PYAGCORE- problème sous vista
sizza
-
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
Il semble que ma copine soit infecté par un trojan/virus...
voici le log de HighJackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:05:45, on 2008-09-29
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\Program Files\Portrait Displays\Pivot Software\wpCtrl.exe
C:\Program Files\Portrait Displays\HP My Display\dthtml.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Symantec AntiVirus\VPTray.exe
C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Kiwee Toolbar2\2.7.161\kwtbaim.exe
C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Weather Watcher\ww.exe
C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\HP Connections\6811507\Program\HP Connections.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
C:\Program Files\Portrait Displays\Pivot Software\floater.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\hp\kbd\kbd.exe
C:\Windows\System32\updater\explorer.exe
C:\Users\POPRIE~1\AppData\Local\Temp\ir_ext_temp_77\autorun.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\PROGRA~1\IZArc\IZArc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp-consumer.my.aol.qc.ca/?icid=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hp-consumer.my.aol.qc.ca/?icid=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\agi\common\_agcutils.pyd (file missing)
O1 - Hosts: ::1 localhost
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\2.7.161\KiweeIEToolbar.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Flash module - {7A9077BD-05AE-4fdf-AB2E-4128C43C4635} - C:\Program Files\Adobe\Flash\flash32.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\2.7.161\KiweeIEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe"
O4 - HKLM\..\Run: [DT HPW] C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe -startup_folder
O4 - HKLM\..\Run: [Updater] C:\Windows\system32\updater\explorer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar2\2.7.161\kwtbaim.exe"
O4 - HKLM\..\Run: [CTCheck] C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKCU\..\Run: [WeatherWatcher] C:\Program Files\Weather Watcher\ww.exe
O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe
O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Gestionnaire Antidote.exe] C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Gestionnaire Antidote.exe] C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Connexions HP.lnk = C:\Program Files\HP Connections\6811507\Program\HP Connections.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\OFFICE~1\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\agi\common\agservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: lxbs_device - - C:\Windows\system32\lxbscoms.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\RpcSandraSrv.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Il semble que ma copine soit infecté par un trojan/virus...
voici le log de HighJackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:05:45, on 2008-09-29
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\Program Files\Portrait Displays\Pivot Software\wpCtrl.exe
C:\Program Files\Portrait Displays\HP My Display\dthtml.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Symantec AntiVirus\VPTray.exe
C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Kiwee Toolbar2\2.7.161\kwtbaim.exe
C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Weather Watcher\ww.exe
C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\HP Connections\6811507\Program\HP Connections.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
C:\Program Files\Portrait Displays\Pivot Software\floater.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\hp\kbd\kbd.exe
C:\Windows\System32\updater\explorer.exe
C:\Users\POPRIE~1\AppData\Local\Temp\ir_ext_temp_77\autorun.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\PROGRA~1\IZArc\IZArc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp-consumer.my.aol.qc.ca/?icid=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hp-consumer.my.aol.qc.ca/?icid=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\agi\common\_agcutils.pyd (file missing)
O1 - Hosts: ::1 localhost
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\2.7.161\KiweeIEToolbar.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Flash module - {7A9077BD-05AE-4fdf-AB2E-4128C43C4635} - C:\Program Files\Adobe\Flash\flash32.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\2.7.161\KiweeIEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe"
O4 - HKLM\..\Run: [DT HPW] C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe -startup_folder
O4 - HKLM\..\Run: [Updater] C:\Windows\system32\updater\explorer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar2\2.7.161\kwtbaim.exe"
O4 - HKLM\..\Run: [CTCheck] C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKCU\..\Run: [WeatherWatcher] C:\Program Files\Weather Watcher\ww.exe
O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe
O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Gestionnaire Antidote.exe] C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Gestionnaire Antidote.exe] C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Connexions HP.lnk = C:\Program Files\HP Connections\6811507\Program\HP Connections.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\OFFICE~1\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\agi\common\agservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: lxbs_device - - C:\Windows\system32\lxbscoms.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\RpcSandraSrv.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
A voir également:
- PYAGCORE- problème sous vista
- Windows vista - Télécharger - Divers Utilitaires
- Clé windows vista - Guide
- Windows Vista SP1 - Télécharger - Divers Utilitaires
- Pdf vista - Télécharger - PDF
- Vista inspirat - Télécharger - Personnalisation
4 réponses
slt
Il semble que ma copine soit infecté par un trojan/virus...
c'est ta copine ou son ordi qui est infécté ? :)
________________
Telecharge FindyKill sur ton bureau :
--> http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe
--> Lance l installation avec les parametres par default
--> Double clic sur le raccourci FindyKill sur ton bureau
--> Au menu principal,choisi l option 1 (Recherche)
--> Post le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
______________________
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
Il semble que ma copine soit infecté par un trojan/virus...
