C:\WINDOWS\system32\svchost.exe
[37 loaded modules in total]
--------------------
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
[51 loaded modules in total]
--------------------
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
[41 loaded modules in total]
--------------------
C:\WINDOWS\System32\alg.exe
[31 loaded modules in total]
--------------------
C:\WINDOWS\Explorer.EXE
[76 loaded modules in total]
--------------------
C:\Windows\LClock\LClock.exe
[18 loaded modules in total]
--------------------
C:\Program Files\VIAudioi\SBADeck\ADeck.exe
[35 loaded modules in total]
--------------------
C:\PROGRA~1\Wanadoo\CnxMon.exe
[18 loaded modules in total]
--------------------
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
[13 loaded modules in total]
--------------------
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
[23 loaded modules in total]
--------------------
C:\WINDOWS\system32\rundll32.exe
[30 loaded modules in total]
--------------------
C:\WINDOWS\VM_STI.exe
[30 loaded modules in total]
--------------------
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
[52 loaded modules in total]
--------------------
C:\Program Files\Search Settings\SearchSettings.exe
[33 loaded modules in total]
--------------------
C:\Program Files\MSN Messenger\MsnMsgr.Exe
[90 loaded modules in total]
--------------------
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[47 loaded modules in total]
--------------------
C:\Program Files\FinePixViewerS\QuickDCF2.exe
[24 loaded modules in total]
--------------------
C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin.exe
[19 loaded modules in total]
--------------------
C:\Program Files\Internet Explorer\iexplore.exe
[132 loaded modules in total]
--------------------
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
[35 loaded modules in total]
--------------------
C:\Program Files\Internet Explorer\IEXPLORE.EXE
[134 loaded modules in total]
--------------------
C:\Program Files\Internet Explorer\IEXPLORE.EXE
[135 loaded modules in total]
--------------------
C:\Documents And Settings\Administrateur\Application Data\Simply Super Software\Trojan Remover\dao5.exe
FileSize: 2519616
[This is a Trojan Remover component]
[21 loaded modules in total]
--------------------
**************************************************
12:57:43: Checking AUTOEXEC.BAT file
AUTOEXEC.BAT found in C:\
No malicious entries were found in the AUTOEXEC.BAT file
**************************************************
12:57:43: Checking AUTOEXEC.NT file
AUTOEXEC.NT found in C:\WINDOWS\system32
No malicious entries were found in the AUTOEXEC.NT file
**************************************************
12:57:43: Checking HOSTS file
No malicious entries were found in the HOSTS file
**************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\"Start Page":
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\"Local Page":
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\"Search Page":
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL":
https://www.incompris.net/
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
http://www.google.com/toolbar/ie8/sidebar.html
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\"CustomizeSearch":
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\"SearchAssistant":
http://www.google.com/toolbar/ie8/sidebar.html
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Start Page":
https://www.orange.fr/portail
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Search Page":
https://www.google.com/?gws_rd=ssl
**************************************************
=== NO CHANGES HAVE BEEN MADE TO YOUR SYSTEM FILES ===
Scan completed at: 16/03/2008 12:57:43
************************************************************
***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.6.8.2520. For information, email support@simplysup.com
[Unregistered version]
Scan started at: 11/03/2008 13:48:32
Using Database v6950
Operating System: Windows XP SP2 [Windows XP Professional Service Pack 2 (Build 2600)]
File System: NTFS
Data directory: C:\Documents And Settings\Administrateur\Application Data\Simply Super Software\Trojan Remover\
Logfile directory: C:\Documents And Settings\Administrateur\Mes documents\Simply Super Software\Trojan Remover Logfiles\
Program directory: C:\Program Files\Trojan Remover\
Running with Administrator privileges
**************************************************
The following Anti-Malware program(s) are loaded:
Avast! Antivirus
**************************************************
**************************************************
13:48:32: Scanning ----------WIN.INI-----------
WIN.INI found in C:\WINDOWS
**************************************************
13:48:32: Scanning --------SYSTEM.INI---------
SYSTEM.INI found in C:\WINDOWS
**************************************************
13:48:32: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.
**************************************************
13:48:33: Scanning -----WINDOWS REGISTRY-----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
File: Explorer.exe
C:\WINDOWS\Explorer.exe
1037312 bytes
Created: 18/08/2006
Modified: 13/06/2007
Company: Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
File: C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\userinit.exe
25088 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
File: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlogon.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlogon.exe
59124 bytes
Created: 24/02/2008
Modified: 24/02/2008
Company:
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlogon.exe - file is excluded from scanning
----------
This key's "System" value appears to be blank
----------
This key's "UIHost" value calls the following program:
File: logonui.exe
C:\WINDOWS\system32\logonui.exe
5215744 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
Value Name: load
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: LClock
Value Data: \Windows\LClock\LClock.exe
C:\WINDOWS\LClock\LClock.exe
65536 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company:
--------------------
Value Name: AudioDeck
Value Data: C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
C:\Program Files\VIAudioi\SBADeck\ADeck.exe
-R- 540672 bytes
Created: 05/07/2007
Modified: 26/07/2006
Company: VIA Technologies, Inc.
--------------------
Value Name: NeroFilterCheck
Value Data: C:\WINDOWS\system32\NeroCheck.exe
C:\WINDOWS\system32\NeroCheck.exe
155648 bytes
Created: 06/07/2007
Modified: 09/07/2001
Company: Ahead Software Gmbh
--------------------
Value Name: WooCnxMon
Value Data: C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
24576 bytes
Created: 06/07/2007
Modified: 13/10/2004
Company:
--------------------
Value Name: SpeedTouch USB Diagnostics
Value Data: "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
866816 bytes
Created: 06/07/2007
Modified: 26/01/2004
Company: THOMSON Telecom Belgium
--------------------
Value Name: WOOWATCH
Value Data: C:\PROGRA~1\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\Watch.exe
24576 bytes
Created: 06/07/2007
Modified: 13/10/2004
Company: France Télécom R&D
--------------------
Value Name: WOOTASKBARICON
Value Data: C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
49152 bytes
Created: 06/07/2007
Modified: 13/10/2004
Company:
--------------------
Value Name: BluetoothAuthenticationAgent
Value Data: rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
C:\WINDOWS\system32\bthprops.cpl
110592 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
--------------------
Value Name: BigDogPath
Value Data: C:\WINDOWS\VM_STI.exe Philips SPC 200NC PC Camera
C:\WINDOWS\VM_STI.exe
40960 bytes
Created: 22/09/2007
Modified: 09/06/2004
Company: BIGDOG
--------------------
Value Name: avast!
Value Data: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
79224 bytes
Created: 19/01/2008
Modified: 04/12/2007
Company: ALWIL Software
--------------------
Value Name: Flash Driver
Value Data: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlogon.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlogon.exe
59124 bytes
Created: 24/02/2008
Modified: 24/02/2008
Company:
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlogon.exe - file has been excluded from scanning
--------------------
Value Name: SearchSettings
Value Data: C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Search Settings\SearchSettings.exe
1036640 bytes
Created: 06/02/2008
Modified: 06/02/2008
Company: Vendio Services, Inc.
--------------------
Value Name: TrojanScanner
Value Data: C:\Program Files\Trojan Remover\Trjscan.exe
C:\Program Files\Trojan Remover\Trjscan.exe
872528 bytes
Created: 11/03/2008
Modified: 09/03/2008
Company: Simply Super Software
--------------------
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
This Registry Key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: MsnMsgr
Value Data: "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
C:\Program Files\MSN Messenger\MsnMsgr.Exe
5674352 bytes
Created: 19/01/2007
Modified: 19/01/2007
Company: Microsoft Corporation
--------------------
Value Name: swg
Value Data: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
68856 bytes
Created: 11/10/2007
Modified: 11/10/2007
Company: Google Inc.
