|
 Posté le 06/12/2008 @ 12:16 |
Petit astucien
| Bonjour, j'ai un problème avec Yoog Search qui a pris la place de google dans ma barre de recherche de Mozilla firefox.
J'ai donc suivi les instructions de cette page.
voici le rapport log.txt de RSIT:
Logfile of random's system information tool 1.04 (written by random/random)
Run by Noric at 2008-12-06 11:52:25
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 11 GB (20%) free of 57 GB
Total RAM: 2047 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:52:35, on 06/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CNAC4RPK.EXE
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\Mozilla Firefox 3 Beta 3\firefox.exe
C:\Documents and Settings\Noric\Bureau\RSIT.exe
C:\Program Files\trend micro\Noric.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\Noric\Application Data\Dealio\kb127\res\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O18 - Protocol: Skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
--
End of file - 7502 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Maintenance en 1 clic.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082}]
DealioBHO Class - C:\Program Files\Dealio\kb127\Dealio.dll [2008-05-26 3170144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
SearchSettings Class - C:\Program Files\Search Settings\kb127\SearchSettings.dll [2008-06-12 1111904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - Veoh Web Player Video Finder - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll [2008-11-03 463872]
{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - Dealio - C:\Program Files\Dealio\kb127\Dealio.dll [2008-05-26 3170144]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-03-16 7561216]
"Wireless Console 2"=C:\Program Files\Wireless Console 2\wcourier.exe [2005-10-17 987136]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-10-20 761945]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2006-03-14 90112]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe [2007-06-28 218376]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-03-06 819200]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2007-03-06 970752]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-05-04 16206848]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"HControl"=C:\WINDOWS\ATK0100\HControl.exe [2006-05-30 98304]
"au"=C:\Program Files\Dealio\DealioAU.exe [2008-05-26 595296]
"SearchSettings"=C:\Program Files\Search Settings\SearchSettings.exe [2008-06-12 991584]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TuneUp MemOptimizer"=C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe [2006-10-06 305152]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2008-06-25 1209584]
""= []
"RocketDock"=C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-19 630784]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\Noric\Menu Démarrer\Programmes\Démarrage
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2007-06-28 206088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\MSMSGS.EXE"="C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger"
"C:\Program Files\eMule\eMule.exe"="C:\Program Files\eMule\eMule.exe:*:Enabled:eMule Plus"
"C:\WINDOWS\System32\CNAC4RPK.EXE"="C:\WINDOWS\System32\CNAC4RPK.EXE:*:Enabled:Canon LBP5000 RPC Server Process"
"C:\Program Files\Autodesk\Maya8.5\bin\maya.exe"="C:\Program Files\Autodesk\Maya8.5\bin\maya.exe:*:Enabled:Maya"
"C:\Program Files\Cain\Cain.exe"="C:\Program Files\Cain\Cain.exe:*:Enabled:Cain - Password Recovery Utility"
"C:\Program Files\Mozilla Firefox 3 Beta 3\FIREFOX.EXE"="C:\Program Files\Mozilla Firefox 3 Beta 3\FIREFOX.EXE:*:Enabled:Firefox"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\e frontier\Poser 7\Poser.exe"="C:\Program Files\e frontier\Poser 7\Poser.exe:*:Enabled:Poser executable file"
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\Magentic\bin\MgImp.exe"="C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic"
"C:\Program Files\Magentic\bin\Magentic.exe"="C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic"
"C:\Program Files\Magentic\bin\MgApp.exe"="C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic"
"C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe"="C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic"
"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe:*:Enabled:Kaspersky Anti-Virus"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player "
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4ca4170c-f9af-11dc-9929-0018de0ff75a}]
shell\Auto\command - cmd /C launch.bat
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7f965fcb-e3be-11dc-9902-0018de0ff75a}]
shell\auto\command - Knight.exe open
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Knight.exe open
shell\explore\command - Knight.exe open
shell\find\command - Knight.exe open
shell\install\command - Knight.exe open
shell\open\command - Knight.exe open
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a3e64e16-8570-11dd-ae21-0018de0ff75a}]
shell\AutoRun\command - .\Encryption Tool\MaxtorEncryption.exe
======List of files/folders created in the last 1 months======
2008-12-06 11:52:25 ----D---- C:\rsit
2008-12-06 11:52:25 ----D---- C:\Program Files\trend micro
2008-12-06 11:29:45 ----D---- C:\Documents and Settings\Noric\Application Data\Malwarebytes
2008-12-06 11:29:39 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-06 11:29:39 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-11-25 18:47:40 ----D---- C:\Documents and Settings\Noric\Application Data\Search Settings
2008-11-25 11:27:32 ----D---- C:\Program Files\Search Settings
2008-11-25 11:27:19 ----D---- C:\Program Files\Dealio
2008-11-25 11:27:12 ----D---- C:\Documents and Settings\Noric\Application Data\Dealio
2008-11-25 11:26:30 ----A---- C:\WINDOWS\system32\WMAFile.dll
2008-11-25 11:26:30 ----A---- C:\WINDOWS\system32\AudPlayer.dll
2008-11-25 11:26:30 ----A---- C:\WINDOWS\system32\AudioVisu.dll
2008-11-25 11:26:30 ----A---- C:\WINDOWS\system32\AudioRecord.dll
2008-11-25 11:26:30 ----A---- C:\WINDOWS\system32\AudioInfos.dll
2008-11-25 11:26:30 ----A---- C:\WINDOWS\system32\AudFile.dll
2008-11-25 11:26:30 ----A---- C:\WINDOWS\system32\AudDisplay.dll
2008-11-25 11:26:29 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL
2008-11-25 11:26:29 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2008-11-25 11:26:29 ----A---- C:\WINDOWS\system32\TABCTFR.DLL
2008-11-25 11:26:29 ----A---- C:\WINDOWS\system32\inetfr.DLL
2008-11-25 11:26:29 ----A---- C:\WINDOWS\system32\AudDesign.dll
2008-11-25 11:26:28 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL
2008-11-25 11:26:28 ----A---- C:\WINDOWS\system32\Mscc2fr.dll
2008-11-25 11:26:28 ----A---- C:\WINDOWS\system32\CMDLGFR.DLL
2008-11-21 15:49:03 ----D---- C:\Documents and Settings\Noric\Application Data\.purple
2008-11-21 15:46:09 ----D---- C:\Program Files\Aspell
2008-11-21 15:45:32 ----D---- C:\Program Files\Pidgin
2008-11-21 15:45:20 ----D---- C:\Program Files\Fichiers communs\GTK
2008-11-13 23:43:30 ----D---- C:\Program Files\Anti Trojan Elite
2008-11-13 23:15:19 ----A---- C:\WINDOWS\system32\iesvcmon1.exe
2008-11-13 23:13:41 ----D---- C:\Program Files\SpeedTest
2008-11-13 23:13:34 ----A---- C:\WINDOWS\nc605007.exe
2008-11-13 23:13:33 ----D---- C:\Program Files\ppcbooster
2008-11-13 23:10:20 ----RAH---- C:\WINDOWS\system32\msconfig.exe
2008-11-13 22:59:58 ----A---- C:\WINDOWS\system32\jfjfsvtouatumih.exe
2008-11-13 22:59:49 ----A---- C:\WINDOWS\system32\cont_adzgalore-remove.exe
2008-11-13 22:51:14 ----D---- C:\Program Files\MSXML 4.0
2008-11-13 01:13:38 ----RAH---- C:\WINDOWS\kill.exe
2008-11-11 15:12:31 ----A---- C:\WINDOWS\system32\CSVer.dll
2008-11-11 15:12:04 ----D---- C:\Intel
2008-11-11 14:57:52 ----D---- C:\Program Files\Toshiba
2008-11-11 14:52:27 ----D---- C:\WINDOWS\Motorola
2008-11-11 14:52:21 ----A---- C:\WINDOWS\sm56kor.dll
2008-11-11 14:52:21 ----A---- C:\WINDOWS\sm56jpn.dll
2008-11-11 14:52:21 ----A---- C:\WINDOWS\sm56ita.dll
2008-11-11 14:52:21 ----A---- C:\WINDOWS\sm56hlpr.exe
2008-11-11 14:52:20 ----A---- C:\WINDOWS\sm56ger.dll
2008-11-11 14:52:19 ----A---- C:\WINDOWS\system32\sm56co.dll
2008-11-11 14:52:19 ----A---- C:\WINDOWS\sm56fra.dll
2008-11-11 14:52:19 ----A---- C:\WINDOWS\sm56esp.dll
2008-11-11 14:52:19 ----A---- C:\WINDOWS\sm56eng.dll
2008-11-11 14:52:19 ----A---- C:\WINDOWS\sm56dnk.dll
2008-11-11 14:52:19 ----A---- C:\WINDOWS\sm56cht.dll
2008-11-11 14:52:19 ----A---- C:\WINDOWS\sm56chs.dll
2008-11-11 14:52:19 ----A---- C:\WINDOWS\sm56brz.dll
2008-11-11 14:52:14 ----A---- C:\WINDOWS\system32\msxml4r.dll
2008-11-11 14:50:16 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2008-11-11 14:48:44 ----R---- C:\WINDOWS\system32\RtlCPAPI.dll
2008-11-11 14:47:18 ----R---- C:\WINDOWS\Alcmtr.exe
2008-11-11 14:37:06 ----D---- C:\Program Files\AIDA32 - Personal System Information
2008-11-11 14:15:02 ----A---- C:\WINDOWS\system32\AegisI5Installer.exe
2008-11-11 14:14:15 ----A---- C:\WINDOWS\system32\NETw4r32.dll
2008-11-11 14:14:15 ----A---- C:\WINDOWS\system32\NETw4c32.dll
2008-11-11 14:13:57 ----D---- C:\Documents and Settings\All Users\Application Data\Intel
2008-11-11 14:13:01 ----D---- C:\Documents and Settings\Noric\Application Data\Intel
======List of files/folders modified in the last 1 months======
2008-12-06 11:38:52 ----N---- C:\WINDOWS\SchedLgU.Txt
2008-11-20 00:29:22 ----A---- C:\Documents and Settings\Noric\Application Data\inst.exe
2008-11-11 14:54:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-11 14:15:36 ----A---- C:\WINDOWS\system32\results.txt
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 klif;Klif; \??\C:\WINDOWS\system32\drivers\klif.sys []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.6.0.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-11-11 21425]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-02-21 12416]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-05-04 4271616]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 24344]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 NETw4x32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows XP 32 bits; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-04-27 2203520]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-03-17 3655712]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-07-01 9856]
R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-09-17 28672]
R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-09-14 50560]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2005-11-16 78976]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-03-29 889472]
R3 SynMini;ASUS WebCam, 1.3M, USB2.0, FF; C:\WINDOWS\System32\Drivers\SynMini.sys [2006-01-20 841110]
R3 SynScan;ASUS WebCam Still Image; C:\WINDOWS\System32\Drivers\SynScan.sys [2006-01-02 8278]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-10-20 191936]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 Tosrfcom;Tosrfcom; C:\WINDOWS\system32\drivers\Tosrfcom.sys [2005-08-01 64896]