c'est ta copine ou son ordi qui est infécté ? :)
________________
Telecharge FindyKill sur ton bureau :
--> http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe
--> Lance l installation avec les parametres par default
--> Double clic sur le raccourci FindyKill sur ton bureau
--> Au menu principal,choisi l option 1 (Recherche)
--> Post le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
______________________
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
rapport de TOOLBARSD:
-----------\\ ToolBar S&D 1.2.1 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : XXXXXtaire ( Administrator )
BOOT : Normal boot
Antivirus : Symantec AntiVirus 10.2.0.276 (Activated)
C:\ (Local Disk) - NTFS - Total : 226 Go Free : 22 Go
D:\ (Local Disk) - NTFS - Total : 6 Go Free : 0 Go
E:\ (CD or DVD)
F:\ (Local Disk) - NTFS - Total : 50 Go Free : 37 Go
H:\ (USB)
I:\ (USB)
J:\ (USB)
K:\ (USB)
L:\ (Local Disk) - NTFS - Total : 131 Go Free : 80 Go
M:\ (Local Disk) - NTFS - Total : 50 Go Free : 44 Go
"C:\ToolBar SD" ( MAJ : 24-09-2008|21:50 )
Option : [1] ( 2008-09-30|20:09 )
[ UAC => 1 ]
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Program Files\AskTBar
C:\Program Files\AskTBar\bar
C:\Users\XXXXX~1\AppData\Roaming\MICROS~1\Windows\Cookies\XXXXXtaire@mysearch[1].txt
C:\Users\XXXXX~1\AppData\Local\Temp\nsa213A.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsa58DA.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsa7C28.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsa85E5.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsaDAA6.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsb7A3F.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsb9385.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nse8A36.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsf6358.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsf6359.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsf6C1B.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsfE2B4.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsg9355.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsgAF78.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsgBE69.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsgF392.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsh8470.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsh8471.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsi274C.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsj9688.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsj9689.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nskC2D2.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nskCE1B.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nskCE1C.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsl212A.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsl74F9.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsl8027.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsl8E7D.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsn35C0.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsn35C1.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsq1036.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsq8644.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsqBEA8.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsrD89C.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsu852F.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsu8530.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsvE2C5.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsw8E6D.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nswCA18.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nswD8BC.tmp
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Url"="https://www.msn.com/fr-fr/actualite/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://hp-consumer.my.aol.qc.ca/?icid=desktop"
"Default_Page_URL"="http://hp-consumer.my.aol.qc.ca/?icid=desktop"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\Users\XXXXX~1\AppData\Local\Temp\crack.ace
C:\Users\XXXXX~1\AppData\Local\Temp\KEYGEN.zip.pando
C:\Users\XXXXX~1\AppData\Local\Temp\Mahjongg Master Deluxe\Game\Backgrounds\Natural Textures\Cracks.jpg
C:\Users\XXXXX~1\AppData\Roaming\Three Rings Design\Puzzle Pirates\rsrc\bundles\tiles\outdoors\structures\bundle\jettyedge_crack.raw
C:\Users\XXXXX~1\AppData\Roaming\uTorrent\TechSmith Camtasia Studio v5.0.2 [ZWT keygen][h33t][matt14].torrent
C:\Users\XXXXX~1\Desktop\Jeux\crack.ace
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\sound\sfx\rock_crack_deep1.ogg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_crackglowa.alpha.jpg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_crackglowa.jpg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_crackglowb.alpha.jpg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_crackglowb.jpg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_crackglowc.alpha.jpg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_crackglowc.jpg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_cracksa-dark.alpha.jpg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_cracksa-dark.jpg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_cracksa-light.alpha.jpg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_cracksa-light.jpg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_cracksb-dark.alpha.jpg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_cracksb-dark.jpg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_cracksb-light.png