--------------------
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
**************************************************
13:48:34: Scanning -----SHELLEXECUTEHOOKS-----
ValueName: {AEB6717E-7E19-11d0-97EE-00C04FD91972}
File: shell32.dll - this file is expected and has been left in place
----------
**************************************************
13:48:34: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------
**************************************************
13:48:34: Scanning -----ACTIVE SCREENSAVER-----
No active ScreenSaver found to scan.
**************************************************
13:48:34: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
Key: >{26923b43-4d38-484f-9b9e-de460746276c}
Path: %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
C:\WINDOWS\system32\shmgrate.exe
42496 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a}
Path: %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
C:\WINDOWS\system32\shmgrate.exe
42496 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: {44BBA840-CC51-11CF-AAFA-00AA00B6015C}
Path: "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
C:\Program Files\Outlook Express\setup50.exe
73728 bytes
Created: 05/07/2007
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: {44BBA842-CC51-11CF-AAFA-00AA00B6015B}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
C:\WINDOWS\system32\advpack.dll
101888 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: {6BF52A52-394A-11d3-B153-00C04F79FAA6}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
C:\WINDOWS\system32\advpack.dll - file already scanned
----------
Key: {7790769C-0471-11d2-AF11-00C04FA35D02}
Path: "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
C:\Program Files\Outlook Express\setup50.exe
73728 bytes
Created: 05/07/2007
Modified: 18/08/2006
Company: Microsoft Corporation
----------
**************************************************
13:48:35: Scanning ----- SERVICEDLL REGISTRY KEYS -----
Key: BthServ
Path: %SystemRoot%\System32\bthserv.dll
C:\WINDOWS\System32\bthserv.dll
30208 bytes
Created: 18/08/2006
Modified: 02/08/2006
Company: Microsoft Corporation
--------------------
Key: HidServ
%SystemRoot%\System32\hidserv.dll - file is globally excluded (file cannot be found)
--------------------
Key: WmdmPmSN
Path: C:\WINDOWS\system32\mspmsnsv.dll
C:\WINDOWS\system32\mspmsnsv.dll
26112 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
--------------------
**************************************************
13:48:35: Scanning ----- SERVICES REGISTRY KEYS -----
Key: alcan5wn
ImagePath: system32\DRIVERS\alcan5wn.sys
C:\WINDOWS\system32\DRIVERS\alcan5wn.sys
53600 bytes
Created: 06/07/2007
Modified: 08/12/2003
Company: THOMSON
----------
Key: aswUpdSv
ImagePath: "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
17272 bytes
Created: 19/01/2008
Modified: 04/12/2007
Company: ALWIL Software
----------
Key: avast! Antivirus
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashServ.exe"
C:\Program Files\Alwil Software\Avast4\ashServ.exe
140664 bytes
Created: 19/01/2008
Modified: 04/12/2007
Company: ALWIL Software
----------
Key: avast! Mail Scanner
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
247160 bytes
Created: 19/01/2008
Modified: 04/12/2007
Company: ALWIL Software
----------
Key: avast! Web Scanner
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
345464 bytes
Created: 19/01/2008
Modified: 04/12/2007
Company: ALWIL Software
----------
Key: AVWEBCAM
ImagePath: system32\DRIVERS\avwebcam.sys
C:\WINDOWS\system32\DRIVERS\avwebcam.sys
215552 bytes
Created: 20/11/2007
Modified: 22/11/2005
Company: Windows (R) 2000 DDK provider
----------
Key: BthEnum
ImagePath: system32\DRIVERS\BthEnum.sys
C:\WINDOWS\system32\DRIVERS\BthEnum.sys
17024 bytes
Created: 18/12/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: BTHMODEM
ImagePath: system32\DRIVERS\bthmodem.sys
C:\WINDOWS\system32\DRIVERS\bthmodem.sys
38016 bytes
Created: 18/12/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: BthPan
ImagePath: system32\DRIVERS\bthpan.sys
C:\WINDOWS\system32\DRIVERS\bthpan.sys
100992 bytes
Created: 18/12/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: BTHPORT
ImagePath: System32\Drivers\BTHport.sys
C:\WINDOWS\System32\Drivers\BTHport.sys
274944 bytes
Created: 18/12/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: BTHUSB
ImagePath: System32\Drivers\BTHUSB.sys
C:\WINDOWS\System32\Drivers\BTHUSB.sys
18944 bytes
Created: 18/12/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: FETNDISB
ImagePath: system32\DRIVERS\fetnd5b.sys
C:\WINDOWS\system32\DRIVERS\fetnd5b.sys
-R- 42496 bytes
Created: 05/07/2007
Modified: 15/04/2004
Company: VIA Technologies, Inc.
----------
Key: gagp30kx
ImagePath: system32\DRIVERS\gagp30kx.sys
C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
46464 bytes
Created: 05/07/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: GMSIPCI
ImagePath: \??\E:\INSTALL\GMSIPCI.SYS
E:\INSTALL\GMSIPCI.SYS - this file has been excluded from scanning
----------
Key: gusvc
ImagePath: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
138168 bytes
Created: 07/10/2007
Modified: 07/10/2007
Company: Google
----------
Key: HidBth
ImagePath: system32\DRIVERS\hidbth.sys
C:\WINDOWS\system32\DRIVERS\hidbth.sys
25856 bytes
Created: 18/12/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: LexBceS
ImagePath: C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXBCES.EXE
303104 bytes
Created: 25/02/2003
Modified: 25/02/2003
Company: Lexmark International, Inc.
----------
Key: LightScribeService
ImagePath: "C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe"
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
53248 bytes
Created: 22/09/2005
Modified: 22/09/2005
Company: Hewlett-Packard Company
----------
Key: ose
ImagePath: "C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE"
C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE
89136 bytes
Created: 28/07/2003
Modified: 28/07/2003
Company: Microsoft Corporation
----------
Key: prfldsvc
ImagePath: C:\WINDOWS\Private Folder\PrfldSvc.exe
C:\WINDOWS\Private Folder\PrfldSvc.exe
69632 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company:
----------
Key: Prvflder
ImagePath: system32\DRIVERS\prvflder.sys
C:\WINDOWS\system32\DRIVERS\prvflder.sys
70912 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Windows (R) 2000 DDK provider
----------
Key: RFCOMM
ImagePath: system32\DRIVERS\rfcomm.sys
C:\WINDOWS\system32\DRIVERS\rfcomm.sys
59648 bytes
Created: 18/12/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: Secdrv
ImagePath: system32\DRIVERS\secdrv.sys
C:\WINDOWS\system32\DRIVERS\secdrv.sys
20480 bytes
Created: 18/08/2006
Modified: 13/11/2007
Company: Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.
----------
Key: sr
ImagePath: \SystemRoot\system32\DRIVERS\sr.sys
C:\WINDOWS\system32\DRIVERS\sr.sys
73600 bytes
Created: 05/07/2007
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: ssm_bus
ImagePath: system32\DRIVERS\ssm_bus.sys
C:\WINDOWS\system32\DRIVERS\ssm_bus.sys
58320 bytes
Created: 19/09/2007
Modified: 30/08/2005
Company: MCCI
----------
Key: ssm_mdfl
ImagePath: system32\DRIVERS\ssm_mdfl.sys
C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys
8336 bytes
Created: 19/09/2007
Modified: 30/08/2005
Company: MCCI
----------
Key: ssm_mdm
ImagePath: system32\DRIVERS\ssm_mdm.sys
C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys
94000 bytes
Created: 19/09/2007
Modified: 30/08/2005
Company: MCCI
----------
Key: SwPrv
ImagePath: C:\WINDOWS\system32\dllhost.exe /Processid:{66A60C2A-3CCA-4AD9-BE1B-76EC87362844}
C:\WINDOWS\system32\dllhost.exe
5120 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: usnjsvc
ImagePath: "C:\Program Files\MSN Messenger\usnsvc.exe"
C:\Program Files\MSN Messenger\usnsvc.exe
97136 bytes
Created: 19/01/2007
Modified: 19/01/2007
Company: Microsoft Corporation
----------
Key: VIAudio
ImagePath: system32\drivers\vinyl97.sys
C:\WINDOWS\system32\drivers\vinyl97.sys
-R- 204160 bytes
Created: 05/07/2007
Modified: 13/04/2006
Company: VIA Technologies, Inc.