S3 ATE_PROCMON;ATE_PROCMON; \??\C:\Program Files\Anti Trojan Elite\ATEPMon.sys []
S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-09-13 47360]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 sffdisk;Pilote de classe de stockage SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;Pilote de protocole de stockage SFF pour SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2006-02-02 108928]
S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2006-02-08 62848]
S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2006-01-31 39808]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-04-04 1429632]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AVP;Kaspersky Anti-Virus 7.0; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe [2007-06-28 218376]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-03-06 643072]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-03-16 143426]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-03-06 327680]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-03-06 983040]
R2 UxTuneUp;Extension de conception TuneUp; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WLANKEEPER;Intel(R) PROSet/Wireless SSO Service; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2007-03-06 294912]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
-----------------EOF-----------------
puis le info.txt:
info.txt logfile of random's system information tool 1.04 2008-12-06 11:52:43
======Uninstall list======
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->MsiExec /X{85EBB283-65AF-4C53-9EBE-7C0A232762F7}
-->MsiExec.exe /X{69495273-FCDC-4A86-BCB7-49B504D3FB0E}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E47302B-8081-46D3-9FEA-BEB2E5F5C3EC}\SETUP.EXE" -l0x40c anything
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
7-Zip 4.57-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.1.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A71000000002}
AGEIA PhysX v7.03.21-->MsiExec.exe /X{85EBB283-65AF-4C53-9EBE-7C0A232762F7}
AIDA32 v3.93-->"C:\Program Files\AIDA32 - Personal System Information\unins000.exe"
Aspell English Dictionary-0.50-2-->"C:\Program Files\Aspell\unins001.exe"
Aspell French Dictionary-0.50-3-->"C:\Program Files\Aspell\unins002.exe"
ASUS Live Update-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\setup.exe" -l0x9
Asus MiVo Messenger-->"C:\Program Files\Asus\Asus MiVo Messenger\uninstall.exe"
ASUS WebCam, 1.3M, USB2.0, FF-->C:\WINDOWS\StkUnist.exe
ATK Media-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}\SETUP.EXE" -l0x9
ATK0100 ACPI UTILITY-->C:\WINDOWS\ATK0100\XPunin.exe
Autodesk DirectConnect 2.0-->MsiExec.exe /I{C033BF6E-9D82-4E0B-A46E-ABC746D6F431}
Bibliothèques GTK+ 2.12.12 rev a (supprimer uniquement)-->C:\Program Files\Fichiers communs\GTK\2.0\uninst.exe
Blender (remove only)-->"C:\Program Files\Blender Foundation\Blender\uninstall.exe"
Bluetooth Stack for Windows-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Cain & Abel v4.9.10-->C:\PROGRA~1\CAIN\UNINSTAL.EXE C:\PROGRA~1\CAIN\Install.log
Canon LBP5000-->C:\Program Files\Canon\PrnUninstall\Canon LBP5000\CNAC4UN.EXE
CC_ccProxyExt-->MsiExec.exe /I{DA42FDCA-7C5A-43EF-9A05-CCE148ADF919}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Command & Conquer 3-->MsiExec.exe /I{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}
Contextual Tool Adzgalore-->C:\WINDOWS\system32\cont_adzgalore-remove.exe
CrackWepPack v0.1-->"C:\CrackWepPack\unins000.exe"
Dealio Toolbar 3.4-->MsiExec.exe /X{6105648C-0C3C-481D-8C11-1F4952D6FB53}
DPS-->"C:\WINDOWS\system32\iesvcmon.exe" -u
eMule Plus 1.2d-->"C:\Program Files\eMule\unins000.exe"
GNU Aspell 0.50-3-->"C:\Program Files\Aspell\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Kaspersky Anti-Virus 7.0-->MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
Kaspersky Anti-Virus 7.0-->MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LimeWire 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe"
Logiciel Intel(R) PROSet/Wireless-->C:\WINDOWS\Installer\iProInst.exe
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Maya 8.5 Documentation (en_US)-->MsiExec.exe /I{81525B87-9344-4834-883C-C6A9D78EA1DF}
Maya 8.5-->MsiExec.exe /I{A1E0E88A-F5E9-4414-A0D7-31940E965EC5}
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Motorola SM56 Speakerphone Modem-->C:\Program Files\Asus\Asus MiVo Messenger\uninstall.exe /mdm
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox 3 Beta 3\uninstall\helper.exe
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
mSCfg-->MsiExec.exe /I{829CD169-E692-48E8-9BDE-A3E8D8B65538}
mSSO-->MsiExec.exe /I{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
mToolkit-->MsiExec.exe /I{CA9BAADB-C262-4E05-B2E2-CEE8CE9809EC}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mWMI-->MsiExec.exe /I{63DB9CCD-2B56-4217-9A3D-507AC78320CA}
mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
Norton Internet Security-->MsiExec.exe /I{C9D599E1-6B68-4a1f-8A4F-A1DB433DB1BF}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Pack Vista Inspirat 2 1.0-->C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
Pidgin-->C:\Program Files\Pidgin\pidgin-uninst.exe
Power4 Gear-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4462AD13-F2AA-4CBD-9F95-293C38EED870}\setup.exe" -l0x9
PowerDirector-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" -uninstall
PPC Booster-->"C:\Program Files\ppcbooster\ppcbu_32.exe"
Python 2.6-->MsiExec.exe /I{110EB5C4-E995-4CFB-AB80-A5F315BEA9E8}
QuickTime-->MsiExec.exe /I{BFD96B89-B769-4CD6-B11E-E79FFD46F067}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -l0x40c -removeonly
REALTEK PCIE NIC Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E2F183-BAC4-4D01-BD7A-59F781E17EFA}\SETUP.EXE" -l0x40c REMOVE
RON Tool Cpmsky-->C:\WINDOWS\system32\jfjfsvtouatumih.exe
Search Settings 1.2-->MsiExec.exe /X{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB955936)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {1D94099C-2BBA-440E-BD5E-093BBDF8F028}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB955470)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6E8637D8-10D6-4568-AA06-E2706F31685E}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Switch Uninstall-->C:\Program Files\NCH Swift Sound\Switch\uninst.exe
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Texture Maker 3.03-->"C:\Program Files\Texture Maker\unins000.exe"
TuneUp Utilities 2006-->MsiExec.exe /I{868D7896-99D4-4513-BC62-2B3AD3E24926}
Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb957829)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {07A1F6B6-4F1C-418C-A605-755A121C4A16}
Veoh Web Player Beta-->"C:\Program Files\Veoh Networks\VeohWebPlayer\uninst.exe"
VeohTV BETA-->C:\Program Files\InstallShield Installation Information\{0405E51E-9582-4207-8F38-AC44201D3808}\setup.exe -runfromtemp -l0x0409
VideoLAN VLC media player 0.8.6e-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinFlash-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE10AB76-4756-4913-BE25-55D1C1051F9A}\setup.exe" -l0x9
WinPcap 4.0.2-->C:\Program Files\WinPcap\uninstall.exe
Wireless Console 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\SETUP.exe" -l0x9 -removeonly
Yaf(a)Ray 0.1.0-->"C:\Program Files\YafaRay\unins000.exe"
======Security center information======
AV: Norton Internet Security
AV: Kaspersky Anti-Virus
FW: Norton Internet Security
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Program Files\Autodesk\Maya8.5\bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
-----------------EOF-----------------
Merci.
|
|
|
|
|
|
Posté le 06/12/2008 à 12:22 |
Petit astucien
| voici maintenant mon rapport Otcanit (en trois parties):
[code]
OTScanIt2 logfile created on: 06/12/2008 12:03:41 - Run 1
OTScanIt2 by OldTimer - Version 1.0.2.1 Folder = C:\Documents and Settings\Noric\Bureau\OTScanIt2\OTScanIt2
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 1,41 Gb Available Physical Memory | 70,68% Memory free
3,35 Gb Paging File | 2,92 Gb Available in Paging File | 87,02% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55,95 Gb Total Space | 11,05 Gb Free Space | 19,75% Space Free | Partition Type: FAT32
Drive D: | 37,19 Gb Total Space | 18,94 Gb Free Space | 50,94% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: NORIC-7231E66C9
Current User Name: Noric
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days
[Processes - Safe List]
atkosd.exe -> %SystemRoot%\ATK0100\ATKOSD.exe -> [2006/05/17 16:55:30 | 02,355,200 | ---- | M] ()
avp.exe -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe -> [2007/06/28 12:51:38 | 00,218,376 | ---- | M] (Kaspersky Lab)
avp.exe -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe -> [2007/06/28 12:51:38 | 00,218,376 | ---- | M] (Kaspersky Lab)
batterylife.exe -> %ProgramFiles%\ASUS\Power4 Gear\BatteryLife.exe -> [2006/03/14 17:46:00 | 00,090,112 | ---- | M] (ASUSTeK Computer Inc.)
cnac4rpk.exe -> %SystemRoot%\system32\CNAC4RPK.EXE -> [2005/09/19 16:00:00 | 00,057,407 | ---- | M] (CANON INC.)
dot1xcfg.exe -> %ProgramFiles%\Intel\Wireless\Bin\Dot1XCfg.exe -> [2007/03/06 16:40:30 | 00,487,424 | ---- | M] (Intel Corporation)
evteng.exe -> %ProgramFiles%\Intel\Wireless\Bin\EvtEng.exe -> [2007/03/06 16:55:42 | 00,643,072 | ---- | M] (Intel Corporation)
firefox.exe -> %ProgramFiles%\Mozilla Firefox 3 Beta 3\firefox.exe -> [2008/11/07 20:54:32 | 00,307,712 | ---- | M] (Mozilla Corporation)
hcontrol.exe -> %SystemRoot%\ATK0100\HControl.exe -> [2006/05/30 21:31:08 | 00,098,304 | ---- | M] ()
ifrmewrk.exe -> %ProgramFiles%\Intel\Wireless\Bin\ifrmewrk.exe -> [2007/03/06 16:44:48 | 00,970,752 | ---- | M] (Intel Corporation)
memoptimizer.exe -> %ProgramFiles%\TuneUp Utilities 2006\MemOptimizer.exe -> [2006/10/06 06:27:18 | 00,305,152 | ---- | M] (TuneUp Software GmbH)
nvsvc32.exe -> %SystemRoot%\system32\nvsvc32.exe -> [2006/03/16 22:16:00 | 00,143,426 | ---- | M] (NVIDIA Corporation)
otscanit2.exe -> %UserProfile%\Bureau\OTScanIt2\OTScanIt2\OTScanIt2.exe -> [2008/12/01 10:28:50 | 00,477,184 | ---- | M] (OldTimer Tools)
regsrvc.exe -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> [2007/03/06 16:37:04 | 00,327,680 | ---- | M] (Intel Corporation)
rocketdock.exe -> %SystemRoot%\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe -> [2007/03/19 00:05:02 | 00,630,784 | ---- | M] ()
rthdcpl.exe -> %SystemRoot%\RTHDCPL.EXE -> [2006/05/04 08:59:16 | 16,206,848 | R--- | M] (Realtek Semiconductor Corp.)
s24evmon.exe -> %ProgramFiles%\Intel\Wireless\Bin\S24EvMon.exe -> [2007/03/06 16:43:52 | 00,983,040 | ---- | M] (Intel Corporation )
searchsettings.exe -> %ProgramFiles%\Search Settings\SearchSettings.exe -> [2008/06/12 16:57:18 | 00,991,584 | ---- | M] (Vendio Services, Inc.)
syntpenh.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> [2005/10/20 23:26:48 | 00,761,945 | ---- | M] (Synaptics, Inc.)