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_cracksc-dark.alpha.jpg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_cracksc-dark.jpg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_cracksc-light.png
C:\Users\XXXXX~1\Desktop\Muvee_AutoProducer.v6[hamlet]\Crack
C:\Users\XXXXX~1\Desktop\Muvee_AutoProducer.v6[hamlet]\Crack\Leeme!!.txt
C:\Users\XXXXX~1\Desktop\Muvee_AutoProducer.v6[hamlet]\Crack\muveeapp.exe
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Civilisation IV\Assets\Sounds\Units\CrackNeck-000.wav
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Civilisation IV\Assets\Sounds\Units\CrackNeck-001.wav
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Civilisation IV\Assets\Sounds\Units\CrackNeck-002.wav
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Civilisation IV\Assets\Sounds\Units\CrackNeck-003.wav
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Civilisation IV\Assets\Sounds\Units\CrackNeck-004.wav
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\GTA San Andreas Back up exe Crack
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Worms 4 crack
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Civilisation IV\Assets\Sounds\Units\CrackNeck-000.wav
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Civilisation IV\Assets\Sounds\Units\CrackNeck-001.wav
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Civilisation IV\Assets\Sounds\Units\CrackNeck-002.wav
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Civilisation IV\Assets\Sounds\Units\CrackNeck-003.wav
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Civilisation IV\Assets\Sounds\Units\CrackNeck-004.wav
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\GTA San Andreas Back up exe Crack\GTA_SA.EXE
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Program Files\Call of Duty\Call of duty crack
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Program Files\Call of Duty\Call of duty crack\clonecdremover.rar
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Program Files\Call of Duty\Call of duty crack\codmini-skl
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Program Files\Call of Duty\Call of duty crack\codmini-skl.rar
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Program Files\Call of Duty\Call of duty crack\file_id.diz
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Program Files\Call of Duty\Call of duty crack\skull.nfo
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Program Files\Call of Duty\Call of duty crack\codmini-skl\codmini-skl.mdf
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Program Files\Call of Duty\Call of duty crack\codmini-skl\codmini-skl.mds
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Stronghold II\meshes\Buildings\castle_wall_crack.DDS
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Stronghold II\meshes\Buildings\castle_wall_crack.normalmap.DDS
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Worms 4 crack\protect.dll
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Worms 4 crack\reloaded.nfo
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Worms 4 crack\WORMS 4 MAYHEM.EXE
C:\Users\XXXXX~1\Desktop\Utilitaires\Jos‚e\SnagIt v7.1.1_cz\keygen.exe
C:\Users\XXXXX~1\Documents\Downloads\Bigfish Games - Cradle of Rome + Crack {DanManInSane}
C:\Users\XXXXX~1\Documents\Downloads\TechSmith Camtasia Studio v5.0.2 [ZWT keygen][h33t][matt14]
C:\Users\XXXXX~1\Documents\Downloads\Bigfish Games - Cradle of Rome + Crack {DanManInSane}\Bigfish Games - Cradle of Rome + Crack {DanManInSane}.zip
C:\Users\XXXXX~1\Documents\Downloads\Bigfish Games - Cradle of Rome + Crack {DanManInSane}\Torrent downloaded from Demonoid.com.txt
C:\Users\XXXXX~1\Documents\Downloads\TechSmith Camtasia Studio v5.0.2 [ZWT keygen][h33t][matt14]\camtasia-studio.JPG
C:\Users\XXXXX~1\Documents\Downloads\TechSmith Camtasia Studio v5.0.2 [ZWT keygen][h33t][matt14]\camtasia.msi
C:\Users\XXXXX~1\Documents\Downloads\TechSmith Camtasia Studio v5.0.2 [ZWT keygen][h33t][matt14]\h33t - matt14.URL
C:\Users\XXXXX~1\Documents\Downloads\TechSmith Camtasia Studio v5.0.2 [ZWT keygen][h33t][matt14]\keygen.exe
C:\Users\XXXXX~1\Documents\Downloads\TechSmith Camtasia Studio v5.0.2 [ZWT keygen][h33t][matt14]\matt14.nfo
C:\Users\XXXXX~1\Documents\Downloads\TechSmith Camtasia Studio v5.0.2 [ZWT keygen][h33t][matt14]\Read Me !!!.txt
C:\Users\XXXXX~1\Documents\Downloads\TechSmith Camtasia Studio v5.0.2 [ZWT keygen][h33t][matt14]\tracked_by_h33t_com.txt
C:\Users\XXXXX~1\Documents\Downloads\TechSmith Camtasia Studio v5.0.2 [ZWT keygen][h33t][matt14]\zwt.nfo
C:\Users\XXXXX~1\Documents\My Pando Packages\KEYGEN.zip
[ UAC => 1 ]
1 - "C:\ToolBar SD\TB_1.txt" - 2008-09-30|20:11 - Option : [1]
-----------\\ Fin du rapport a 20:11:46,39
-----------\\ ToolBar S&D 1.2.1 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : XXXXXtaire ( Administrator )