----------
Key: ZSMC301b
ImagePath: System32\Drivers\usbVM31b.sys
C:\WINDOWS\System32\Drivers\usbVM31b.sys - this file has been excluded from scanning
----------
**************************************************
13:48:38: Scanning -----VXD ENTRIES-----
Checking the following VxD entries:
**************************************************
13:48:38: Scanning ----- WINLOGON\NOTIFY DLLS -----
**************************************************
13:48:38: Scanning ----- CONTEXTMENUHANDLERS -----
Key: avast
CLSID: {472083B0-C522-11CF-8763-00608CC02F24}
Path: C:\Program Files\Alwil Software\Avast4\ashShell.dll
C:\Program Files\Alwil Software\Avast4\ashShell.dll
75128 bytes
Created: 19/01/2008
Modified: 04/12/2007
Company: ALWIL Software
----------
Key: Fichiers hors connexion
CLSID: {750fdf0e-2a26-11d1-a3ea-080036587f03}
Path: %SystemRoot%\System32\cscui.dll
C:\WINDOWS\System32\cscui.dll
337920 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: Open With
CLSID: {09799AFB-AD67-11d1-ABCD-00C04FC30936}
Path: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: Open With EncryptionMenu
CLSID: {A470F8CF-A1E8-4f65-8335-227475AA5C46}
Path: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: Trojan Remover
CLSID: {52B87208-9CCF-42C9-B88E-069281105805}
Path: C:\PROGRA~1\TROJAN~1\Trshlex.dll
C:\PROGRA~1\TROJAN~1\Trshlex.dll
467552 bytes
Created: 11/03/2008
Modified: 05/02/2007
Company: Simply Super Software
----------
Key: {a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
Path: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
**************************************************
13:48:39: Scanning ----- FOLDER\COLUMNHANDLERS -----
Key: {0D2E74C4-3C34-11d2-A27E-00C04FC30871}
File: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: {24F14F01-7B1C-11d1-838f-0000F80461CF}
File: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: {24F14F02-7B1C-11d1-838f-0000F80461CF}
File: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: {66742402-F9B9-11D1-A202-0000F81FEDEE}
File: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
**************************************************
13:48:40: Scanning ----- BROWSER HELPER OBJECTS -----
Key: {9030D464-4C02-4ABF-8ECC-5164760863C6}
BHO: C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
322368 bytes
Created: 31/08/2006
Modified: 31/08/2006
Company: Microsoft Corporation
----------
Key: {AA58ED58-01DD-4d91-8333-CF10577473F7}
BHO: c:\program files\google\googletoolbar1.dll
c:\program files\google\googletoolbar1.dll
-R- 2436160 bytes
Created: 07/10/2007
Modified: 07/10/2007
Company: Google Inc.
----------
Key: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
BHO: C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
325048 bytes
Created: 11/10/2007
Modified: 11/10/2007
Company: Google Inc.
----------
Key: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
BHO: C:\Program Files\Windows Live Toolbar\msntb.dll
C:\Program Files\Windows Live Toolbar\msntb.dll
546320 bytes
Created: 19/10/2007
Modified: 19/10/2007
Company: Microsoft Corporation
----------
Key: {E312764E-7706-43F1-8DAB-FCDD2B1E416D}
BHO: C:\Program Files\Search Settings\kb126\SearchSettings.dll
C:\Program Files\Search Settings\kb126\SearchSettings.dll
1160544 bytes
Created: 06/02/2008
Modified: 06/02/2008
Company: Vendio Services, Inc.
----------
**************************************************
13:48:40: Scanning ----- SHELLSERVICEOBJECTS -----
Key: PostBootReminder
CLSID: {7849596a-48ea-486e-8937-a2a3009f31a9}
Path: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: CDBurn
CLSID: {fbeb8a05-beee-4442-804e-409d6c4515e9}
Path: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: WebCheck
CLSID: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
Path: %SystemRoot%\system32\webcheck.dll
C:\WINDOWS\system32\webcheck.dll
Trojan Remover Ver 6.6.8.2520. For information, email support@simplysup.com
[Unregistered version]
Scan started at: 16/03/2008 12:56:34
Using Database v6950
Operating System: Windows XP SP2 [Windows XP Professional Service Pack 2 (Build 2600)]
File System: NTFS
Data directory: C:\Documents And Settings\Administrateur\Application Data\Simply Super Software\Trojan Remover\
Logfile directory: C:\Documents And Settings\Administrateur\Mes documents\Simply Super Software\Trojan Remover Logfiles\
Program directory: C:\Program Files\Trojan Remover\
Running with Administrator privileges
**************************************************
The following Anti-Malware program(s) are loaded:
Avast! Antivirus
**************************************************
**************************************************
12:56:34: Scanning ----------WIN.INI-----------
WIN.INI found in C:\WINDOWS
**************************************************
12:56:34: Scanning --------SYSTEM.INI---------
SYSTEM.INI found in C:\WINDOWS
**************************************************
12:56:34: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.
**************************************************
12:56:34: Scanning -----WINDOWS REGISTRY-----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
File: Explorer.exe
C:\WINDOWS\Explorer.exe
1037312 bytes
Created: 18/08/2006
Modified: 13/06/2007
Company: Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
File: C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\userinit.exe
25088 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
File: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlogon.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlogon.exe
59124 bytes
Created: 24/02/2008
Modified: 24/02/2008
Company:
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlogon.exe - file is excluded from scanning
----------
This key's "System" value appears to be blank
----------
This key's "UIHost" value calls the following program:
File: logonui.exe
C:\WINDOWS\system32\logonui.exe
5215744 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
Value Name: load
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: LClock
Value Data: \Windows\LClock\LClock.exe
C:\WINDOWS\LClock\LClock.exe
65536 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company:
--------------------
Value Name: AudioDeck
Value Data: C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
C:\Program Files\VIAudioi\SBADeck\ADeck.exe
-R- 540672 bytes
Created: 05/07/2007
Modified: 26/07/2006
Company: VIA Technologies, Inc.
--------------------
Value Name: NeroFilterCheck
Value Data: C:\WINDOWS\system32\NeroCheck.exe
C:\WINDOWS\system32\NeroCheck.exe
155648 bytes
Created: 06/07/2007
Modified: 09/07/2001
Company: Ahead Software Gmbh
--------------------
Value Name: WooCnxMon
Value Data: C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
24576 bytes
Created: 06/07/2007
Modified: 13/10/2004
Company:
--------------------
Value Name: SpeedTouch USB Diagnostics
Value Data: "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
866816 bytes
Created: 06/07/2007
Modified: 26/01/2004
Company: THOMSON Telecom Belgium
--------------------
Value Name: WOOWATCH
Value Data: C:\PROGRA~1\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\Watch.exe
24576 bytes
Created: 06/07/2007
Modified: 13/10/2004
Company: France Télécom R&D
--------------------
Value Name: WOOTASKBARICON
Value Data: C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
49152 bytes
Created: 06/07/2007
Modified: 13/10/2004
Company:
--------------------
Value Name: BluetoothAuthenticationAgent
Value Data: rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
C:\WINDOWS\system32\bthprops.cpl
110592 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
--------------------
Value Name: BigDogPath
Value Data: C:\WINDOWS\VM_STI.exe Philips SPC 200NC PC Camera
C:\WINDOWS\VM_STI.exe
40960 bytes
Created: 22/09/2007
Modified: 09/06/2004
Company: BIGDOG
--------------------
Value Name: avast!
Value Data: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
79224 bytes
Created: 19/01/2008
Modified: 04/12/2007
Company: ALWIL Software
--------------------
Value Name: Flash Driver
Value Data: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlogon.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlogon.exe
59124 bytes
Created: 24/02/2008
Modified: 24/02/2008
Company:
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlogon.exe - file has been excluded from scanning
--------------------
Value Name: SearchSettings
Value Data: C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Search Settings\SearchSettings.exe
1036640 bytes
Created: 06/02/2008
Modified: 06/02/2008
Company: Vendio Services, Inc.