ubericon manager.exe -> %SystemRoot%\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe -> [2006/05/21 09:43:08 | 00,180,224 | ---- | M] ()
wcourier.exe -> %ProgramFiles%\Wireless Console 2\wcourier.exe -> [2005/10/17 17:09:34 | 00,987,136 | ---- | M] ()
wlkeeper.exe -> %ProgramFiles%\Intel\Wireless\Bin\WLKeeper.exe -> [2007/03/06 16:46:46 | 00,294,912 | ---- | M] (Intel(R) Corporation)
zcfgsvc.exe -> %ProgramFiles%\Intel\Wireless\bin\ZCfgSvc.exe -> [2007/03/06 16:47:02 | 00,819,200 | ---- | M] (Intel Corporation)
[Win32 Services - Safe List]
(AVP) Kaspersky Anti-Virus 7.0 [Win32_Own | Auto | Running] -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe -> [2007/06/28 12:51:38 | 00,218,376 | ---- | M] (Kaspersky Lab)
(BthServ) Bluetooth Support Service [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\bthserv.dll -> [2008/04/14 04:33:20 | 00,030,208 | ---- | M] (Microsoft Corporation)
(EvtEng) Intel(R) PROSet/Wireless Event Log [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\EvtEng.exe -> [2007/03/06 16:55:42 | 00,643,072 | ---- | M] (Intel Corporation)
(helpsvc) Aide et support [Win32_Shared | Auto | Running] -> %SystemRoot%\PCHealth\HelpCtr\Binaries\pchsvc.dll -> [2008/04/14 04:33:38 | 00,038,400 | ---- | M] (Microsoft Corporation)
(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvsvc32.exe -> [2006/03/16 22:16:00 | 00,143,426 | ---- | M] (NVIDIA Corporation)
(odserv) Microsoft Office Diagnostics Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\OFFICE12\ODSERV.EXE -> [2007/08/24 03:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation)
(ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\Source Engine\OSE.EXE -> [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation)
(RegSrvc) Intel(R) PROSet/Wireless Registry Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> [2007/03/06 16:37:04 | 00,327,680 | ---- | M] (Intel Corporation)
(rpcapd) Remote Packet Capture Protocol v.0 (experimental) [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\WinPcap\rpcapd.exe -> [2007/11/06 22:22:26 | 00,092,792 | ---- | M] (CACE Technologies)
(S24EventMonitor) Intel(R) PROSet/Wireless Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\S24EvMon.exe -> [2007/03/06 16:43:52 | 00,983,040 | ---- | M] (Intel Corporation )
(usnjsvc) Service Messenger Sharing Folders USN Journal Reader [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Live\Messenger\usnsvc.exe -> [2007/10/18 11:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation)
(UxTuneUp) Extension de conception TuneUp [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\uxtuneup.dll -> [2006/10/06 06:27:20 | 00,024,072 | ---- | M] (TuneUp Software GmbH)
(WLANKEEPER) Intel(R) PROSet/Wireless SSO Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\WLKeeper.exe -> [2007/03/06 16:46:46 | 00,294,912 | ---- | M] (Intel(R) Corporation)
(WLSetupSvc) Windows Live Setup Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Live\installer\WLSetupSvc.exe -> [2007/10/25 15:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation)
(WMPNetworkSvc) Service Partage réseau du Lecteur Windows Media [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Media Player\WMPNetwk.exe -> [2006/11/03 09:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation)
(WudfSvc) Windows Driver Foundation - User-mode Driver Framework [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\System32\WUDFSvc.dll -> [2006/09/28 18:56:14 | 00,055,808 | ---- | M] (Microsoft Corporation)
[Driver Services - Safe List]
(AegisP) AEGIS Protocol (IEEE 802.1x) v3.6.0.0 [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\AegisP.sys -> [2008/11/11 14:15:10 | 00,021,425 | ---- | M] (Meetinghouse Data Communications)
(BthEnum) Service d'énumérateur Bluetooth [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\BthEnum.sys -> [2008/04/13 20:46:34 | 00,017,024 | ---- | M] (Microsoft Corporation)
(BthPan) Périphérique Bluetooth (réseau personnel) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\bthpan.sys -> [2008/04/13 20:51:34 | 00,101,120 | ---- | M] (Microsoft Corporation)
(BTHPORT) Pilote de port Bluetooth [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\Drivers\BTHport.sys -> [2008/06/14 18:33:38 | 00,272,768 | ---- | M] (Microsoft Corporation)
(BTHUSB) Pilote USB radio Bluetooth [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\Drivers\BTHUSB.sys -> [2008/04/13 20:46:30 | 00,018,944 | ---- | M] (Microsoft Corporation)
(Hardlock) Hardlock [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\hardlock.sys -> [2006/11/22 10:01:48 | 00,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.)
(HDAudBus) Pilote de bus Microsoft UAA pour High Definition Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HDAudBus.sys -> [2008/04/13 18:36:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider)
(IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\RtkHDAud.sys -> [2006/05/04 09:13:52 | 04,271,616 | R--- | M] (Realtek Semiconductor Corp.)
(kl1) kl1 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\kl1.sys -> [2008/05/28 23:41:02 | 00,112,144 | ---- | M] (Kaspersky Lab)
(klif) klif [Kernel | System | Running] -> %SystemRoot%\system32\drivers\klif.sys -> [2008/03/02 16:43:16 | 00,194,320 | ---- | M] (Kaspersky Lab)
(klim5) Kaspersky Anti-Virus NDIS Filter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\klim5.sys -> [2007/04/04 14:58:26 | 00,024,344 | ---- | M] (Kaspersky Lab)
(MODEMCSA) Périphérique de filtrage de flux Unimodem [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\MODEMCSA.sys -> [2001/08/17 21:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation)
(MTsensor) ATK0100 ACPI UTILITY [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\ATKACPI.sys -> [2005/02/17 23:07:48 | 00,005,632 | ---- | M] ()
(NETw4x32) Pilote de carte Intel(R) Wireless WiFi Link pour Windows XP 32 bits [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\NETw4x32.sys -> [2007/04/27 04:01:34 | 02,203,520 | ---- | M] (Intel Corporation)
(nm) Pilote du Moniteur réseau [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\NMnt.sys -> [2008/04/13 20:53:10 | 00,040,320 | ---- | M] (Microsoft Corporation)
(NPF) NetGroup Packet Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\npf.sys -> [2007/11/06 22:22:06 | 00,034,064 | ---- | M] (CACE Technologies)
(nv) nv [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\nv4_mini.sys -> [2006/03/17 06:16:00 | 03,655,712 | ---- | M] (NVIDIA Corporation)
(pcouffin) VSO Software pcouffin [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\Drivers\pcouffin.sys -> [2008/09/13 19:23:34 | 00,047,360 | ---- | M] (VSO Software)
(pfc) Padus ASPI Shell [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\pfc.sys -> [2003/07/01 18:47:08 | 00,009,856 | ---- | M] (Padus, Inc.)
(Ptilink) Pilote de liaison parallèle directe [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\ptilink.sys -> [2004/08/05 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.)
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\System32\Drivers\PxHelp20.sys -> [2008/07/23 18:50:48 | 00,043,528 | ---- | M] (Sonic Solutions)
(RFCOMM) Périphérique Bluetooth (TDI protocole RFCOMM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\rfcomm.sys -> [2008/04/13 20:46:32 | 00,059,136 | ---- | M] (Microsoft Corporation)
(rimmptsk) rimmptsk [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\rimmptsk.sys -> [2005/09/17 11:01:50 | 00,028,672 | ---- | M] (REDC)
(rimsptsk) rimsptsk [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\rimsptsk.sys -> [2005/09/14 12:45:24 | 00,050,560 | ---- | M] (REDC)
(RTL8023xp) Realtek 10/100/1000 NIC Family all in one NDIS XP Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\Rtenicxp.sys -> [2005/11/16 09:08:16 | 00,078,976 | ---- | M] (Realtek Semiconductor Corporation )
(s24trans) Transport RLAN [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\s24trans.sys -> [2007/02/21 12:16:12 | 00,012,416 | ---- | M] (Intel Corporation)
(sdbus) sdbus [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\sdbus.sys -> [2008/04/13 20:36:44 | 00,079,232 | ---- | M] (Microsoft Corporation)
(Secdrv) Secdrv [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\secdrv.sys -> [2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
(sffdisk) Pilote de classe de stockage SFF [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\sffdisk.sys -> [2008/04/13 20:40:48 | 00,011,904 | ---- | M] (Microsoft Corporation)
(sffp_sd) Pilote de protocole de stockage SFF pour SDBus [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\sffp_sd.sys -> [2008/04/13 20:40:48 | 00,011,008 | ---- | M] (Microsoft Corporation)
(smserial) smserial [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\smserial.sys -> [2006/03/29 18:36:26 | 00,889,472 | ---- | M] (Motorola Inc.)
(SymEvent) SymEvent [Kernel | On_Demand | Stopped] -> %ProgramFiles%\Symantec\SYMEVENT.SYS -> [2004/08/26 06:03:00 | 00,104,144 | ---- | M] (Symantec Corporation)
(SynMini) ASUS WebCam, 1.3M, USB2.0, FF [Kernel | On_Demand | Running] -> %SystemRoot%\System32\Drivers\SynMini.sys -> [2006/01/20 09:59:16 | 00,841,110 | R--- | M] (Syntek America Inc.)
(SynScan) ASUS WebCam Still Image [Kernel | On_Demand | Running] -> %SystemRoot%\System32\Drivers\SynScan.sys -> [2006/01/02 11:02:26 | 00,008,278 | R--- | M] (Syntek America Inc.)
(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\SynTP.sys -> [2005/10/20 23:13:08 | 00,191,936 | ---- | M] (Synaptics, Inc.)
(Tosrfbd) Bluetooth RFBUS from TOSHIBA [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\Drivers\tosrfbd.sys -> [2006/02/02 23:16:08 | 00,108,928 | ---- | M] (TOSHIBA CORPORATION)
(Tosrfcom) Tosrfcom [Kernel | System | Stopped] -> %SystemRoot%\System32\drivers\tosrfcom.sys -> [2005/08/01 16:45:08 | 00,064,896 | ---- | M] (TOSHIBA Corporation)
(Tosrfhid) Bluetooth RFHID from TOSHIBA [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\Tosrfhid.sys -> [2006/02/08 17:33:34 | 00,062,848 | ---- | M] (TOSHIBA Corporation.)
(Tosrfusb) Bluetooth USB Controller [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\Drivers\tosrfusb.sys -> [2006/01/31 18:35:28 | 00,039,808 | ---- | M] (TOSHIBA CORPORATION)
(w39n51) Intel(R) PRO/Wireless 3945ABG Adapter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\w39n51.sys -> [2006/04/04 03:17:24 | 01,429,632 | ---- | M] (Intel® Corporation)
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://www.asus.com ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home ->
HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_CURRENT_USER\: Main\\"Start Page" -> http://google.com/ ->
HKEY_CURRENT_USER\: Search\\"AutoSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/saautosearch.aspx ->
HKEY_CURRENT_USER\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_CURRENT_USER\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKEY_CURRENT_USER\: SearchURL\\"" -> http://home.microsoft.com/access/autosearch.asp?p=%s ->
HKEY_CURRENT_USER\: SearchURL\\"provider" -> msn ->
HKEY_CURRENT_USER\: URLSearchHooks\\"{E312764E-7706-43F1-8DAB-FCDD2B1E416D}" [HKLM] -> %ProgramFiles%\Search Settings\kb127\SearchSettings.dll [SearchSettings Class] -> [2008/06/12 16:57:18 | 01,111,904 | ---- | M] (Vendio Services, Inc.)
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 ->
< FireFox Settings [Default Profile] > -> C:\Documents and Settings\Noric\Application Data\Mozilla\FireFox\Profiles\nojmj8n6.default\prefs.js ->
browser.search.defaultenginename -> "MyStart Search" ->
browser.search.selectedEngine -> "Yoog Search" ->
browser.startup.homepage -> "http://www.google.fr/firefox" ->
browser.startup.homepage_override.mstone -> "rv:1.9.0.4" ->
extensions.enabledItems -> bettergmail2@ginatrapani.org:0.7.1 ->
extensions.enabledItems -> {987311C6-B504-4aa2-90BF-60CC49808D42}:2.0 ->
extensions.enabledItems -> piclens@cooliris.com:1.8.5.14751 ->
extensions.enabledItems -> ctrl-tab@design-noir.de:0.19.3 ->
extensions.enabledItems -> {fce36c1e-58d8-498a-b2a5-66ad1cedebbb}:0.76 ->
extensions.enabledItems -> {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:3.5.1 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07 ->
extensions.enabledItems -> {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.87 ->
extensions.enabledItems -> videofinder@veoh.com:1.3 ->
extensions.enabledItems -> web@veoh.com:1.4 ->
extensions.enabledItems -> {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.4 ->
< HOSTS File > (790 bytes and 20 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
127.0.0.1 localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/12/18 04:16:42 | 00,059,032 | ---- | M] (Adobe Systems Incorporated)
{6A87B991-A31F-4130-AE72-6D0C294BF082} [HKLM] -> %ProgramFiles%\Dealio\kb127\Dealio.dll [DealioBHO Class] -> [2008/05/26 19:50:36 | 03,170,144 | ---- | M] (Vendio Services, Inc.)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\ssv.dll [SSVHelper Class] -> [2008/06/10 04:27:02 | 00,509,328 | ---- | M] (Sun Microsystems, Inc.)
{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{E312764E-7706-43F1-8DAB-FCDD2B1E416D} [HKLM] -> %ProgramFiles%\Search Settings\kb127\SearchSettings.dll [SearchSettings Class] -> [2008/06/12 16:57:18 | 01,111,904 | ---- | M] (Vendio Services, Inc.)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{0FBB9689-D3D7-4f7a-A2E2-585B10099BFC}" [HKLM] -> %ProgramFiles%\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll [Veoh Web Player Video Finder] -> [2008/11/03 23:35:58 | 00,463,872 | ---- | M] (Veoh Networks Inc)
"{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}" [HKLM] -> %ProgramFiles%\Dealio\kb127\Dealio.dll [Dealio] -> [2008/05/26 19:50:36 | 03,170,144 | ---- | M] (Vendio Services, Inc.)