BOOT : Normal boot
Antivirus : Symantec AntiVirus 10.2.0.276 (Activated)
C:\ (Local Disk) - NTFS - Total : 226 Go Free : 22 Go
D:\ (Local Disk) - NTFS - Total : 6 Go Free : 0 Go
E:\ (CD or DVD)
F:\ (Local Disk) - NTFS - Total : 50 Go Free : 37 Go
H:\ (USB)
I:\ (USB)
J:\ (USB)
K:\ (USB)
L:\ (Local Disk) - NTFS - Total : 131 Go Free : 80 Go
M:\ (Local Disk) - NTFS - Total : 50 Go Free : 44 Go
"C:\ToolBar SD" ( MAJ : 24-09-2008|21:50 )
Option : [1] ( 2008-09-30|20:09 )
[ UAC => 1 ]
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Program Files\AskTBar
C:\Program Files\AskTBar\bar
C:\Users\XXXXX~1\AppData\Roaming\MICROS~1\Windows\Cookies\XXXXXtaire@mysearch[1].txt
C:\Users\XXXXX~1\AppData\Local\Temp\nsa213A.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsa58DA.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsa7C28.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsa85E5.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsaDAA6.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsb7A3F.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsb9385.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nse8A36.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsf6358.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsf6359.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsf6C1B.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsfE2B4.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsg9355.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsgAF78.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsgBE69.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsgF392.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsh8470.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsh8471.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsi274C.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsj9688.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsj9689.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nskC2D2.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nskCE1B.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nskCE1C.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsl212A.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsl74F9.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsl8027.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsl8E7D.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsn35C0.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsn35C1.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsq1036.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsq8644.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsqBEA8.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsrD89C.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsu852F.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsu8530.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsvE2C5.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nsw8E6D.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nswCA18.tmp
C:\Users\XXXXX~1\AppData\Local\Temp\nswD8BC.tmp
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Url"="https://www.msn.com/fr-fr/actualite/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://hp-consumer.my.aol.qc.ca/?icid=desktop"
"Default_Page_URL"="http://hp-consumer.my.aol.qc.ca/?icid=desktop"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\Users\XXXXX~1\AppData\Local\Temp\crack.ace
C:\Users\XXXXX~1\AppData\Local\Temp\KEYGEN.zip.pando
C:\Users\XXXXX~1\AppData\Local\Temp\Mahjongg Master Deluxe\Game\Backgrounds\Natural Textures\Cracks.jpg
C:\Users\XXXXX~1\AppData\Roaming\Three Rings Design\Puzzle Pirates\rsrc\bundles\tiles\outdoors\structures\bundle\jettyedge_crack.raw
C:\Users\XXXXX~1\AppData\Roaming\uTorrent\TechSmith Camtasia Studio v5.0.2 [ZWT keygen][h33t][matt14].torrent
C:\Users\XXXXX~1\Desktop\Jeux\crack.ace
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\sound\sfx\rock_crack_deep1.ogg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_crackglowa.alpha.jpg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_crackglowa.jpg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_crackglowb.alpha.jpg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_crackglowb.jpg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_crackglowc.alpha.jpg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_crackglowc.jpg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_cracksa-dark.alpha.jpg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_cracksa-dark.jpg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_cracksa-light.alpha.jpg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_cracksa-light.jpg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_cracksb-dark.alpha.jpg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_cracksb-dark.jpg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_cracksb-light.png
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_cracksc-dark.alpha.jpg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_cracksc-dark.jpg
C:\Users\XXXXX~1\Desktop\Jeux\Minions of Mirth\common\minions.of.mirth\data\spells\th\zodiacs\th_cracksc-light.png
C:\Users\XXXXX~1\Desktop\Muvee_AutoProducer.v6[hamlet]\Crack