--------------------
Value Name: TrojanScanner
Value Data: C:\Program Files\Trojan Remover\Trjscan.exe
C:\Program Files\Trojan Remover\Trjscan.exe
872528 bytes
Created: 11/03/2008
Modified: 09/03/2008
Company: Simply Super Software
--------------------
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
This Registry Key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: MsnMsgr
Value Data: "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
C:\Program Files\MSN Messenger\MsnMsgr.Exe
5674352 bytes
Created: 19/01/2007
Modified: 19/01/2007
Company: Microsoft Corporation
--------------------
Value Name: swg
Value Data: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
68856 bytes
Created: 11/10/2007
Modified: 11/10/2007
Company: Google Inc.
--------------------
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
**************************************************
12:56:38: Scanning -----SHELLEXECUTEHOOKS-----
ValueName: {AEB6717E-7E19-11d0-97EE-00C04FD91972}
File: shell32.dll - this file is expected and has been left in place
----------
**************************************************
12:56:38: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------
**************************************************
12:56:38: Scanning -----ACTIVE SCREENSAVER-----
No active ScreenSaver found to scan.
**************************************************
12:56:38: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
Key: >{26923b43-4d38-484f-9b9e-de460746276c}
Path: %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
C:\WINDOWS\system32\shmgrate.exe
42496 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a}
Path: %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
C:\WINDOWS\system32\shmgrate.exe
42496 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: {44BBA840-CC51-11CF-AAFA-00AA00B6015C}
Path: "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
C:\Program Files\Outlook Express\setup50.exe
73728 bytes
Created: 05/07/2007
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: {44BBA842-CC51-11CF-AAFA-00AA00B6015B}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
C:\WINDOWS\system32\advpack.dll
101888 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: {6BF52A52-394A-11d3-B153-00C04F79FAA6}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
C:\WINDOWS\system32\advpack.dll - file already scanned
----------
Key: {7790769C-0471-11d2-AF11-00C04FA35D02}
Path: "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
C:\Program Files\Outlook Express\setup50.exe
73728 bytes
Created: 05/07/2007
Modified: 18/08/2006
Company: Microsoft Corporation
----------
**************************************************
12:56:39: Scanning ----- SERVICEDLL REGISTRY KEYS -----
Key: BthServ
Path: %SystemRoot%\System32\bthserv.dll
C:\WINDOWS\System32\bthserv.dll
30208 bytes
Created: 18/08/2006
Modified: 02/08/2006
Company: Microsoft Corporation
--------------------
Key: HidServ
%SystemRoot%\System32\hidserv.dll - file is globally excluded (file cannot be found)
--------------------
Key: WmdmPmSN
Path: C:\WINDOWS\system32\mspmsnsv.dll
C:\WINDOWS\system32\mspmsnsv.dll
26112 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
--------------------
**************************************************
12:56:41: Scanning ----- SERVICES REGISTRY KEYS -----
Key: alcan5wn
ImagePath: system32\DRIVERS\alcan5wn.sys
C:\WINDOWS\system32\DRIVERS\alcan5wn.sys
53600 bytes
Created: 06/07/2007
Modified: 08/12/2003
Company: THOMSON
----------
Key: aswUpdSv
ImagePath: "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
17272 bytes
Created: 19/01/2008
Modified: 04/12/2007
Company: ALWIL Software
----------
Key: avast! Antivirus
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashServ.exe"
C:\Program Files\Alwil Software\Avast4\ashServ.exe
140664 bytes
Created: 19/01/2008
Modified: 04/12/2007
Company: ALWIL Software
----------
Key: avast! Mail Scanner
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
247160 bytes
Created: 19/01/2008
Modified: 04/12/2007
Company: ALWIL Software
----------
Key: avast! Web Scanner
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
345464 bytes
Created: 19/01/2008
Modified: 04/12/2007
Company: ALWIL Software
----------
Key: AVWEBCAM
ImagePath: system32\DRIVERS\avwebcam.sys
C:\WINDOWS\system32\DRIVERS\avwebcam.sys
215552 bytes
Created: 20/11/2007
Modified: 22/11/2005
Company: Windows (R) 2000 DDK provider
----------
Key: BthEnum
ImagePath: system32\DRIVERS\BthEnum.sys
C:\WINDOWS\system32\DRIVERS\BthEnum.sys
17024 bytes
Created: 18/12/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: BTHMODEM
ImagePath: system32\DRIVERS\bthmodem.sys
C:\WINDOWS\system32\DRIVERS\bthmodem.sys
38016 bytes
Created: 18/12/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: BthPan
ImagePath: system32\DRIVERS\bthpan.sys
C:\WINDOWS\system32\DRIVERS\bthpan.sys
100992 bytes
Created: 18/12/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: BTHPORT
ImagePath: System32\Drivers\BTHport.sys
C:\WINDOWS\System32\Drivers\BTHport.sys
274944 bytes
Created: 18/12/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: BTHUSB
ImagePath: System32\Drivers\BTHUSB.sys
C:\WINDOWS\System32\Drivers\BTHUSB.sys
18944 bytes
Created: 18/12/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: FETNDISB
ImagePath: system32\DRIVERS\fetnd5b.sys
C:\WINDOWS\system32\DRIVERS\fetnd5b.sys
-R- 42496 bytes
Created: 05/07/2007
Modified: 15/04/2004
Company: VIA Technologies, Inc.
----------
Key: gagp30kx
ImagePath: system32\DRIVERS\gagp30kx.sys
C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
46464 bytes
Created: 05/07/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: GMSIPCI
ImagePath: \??\E:\INSTALL\GMSIPCI.SYS
E:\INSTALL\GMSIPCI.SYS - this file has been excluded from scanning
----------
Key: gusvc
ImagePath: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
138168 bytes
Created: 07/10/2007
Modified: 07/10/2007
Company: Google
----------
Key: HidBth
ImagePath: system32\DRIVERS\hidbth.sys
C:\WINDOWS\system32\DRIVERS\hidbth.sys
25856 bytes
Created: 18/12/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: LexBceS
ImagePath: C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXBCES.EXE
303104 bytes
Created: 25/02/2003
Modified: 25/02/2003
Company: Lexmark International, Inc.
----------
Key: LightScribeService
ImagePath: "C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe"
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
53248 bytes
Created: 22/09/2005
Modified: 22/09/2005
Company: Hewlett-Packard Company
----------
Key: ose
ImagePath: "C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE"
C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE
89136 bytes
Created: 28/07/2003
Modified: 28/07/2003
Company: Microsoft Corporation
----------
Key: prfldsvc
ImagePath: C:\WINDOWS\Private Folder\PrfldSvc.exe
C:\WINDOWS\Private Folder\PrfldSvc.exe
69632 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company:
----------
Key: Prvflder
ImagePath: system32\DRIVERS\prvflder.sys
C:\WINDOWS\system32\DRIVERS\prvflder.sys
70912 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Windows (R) 2000 DDK provider
----------
Key: RFCOMM
ImagePath: system32\DRIVERS\rfcomm.sys
C:\WINDOWS\system32\DRIVERS\rfcomm.sys
59648 bytes
Created: 18/12/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: Secdrv
ImagePath: system32\DRIVERS\secdrv.sys
C:\WINDOWS\system32\DRIVERS\secdrv.sys
20480 bytes
Created: 18/08/2006
Modified: 13/11/2007
Company: Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.