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
ShellBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\"{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}" [HKLM] -> %ProgramFiles%\Dealio\kb127\Dealio.dll [Dealio] -> [2008/05/26 19:50:36 | 03,170,144 | ---- | M] (Vendio Services, Inc.)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Alcmtr" -> %SystemRoot%\ALCMTR.EXE [ALCMTR.EXE] -> [2005/05/03 11:43:28 | 00,069,632 | R--- | M] (Realtek Semiconductor Corp.)
"au" -> %ProgramFiles%\Dealio\DealioAU.exe [C:\Program Files\Dealio\DealioAU.exe] -> [2008/05/26 19:50:38 | 00,595,296 | ---- | M] (Vendio Services, Inc.)
"AVP" -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe ["C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"] -> [2007/06/28 12:51:38 | 00,218,376 | ---- | M] (Kaspersky Lab)
"HControl" -> %SystemRoot%\ATK0100\HControl.exe [C:\WINDOWS\ATK0100\HControl.exe] -> [2006/05/30 21:31:08 | 00,098,304 | ---- | M] ()
"IntelWireless" -> %ProgramFiles%\Intel\Wireless\Bin\ifrmewrk.exe ["C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless] -> [2007/03/06 16:44:48 | 00,970,752 | ---- | M] (Intel Corporation)
"IntelZeroConfig" -> %ProgramFiles%\Intel\Wireless\bin\ZCfgSvc.exe ["C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"] -> [2007/03/06 16:47:02 | 00,819,200 | ---- | M] (Intel Corporation)
"NvCplDaemon" -> %SystemRoot%\system32\NvCpl.DLL [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> [2006/03/16 22:16:00 | 07,561,216 | ---- | M] (NVIDIA Corporation)
"Power_Gear" -> %ProgramFiles%\ASUS\Power4 Gear\BatteryLife.exe [C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1] -> [2006/03/14 17:46:00 | 00,090,112 | ---- | M] (ASUSTeK Computer Inc.)
"RTHDCPL" -> %SystemRoot%\RTHDCPL.EXE [RTHDCPL.EXE] -> [2006/05/04 08:59:16 | 16,206,848 | R--- | M] (Realtek Semiconductor Corp.)
"SearchSettings" -> %ProgramFiles%\Search Settings\SearchSettings.exe [C:\Program Files\Search Settings\SearchSettings.exe] -> [2008/06/12 16:57:18 | 00,991,584 | ---- | M] (Vendio Services, Inc.)
"SynTPEnh" -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] -> [2005/10/20 23:26:48 | 00,761,945 | ---- | M] (Synaptics, Inc.)
"Wireless Console 2" -> %ProgramFiles%\Wireless Console 2\wcourier.exe [C:\Program Files\Wireless Console 2\wcourier.exe] -> [2005/10/17 17:09:34 | 00,987,136 | ---- | M] ()
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"" -> [] -> File not found
"ccleaner" -> %ProgramFiles%\CCleaner\CCleaner.exe ["C:\Program Files\CCleaner\CCleaner.exe" /AUTO] -> [2008/06/25 15:58:36 | 01,209,584 | ---- | M] (Piriform Ltd)
"RocketDock" -> %SystemRoot%\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe ["C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"] -> [2007/03/19 00:05:02 | 00,630,784 | ---- | M] ()
"TuneUp MemOptimizer" -> %ProgramFiles%\TuneUp Utilities 2006\MemOptimizer.exe ["C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart] -> [2006/10/06 06:27:18 | 00,305,152 | ---- | M] (TuneUp Software GmbH)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage ->
< Noric Startup Folder > -> C:\Documents and Settings\Noric\Menu Démarrer\Programmes\Démarrage ->
%UserProfile%\Menu Démarrer\Programmes\Démarrage\RocketDock.lnk -> %SystemRoot%\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe -> [2007/03/19 00:05:02 | 00,630,784 | ---- | M] ()
%UserProfile%\Menu Démarrer\Programmes\Démarrage\UberIcon.lnk -> %SystemRoot%\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe -> [2006/05/21 09:43:08 | 00,180,224 | ---- | M] ()
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"dontdisplaylastusername" -> [0] -> File not found
\\"legalnoticecaption" -> [] -> File not found
\\"legalnoticetext" -> [] -> File not found
\\"shutdownwithoutlogon" -> [1] -> File not found
\\"undockwithoutlogon" -> [1] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
Compare Prices with &Dealio -> %AppData%\Dealio\kb127\res\DealioSearch.html [C:\Documents and Settings\Noric\Application Data\Dealio\kb127\res\DealioSearch.html] -> [2008/04/16 18:11:48 | 00,000,670 | ---- | M] ()
E&xporter vers Microsoft Excel -> %SystemDrive%\PROGRA~1\MICROS~2\Office12\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000] -> [2008/07/30 03:25:02 | 17,930,264 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Menu: Console Java (Sun)] -> [2008/06/10 04:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}:{85E0B171-04FA-11D1-B7DA-00A0C90348D6} [HKLM] -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll [Button: Statistiques d’Anti-Virus Internet] -> [2007/06/28 12:51:52 | 00,222,472 | ---- | M] (Kaspersky Lab)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> %SystemDrive%\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL [Button: Research] -> [2006/10/26 20:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation)
{e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{E908B145-C847-4e85-B315-07E2E70DECF8}:{9F038672-0425-4792-BC9C-36DE3308E8AA} [HKLM] -> %ProgramFiles%\Dealio\kb127\Dealio.dll [Button: Dealio] -> [2008/05/26 19:50:36 | 03,170,144 | ---- | M] (Vendio Services, Inc.)
{E908B145-C847-4e85-B315-07E2E70DECF8}:{9F038672-0425-4792-BC9C-36DE3308E8AA} [HKLM] -> %ProgramFiles%\Dealio\kb127\Dealio.dll [Menu: Dealio] -> [2008/05/26 19:50:36 | 03,170,144 | ---- | M] (Vendio Services, Inc.)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Button: Messenger] -> [2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Console Java (Sun)] -> [2008/06/10 04:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\"{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}" [HKLM] -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll [Statistiques d’Anti-Virus Internet] -> [2007/06/28 12:51:52 | 00,222,472 | ---- | M] (Kaspersky Lab)
CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] -> %SystemDrive%\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL [Research] -> [2006/10/26 20:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{e2e2dd38-d088-4134-82b7-f2ba38496583}" [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{E908B145-C847-4e85-B315-07E2E70DECF8}" [HKLM] -> %ProgramFiles%\Dealio\kb127\Dealio.dll [Dealio] -> [2008/05/26 19:50:36 | 03,170,144 | ---- | M] (Vendio Services, Inc.)
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Bibliothèque de contrôles ActiveX Microsoft ->
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. ->
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] ->
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab[Shockwave Flash Object] ->
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{48E14897-A614-469E-81D8-4C8ADCB5118D} -> () ->
{CE0F151E-4F0A-4EBB-81BE-FA767FD6D421} -> (Intel(R) PRO/Wireless 3945ABG Network Connection) ->
{E17065E4-3089-4579-AA33-750E219E86F7} -> () ->
{E37C4E06-6080-4199-8802-46716FD04654} -> (Carte réseau 1394) ->
{EBE416CC-BE6A-41E2-9E54-6279AD5063A4} -> (Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC) ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
klogon -> %SystemRoot%\system32\klogon.dll -> [2007/06/28 12:51:48 | 00,206,088 | ---- | M] (Kaspersky Lab)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/14 04:34:22 | 00,142,848 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\livecall.exe" -> C:\Program Files\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> [2007/10/02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2007/10/18 11:34:04 | 05,724,184 | ---- | M] (Microsoft Corporation)
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/14 04:34:22 | 00,142,848 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Autodesk\Maya8.5\bin\maya.exe" -> C:\Program Files\Autodesk\Maya8.5\bin\maya.exe [C:\Program Files\Autodesk\Maya8.5\bin\maya.exe:*:Enabled:Maya] -> [2006/12/17 04:11:30 | 00,225,280 | ---- | M] (Autodesk)
"C:\Program Files\Cain\Cain.exe" -> C:\Program Files\Cain\Cain.exe [C:\Program Files\Cain\Cain.exe:*:Enabled:Cain - Password Recovery Utility] -> [2007/12/11 19:33:08 | 01,026,048 | ---- | M] (oxid.it)
"C:\Program Files\DNA\btdna.exe" -> C:\Program Files\DNA\btdna.exe [C:\Program Files\DNA\btdna.exe:*:Enabled:DNA] -> File not found
"C:\Program Files\e frontier\Poser 7\Poser.exe" -> C:\Program Files\e frontier\Poser 7\Poser.exe [C:\Program Files\e frontier\Poser 7\Poser.exe:*:Enabled:Poser executable file] -> File not found
"C:\Program Files\eMule\eMule.exe" -> C:\Program Files\eMule\eMule.exe [C:\Program Files\eMule\eMule.exe:*:Enabled:eMule Plus] -> [2008/05/18 11:14:54 | 05,799,936 | ---- | M] (http://emuleplus.info)
"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe:*:Enabled:Kaspersky Anti-Virus] -> [2007/06/28 12:51:38 | 00,218,376 | ---- | M] (Kaspersky Lab)
"C:\Program Files\LimeWire\LimeWire.exe" -> C:\Program Files\LimeWire\LimeWire.exe [C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire] -> [2008/09/18 19:50:22 | 00,147,456 | ---- | M] (Lime Wire, LLC)
"C:\Program Files\Magentic\bin\Magentic.exe" -> C:\Program Files\Magentic\bin\Magentic.exe [C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic] -> File not found
"C:\Program Files\Magentic\bin\MgApp.exe" -> C:\Program Files\Magentic\bin\MgApp.exe [C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic] -> File not found
"C:\Program Files\Magentic\bin\MgImp.exe" -> C:\Program Files\Magentic\bin\MgImp.exe [C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic] -> File not found
"C:\Program Files\Messenger\MSMSGS.EXE" -> C:\Program Files\Messenger\MSMSGS.EXE [C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger] -> [2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" -> C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook] -> [2008/05/21 04:37:24 | 12,844,576 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Mozilla Firefox 3 Beta 3\FIREFOX.EXE" -> C:\Program Files\Mozilla Firefox 3 Beta 3\FIREFOX.EXE [C:\Program Files\Mozilla Firefox 3 Beta 3\FIREFOX.EXE:*:Enabled:Firefox] -> [2008/11/07 20:54:32 | 00,307,712 | ---- | M] (Mozilla Corporation)
"C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe" -> C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe [C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic] -> File not found
"C:\Program Files\Skype\Phone\Skype.exe" -> C:\Program Files\Skype\Phone\Skype.exe [C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype] -> [2008/06/03 15:08:42 | 21,718,312 | R--- | M] (Skype Technologies S.A.)
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" -> C:\Program Files\Veoh Networks\Veoh\VeohClient.exe [C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client] -> [2008/08/28 10:18:24 | 03,660,848 | ---- | M] (Veoh Networks)
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" -> C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player ] -> [2008/11/03 23:45:50 | 03,522,296 | ---- | M] (Veoh Networks)
"C:\Program Files\Windows Live\Messenger\livecall.exe" -> C:\Program Files\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> [2007/10/02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2007/10/18 11:34:04 | 05,724,184 | ---- | M] (Microsoft Corporation)
"C:\WINDOWS\System32\CNAC4RPK.EXE" -> C:\WINDOWS\System32\CNAC4RPK.EXE [C:\WINDOWS\System32\CNAC4RPK.EXE:*:Enabled:Canon LBP5000 RPC Server Process] -> [2005/09/19 16:00:00 | 00,057,407 | ---- | M] (CANON INC.)