C:\Users\XXXXX~1\Desktop\Muvee_AutoProducer.v6[hamlet]\Crack\Leeme!!.txt
C:\Users\XXXXX~1\Desktop\Muvee_AutoProducer.v6[hamlet]\Crack\muveeapp.exe
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Civilisation IV\Assets\Sounds\Units\CrackNeck-000.wav
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Civilisation IV\Assets\Sounds\Units\CrackNeck-001.wav
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Civilisation IV\Assets\Sounds\Units\CrackNeck-002.wav
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Civilisation IV\Assets\Sounds\Units\CrackNeck-003.wav
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Civilisation IV\Assets\Sounds\Units\CrackNeck-004.wav
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\GTA San Andreas Back up exe Crack
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Worms 4 crack
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Civilisation IV\Assets\Sounds\Units\CrackNeck-000.wav
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Civilisation IV\Assets\Sounds\Units\CrackNeck-001.wav
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Civilisation IV\Assets\Sounds\Units\CrackNeck-002.wav
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Civilisation IV\Assets\Sounds\Units\CrackNeck-003.wav
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Civilisation IV\Assets\Sounds\Units\CrackNeck-004.wav
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\GTA San Andreas Back up exe Crack\GTA_SA.EXE
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Program Files\Call of Duty\Call of duty crack
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Program Files\Call of Duty\Call of duty crack\clonecdremover.rar
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Program Files\Call of Duty\Call of duty crack\codmini-skl
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Program Files\Call of Duty\Call of duty crack\codmini-skl.rar
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Program Files\Call of Duty\Call of duty crack\file_id.diz
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Program Files\Call of Duty\Call of duty crack\skull.nfo
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Program Files\Call of Duty\Call of duty crack\codmini-skl\codmini-skl.mdf
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Program Files\Call of Duty\Call of duty crack\codmini-skl\codmini-skl.mds
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Stronghold II\meshes\Buildings\castle_wall_crack.DDS
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Stronghold II\meshes\Buildings\castle_wall_crack.normalmap.DDS
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Worms 4 crack\protect.dll
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Worms 4 crack\reloaded.nfo
C:\Users\XXXXX~1\Desktop\Programmes et Documents\Programmes et Documents\Worms 4 crack\WORMS 4 MAYHEM.EXE
C:\Users\XXXXX~1\Desktop\Utilitaires\Jos‚e\SnagIt v7.1.1_cz\keygen.exe
C:\Users\XXXXX~1\Documents\Downloads\Bigfish Games - Cradle of Rome + Crack {DanManInSane}
C:\Users\XXXXX~1\Documents\Downloads\TechSmith Camtasia Studio v5.0.2 [ZWT keygen][h33t][matt14]
C:\Users\XXXXX~1\Documents\Downloads\Bigfish Games - Cradle of Rome + Crack {DanManInSane}\Bigfish Games - Cradle of Rome + Crack {DanManInSane}.zip
C:\Users\XXXXX~1\Documents\Downloads\Bigfish Games - Cradle of Rome + Crack {DanManInSane}\Torrent downloaded from Demonoid.com.txt
C:\Users\XXXXX~1\Documents\Downloads\TechSmith Camtasia Studio v5.0.2 [ZWT keygen][h33t][matt14]\camtasia-studio.JPG
C:\Users\XXXXX~1\Documents\Downloads\TechSmith Camtasia Studio v5.0.2 [ZWT keygen][h33t][matt14]\camtasia.msi
C:\Users\XXXXX~1\Documents\Downloads\TechSmith Camtasia Studio v5.0.2 [ZWT keygen][h33t][matt14]\h33t - matt14.URL
C:\Users\XXXXX~1\Documents\Downloads\TechSmith Camtasia Studio v5.0.2 [ZWT keygen][h33t][matt14]\keygen.exe
C:\Users\XXXXX~1\Documents\Downloads\TechSmith Camtasia Studio v5.0.2 [ZWT keygen][h33t][matt14]\matt14.nfo
C:\Users\XXXXX~1\Documents\Downloads\TechSmith Camtasia Studio v5.0.2 [ZWT keygen][h33t][matt14]\Read Me !!!.txt
C:\Users\XXXXX~1\Documents\Downloads\TechSmith Camtasia Studio v5.0.2 [ZWT keygen][h33t][matt14]\tracked_by_h33t_com.txt
C:\Users\XXXXX~1\Documents\Downloads\TechSmith Camtasia Studio v5.0.2 [ZWT keygen][h33t][matt14]\zwt.nfo
C:\Users\XXXXX~1\Documents\My Pando Packages\KEYGEN.zip
[ UAC => 1 ]
1 - "C:\ToolBar SD\TB_1.txt" - 2008-09-30|20:11 - Option : [1]
-----------\\ Fin du rapport a 20:11:46,39
rapport de FINDYKILL:
----------------- FindyKill V3.095 ------------------
* User : XXXXX
* Emplacement : C:\Program Files\FindyKill\FindyKill.cmd
* Outils Mis a jours le 30/09/08 par Chiquitine29
* Recherche effectuée à 20:01:09 le 2008-09-30
* Windows Vista - Internet Explorer 7.0.6001.18000
((((((((((((((((( *** Recherche *** ))))))))))))))))))
»»»» Presence des fichiers dans C:
»»»» Presence des fichiers dans C:\Windows
»»»» Presence des fichiers dans C:\Windows\Prefetch
»»»» Presence des fichiers dans C:\Windows\system32
»»»» Presence des fichiers dans C:\Windows\system32\drivers
»»»» Presence des fichiers dans C:\Users\XXXXXtaire\AppData\Roaming
»»»» Presence des fichiers dans C:\Users\XXXXX~1\AppData\Local\Temp