----------
Key: sr
ImagePath: \SystemRoot\system32\DRIVERS\sr.sys
C:\WINDOWS\system32\DRIVERS\sr.sys
73600 bytes
Created: 05/07/2007
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: ssm_bus
ImagePath: system32\DRIVERS\ssm_bus.sys
C:\WINDOWS\system32\DRIVERS\ssm_bus.sys
58320 bytes
Created: 19/09/2007
Modified: 30/08/2005
Company: MCCI
----------
Key: ssm_mdfl
ImagePath: system32\DRIVERS\ssm_mdfl.sys
C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys
8336 bytes
Created: 19/09/2007
Modified: 30/08/2005
Company: MCCI
----------
Key: ssm_mdm
ImagePath: system32\DRIVERS\ssm_mdm.sys
C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys
94000 bytes
Created: 19/09/2007
Modified: 30/08/2005
Company: MCCI
----------
Key: SwPrv
ImagePath: C:\WINDOWS\system32\dllhost.exe /Processid:{66A60C2A-3CCA-4AD9-BE1B-76EC87362844}
C:\WINDOWS\system32\dllhost.exe
5120 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: usnjsvc
ImagePath: "C:\Program Files\MSN Messenger\usnsvc.exe"
C:\Program Files\MSN Messenger\usnsvc.exe
97136 bytes
Created: 19/01/2007
Modified: 19/01/2007
Company: Microsoft Corporation
----------
Key: VIAudio
ImagePath: system32\drivers\vinyl97.sys
C:\WINDOWS\system32\drivers\vinyl97.sys
-R- 204160 bytes
Created: 05/07/2007
Modified: 13/04/2006
Company: VIA Technologies, Inc.
----------
Key: ZSMC301b
ImagePath: System32\Drivers\usbVM31b.sys
C:\WINDOWS\System32\Drivers\usbVM31b.sys - this file has been excluded from scanning
----------
**************************************************
12:56:51: Scanning -----VXD ENTRIES-----
Checking the following VxD entries:
**************************************************
12:56:51: Scanning ----- WINLOGON\NOTIFY DLLS -----
**************************************************
12:56:51: Scanning ----- CONTEXTMENUHANDLERS -----
Key: avast
CLSID: {472083B0-C522-11CF-8763-00608CC02F24}
Path: C:\Program Files\Alwil Software\Avast4\ashShell.dll
C:\Program Files\Alwil Software\Avast4\ashShell.dll
75128 bytes
Created: 19/01/2008
Modified: 04/12/2007
Company: ALWIL Software
----------
Key: Fichiers hors connexion
CLSID: {750fdf0e-2a26-11d1-a3ea-080036587f03}
Path: %SystemRoot%\System32\cscui.dll
C:\WINDOWS\System32\cscui.dll
337920 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: Open With
CLSID: {09799AFB-AD67-11d1-ABCD-00C04FC30936}
Path: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: Open With EncryptionMenu
CLSID: {A470F8CF-A1E8-4f65-8335-227475AA5C46}
Path: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: Trojan Remover
CLSID: {52B87208-9CCF-42C9-B88E-069281105805}
Path: C:\PROGRA~1\TROJAN~1\Trshlex.dll
C:\PROGRA~1\TROJAN~1\Trshlex.dll
467552 bytes
Created: 11/03/2008
Modified: 05/02/2007
Company: Simply Super Software
----------
Key: {a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
Path: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
**************************************************
12:56:53: Scanning ----- FOLDER\COLUMNHANDLERS -----
Key: {0D2E74C4-3C34-11d2-A27E-00C04FC30871}
File: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: {24F14F01-7B1C-11d1-838f-0000F80461CF}
File: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: {24F14F02-7B1C-11d1-838f-0000F80461CF}
File: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: {66742402-F9B9-11D1-A202-0000F81FEDEE}
File: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
**************************************************
12:56:54: Scanning ----- BROWSER HELPER OBJECTS -----
Key: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
BHO: C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
50376 bytes
Created: 15/05/2003
Modified: 15/05/2003
Company: Adobe Systems Incorporated
----------
Key: {9030D464-4C02-4ABF-8ECC-5164760863C6}
BHO: C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
322368 bytes
Created: 31/08/2006
Modified: 31/08/2006
Company: Microsoft Corporation
----------
Key: {AA58ED58-01DD-4d91-8333-CF10577473F7}
BHO: c:\program files\google\googletoolbar1.dll
c:\program files\google\googletoolbar1.dll
-R- 2436160 bytes
Created: 07/10/2007
Modified: 07/10/2007
Company: Google Inc.
----------
Key: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
BHO: C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
325048 bytes
Created: 11/10/2007
Modified: 11/10/2007
Company: Google Inc.
----------
Key: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
BHO: C:\Program Files\Windows Live Toolbar\msntb.dll
C:\Program Files\Windows Live Toolbar\msntb.dll
546320 bytes
Created: 19/10/2007
Modified: 19/10/2007
Company: Microsoft Corporation
----------
Key: {E312764E-7706-43F1-8DAB-FCDD2B1E416D}
BHO: C:\Program Files\Search Settings\kb126\SearchSettings.dll
C:\Program Files\Search Settings\kb126\SearchSettings.dll
1160544 bytes
Created: 06/02/2008
Modified: 06/02/2008
Company: Vendio Services, Inc.
----------
**************************************************
12:56:55: Scanning ----- SHELLSERVICEOBJECTS -----
Key: PostBootReminder
CLSID: {7849596a-48ea-486e-8937-a2a3009f31a9}
Path: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: CDBurn
CLSID: {fbeb8a05-beee-4442-804e-409d6c4515e9}
Path: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: WebCheck
CLSID: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
Path: %SystemRoot%\system32\webcheck.dll
C:\WINDOWS\system32\webcheck.dll
407040 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: SysTray
CLSID: {35CEC8A3-2BE6-11D2-8773-92E220524153}
Path: C:\WINDOWS\system32\stobject.dll
C:\WINDOWS\system32\stobject.dll
103936 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
**************************************************
12:56:55: Scanning ----- SHAREDTASKSCHEDULER ENTRIES -----
Value: {438755C2-A8BA-11D1-B96B-00A0C90312E1}
Comment: Pré-chargeur Browseui
File: %SystemRoot%\system32\browseui.dll
C:\WINDOWS\system32\browseui.dll
1024000 bytes
Created: 18/08/2006
Modified: 07/12/2007
Company: Microsoft Corporation
----------
Value: {8C7461EF-2B13-11d2-BE35-3078302C2030}
Comment: Démon de cache des catégories de composant
File: %SystemRoot%\system32\browseui.dll
C:\WINDOWS\system32\browseui.dll
1024000 bytes
Created: 18/08/2006
Modified: 07/12/2007
Company: Microsoft Corporation
----------
**************************************************
12:56:56: Scanning ----- IMAGEFILE DEBUGGERS -----
No "Debugger" entries found.