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
"AlternateShell" -> cmd.exe ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> Pilote de CD-ROM ->
"ImagePath" -> %SystemRoot%\system32\DRIVERS\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2008/04/13 20:40:46 | 00,062,976 | ---- | M] (Microsoft Corporation)
< Drives with AutoRun files > -> ->
C:\AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ FAT32 ] -> [2008/02/25 16:43:16 | 00,000,000 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
\{4ca4170c-f9af-11dc-9929-0018de0ff75a}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4ca4170c-f9af-11dc-9929-0018de0ff75a}\Shell\Auto\command
\{4ca4170c-f9af-11dc-9929-0018de0ff75a}\Shell\Auto\command\\"" -> %SystemRoot%\System32\cmd.exe [cmd /C launch.bat] -> [2008/04/14 04:33:58 | 00,401,408 | ---- | M] (Microsoft Corporation)
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\auto\command
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\auto\command\\"" -> [Knight.exe open] -> File not found
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\explore\command
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\explore\command\\"" -> [Knight.exe open] -> File not found
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\find\command
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\find\command\\"" -> [Knight.exe open] -> File not found
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\install\command
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\install\command\\"" -> [Knight.exe open] -> File not found
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\open\command
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\open\command\\"" -> [Knight.exe open] -> File not found
\{a3e64e16-8570-11dd-ae21-0018de0ff75a}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a3e64e16-8570-11dd-ae21-0018de0ff75a}\Shell\AutoRun\command
\{a3e64e16-8570-11dd-ae21-0018de0ff75a}\Shell\AutoRun\command\\"" -> [.\Encryption Tool\MaxtorEncryption.exe] -> File not found |
|
Posté le 06/12/2008 à 12:23 |
| bonjour et bienvenue
il y a infection en effet
* Télécharge ToolBar-S&D ( Merci à Eric_71, Angeldark, Sham_Rock et XmichouX )
- Double-clique sur ToolBar-SD afin de lancer l'installation, un raccourci sera ajouté sur le Bureau.
- Double-clique dessus pour démarrer l'outil; choisis la langue.
- Sous Vista, fais un clic droit et "Exécuter en tant qu'administrateur" (Elévation des privilèges), puis -> Continuer.
- Tape 1 puis sur la touche [Entrée] afin de lancer la recherche.
- Patiente jusqu'à la fin de la recherche.
- À la fin du scan, le rapport s'ouvrira dans le Bloc-notes.
- Poste ce rapport, par copier/coller, dans ta prochaine réponse.
- Le rapport se trouve également sous : C:\TB.txt
** Aide en images |
|
Posté le 06/12/2008 à 12:29 |
Petit astucien
| [Registry - Additional Scans - Safe List]
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.bat [@ = batfile] -> "%1" %* ->
.chm [@ = chm.file] -> %SystemRoot%\hh.exe -> [2008/04/14 04:34:06 | 00,010,752 | ---- | M] (Microsoft Corporation)
.cmd [@ = cmdfile] -> "%1" %* ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
.hlp [@ = hlpfile] -> %SystemRoot%\System32\winhlp32.exe -> [2004/08/05 14:00:00 | 00,008,192 | ---- | M] (Microsoft Corporation)
.hta [@ = htafile] -> %SystemRoot%\system32\mshta.exe -> [2008/04/14 04:34:12 | 00,029,184 | ---- | M] (Microsoft Corporation)
.html [@ = htmlfile] -> %ProgramFiles%\Internet Explorer\iexplore.exe -> [2008/04/14 04:34:06 | 00,093,184 | ---- | M] (Microsoft Corporation)
.inf [@ = inffile] -> %SystemRoot%\System32\NOTEPAD.EXE -> [2008/04/14 04:34:16 | 00,070,656 | ---- | M] (Microsoft Corporation)
.ini [@ = inifile] -> %SystemRoot%\System32\NOTEPAD.EXE -> [2008/04/14 04:34:16 | 00,070,656 | ---- | M] (Microsoft Corporation)
.js [@ = JSFile] -> %SystemRoot%\System32\WScript.exe -> [2008/05/08 12:24:44 | 00,155,648 | ---- | M] (Microsoft Corporation)
.jse [@ = JSEFile] -> %SystemRoot%\System32\WScript.exe -> [2008/05/08 12:24:44 | 00,155,648 | ---- | M] (Microsoft Corporation)
.pif [@ = piffile] -> "%1" %* ->
.reg [@ = regfile] -> %SystemRoot%\regedit.exe -> [2008/04/14 04:34:20 | 00,153,088 | ---- | M] (Microsoft Corporation)
.scr [@ = scrfile] -> "%1" /S ->
.txt [@ = txtfile] -> %SystemRoot%\system32\NOTEPAD.EXE -> [2008/04/14 04:34:16 | 00,070,656 | ---- | M] (Microsoft Corporation)
.vbe [@ = VBEFile] -> %SystemRoot%\System32\WScript.exe -> [2008/05/08 12:24:44 | 00,155,648 | ---- | M] (Microsoft Corporation)
.vbs [@ = VBSFile] -> %SystemRoot%\System32\WScript.exe -> [2008/05/08 12:24:44 | 00,155,648 | ---- | M] (Microsoft Corporation)
.wsf [@ = WSFFile] -> %SystemRoot%\System32\WScript.exe -> [2008/05/08 12:24:44 | 00,155,648 | ---- | M] (Microsoft Corporation)
.wsh [@ = WSHFile] -> %SystemRoot%\System32\WScript.exe -> [2008/05/08 12:24:44 | 00,155,648 | ---- | M] (Microsoft Corporation)
< Protocol Filters [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ ->
text/xml:{807563E5-5146-11D5-A672-00B0D022E945} [HKLM] -> %SystemDrive%\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL[Microsoft Office InfoPath XML Mime Filter] -> [2006/10/26 21:41:48 | 00,044,344 | ---- | M] (Microsoft Corporation)
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
ipp: [HKLM] -> No CLSID value
ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} [HKLM] -> %SystemDrive%\PROGRA~1\FICHIE~1\SYSTEM\OLEDB~1\MSDAIPP.DLL[MSDAMON.BINDER] -> [2007/08/28 23:55:14 | 01,014,128 | ---- | M] (Microsoft Corporation)
livecall:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> %SystemDrive%\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL[Reg Error: Value does not exist or could not be read.] -> [2007/10/18 11:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation)
msdaipp: [HKLM] -> No CLSID value
msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} [HKLM] -> %SystemDrive%\PROGRA~1\FICHIE~1\SYSTEM\OLEDB~1\MSDAIPP.DLL[MSDAMON.BINDER] -> [2007/08/28 23:55:14 | 01,014,128 | ---- | M] (Microsoft Corporation)
msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} [HKLM] -> %SystemDrive%\PROGRA~1\FICHIE~1\SYSTEM\OLEDB~1\MSDAIPP.DLL[MSDAIPP.BINDER] -> [2007/08/28 23:55:14 | 01,014,128 | ---- | M] (Microsoft Corporation)
ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} [HKLM] -> %CommonProgramFiles%\Microsoft Shared\Help\hxds.dll[HxProtocol Class] -> [2006/10/26 13:45:02 | 00,873,216 | ---- | M] (Microsoft Corporation)
msnim:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> %SystemDrive%\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL[Reg Error: Value does not exist or could not be read.] -> [2007/10/18 11:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation)
skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKLM] -> %SystemDrive%\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL[IEProtocolHandler Class] -> [2008/06/03 15:08:42 | 01,942,864 | R--- | M] (Skype Technologies)
wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} [HKLM] -> %ProgramFiles%\Windows Live\Mail\mailcomm.dll[Windows Live Mail HTML Asynchronous Pluggable Protocol Handler] -> [2007/10/23 12:14:52 | 00,858,136 | ---- | M] (Microsoft Corporation)
< Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
\\"FirstRunDisabled" -> [1] -> File not found
\\"AntiVirusDisableNotify" -> [0] -> File not found
\\"FirewallDisableNotify" -> [0] -> File not found
\\"UpdatesDisableNotify" -> [0] -> File not found
\\"AntiVirusOverride" -> [0] -> File not found
\\"FirewallOverride" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus
\Monitoring\KasperskyAntiVirus\\"DisableMonitoring" -> [1] -> File not found
\Monitoring\KasperskyAntiVirus\\"" -> [] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus
\Monitoring\SymantecAntiVirus\\"DisableMonitoring" -> [1] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall
\Monitoring\SymantecFirewall\\"DisableMonitoring" -> [1] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
\\"EnableFirewall" -> [1] -> File not found
\\"DoNotAllowExceptions" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> ->
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
{0405E51E-9582-4207-8F38-AC44201D3808} -> VeohTV BETA
{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB} -> mSSO
{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7} -> mLogView
{110EB5C4-E995-4CFB-AB80-A5F315BEA9E8} -> Python 2.6
{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C} -> ATK Media
{17E2F183-BAC4-4D01-BD7A-59F781E17EFA} -> REALTEK PCIE NIC Driver
{23FB368F-1399-4EAC-817C-4B83ECBE3D83} -> mProSafe
{3248F0A8-6813-11D6-A77B-00B0D0160070} -> Java(TM) 6 Update 7
{350C940c-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP
{3E9D596A-61D4-4239-BD19-2DB984D2A16F} -> mIWA
{4462AD13-F2AA-4CBD-9F95-293C38EED870} -> Power4 Gear
{4B9BB601-13E9-4042-A3BC-E7955BF4A98F} -> Kaspersky Anti-Virus 7.0
{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} -> Skype™ 3.8
{6105648C-0C3C-481D-8C11-1F4952D6FB53} -> Dealio Toolbar 3.4
{63DB9CCD-2B56-4217-9A3D-507AC78320CA} -> mWMI
{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} -> Windows Media Player Firefox Plugin
{7299052b-02a4-4627-81f2-1818da5d550d} -> Microsoft Visual C++ 2005 Redistributable
{81525B87-9344-4834-883C-C6A9D78EA1DF} -> Maya 8.5 Documentation (en_US)
{829CD169-E692-48E8-9BDE-A3E8D8B65538} -> mSCfg
{83F73CB1-7705-49D1-9852-84D839CA2A45} -> Wireless Console 2
{85EBB283-65AF-4C53-9EBE-7C0A232762F7} -> AGEIA PhysX v7.03.21
{868D7896-99D4-4513-BC62-2B3AD3E24926} -> TuneUp Utilities 2006
{8B928BA1-EDEC-4227-A2DA-DD83026C36F5} -> mPfMgr
{8C6BB412-D3A8-4AAE-A01B-35B681789D68} -> mHelp
{90120000-0010-040C-0000-0000000FF1CE} -> Microsoft Software Update for Web Folders (French) 12
{90120000-0011-0000-0000-0000000FF1CE} -> Microsoft Office Professional Plus 2007
{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BEE75E01-DD3F-4D5F-B96C-609E6538D419} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-0015-040C-0000-0000000FF1CE} -> Microsoft Office Access MUI (French) 2007
{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-0016-040C-0000-0000000FF1CE} -> Microsoft Office Excel MUI (French) 2007
{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-0018-040C-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (French) 2007
{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-0019-040C-0000-0000000FF1CE} -> Microsoft Office Publisher MUI (French) 2007
{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001A-040C-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (French) 2007
{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001B-040C-0000-0000000FF1CE} -> Microsoft Office Word MUI (French) 2007
{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001F-0401-0000-0000000FF1CE} -> Microsoft Office Proof (Arabic) 2007
{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{5A2F65A4-808F-4A1E-973E-92E17824982D} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001F-0407-0000-0000000FF1CE} -> Microsoft Office Proof (German) 2007
{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2007
{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{3EC77D26-799B-4CD8-914F-C1565E796173} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001F-040C-0000-0000000FF1CE} -> Microsoft Office Proof (French) 2007
{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{430971B1-C31E-45DA-81E0-72C095BAB72C} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001F-0413-0000-0000000FF1CE} -> Microsoft Office Proof (Dutch) 2007
{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{B3F4DC34-7F60-4B7C-A79F-1C13012D99D4} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001F-0C0A-0000-0000000FF1CE} -> Microsoft Office Proof (Spanish) 2007
{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-002C-040C-0000-0000000FF1CE} -> Microsoft Office Proofing (French) 2007