C:\Users\XXXXX~1\AppData\Local\Temp\crack.ace
C:\Users\XXXXX~1\AppData\Local\Temp\KEYGEN.zip.pando
C:\Users\XXXXX~1\AppData\Local\Temp\PSE_patch_log.txt
C:\Users\XXXXX~1\AppData\Local\Temp\Mahjongg Master Deluxe\Game\Backgrounds\Natural Textures\Cracks.jpg
C:\Users\XXXXX~1\AppData\Local\Temp\Mahjongg Master Deluxe\Game\Layouts\Patches 2.lay
C:\Users\XXXXX~1\AppData\Local\Temp\Mahjongg Master Deluxe\Game\Layouts\Patches.lay
C:\Users\XXXXX~1\AppData\Local\Temp\Mahjongg Master Deluxe\Game\Tilesets\Traditional Spatch.jpg
C:\Users\XXXXX~1\AppData\Local\Temp\NAV14.2.0.29\NAV\External\CommonFi\NAVPatch.grd
C:\Users\XXXXX~1\AppData\Local\Temp\NAV14.2.0.29\NAV\External\CommonFi\NAVPatch.sig
C:\Users\XXXXX~1\AppData\Local\Temp\NAV14.2.0.29\NAV\External\CommonFi\NAVPatch.spm
C:\Users\XXXXX~1\AppData\Local\Temp\NAV14.2.0.29\NAV\External\NORTON\APP\patch25d.dll
C:\Users\XXXXX~1\AppData\Local\Temp\NAV14.2.0.29\Support\AV\AV\patch25.dll
C:\Users\XXXXX~1\AppData\Local\Temp\NAV15.0.0.58\NAV\External\patch25.dll
C:\Users\XXXXX~1\AppData\Local\Temp\NAV15.0.0.58\NAV\External\CommonFi\NAVPatch.grd
C:\Users\XXXXX~1\AppData\Local\Temp\NAV15.0.0.58\NAV\External\CommonFi\NAVPatch.sig
C:\Users\XXXXX~1\AppData\Local\Temp\NAV15.0.0.58\NAV\External\CommonFi\NAVPatch.spm
C:\Users\XXXXX~1\AppData\Local\Temp\NAV15.0.0.58\NAV\External\NORTON\APP\patch25d.dll
C:\Users\XXXXX~1\AppData\Local\Temp\NAV15.5.0.23\NAV\External\patch25.dll
C:\Users\XXXXX~1\AppData\Local\Temp\NAV15.5.0.23\NAV\External\CommonFi\NAVPatch.grd
C:\Users\XXXXX~1\AppData\Local\Temp\NAV15.5.0.23\NAV\External\CommonFi\NAVPatch.sig
C:\Users\XXXXX~1\AppData\Local\Temp\NAV15.5.0.23\NAV\External\CommonFi\NAVPatch.spm
C:\Users\XXXXX~1\AppData\Local\Temp\NAV15.5.0.23\NAV\External\NORTON\APP\patch25d.dll
C:\Users\XXXXX~1\AppData\Local\Temp\{007D035A-2357-475F-B69A-F569DDB02C47}\{F317E784-F31C-4F26-A610-2D7BD89FEC5F}\rtpatch.log
C:\Users\XXXXX~1\AppData\Local\Temp\{3574AEB3-7FA0-4DBE-8533-AEDDCF65FE30}\{F317E784-F31C-4F26-A610-2D7BD89FEC5F}\rtpatch.log
C:\Users\XXXXX~1\AppData\Local\Temp\{5C6A0D6F-FB0A-42DC-A316-5C7EA65FD127}\{F317E784-F31C-4F26-A610-2D7BD89FEC5F}\rtpatch.log
C:\Users\XXXXX~1\AppData\Local\Temp\{D696895F-710C-4DE2-8BD9-A1AC5C73A34B}\{F317E784-F31C-4F26-A610-2D7BD89FEC5F}\rtpatch.log
»»»» Registre :
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Windows Defender REG_EXPAND_SZ %ProgramFiles%\Windows Defender\MSASCui.exe -hide
hpsysdrv REG_SZ c:\hp\support\hpsysdrv.exe
KBD REG_SZ C:\HP\KBD\KbdStub.EXE
OsdMaestro REG_SZ "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
RtHDVCpl REG_SZ RtHDVCpl.exe
HP Software Update REG_SZ C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
(par d‚faut) REG_SZ
Adobe Photo Downloader REG_SZ "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
NeroCheck REG_SZ C:\Windows\system32\NeroCheck.exe
PivotSoftware REG_SZ "C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe"
DT HPW REG_SZ C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe -startup_folder
NWEReboot REG_SZ
Updater REG_SZ C:\Windows\system32\updater\explorer.exe
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
hpqSRMon REG_SZ C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
ccApp REG_SZ "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
vptray REG_SZ C:\PROGRA~1\SYMANT~1\VPTray.exe
Ulead AutoDetector v2 REG_SZ C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
Corel Photo Downloader REG_SZ "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
AppleSyncNotifier REG_SZ C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
QuickTime Task REG_SZ "C:\Program Files\QuickTime\QTTask.exe" -atboottime
NvCplDaemon REG_SZ RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
NvMediaCenter REG_SZ RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
KiweeHook REG_SZ "C:\Program Files\Kiwee Toolbar2\2.7.161\kwtbaim.exe"
CTCheck REG_SZ C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Sidebar REG_SZ C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MsnMsgr REG_SZ "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
ehTray.exe REG_SZ C:\Windows\ehome\ehTray.exe
Pando REG_SZ "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
(par d‚faut) REG_SZ
WeatherWatcher REG_SZ C:\Program Files\Weather Watcher\ww.exe
Gestionnaire Antidote.exe REG_SZ C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe
Radio365Agent REG_SZ
EA Core REG_SZ C:\Program Files\Electronic Arts\EADM\Core.exe -silent
WMPNSCFG REG_SZ C:\Program Files\Windows Media Player\WMPNSCFG.exe
CTSyncU.exe REG_SZ "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\OsdMaestro
»»»» Presence d infections dans Support amovible :
----------------- ! Fin du rapport ! ------------------
----------------- FindyKill V3.095 ------------------
* User : XXXXX
* Emplacement : C:\Program Files\FindyKill\FindyKill.cmd
* Outils Mis a jours le 30/09/08 par Chiquitine29
* Recherche effectuée à 20:01:09 le 2008-09-30
* Windows Vista - Internet Explorer 7.0.6001.18000
((((((((((((((((( *** Recherche *** ))))))))))))))))))
»»»» Presence des fichiers dans C:
»»»» Presence des fichiers dans C:\Windows
»»»» Presence des fichiers dans C:\Windows\Prefetch