**************************************************
12:56:56: Scanning ----- APPINIT_DLLS -----
The AppInit_DLLs value is blank
**************************************************
12:56:56: Scanning ----- SECURITY PROVIDER DLLS -----
DLL: msapsspc.dll
C:\WINDOWS\system32\msapsspc.dll
86016 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
DLL: schannel.dll
C:\WINDOWS\system32\schannel.dll
144896 bytes
Created: 18/08/2006
Modified: 25/04/2007
Company: Microsoft Corporation
----------
DLL: digest.dll
C:\WINDOWS\system32\digest.dll
68608 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
DLL: msnsspc.dll
C:\WINDOWS\system32\msnsspc.dll
290816 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
**************************************************
12:56:56: Scanning ------ USER STARTUP GROUPS ------
Checking Startup Group for All Users
[C:\WINDOWS\Profiles\All Users\Start Menu\Programs\StartUp]
No Startup files for All Users were located to check
**************************************************
12:56:56: Scanning ------ COMMON STARTUP GROUP ------
[C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage]
The Common Startup Group attempts to load the following file(s) at boot time:
C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop.ini
-HS- 84 bytes
Created: 05/07/2007
Modified: 05/07/2007
Company:
--------------------
C:\Program Files\FinePixViewerS\QuickDCF2.exe
303104 bytes
Created: 21/02/2008
Modified: 30/01/2007
Company: FUJIFILM Corporation
Exif Launcher S.lnk - links to C:\Program Files\FinePixViewerS\QuickDCF2.exe
--------------------
C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin.exe
282624 bytes
Created: 22/09/2007
Modified: 24/12/2004
Company:
TrayMin.lnk - links to C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin.exe
--------------------
**************************************************
No User Startup Groups were located to check
**************************************************
12:56:57: Scanning ----- SCHEDULED TASKS -----
Taskname: Vérifier les mises à jour de Windows Live Toolbar.job
File: C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
99856 bytes
Created: 19/10/2007
Modified: 19/10/2007
Company: Microsoft Corporation
Parameters: [blank]
Next Run Time: 16/03/2008 13:33:00
Status: La tâche n'a pas encore été exécutée
Creator: SYSTEM
Comments: [blank]
----------
**************************************************
12:56:57: ----- ADDITIONAL CHECKS -----
PE386 rootkit checks completed
----------
Winlogon registry rootkit checks completed
----------
Heuristic checks for hidden files/drivers completed
----------
Layered Service Provider entries checks completed
---------
Windows Explorer Policies checks completed
----------
Desktop Wallpaper: C:\Documents And Settings\Administrateur\Mes documents\Mes images\loving anabelle.bmp
C:\Documents And Settings\Administrateur\Mes documents\Mes images\loving anabelle.bmp
2359350 bytes
Created: 15/03/2008
Modified: 15/03/2008
Company:
----------
Additional file checks completed
---------
**************************************************
12:56:58: Scanning ----- RUNNING PROCESSES -----
[Only loaded modules not scanned already
during this scan will be scanned here]
C:\WINDOWS\System32\smss.exe
[1 loaded module]
--------------------
C:\WINDOWS\system32\csrss.exe
[11 loaded modules in total]
--------------------
C:\WINDOWS\system32\winlogon.exe
[62 loaded modules in total]
--------------------
C:\WINDOWS\system32\services.exe
[34 loaded modules in total]
--------------------
C:\WINDOWS\system32\lsass.exe
[49 loaded modules in total]
--------------------
C:\WINDOWS\system32\svchost.exe
[31 loaded modules in total]
--------------------
C:\WINDOWS\system32\svchost.exe
[38 loaded modules in total]
--------------------
C:\WINDOWS\System32\svchost.exe
[142 loaded modules in total]
--------------------
C:\WINDOWS\system32\svchost.exe
[29 loaded modules in total]
--------------------
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
[16 loaded modules in total]
--------------------
C:\Program Files\Alwil Software\Avast4\ashServ.exe
[59 loaded modules in total]
--------------------
C:\WINDOWS\system32\LEXBCES.EXE
[25 loaded modules in total]
--------------------
C:\WINDOWS\system32\spoolsv.exe
[58 loaded modules in total]
--------------------
C:\WINDOWS\system32\LEXPPS.EXE
[20 loaded modules in total]
--------------------
C:\WINDOWS\system32\svchost.exe
[32 loaded modules in total]
--------------------
C:\WINDOWS\system32\svchost.exe
[31 loaded modules in total]
--------------------
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
[9 loaded modules in total]
--------------------
C:\WINDOWS\Private Folder\PrfldSvc.exe
[7 loaded modules in total]
--------------------
C:\WINDOWS\system32\svchost.exe
[37 loaded modules in total]
--------------------
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
[51 loaded modules in total]
--------------------
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
[41 loaded modules in total]
--------------------
C:\WINDOWS\System32\alg.exe
[31 loaded modules in total]
--------------------
C:\WINDOWS\Explorer.EXE
[76 loaded modules in total]
--------------------
C:\Windows\LClock\LClock.exe
[18 loaded modules in total]
--------------------
C:\Program Files\VIAudioi\SBADeck\ADeck.exe
[35 loaded modules in total]
--------------------
C:\PROGRA~1\Wanadoo\CnxMon.exe
[18 loaded modules in total]
--------------------
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
[13 loaded modules in total]
--------------------
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
[23 loaded modules in total]
--------------------
C:\WINDOWS\system32\rundll32.exe
[30 loaded modules in total]
--------------------
C:\WINDOWS\VM_STI.exe
[30 loaded modules in total]
--------------------
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
[52 loaded modules in total]
--------------------
C:\Program Files\Search Settings\SearchSettings.exe
[33 loaded modules in total]
--------------------
C:\Program Files\MSN Messenger\MsnMsgr.Exe
[90 loaded modules in total]
--------------------
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[47 loaded modules in total]
--------------------
C:\Program Files\FinePixViewerS\QuickDCF2.exe
[24 loaded modules in total]
--------------------
C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin.exe
[19 loaded modules in total]
--------------------
C:\Program Files\Internet Explorer\iexplore.exe
[132 loaded modules in total]
--------------------
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
[35 loaded modules in total]
--------------------
C:\Program Files\Internet Explorer\IEXPLORE.EXE
[134 loaded modules in total]
--------------------
C:\Program Files\Internet Explorer\IEXPLORE.EXE
[135 loaded modules in total]
--------------------
C:\Documents And Settings\Administrateur\Application Data\Simply Super Software\Trojan Remover\dao5.exe
FileSize: 2519616
[This is a Trojan Remover component]
[21 loaded modules in total]
--------------------
**************************************************
12:57:43: Checking AUTOEXEC.BAT file
AUTOEXEC.BAT found in C:\
No malicious entries were found in the AUTOEXEC.BAT file
**************************************************
12:57:43: Checking AUTOEXEC.NT file
AUTOEXEC.NT found in C:\WINDOWS\system32
No malicious entries were found in the AUTOEXEC.NT file
**************************************************
12:57:43: Checking HOSTS file
No malicious entries were found in the HOSTS file
**************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\"Start Page":
http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\"Local Page":
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\"Search Page":
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL":
https://www.incompris.net/
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
http://www.google.com/toolbar/ie8/sidebar.html
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\"CustomizeSearch":
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\"SearchAssistant":
http://www.google.com/toolbar/ie8/sidebar.html
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Start Page":
https://www.orange.fr/portail
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Search Page":
https://www.google.com/?gws_rd=ssl
**************************************************
=== NO CHANGES HAVE BEEN MADE TO YOUR SYSTEM FILES ===
Scan completed at: 16/03/2008 12:57:43
************************************************************
***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.6.8.2520. For information, email support@simplysup.com
[Unregistered version]
Scan started at: 11/03/2008 13:48:32
Using Database v6950
Operating System: Windows XP SP2 [Windows XP Professional Service Pack 2 (Build 2600)]
File System: NTFS
Data directory: C:\Documents And Settings\Administrateur\Application Data\Simply Super Software\Trojan Remover\
Logfile directory: C:\Documents And Settings\Administrateur\Mes documents\Simply Super Software\Trojan Remover Logfiles\
Program directory: C:\Program Files\Trojan Remover\
Running with Administrator privileges
**************************************************
The following Anti-Malware program(s) are loaded:
Avast! Antivirus
**************************************************
**************************************************
13:48:32: Scanning ----------WIN.INI-----------
WIN.INI found in C:\WINDOWS
**************************************************
13:48:32: Scanning --------SYSTEM.INI---------
SYSTEM.INI found in C:\WINDOWS
**************************************************
13:48:32: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.
**************************************************
13:48:33: Scanning -----WINDOWS REGISTRY-----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
File: Explorer.exe
C:\WINDOWS\Explorer.exe
1037312 bytes
Created: 18/08/2006
Modified: 13/06/2007
Company: Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
File: C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\userinit.exe
25088 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
File: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlogon.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlogon.exe
59124 bytes
Created: 24/02/2008
Modified: 24/02/2008
Company:
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlogon.exe - file is excluded from scanning
----------
This key's "System" value appears to be blank
----------
This key's "UIHost" value calls the following program:
File: logonui.exe
C:\WINDOWS\system32\logonui.exe
5215744 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
Value Name: load
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: LClock
Value Data: \Windows\LClock\LClock.exe
C:\WINDOWS\LClock\LClock.exe
65536 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company:
--------------------
Value Name: AudioDeck
Value Data: C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
C:\Program Files\VIAudioi\SBADeck\ADeck.exe
-R- 540672 bytes
Created: 05/07/2007
Modified: 26/07/2006
Company: VIA Technologies, Inc.