{90120000-0044-040C-0000-0000000FF1CE} -> Microsoft Office InfoPath MUI (French) 2007
{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-006E-040C-0000-0000000FF1CE} -> Microsoft Office Shared MUI (French) 2007
{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{EC50B538-CBE1-42E6-B7FE-87AA540AADFB} -> Microsoft Office Language Pack 2007 Service Pack 1 (SP1)
{90B0D222-8C21-4B35-9262-53B042F18AF9} -> mPfWiz
{94658027-9F16-4509-BBD7-A59FE57C3023} -> mZConfig
{95120000-00AF-040C-0000-0000000FF1CE} -> Microsoft Office PowerPoint Viewer 2007 (French)
{A0F925BF-5C55-44C2-A4E7-5A4C59791C29} -> mDriver
{A1E0E88A-F5E9-4414-A0D7-31940E965EC5} -> Maya 8.5
{AC76BA86-7AD7-1033-7B44-A71000000002} -> Adobe Reader 7.1.0
{AEB9948B-4FF2-47C9-990E-47014492A0FE} -> MSXML 6.0 Parser
{BADF6744-3787-48F6-B8C9-4C4995401D65} -> Windows Live Messenger
{BFD96B89-B769-4CD6-B11E-E79FFD46F067} -> QuickTime
{C033BF6E-9D82-4E0B-A46E-ABC746D6F431} -> Autodesk DirectConnect 2.0
{C514C594-23AA-4F13-A070-DB8BDB27594F} -> Windows Live Mail
{C9D599E1-6B68-4a1f-8A4F-A1DB433DB1BF} -> Norton Internet Security
{CA9BAADB-C262-4E05-B2E2-CEE8CE9809EC} -> mToolkit
{CB099890-1D5F-11D5-9EA9-0050BAE317E1} -> PowerDirector
{CEBB6BFB-D708-4F99-A633-BC2600E01EF6} -> Bluetooth Stack for Windows
{D0C73318-7B4A-4D16-A0C4-3B83F075EA88} -> Search Settings 1.2
{DA42FDCA-7C5A-43EF-9A05-CCE148ADF919} -> CC_ccProxyExt
{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32} -> Command & Conquer 3
{DE10AB76-4756-4913-BE25-55D1C1051F9A} -> WinFlash
{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0} -> ASUS Live Update
{E81667C6-2856-46D6-ABEA-6A2F42166779} -> mCore
{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5} -> mMHouse
{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} -> Realtek High Definition Audio Driver
{F6090A17-0967-4A8A-B3C3-422A1B514D49} -> mDrWiFi
{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4} -> mWlsSafe
{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} -> Windows Live installer
7-Zip -> 7-Zip 4.57
Adobe Flash Player ActiveX -> Adobe Flash Player ActiveX
Adobe Flash Player Plugin -> Adobe Flash Player 10 Plugin
AIDA32_is1 -> AIDA32 v3.93
Aspell English Dictionary_is1 -> Aspell English Dictionary-0.50-2
Aspell French Dictionary_is1 -> Aspell French Dictionary-0.50-3
ASUS WebCam, 1.3M, USB2.0, FF -> ASUS WebCam, 1.3M, USB2.0, FF
Blender -> Blender (remove only)
Cain & Abel v4.9.10 -> Cain & Abel v4.9.10
Canon LBP5000 -> Canon LBP5000
CCleaner -> CCleaner (remove only)
cont_adzgalore -> Contextual Tool Adzgalore
CrackWepPack v0.1_is1 -> CrackWepPack v0.1
DPS -> DPS
eMule Plus_is1 -> eMule Plus 1.2d
GNU Aspell_is1 -> GNU Aspell 0.50-3
GTK 2.0 -> Bibliothèques GTK+ 2.12.12 rev a (supprimer uniquement)
HControl -> ATK0100 ACPI UTILITY
HijackThis -> HijackThis 2.0.2
InstallShield_{0405E51E-9582-4207-8F38-AC44201D3808} -> VeohTV BETA
InstallWIX_{4B9BB601-13E9-4042-A3BC-E7955BF4A98F} -> Kaspersky Anti-Virus 7.0
jfjfsvtouatumih -> RON Tool Cpmsky
LimeWire -> LimeWire 4.18.8
M3 -> Asus MiVo Messenger
Malwarebytes' Anti-Malware_is1 -> Malwarebytes' Anti-Malware
Messenger Plus! Live -> Messenger Plus! Live
Mozilla Firefox (3.0.4) -> Mozilla Firefox (3.0.4)
MSCompPackV1 -> Microsoft Compression Client Pack 1.0 for Windows XP
NVIDIA Drivers -> NVIDIA Drivers
Pack Vista Inspirat 2 -> Pack Vista Inspirat 2 1.0
Pidgin -> Pidgin
ppcbooster -> PPC Booster
ProInst -> Logiciel Intel(R) PROSet/Wireless
PROPLUS -> Microsoft Office Professional Plus 2007
SMSERIAL -> Motorola SM56 Speakerphone Modem
Switch -> Switch Uninstall
SynTPDeinstKey -> Synaptics Pointing Device Driver
Texture Maker_is1 -> Texture Maker 3.03
Unlocker -> Unlocker 1.8.7
Veoh Web Player Beta -> Veoh Web Player Beta
VLC media player -> VideoLAN VLC media player 0.8.6e
Windows Media Format Runtime -> Windows Media Format 11 runtime
Windows Media Player -> Lecteur Windows Media 11
Windows XP Service -> Windows XP Service Pack 3
WinPcapInst -> WinPcap 4.0.2
WMFDist11 -> Windows Media Format 11 runtime
wmp11 -> Windows Media Player 11
Wudf01000 -> Microsoft User-Mode Driver Framework Feature Pack 1.0
Yaf(a)Ray_is1 -> Yaf(a)Ray 0.1.0
< Uninstall List [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
SparkAngels -> SparkAngels
< Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ ->
NameSpace_Catalog5\Catalog_Entries\000000000004 [Espace de noms Bluetooth] -> %SystemRoot%\system32\wshbth.dll -> [2008/04/14 04:33:50 | 00,108,032 | ---- | M] (Microsoft Corporation)
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Application [ Error ] 13/09/2008 13:30:50 Computer Name = NOM-7231E66C98C | Source = Application Hang | ID = 1001 -> Description = Détecteur d'erreurs 126648864.
Application [ Error ] 18/09/2008 06:46:07 Computer Name = NOM-7231E66C98C | Source = Application Hang | ID = 1002 -> Description = Application bloquée nero.exe, version 6.3.1.4, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Application [ Error ] 05/10/2008 07:17:58 Computer Name = NOM-7231E66C98C | Source = Application Hang | ID = 1002 -> Description = Application bloquée Poser.exe, version 7.0.0.63, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Application [ Error ] 12/10/2008 04:17:41 Computer Name = NOM-7231E66C98C | Source = Application Error | ID = 1000 -> Description = Application défaillante zangosa.exe, version 10.3.75.0, module défaillant prloader.dll, version 7.0.0.125, adresse de défaillance 0x000155d0.
Application [ Error ] 12/10/2008 08:40:57 Computer Name = NOM-7231E66C98C | Source = Application Hang | ID = 1002 -> Description = Application bloquée OUTLOOK.EXE, version 12.0.6316.5000, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Application [ Error ] 19/10/2008 15:23:29 Computer Name = NOM-7231E66C98C | Source = Application Hang | ID = 1002 -> Description = Application bloquée rundll32.exe, version 5.1.2600.2180, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Application [ Error ] 26/10/2008 18:15:11 Computer Name = NOM-7231E66C98C | Source = Application Error | ID = 1000 -> Description = Application défaillante asusdvd.exe, version 6.0.0.3019, module défaillant clnavx.ax, version 6.0.0.2017, adresse de défaillance 0x00019ac2.
Application [ Error ] 02/11/2008 13:22:00 Computer Name = NOM-7231E66C98C | Source = Application Error | ID = 1000 -> Description = Application défaillante blender.exe, version 0.0.0.0, module défaillant nvoglnt.dll, version 6.14.10.8426, adresse de défaillance 0x001643b4.
Application [ Error ] 05/11/2008 05:42:19 Computer Name = NOM-7231E66C98C | Source = Application Hang | ID = 1002 -> Description = Application bloquée rundll32.exe, version 5.1.2600.5512, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Application [ Error ] 05/11/2008 05:42:19 Computer Name = NOM-7231E66C98C | Source = Application Hang | ID = 1002 -> Description = Application bloquée rundll32.exe, version 5.1.2600.5512, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
System [ Error ] 28/11/2008 15:52:29 Computer Name = NORIC-7231E66C9 | Source = W32Time | ID = 39452689 -> Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient va essayer à nouveau la recherche DNS dans 15 minutes. L'erreur était : Une opération a été tentée sur un hôte impossible à atteindre. (0x80072751)
System [ Error ] 28/11/2008 15:52:29 Computer Name = NORIC-7231E66C9 | Source = W32Time | ID = 39452701 -> Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes. NtpClient n'a pas de source de temps précis.
System [ Error ] 28/11/2008 18:28:30 Computer Name = NORIC-7231E66C9 | Source = DCOM | ID = 10005 -> Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56}
System [ Error ] 28/11/2008 19:13:48 Computer Name = NORIC-7231E66C9 | Source = DCOM | ID = 10005 -> Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56}
System [ Error ] 01/12/2008 15:30:05 Computer Name = NORIC-7231E66C9 | Source = DCOM | ID = 10000 -> Description = Le démarrage d'un serveur DCOM : {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} n'est pas possible. L'erreur : "%5" s'est produite lors du démarrage de la commande : C:\WINDOWS\system32\wbem\wmiprvse.exe -Embedding
System [ Error ] 01/12/2008 15:30:05 Computer Name = NORIC-7231E66C9 | Source = DCOM | ID = 10000 -> Description = Le démarrage d'un serveur DCOM : {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} n'est pas possible. L'erreur : "%5" s'est produite lors du démarrage de la commande : C:\WINDOWS\system32\wbem\wmiprvse.exe -Embedding
System [ Error ] 05/12/2008 18:34:27 Computer Name = NORIC-7231E66C9 | Source = Windows Update Agent | ID = 16 -> Description = Connexion impossible : Windows ne parvient pas à se connecter au service Mises à jour automatiques et ne peut donc pas procéder au téléchargement et à l'installation des mises à jour définies par la planification. Windows continuera d'essayer d'établir la connexion.
System [ Error ] 05/12/2008 18:34:34 Computer Name = NORIC-7231E66C9 | Source = Dhcp | ID = 1002 -> Description = Le bail de l'adresse IP 192.168.0.5 pour la carte réseau dont l'adresse réseau est 0018DE0FF75A a été refusé par le serveur DHCP 192.168.0.254 (celui-ci a envoyé un message DHCPNACK).
System [ Error ] 06/12/2008 06:15:45 Computer Name = NORIC-7231E66C9 | Source = DCOM | ID = 10005 -> Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56}
System [ Error ] 06/12/2008 06:39:54 Computer Name = NORIC-7231E66C9 | Source = sr | ID = 1 -> Description = Le filtre de restauration du système à rencontré l'erreur inattendue '0xC0000001' pendant le traitement du fichier '' sur le volume 'HarddiskVolume1'. Ceci a entraîné l'arrêt de la surveillance du volume. |
|
Posté le 06/12/2008 à 12:30 |
Petit astucien
| [Files/Folders - Created Within 30 Days]
OTScanIt2 -> %UserProfile%\Bureau\OTScanIt2 -> [2008/12/06 12:02:22 | 00,000,000 | ---D | C]
OTScanIt2.exe -> %UserProfile%\Bureau\OTScanIt2.exe -> [2008/12/06 11:53:34 | 00,647,651 | ---- | C] ()
trend micro -> %ProgramFiles%\trend micro -> [2008/12/06 11:52:25 | 00,000,000 | ---D | C]
rsit -> %SystemDrive%\rsit -> [2008/12/06 11:52:25 | 00,000,000 | ---D | C]
RSIT.exe -> %UserProfile%\Bureau\RSIT.exe -> [2008/12/06 11:50:01 | 00,305,705 | ---- | C] ()
Malwarebytes -> %AppData%\Malwarebytes -> [2008/12/06 11:29:45 | 00,000,000 | ---D | C]
mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2008/12/06 11:29:43 | 00,015,504 | ---- | C] (Malwarebytes Corporation)
Malwarebytes' Anti-Malware.lnk -> %AllUsersProfile%\Bureau\Malwarebytes' Anti-Malware.lnk -> [2008/12/06 11:29:43 | 00,000,600 | ---- | C] ()
mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2008/12/06 11:29:40 | 00,038,496 | ---- | C] (Malwarebytes Corporation)
Malwarebytes' Anti-Malware -> %ProgramFiles%\Malwarebytes' Anti-Malware -> [2008/12/06 11:29:39 | 00,000,000 | ---D | C]
Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes -> [2008/12/06 11:29:39 | 00,000,000 | ---D | C]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [2008/12/06 11:03:41 | 00,054,156 | -H-- | C] ()
QTFont.for -> %SystemRoot%\QTFont.for -> [2008/12/06 11:03:41 | 00,001,409 | ---- | C] ()
BAM11-fr.pdf -> %UserProfile%\Bureau\BAM11-fr.pdf -> [2008/12/06 10:09:45 | 06,846,437 | ---- | C] ()
Mes Historiques de Conversation -> %UserProfile%\Mes documents\Mes Historiques de Conversation -> [2008/12/01 14:23:54 | 00,000,000 | ---D | C]
Search Settings -> %AppData%\Search Settings -> [2008/11/25 18:47:40 | 00,000,000 | ---D | C]
Search Settings -> %ProgramFiles%\Search Settings -> [2008/11/25 11:27:32 | 00,000,000 | ---D | C]
Dealio -> %ProgramFiles%\Dealio -> [2008/11/25 11:27:19 | 00,000,000 | ---D | C]
Dealio -> %AppData%\Dealio -> [2008/11/25 11:27:12 | 00,000,000 | ---D | C]
COMCT232.OCX -> %SystemRoot%\System32\COMCT232.OCX -> [2008/11/25 11:26:34 | 00,164,144 | ---- | C] (Microsoft Corporation)
AudFile.dll -> %SystemRoot%\System32\AudFile.dll -> [2008/11/25 11:26:30 | 01,986,560 | ---- | C] (NCT Company Ltd.)