»»»» Presence des fichiers dans C:\Windows\system32
»»»» Presence des fichiers dans C:\Windows\system32\drivers
»»»» Presence des fichiers dans C:\Users\XXXXXtaire\AppData\Roaming
»»»» Presence des fichiers dans C:\Users\XXXXX~1\AppData\Local\Temp
C:\Users\XXXXX~1\AppData\Local\Temp\crack.ace
C:\Users\XXXXX~1\AppData\Local\Temp\KEYGEN.zip.pando
C:\Users\XXXXX~1\AppData\Local\Temp\PSE_patch_log.txt
C:\Users\XXXXX~1\AppData\Local\Temp\Mahjongg Master Deluxe\Game\Backgrounds\Natural Textures\Cracks.jpg
C:\Users\XXXXX~1\AppData\Local\Temp\Mahjongg Master Deluxe\Game\Layouts\Patches 2.lay
C:\Users\XXXXX~1\AppData\Local\Temp\Mahjongg Master Deluxe\Game\Layouts\Patches.lay
C:\Users\XXXXX~1\AppData\Local\Temp\Mahjongg Master Deluxe\Game\Tilesets\Traditional Spatch.jpg
C:\Users\XXXXX~1\AppData\Local\Temp\NAV14.2.0.29\NAV\External\CommonFi\NAVPatch.grd
C:\Users\XXXXX~1\AppData\Local\Temp\NAV14.2.0.29\NAV\External\CommonFi\NAVPatch.sig
C:\Users\XXXXX~1\AppData\Local\Temp\NAV14.2.0.29\NAV\External\CommonFi\NAVPatch.spm
C:\Users\XXXXX~1\AppData\Local\Temp\NAV14.2.0.29\NAV\External\NORTON\APP\patch25d.dll
C:\Users\XXXXX~1\AppData\Local\Temp\NAV14.2.0.29\Support\AV\AV\patch25.dll
C:\Users\XXXXX~1\AppData\Local\Temp\NAV15.0.0.58\NAV\External\patch25.dll
C:\Users\XXXXX~1\AppData\Local\Temp\NAV15.0.0.58\NAV\External\CommonFi\NAVPatch.grd
C:\Users\XXXXX~1\AppData\Local\Temp\NAV15.0.0.58\NAV\External\CommonFi\NAVPatch.sig
C:\Users\XXXXX~1\AppData\Local\Temp\NAV15.0.0.58\NAV\External\CommonFi\NAVPatch.spm
C:\Users\XXXXX~1\AppData\Local\Temp\NAV15.0.0.58\NAV\External\NORTON\APP\patch25d.dll
C:\Users\XXXXX~1\AppData\Local\Temp\NAV15.5.0.23\NAV\External\patch25.dll
C:\Users\XXXXX~1\AppData\Local\Temp\NAV15.5.0.23\NAV\External\CommonFi\NAVPatch.grd
C:\Users\XXXXX~1\AppData\Local\Temp\NAV15.5.0.23\NAV\External\CommonFi\NAVPatch.sig
C:\Users\XXXXX~1\AppData\Local\Temp\NAV15.5.0.23\NAV\External\CommonFi\NAVPatch.spm
C:\Users\XXXXX~1\AppData\Local\Temp\NAV15.5.0.23\NAV\External\NORTON\APP\patch25d.dll
C:\Users\XXXXX~1\AppData\Local\Temp\{007D035A-2357-475F-B69A-F569DDB02C47}\{F317E784-F31C-4F26-A610-2D7BD89FEC5F}\rtpatch.log
C:\Users\XXXXX~1\AppData\Local\Temp\{3574AEB3-7FA0-4DBE-8533-AEDDCF65FE30}\{F317E784-F31C-4F26-A610-2D7BD89FEC5F}\rtpatch.log
C:\Users\XXXXX~1\AppData\Local\Temp\{5C6A0D6F-FB0A-42DC-A316-5C7EA65FD127}\{F317E784-F31C-4F26-A610-2D7BD89FEC5F}\rtpatch.log
C:\Users\XXXXX~1\AppData\Local\Temp\{D696895F-710C-4DE2-8BD9-A1AC5C73A34B}\{F317E784-F31C-4F26-A610-2D7BD89FEC5F}\rtpatch.log
»»»» Registre :
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Windows Defender REG_EXPAND_SZ %ProgramFiles%\Windows Defender\MSASCui.exe -hide
hpsysdrv REG_SZ c:\hp\support\hpsysdrv.exe
KBD REG_SZ C:\HP\KBD\KbdStub.EXE
OsdMaestro REG_SZ "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
RtHDVCpl REG_SZ RtHDVCpl.exe
HP Software Update REG_SZ C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
(par d‚faut) REG_SZ
Adobe Photo Downloader REG_SZ "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
NeroCheck REG_SZ C:\Windows\system32\NeroCheck.exe
PivotSoftware REG_SZ "C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe"
DT HPW REG_SZ C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe -startup_folder
NWEReboot REG_SZ
Updater REG_SZ C:\Windows\system32\updater\explorer.exe
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
hpqSRMon REG_SZ C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
ccApp REG_SZ "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
vptray REG_SZ C:\PROGRA~1\SYMANT~1\VPTray.exe
Ulead AutoDetector v2 REG_SZ C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
Corel Photo Downloader REG_SZ "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
AppleSyncNotifier REG_SZ C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
QuickTime Task REG_SZ "C:\Program Files\QuickTime\QTTask.exe" -atboottime
NvCplDaemon REG_SZ RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
NvMediaCenter REG_SZ RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
KiweeHook REG_SZ "C:\Program Files\Kiwee Toolbar2\2.7.161\kwtbaim.exe"
CTCheck REG_SZ C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Sidebar REG_SZ C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MsnMsgr REG_SZ "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
ehTray.exe REG_SZ C:\Windows\ehome\ehTray.exe
Pando REG_SZ "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
(par d‚faut) REG_SZ
WeatherWatcher REG_SZ C:\Program Files\Weather Watcher\ww.exe
Gestionnaire Antidote.exe REG_SZ C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe
Radio365Agent REG_SZ
EA Core REG_SZ C:\Program Files\Electronic Arts\EADM\Core.exe -silent
WMPNSCFG REG_SZ C:\Program Files\Windows Media Player\WMPNSCFG.exe
CTSyncU.exe REG_SZ "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\OsdMaestro
»»»» Presence d infections dans Support amovible :
----------------- ! Fin du rapport ! ------------------
----------------- FindyKill V3.095 ------------------
* User : XXXXXXXXXXXX
* Emplacement : C:\Program Files\FindyKill\FindyKill.cmd
* Outils Mis a jours le 30/09/08 par Chiquitine29
* Recherche effectuée à 20:01:09 le 2008-09-30