--------------------
Value Name: NeroFilterCheck
Value Data: C:\WINDOWS\system32\NeroCheck.exe
C:\WINDOWS\system32\NeroCheck.exe
155648 bytes
Created: 06/07/2007
Modified: 09/07/2001
Company: Ahead Software Gmbh
--------------------
Value Name: WooCnxMon
Value Data: C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
24576 bytes
Created: 06/07/2007
Modified: 13/10/2004
Company:
--------------------
Value Name: SpeedTouch USB Diagnostics
Value Data: "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
866816 bytes
Created: 06/07/2007
Modified: 26/01/2004
Company: THOMSON Telecom Belgium
--------------------
Value Name: WOOWATCH
Value Data: C:\PROGRA~1\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\Watch.exe
24576 bytes
Created: 06/07/2007
Modified: 13/10/2004
Company: France Télécom R&D
--------------------
Value Name: WOOTASKBARICON
Value Data: C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
49152 bytes
Created: 06/07/2007
Modified: 13/10/2004
Company:
--------------------
Value Name: BluetoothAuthenticationAgent
Value Data: rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
C:\WINDOWS\system32\bthprops.cpl
110592 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
--------------------
Value Name: BigDogPath
Value Data: C:\WINDOWS\VM_STI.exe Philips SPC 200NC PC Camera
C:\WINDOWS\VM_STI.exe
40960 bytes
Created: 22/09/2007
Modified: 09/06/2004
Company: BIGDOG
--------------------
Value Name: avast!
Value Data: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
79224 bytes
Created: 19/01/2008
Modified: 04/12/2007
Company: ALWIL Software
--------------------
Value Name: Flash Driver
Value Data: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlogon.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlogon.exe
59124 bytes
Created: 24/02/2008
Modified: 24/02/2008
Company:
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlogon.exe - file has been excluded from scanning
--------------------
Value Name: SearchSettings
Value Data: C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Search Settings\SearchSettings.exe
1036640 bytes
Created: 06/02/2008
Modified: 06/02/2008
Company: Vendio Services, Inc.
--------------------
Value Name: TrojanScanner
Value Data: C:\Program Files\Trojan Remover\Trjscan.exe
C:\Program Files\Trojan Remover\Trjscan.exe
872528 bytes
Created: 11/03/2008
Modified: 09/03/2008
Company: Simply Super Software
--------------------
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
This Registry Key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: MsnMsgr
Value Data: "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
C:\Program Files\MSN Messenger\MsnMsgr.Exe
5674352 bytes
Created: 19/01/2007
Modified: 19/01/2007
Company: Microsoft Corporation
--------------------
Value Name: swg
Value Data: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
68856 bytes
Created: 11/10/2007
Modified: 11/10/2007
Company: Google Inc.
--------------------
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
**************************************************
13:48:34: Scanning -----SHELLEXECUTEHOOKS-----
ValueName: {AEB6717E-7E19-11d0-97EE-00C04FD91972}
File: shell32.dll - this file is expected and has been left in place
----------
**************************************************
13:48:34: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------
**************************************************
13:48:34: Scanning -----ACTIVE SCREENSAVER-----
No active ScreenSaver found to scan.
**************************************************
13:48:34: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
Key: >{26923b43-4d38-484f-9b9e-de460746276c}
Path: %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
C:\WINDOWS\system32\shmgrate.exe
42496 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a}
Path: %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
C:\WINDOWS\system32\shmgrate.exe
42496 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: {44BBA840-CC51-11CF-AAFA-00AA00B6015C}
Path: "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
C:\Program Files\Outlook Express\setup50.exe
73728 bytes
Created: 05/07/2007
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: {44BBA842-CC51-11CF-AAFA-00AA00B6015B}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
C:\WINDOWS\system32\advpack.dll
101888 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: {6BF52A52-394A-11d3-B153-00C04F79FAA6}
Path: rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
C:\WINDOWS\system32\advpack.dll - file already scanned
----------
Key: {7790769C-0471-11d2-AF11-00C04FA35D02}
Path: "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
C:\Program Files\Outlook Express\setup50.exe
73728 bytes
Created: 05/07/2007
Modified: 18/08/2006
Company: Microsoft Corporation
----------
**************************************************
13:48:35: Scanning ----- SERVICEDLL REGISTRY KEYS -----
Key: BthServ
Path: %SystemRoot%\System32\bthserv.dll
C:\WINDOWS\System32\bthserv.dll
30208 bytes
Created: 18/08/2006
Modified: 02/08/2006
Company: Microsoft Corporation
--------------------
Key: HidServ
%SystemRoot%\System32\hidserv.dll - file is globally excluded (file cannot be found)
--------------------
Key: WmdmPmSN
Path: C:\WINDOWS\system32\mspmsnsv.dll
C:\WINDOWS\system32\mspmsnsv.dll
26112 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
--------------------
**************************************************
13:48:35: Scanning ----- SERVICES REGISTRY KEYS -----
Key: alcan5wn
ImagePath: system32\DRIVERS\alcan5wn.sys
C:\WINDOWS\system32\DRIVERS\alcan5wn.sys
53600 bytes
Created: 06/07/2007
Modified: 08/12/2003
Company: THOMSON
----------
Key: aswUpdSv
ImagePath: "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
17272 bytes
Created: 19/01/2008
Modified: 04/12/2007
Company: ALWIL Software
----------
Key: avast! Antivirus
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashServ.exe"
C:\Program Files\Alwil Software\Avast4\ashServ.exe
140664 bytes
Created: 19/01/2008
Modified: 04/12/2007
Company: ALWIL Software
----------
Key: avast! Mail Scanner
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
247160 bytes
Created: 19/01/2008
Modified: 04/12/2007
Company: ALWIL Software
----------
Key: avast! Web Scanner
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
345464 bytes
Created: 19/01/2008
Modified: 04/12/2007
Company: ALWIL Software
----------
Key: AVWEBCAM
ImagePath: system32\DRIVERS\avwebcam.sys
C:\WINDOWS\system32\DRIVERS\avwebcam.sys
215552 bytes
Created: 20/11/2007
Modified: 22/11/2005
Company: Windows (R) 2000 DDK provider
----------
Key: BthEnum
ImagePath: system32\DRIVERS\BthEnum.sys
C:\WINDOWS\system32\DRIVERS\BthEnum.sys
17024 bytes
Created: 18/12/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: BTHMODEM
ImagePath: system32\DRIVERS\bthmodem.sys
C:\WINDOWS\system32\DRIVERS\bthmodem.sys
38016 bytes
Created: 18/12/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: BthPan
ImagePath: system32\DRIVERS\bthpan.sys
C:\WINDOWS\system32\DRIVERS\bthpan.sys
100992 bytes
Created: 18/12/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: BTHPORT
ImagePath: System32\Drivers\BTHport.sys
C:\WINDOWS\System32\Drivers\BTHport.sys
274944 bytes
Created: 18/12/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: BTHUSB
ImagePath: System32\Drivers\BTHUSB.sys
C:\WINDOWS\System32\Drivers\BTHUSB.sys
18944 bytes
Created: 18/12/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: FETNDISB
ImagePath: system32\DRIVERS\fetnd5b.sys
C:\WINDOWS\system32\DRIVERS\fetnd5b.sys
-R- 42496 bytes
Created: 05/07/2007
Modified: 15/04/2004
Company: VIA Technologies, Inc.