AudioInfos.dll -> %SystemRoot%\System32\AudioInfos.dll -> [2008/11/25 11:26:30 | 01,212,416 | ---- | C] (NCT Company Ltd.)
AudioVisu.dll -> %SystemRoot%\System32\AudioVisu.dll -> [2008/11/25 11:26:30 | 00,479,232 | ---- | C] (NCT Company Ltd.)
AudPlayer.dll -> %SystemRoot%\System32\AudPlayer.dll -> [2008/11/25 11:26:30 | 00,458,752 | ---- | C] (NCT Company Ltd.)
AudioRecord.dll -> %SystemRoot%\System32\AudioRecord.dll -> [2008/11/25 11:26:30 | 00,454,656 | ---- | C] (NCT Company Ltd.)
AudDisplay.dll -> %SystemRoot%\System32\AudDisplay.dll -> [2008/11/25 11:26:30 | 00,417,792 | ---- | C] (NCT Company Ltd.)
WMAFile.dll -> %SystemRoot%\System32\WMAFile.dll -> [2008/11/25 11:26:30 | 00,348,160 | ---- | C] (NCT Company Ltd.)
NCTWMAProfiles.prx -> %SystemRoot%\System32\NCTWMAProfiles.prx -> [2008/11/25 11:26:30 | 00,116,296 | ---- | C] ()
AudDesign.dll -> %SystemRoot%\System32\AudDesign.dll -> [2008/11/25 11:26:29 | 02,084,864 | ---- | C] (NCT Company Ltd.)
TABCTL32.OCX -> %SystemRoot%\System32\TABCTL32.OCX -> [2008/11/25 11:26:29 | 00,224,016 | ---- | C] (Microsoft Corporation)
VB6FR.DLL -> %SystemRoot%\System32\VB6FR.DLL -> [2008/11/25 11:26:29 | 00,119,568 | ---- | C] (Microsoft Corporation)
VB6STKIT.DLL -> %SystemRoot%\System32\VB6STKIT.DLL -> [2008/11/25 11:26:29 | 00,101,888 | ---- | C] (Microsoft Corporation)
TABCTFR.DLL -> %SystemRoot%\System32\TABCTFR.DLL -> [2008/11/25 11:26:29 | 00,021,504 | ---- | C] (Microsoft Corporation)
inetfr.DLL -> %SystemRoot%\System32\inetfr.DLL -> [2008/11/25 11:26:29 | 00,015,360 | ---- | C] (Microsoft Corporation)
MSCOMCT2.OCX -> %SystemRoot%\System32\MSCOMCT2.OCX -> [2008/11/25 11:26:28 | 00,662,288 | ---- | C] (Microsoft Corporation)
COMDLG32.OCX -> %SystemRoot%\System32\COMDLG32.OCX -> [2008/11/25 11:26:28 | 00,152,848 | ---- | C] (Microsoft Corporation)
MSCMCFR.DLL -> %SystemRoot%\System32\MSCMCFR.DLL -> [2008/11/25 11:26:28 | 00,141,312 | ---- | C] (Microsoft Corporation)
Mscc2fr.dll -> %SystemRoot%\System32\Mscc2fr.dll -> [2008/11/25 11:26:28 | 00,059,904 | ---- | C] (Microsoft Corporation)
CMDLGFR.DLL -> %SystemRoot%\System32\CMDLGFR.DLL -> [2008/11/25 11:26:28 | 00,032,768 | ---- | C] (Microsoft Corporation)
.purple -> %AppData%\.purple -> [2008/11/21 15:49:03 | 00,000,000 | ---D | C]
Aspell -> %ProgramFiles%\Aspell -> [2008/11/21 15:46:09 | 00,000,000 | ---D | C]
Pidgin -> %ProgramFiles%\Pidgin -> [2008/11/21 15:45:32 | 00,000,000 | ---D | C]
GTK -> %CommonProgramFiles%\GTK -> [2008/11/21 15:45:20 | 00,000,000 | ---D | C]
Ma Musique.lnk -> %UserProfile%\Mes documents\Ma Musique.lnk -> [2008/11/20 00:50:52 | 00,000,306 | ---- | C] ()
Anti Trojan Elite -> %ProgramFiles%\Anti Trojan Elite -> [2008/11/13 23:43:30 | 00,000,000 | ---D | C]
iesvcmon1.exe -> %SystemRoot%\System32\iesvcmon1.exe -> [2008/11/13 23:15:19 | 01,515,520 | ---- | C] (System Service)
SpeedTest -> %ProgramFiles%\SpeedTest -> [2008/11/13 23:13:41 | 00,000,000 | ---D | C]
nc605007.exe -> %SystemRoot%\nc605007.exe -> [2008/11/13 23:13:34 | 00,473,088 | ---- | C] ()
ppcbooster -> %ProgramFiles%\ppcbooster -> [2008/11/13 23:13:33 | 00,000,000 | ---D | C]
msconfig.exe -> %SystemRoot%\System32\msconfig.exe -> [2008/11/13 23:10:20 | 00,158,208 | RH-- | C] (Microsoft Corporation)
Raccourci vers LimeWire.lnk -> %UserProfile%\Bureau\Raccourci vers LimeWire.lnk -> [2008/11/13 23:08:51 | 00,000,337 | ---- | C] ()
CCleaner.lnk -> %UserProfile%\Bureau\CCleaner.lnk -> [2008/11/13 23:01:26 | 00,001,464 | ---- | C] ()
jfjfsvtouatumih.exe -> %SystemRoot%\System32\jfjfsvtouatumih.exe -> [2008/11/13 22:59:58 | 00,047,584 | ---- | C] ()
cont_adzgalore-remove.exe -> %SystemRoot%\System32\cont_adzgalore-remove.exe -> [2008/11/13 22:59:49 | 00,053,940 | ---- | C] ()
MSXML 4.0 -> %ProgramFiles%\MSXML 4.0 -> [2008/11/13 22:51:14 | 00,000,000 | ---D | C]
kill.exe -> %SystemRoot%\kill.exe -> [2008/11/13 01:13:38 | 00,009,488 | RH-- | C] (Microsoft Corporation)
mrxsmb.sys -> %SystemRoot%\System32\dllcache\mrxsmb.sys -> [2008/11/12 14:53:30 | 00,455,296 | ---- | C] (Microsoft Corporation)
msxml3.dll -> %SystemRoot%\System32\dllcache\msxml3.dll -> [2008/11/12 14:53:02 | 01,106,944 | ---- | C] (Microsoft Corporation)
Bric à Brac -> %UserProfile%\Bureau\Bric à Brac -> [2008/11/11 15:54:35 | 00,000,000 | ---D | C]
CSVer.dll -> %SystemRoot%\System32\CSVer.dll -> [2008/11/11 15:12:31 | 00,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User)
Intel -> %SystemDrive%\Intel -> [2008/11/11 15:12:04 | 00,000,000 | ---D | C]
Toshiba -> %ProgramFiles%\Toshiba -> [2008/11/11 14:57:52 | 00,000,000 | ---D | C]
Motorola -> %SystemRoot%\Motorola -> [2008/11/11 14:52:27 | 00,000,000 | ---D | C]
smserial.sys -> %SystemRoot%\System32\drivers\smserial.sys -> [2008/11/11 14:52:22 | 00,889,472 | ---- | C] (Motorola Inc.)
sm56hlpr.exe -> %SystemRoot%\sm56hlpr.exe -> [2008/11/11 14:52:21 | 00,544,768 | ---- | C] (Motorola Inc.)
sm56ita.dll -> %SystemRoot%\sm56ita.dll -> [2008/11/11 14:52:21 | 00,065,536 | ---- | C] (Motorola Inc.)
sm56kor.dll -> %SystemRoot%\sm56kor.dll -> [2008/11/11 14:52:21 | 00,053,248 | ---- | C] (Motorola Inc.)
sm56jpn.dll -> %SystemRoot%\sm56jpn.dll -> [2008/11/11 14:52:21 | 00,053,248 | ---- | C] (Motorola Inc.)
sm56ger.dll -> %SystemRoot%\sm56ger.dll -> [2008/11/11 14:52:20 | 00,065,536 | ---- | C] (Motorola Inc.)
sm56co.dll -> %SystemRoot%\System32\sm56co.dll -> [2008/11/11 14:52:19 | 00,139,264 | ---- | C] (Motorola Inc.)
sm56eng.dll -> %SystemRoot%\sm56eng.dll -> [2008/11/11 14:52:19 | 00,069,632 | ---- | C] (Motorola Inc.)
sm56fra.dll -> %SystemRoot%\sm56fra.dll -> [2008/11/11 14:52:19 | 00,065,536 | ---- | C] (Motorola Inc.)
sm56esp.dll -> %SystemRoot%\sm56esp.dll -> [2008/11/11 14:52:19 | 00,065,536 | ---- | C] (Motorola Inc.)
sm56brz.dll -> %SystemRoot%\sm56brz.dll -> [2008/11/11 14:52:19 | 00,065,536 | ---- | C] (Motorola Inc.)
sm56dnk.dll -> %SystemRoot%\sm56dnk.dll -> [2008/11/11 14:52:19 | 00,061,440 | ---- | C] (Motorola Inc.)
sm56cht.dll -> %SystemRoot%\sm56cht.dll -> [2008/11/11 14:52:19 | 00,053,248 | ---- | C] (Motorola Inc.)
sm56chs.dll -> %SystemRoot%\sm56chs.dll -> [2008/11/11 14:52:19 | 00,053,248 | ---- | C] (Motorola Inc.)