* Windows Vista - Internet Explorer 7.0.6001.18000
((((((((((((((((( *** Recherche *** ))))))))))))))))))
»»»» Presence des fichiers dans C:
»»»» Presence des fichiers dans C:\Windows
»»»» Presence des fichiers dans C:\Windows\Prefetch
»»»» Presence des fichiers dans C:\Windows\system32
»»»» Presence des fichiers dans C:\Windows\system32\drivers
»»»» Presence des fichiers dans C:\Users\XXXXXX\AppData\Roaming
»»»» Presence des fichiers dans C:\Users\XXXXX~1\AppData\Local\Temp
C:\Users\XXXXX~1\AppData\Local\Temp\crack.ace
C:\Users\XXXXX~1\AppData\Local\Temp\KEYGEN.zip.pando
C:\Users\XXXXXX~1\AppData\Local\Temp\PSE_patch_log.txt
C:\Users\XXXXXX~1\AppData\Local\Temp\Mahjongg Master Deluxe\Game\Backgrounds\Natural Textures\Cracks.jpg
C:\Users\XXXXXX~1\AppData\Local\Temp\Mahjongg Master Deluxe\Game\Layouts\Patches 2.lay
C:\Users\XXXXXX~1\AppData\Local\Temp\Mahjongg Master Deluxe\Game\Layouts\Patches.lay
C:\Users\XXXXXX~1\AppData\Local\Temp\Mahjongg Master Deluxe\Game\Tilesets\Traditional Spatch.jpg
C:\Users\XXXXXX~1\AppData\Local\Temp\NAV14.2.0.29\NAV\External\CommonFi\NAVPatch.grd
C:\Users\XXXXXX~1\AppData\Local\Temp\NAV14.2.0.29\NAV\External\CommonFi\NAVPatch.sig
C:\Users\XXXXXX~1\AppData\Local\Temp\NAV14.2.0.29\NAV\External\CommonFi\NAVPatch.spm
C:\Users\XXXXXX~1\AppData\Local\Temp\NAV14.2.0.29\NAV\External\NORTON\APP\patch25d.dll
C:\Users\XXXXXX~1\AppData\Local\Temp\NAV14.2.0.29\Support\AV\AV\patch25.dll
C:\Users\XXXXXX~1\AppData\Local\Temp\NAV15.0.0.58\NAV\External\patch25.dll
C:\Users\XXXXXX~1\AppData\Local\Temp\NAV15.0.0.58\NAV\External\CommonFi\NAVPatch.grd
C:\Users\XXXXXX~1\AppData\Local\Temp\NAV15.0.0.58\NAV\External\CommonFi\NAVPatch.sig
C:\Users\XXXXXX~1\AppData\Local\Temp\NAV15.0.0.58\NAV\External\CommonFi\NAVPatch.spm
C:\Users\XXXXXX~1\AppData\Local\Temp\NAV15.0.0.58\NAV\External\NORTON\APP\patch25d.dll
C:\Users\XXXXXX~1\AppData\Local\Temp\NAV15.5.0.23\NAV\External\patch25.dll
C:\Users\XXXXXX~1\AppData\Local\Temp\NAV15.5.0.23\NAV\External\CommonFi\NAVPatch.grd
C:\Users\XXXXXX~1\AppData\Local\Temp\NAV15.5.0.23\NAV\External\CommonFi\NAVPatch.sig
C:\Users\XXXXXX~1\AppData\Local\Temp\NAV15.5.0.23\NAV\External\CommonFi\NAVPatch.spm
C:\Users\XXXXXX~1\AppData\Local\Temp\NAV15.5.0.23\NAV\External\NORTON\APP\patch25d.dll
C:\Users\XXXXXX~1\AppData\Local\Temp\{007D035A-2357-475F-B69A-F569DDB02C47}\{F317E784-F31C-4F26-A610-2D7BD89FEC5F}\rtpatch.log
C:\Users\XXXXXX~1\AppData\Local\Temp\{3574AEB3-7FA0-4DBE-8533-AEDDCF65FE30}\{F317E784-F31C-4F26-A610-2D7BD89FEC5F}\rtpatch.log
C:\Users\XXXXXX~1\AppData\Local\Temp\{5C6A0D6F-FB0A-42DC-A316-5C7EA65FD127}\{F317E784-F31C-4F26-A610-2D7BD89FEC5F}\rtpatch.log
C:\Users\XXXXXX~1\AppData\Local\Temp\{D696895F-710C-4DE2-8BD9-A1AC5C73A34B}\{F317E784-F31C-4F26-A610-2D7BD89FEC5F}\rtpatch.log
»»»» Registre :
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Windows Defender REG_EXPAND_SZ %ProgramFiles%\Windows Defender\MSASCui.exe -hide
hpsysdrv REG_SZ c:\hp\support\hpsysdrv.exe
KBD REG_SZ C:\HP\KBD\KbdStub.EXE
OsdMaestro REG_SZ "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
RtHDVCpl REG_SZ RtHDVCpl.exe
HP Software Update REG_SZ C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
(par d‚faut) REG_SZ
Adobe Photo Downloader REG_SZ "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
NeroCheck REG_SZ C:\Windows\system32\NeroCheck.exe
PivotSoftware REG_SZ "C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe"
DT HPW REG_SZ C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe -startup_folder
NWEReboot REG_SZ
Updater REG_SZ C:\Windows\system32\updater\explorer.exe
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
hpqSRMon REG_SZ C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
ccApp REG_SZ "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
vptray REG_SZ C:\PROGRA~1\SYMANT~1\VPTray.exe
Ulead AutoDetector v2 REG_SZ C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
Corel Photo Downloader REG_SZ "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
AppleSyncNotifier REG_SZ C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
QuickTime Task REG_SZ "C:\Program Files\QuickTime\QTTask.exe" -atboottime
NvCplDaemon REG_SZ RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
NvMediaCenter REG_SZ RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
KiweeHook REG_SZ "C:\Program Files\Kiwee Toolbar2\2.7.161\kwtbaim.exe"
CTCheck REG_SZ C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Sidebar REG_SZ C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MsnMsgr REG_SZ "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
ehTray.exe REG_SZ C:\Windows\ehome\ehTray.exe
Pando REG_SZ "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
(par d‚faut) REG_SZ
WeatherWatcher REG_SZ C:\Program Files\Weather Watcher\ww.exe
Gestionnaire Antidote.exe REG_SZ C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe
Radio365Agent REG_SZ
EA Core REG_SZ C:\Program Files\Electronic Arts\EADM\Core.exe -silent
WMPNSCFG REG_SZ C:\Program Files\Windows Media Player\WMPNSCFG.exe
CTSyncU.exe REG_SZ "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\OsdMaestro
»»»» Presence d infections dans Support amovible :
----------------- ! Fin du rapport ! ------------------