----------
Key: gagp30kx
ImagePath: system32\DRIVERS\gagp30kx.sys
C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
46464 bytes
Created: 05/07/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: GMSIPCI
ImagePath: \??\E:\INSTALL\GMSIPCI.SYS
E:\INSTALL\GMSIPCI.SYS - this file has been excluded from scanning
----------
Key: gusvc
ImagePath: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
138168 bytes
Created: 07/10/2007
Modified: 07/10/2007
Company: Google
----------
Key: HidBth
ImagePath: system32\DRIVERS\hidbth.sys
C:\WINDOWS\system32\DRIVERS\hidbth.sys
25856 bytes
Created: 18/12/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: LexBceS
ImagePath: C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXBCES.EXE
303104 bytes
Created: 25/02/2003
Modified: 25/02/2003
Company: Lexmark International, Inc.
----------
Key: LightScribeService
ImagePath: "C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe"
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
53248 bytes
Created: 22/09/2005
Modified: 22/09/2005
Company: Hewlett-Packard Company
----------
Key: ose
ImagePath: "C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE"
C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE
89136 bytes
Created: 28/07/2003
Modified: 28/07/2003
Company: Microsoft Corporation
----------
Key: prfldsvc
ImagePath: C:\WINDOWS\Private Folder\PrfldSvc.exe
C:\WINDOWS\Private Folder\PrfldSvc.exe
69632 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company:
----------
Key: Prvflder
ImagePath: system32\DRIVERS\prvflder.sys
C:\WINDOWS\system32\DRIVERS\prvflder.sys
70912 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Windows (R) 2000 DDK provider
----------
Key: RFCOMM
ImagePath: system32\DRIVERS\rfcomm.sys
C:\WINDOWS\system32\DRIVERS\rfcomm.sys
59648 bytes
Created: 18/12/2007
Modified: 02/08/2006
Company: Microsoft Corporation
----------
Key: Secdrv
ImagePath: system32\DRIVERS\secdrv.sys
C:\WINDOWS\system32\DRIVERS\secdrv.sys
20480 bytes
Created: 18/08/2006
Modified: 13/11/2007
Company: Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.
----------
Key: sr
ImagePath: \SystemRoot\system32\DRIVERS\sr.sys
C:\WINDOWS\system32\DRIVERS\sr.sys
73600 bytes
Created: 05/07/2007
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: ssm_bus
ImagePath: system32\DRIVERS\ssm_bus.sys
C:\WINDOWS\system32\DRIVERS\ssm_bus.sys
58320 bytes
Created: 19/09/2007
Modified: 30/08/2005
Company: MCCI
----------
Key: ssm_mdfl
ImagePath: system32\DRIVERS\ssm_mdfl.sys
C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys
8336 bytes
Created: 19/09/2007
Modified: 30/08/2005
Company: MCCI
----------
Key: ssm_mdm
ImagePath: system32\DRIVERS\ssm_mdm.sys
C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys
94000 bytes
Created: 19/09/2007
Modified: 30/08/2005
Company: MCCI
----------
Key: SwPrv
ImagePath: C:\WINDOWS\system32\dllhost.exe /Processid:{66A60C2A-3CCA-4AD9-BE1B-76EC87362844}
C:\WINDOWS\system32\dllhost.exe
5120 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: usnjsvc
ImagePath: "C:\Program Files\MSN Messenger\usnsvc.exe"
C:\Program Files\MSN Messenger\usnsvc.exe
97136 bytes
Created: 19/01/2007
Modified: 19/01/2007
Company: Microsoft Corporation
----------
Key: VIAudio
ImagePath: system32\drivers\vinyl97.sys
C:\WINDOWS\system32\drivers\vinyl97.sys
-R- 204160 bytes
Created: 05/07/2007
Modified: 13/04/2006
Company: VIA Technologies, Inc.
----------
Key: ZSMC301b
ImagePath: System32\Drivers\usbVM31b.sys
C:\WINDOWS\System32\Drivers\usbVM31b.sys - this file has been excluded from scanning
----------
**************************************************
13:48:38: Scanning -----VXD ENTRIES-----
Checking the following VxD entries:
**************************************************
13:48:38: Scanning ----- WINLOGON\NOTIFY DLLS -----
**************************************************
13:48:38: Scanning ----- CONTEXTMENUHANDLERS -----
Key: avast
CLSID: {472083B0-C522-11CF-8763-00608CC02F24}
Path: C:\Program Files\Alwil Software\Avast4\ashShell.dll
C:\Program Files\Alwil Software\Avast4\ashShell.dll
75128 bytes
Created: 19/01/2008
Modified: 04/12/2007
Company: ALWIL Software
----------
Key: Fichiers hors connexion
CLSID: {750fdf0e-2a26-11d1-a3ea-080036587f03}
Path: %SystemRoot%\System32\cscui.dll
C:\WINDOWS\System32\cscui.dll
337920 bytes
Created: 18/08/2006
Modified: 18/08/2006
Company: Microsoft Corporation
----------
Key: Open With
CLSID: {09799AFB-AD67-11d1-ABCD-00C04FC30936}
Path: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: Open With EncryptionMenu
CLSID: {A470F8CF-A1E8-4f65-8335-227475AA5C46}
Path: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: Trojan Remover
CLSID: {52B87208-9CCF-42C9-B88E-069281105805}
Path: C:\PROGRA~1\TROJAN~1\Trshlex.dll
C:\PROGRA~1\TROJAN~1\Trshlex.dll
467552 bytes
Created: 11/03/2008
Modified: 05/02/2007
Company: Simply Super Software
----------
Key: {a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
Path: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
**************************************************
13:48:39: Scanning ----- FOLDER\COLUMNHANDLERS -----
Key: {0D2E74C4-3C34-11d2-A27E-00C04FC30871}
File: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: {24F14F01-7B1C-11d1-838f-0000F80461CF}
File: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: {24F14F02-7B1C-11d1-838f-0000F80461CF}
File: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: {66742402-F9B9-11D1-A202-0000F81FEDEE}
File: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
**************************************************
13:48:40: Scanning ----- BROWSER HELPER OBJECTS -----
Key: {9030D464-4C02-4ABF-8ECC-5164760863C6}
BHO: C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
322368 bytes
Created: 31/08/2006
Modified: 31/08/2006
Company: Microsoft Corporation
----------
Key: {AA58ED58-01DD-4d91-8333-CF10577473F7}
BHO: c:\program files\google\googletoolbar1.dll
c:\program files\google\googletoolbar1.dll
-R- 2436160 bytes
Created: 07/10/2007
Modified: 07/10/2007
Company: Google Inc.
----------
Key: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
BHO: C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
325048 bytes
Created: 11/10/2007
Modified: 11/10/2007
Company: Google Inc.
----------
Key: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
BHO: C:\Program Files\Windows Live Toolbar\msntb.dll
C:\Program Files\Windows Live Toolbar\msntb.dll
546320 bytes
Created: 19/10/2007
Modified: 19/10/2007
Company: Microsoft Corporation
----------
Key: {E312764E-7706-43F1-8DAB-FCDD2B1E416D}
BHO: C:\Program Files\Search Settings\kb126\SearchSettings.dll
C:\Program Files\Search Settings\kb126\SearchSettings.dll
1160544 bytes
Created: 06/02/2008
Modified: 06/02/2008
Company: Vendio Services, Inc.
----------
**************************************************
13:48:40: Scanning ----- SHELLSERVICEOBJECTS -----
Key: PostBootReminder
CLSID: {7849596a-48ea-486e-8937-a2a3009f31a9}
Path: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: CDBurn
CLSID: {fbeb8a05-beee-4442-804e-409d6c4515e9}
Path: %SystemRoot%\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
8510976 bytes
Created: 18/08/2006
Modified: 25/10/2007
Company: Microsoft Corporation
----------
Key: WebCheck
CLSID: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
Path: %SystemRoot%\system32\webcheck.dll
C:\WINDOWS\system32\webcheck.dll
A voir également:
- Virus album photo msn comment je fait?
- Google photo - Télécharger - Albums photo
- Album photo partagé - Guide
- Google photo album partagé - Guide
- Photo filtre 7 gratuit - Télécharger - Retouche d'image
- Logiciel album photo - Télécharger - Albums photo