msxml4r.dll -> %SystemRoot%\System32\msxml4r.dll -> [2008/11/11 14:52:14 | 00,082,432 | ---- | C] (Microsoft Corporation)
RtlCPAPI.dll -> %SystemRoot%\System32\RtlCPAPI.dll -> [2008/11/11 14:48:44 | 00,135,168 | R--- | C] ()
AIDA32 - Personal System Information -> %ProgramFiles%\AIDA32 - Personal System Information -> [2008/11/11 14:37:06 | 00,000,000 | ---D | C]
AegisI5Installer.exe -> %SystemRoot%\System32\AegisI5Installer.exe -> [2008/11/11 14:15:02 | 00,319,488 | ---- | C] ()
Intel -> %AllUsersProfile%\Application Data\Intel -> [2008/11/11 14:13:57 | 00,000,000 | ---D | C]
Intel -> %AppData%\Intel -> [2008/11/11 14:13:01 | 00,000,000 | ---D | C]
Command & Conquer 3 Les guerres du Tiberium -> %UserProfile%\Mes documents\Command & Conquer 3 Les guerres du Tiberium -> [2008/11/08 13:48:44 | 00,000,000 | ---D | C]
ItDb.enc -> %AppData%\ItDb.enc -> [2008/11/08 09:28:16 | 00,000,048 | ---- | C] ()
chloé -> %UserProfile%\Mes documents\chloé -> [2008/11/07 16:19:19 | 00,000,000 | ---D | C]
[Files/Folders - Modified Within 30 Days]
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader -> [2008/02/25 20:40:00 | 00,000,000 | ---D | M]
qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [2008/11/13 23:58:40 | 00,004,646 | ---- | M] ()
qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [2008/11/13 23:58:40 | 00,004,232 | ---- | M] ()
C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data -> [2008/02/25 17:49:48 | 00,000,000 | ---D | M]
data.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\data.dat -> [2008/02/25 17:52:30 | 00,001,372 | ---- | M] ()
opa12.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\opa12.dat -> [2008/08/18 14:20:04 | 00,008,206 | ---- | M] ()
C:\Documents and Settings\Noric\Local Settings\Temp\ -> C:\Documents and Settings\Noric\Local Settings\Temp -> [2008/02/25 16:36:18 | 00,000,000 | ---D | M]
Perflib_Perfdata_958.dat -> C:\Documents and Settings\Noric\Local Settings\Temp\Perflib_Perfdata_958.dat -> [2008/12/06 11:40:06 | 00,016,384 | ---- | M] ()
7 C:\Documents and Settings\Noric\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Noric\Local Settings\Temp\*.tmp ->
OTScanIt2.exe -> %UserProfile%\Bureau\OTScanIt2.exe -> [2008/12/06 11:53:48 | 00,647,651 | ---- | M] ()
RSIT.exe -> %UserProfile%\Bureau\RSIT.exe -> [2008/12/06 11:50:10 | 00,305,705 | ---- | M] ()
nvapps.xml -> %SystemRoot%\System32\nvapps.xml -> [2008/12/06 11:39:58 | 00,050,868 | ---- | M] ()
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2008/12/06 11:39:54 | 00,000,006 | -H-- | M] ()
bootstat.dat -> %SystemRoot%\bootstat.dat -> [2008/12/06 11:39:50 | 00,002,048 | --S- | M] ()
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [2008/12/06 11:39:46 | 21,467,17696 | -HS- | M] ()
fidbox.dat -> %SystemRoot%\System32\drivers\fidbox.dat -> [2008/12/06 11:39:00 | 00,014,368 | -HS- | M] ()
fidbox.idx -> %SystemRoot%\System32\drivers\fidbox.idx -> [2008/12/06 11:39:00 | 00,001,268 | -HS- | M] ()
fidbox2.idx -> %SystemRoot%\System32\drivers\fidbox2.idx -> [2008/12/06 11:39:00 | 00,001,100 | -HS- | M] ()
fidbox2.dat -> %SystemRoot%\System32\drivers\fidbox2.dat -> [2008/12/06 11:39:00 | 00,000,288 | -HS- | M] ()
bthservsdp.dat -> %SystemRoot%\bthservsdp.dat -> [2008/12/06 11:38:52 | 00,000,012 | ---- | M] ()
Malwarebytes' Anti-Malware.lnk -> %AllUsersProfile%\Bureau\Malwarebytes' Anti-Malware.lnk -> [2008/12/06 11:29:44 | 00,000,600 | ---- | M] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2008/12/06 11:21:48 | 00,067,072 | ---- | M] ()
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [2008/12/06 11:03:42 | 00,054,156 | -H-- | M] ()
QTFont.for -> %SystemRoot%\QTFont.for -> [2008/12/06 11:03:42 | 00,001,409 | ---- | M] ()
BAM11-fr.pdf -> %UserProfile%\Bureau\BAM11-fr.pdf -> [2008/12/06 10:10:34 | 06,846,437 | ---- | M] ()
wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [2008/12/04 20:49:38 | 00,001,158 | ---- | M] ()
mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2008/12/03 19:52:38 | 00,038,496 | ---- | M] (Malwarebytes Corporation)
mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2008/12/03 19:52:34 | 00,015,504 | ---- | M] (Malwarebytes Corporation)
cont_adzgalore-remove.exe -> %SystemRoot%\System32\cont_adzgalore-remove.exe -> [2008/12/03 16:23:22 | 00,053,940 | ---- | M] ()
GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [2008/11/20 09:32:08 | 00,071,672 | ---- | M] ()
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2008/11/20 09:31:34 | 00,276,560 | ---- | M] ()
Ma Musique.lnk -> %UserProfile%\Mes documents\Ma Musique.lnk -> [2008/11/20 00:50:54 | 00,000,306 | ---- | M] ()
inst.exe -> %AppData%\inst.exe -> [2008/11/20 00:29:22 | 00,087,608 | ---- | M] ()
pcouffin.sys -> %AppData%\pcouffin.sys -> [2008/11/20 00:29:20 | 00,047,360 | ---- | M] (VSO Software)
pcouffin.cat -> %AppData%\pcouffin.cat -> [2008/11/20 00:29:20 | 00,007,887 | ---- | M] ()
pcouffin.inf -> %AppData%\pcouffin.inf -> [2008/11/20 00:29:20 | 00,001,144 | ---- | M] ()
jfjfsvtouatumih.exe -> %SystemRoot%\System32\jfjfsvtouatumih.exe -> [2008/11/18 18:41:04 | 00,047,584 | ---- | M] ()
Maintenance en 1 clic.job -> %SystemRoot%\tasks\Maintenance en 1 clic.job -> [2008/11/14 17:17:14 | 00,000,408 | ---- | M] ()
iesvcmon1.exe -> %SystemRoot%\System32\iesvcmon1.exe -> [2008/11/13 23:15:20 | 01,515,520 | ---- | M] (System Service)
nc605007.exe -> %SystemRoot%\nc605007.exe -> [2008/11/13 23:15:20 | 00,473,088 | ---- | M] ()
Raccourci vers LimeWire.lnk -> %UserProfile%\Bureau\Raccourci vers LimeWire.lnk -> [2008/11/13 23:08:52 | 00,000,337 | ---- | M] ()
CCleaner.lnk -> %UserProfile%\Bureau\CCleaner.lnk -> [2008/11/13 23:01:28 | 00,001,464 | ---- | M] ()
PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [2008/11/11 14:54:00 | 00,782,748 | ---- | M] ()
perfh00C.dat -> %SystemRoot%\System32\perfh00C.dat -> [2008/11/11 14:54:00 | 00,371,070 | ---- | M] ()
perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [2008/11/11 14:54:00 | 00,314,842 | ---- | M] ()
perfc00C.dat -> %SystemRoot%\System32\perfc00C.dat -> [2008/11/11 14:54:00 | 00,049,932 | ---- | M] ()
perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [2008/11/11 14:54:00 | 00,041,170 | ---- | M] ()
AegisI5Installer.exe -> %SystemRoot%\System32\AegisI5Installer.exe -> [2008/11/11 14:15:04 | 00,319,488 | ---- | M] ()
IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [2008/11/11 14:00:10 | 06,958,444 | -H-- | M] ()
ItDb.enc -> %AppData%\ItDb.enc -> [2008/11/08 09:28:18 | 00,000,048 | ---- | M] ()
[CatchMe Rootkit Scan by GMER]
< Windows folder & sub-folders >
scanning hidden processes ...
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
< Document and Settings folder & sub folders >
scanning hidden files ...
scan completed successfully
hidden files: 0
< End of report >
[/code]
Voila.
encore merci! |
|
Posté le 06/12/2008 à 14:24 |
| re as tu vu?
* Télécharge ToolBar-S&D ( Merci à Eric_71, Angeldark, Sham_Rock et XmichouX )
- Double-clique sur ToolBar-SD afin de lancer l'installation, un raccourci sera ajouté sur le Bureau.
- Double-clique dessus pour démarrer l'outil; choisis la langue.
- Sous Vista, fais un clic droit et "Exécuter en tant qu'administrateur" (Elévation des privilèges), puis -> Continuer.
- Tape 1 puis sur la touche [Entrée] afin de lancer la recherche.
- Patiente jusqu'à la fin de la recherche.
- À la fin du scan, le rapport s'ouvrira dans le Bloc-notes.
- Poste ce rapport, par copier/coller, dans ta prochaine réponse.
- Le rapport se trouve également sous : C:\TB.txt
** Aide en images
|
|
Posté le 06/12/2008 à 16:42 |
| re
où en es tu? tu es pas mal infecté!!j'attends ton rapport de scan pour la suite  |
|
Posté le 07/12/2008 à 11:48 |
Petit astucien
| Bonjour, désolé de ne répondre qu'aujourd'hui mais ma journée d'hier a été plutôt chargée.
Alors voila mon rapport de ToolBar S&D:
-----------\\ ToolBar S&D 1.2.6 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU T5600 @ 1.83GHz )
BIOS : Default System BIOS
USER : Noric ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Anti-Virus 7.0.0.125 (Activated)
Firewall : Norton Internet Security 2005 (Activated)
C:\ (Local Disk) - FAT32 - Total:55 Go (Free:11 Go)
D:\ (Local Disk) - FAT32 - Total:37 Go (Free:18 Go)
E:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )
Option : [1] ( 07/12/2008|11:45 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\DOCUME~1\NORIC\APPLIC~1\Dealio
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\temp
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\temp\dod_cache.xml
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\temp\dealio-14216.log
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\temp\dealio-14217.log
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\temp\dealio-14219.log
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\temp\_toolbar_tmp_2104_2108_5.html
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\man_toolbar.js
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\alerts.gif
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\alerts_over.gif
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\alerts_rec.gif
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\alerts_rec_over.gif
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\chevron-small.gif
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\deal_report.jpg
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\DealioSearch.html
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\deals-leftcap.gif
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\err_mainwindow.html
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\err_toolbar.html
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\global_scripts.js
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\headerbgthin.jpg
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\highlight-bg.png
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\logo.gif
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\logo_over.gif
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\man_toolbar.css
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\post-this-deal.gif
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\post-this-deal_over.gif
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\scripts.js
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\scroller.js
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\search_bg_blink.gif
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\search-chevron.gif
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\search-chevron_over.gif
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\separator.gif
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\settings.gif
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\settings_over.gif
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\man_toolbar.html
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\ebay_login.jpg
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\man_toolbarl.js
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\res\yahoo-search.png
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\index.76.35
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.10.76
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.109.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.110.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.12.52
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.13.58
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.130.58
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.135.50
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.153.44
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.155.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.156.49
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.16.60
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.161.52
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.178.66
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.184.55
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.188.52
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.189.45
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.196.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.198.56
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.199.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.200.53
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.201.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.202.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.203.71
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.205.62
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.213.71
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.214.49
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.215.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.216.67
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.217.67
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.218.52
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.219.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.220.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.221.57
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.222.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.223.68
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.226.68
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.227.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.228.62
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.229.76
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.23.63
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.239.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.24.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.240.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.241.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.242.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.243.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.244.63
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.245.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.247.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.248.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.249.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.250.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.251.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.252.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.253.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.254.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.255.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.256.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.257.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.279.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.28.58
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.282.75
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.283.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.284.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.289.67
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.290.62
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.291.61
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.296.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.297.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.304.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.307.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.308.75
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.31.47
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.310.46
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.311.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.315.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.316.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.317.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.318.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.319.49
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.32.48
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.334.44
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.335.60
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.336.44
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.337.44
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.338.75
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.339.47
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.34.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.340.47
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.341.47
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.349.50
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.35.48
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.350.50
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.351.51
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.352.54
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.353.51
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.354.51
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.357.62
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.358.52
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.359.52
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.360.53
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.361.54
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.362.68
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.363.58
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.364.54
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.365.53
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.367.56
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.368.58
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.369.55
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.370.56
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.371.56
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.372.57
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.373.55
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.375.56
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.376.57
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.377.55
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.378.65
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.384.58
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.386.71
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.387.59
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.388.59
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.389.59
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.390.60
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.391.60
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.392.60
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.393.60
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.394.60
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.396.61
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.397.61
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.398.60
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.399.60
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.403.61
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.404.63
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.405.61
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.406.61
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.407.76
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.408.63
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.409.61
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.412.62
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.413.62
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.414.62
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.415.62
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.416.62
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.417.62
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.418.62
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.419.62
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.420.62
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.421.62
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.423.63
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.424.63
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.425.63
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.426.63
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.427.63
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.428.65
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.429.63
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.430.63
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.432.65
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.433.64
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.434.65
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.435.64
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.436.76
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.437.64
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.438.71
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.439.71
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.440.75
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.442.73
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.443.73
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.444.73
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.445.68
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.446.69
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.450.67
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.451.67
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.452.68
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.453.68
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.454.69
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.456.69
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.457.75
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.458.70
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.459.70
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.460.69
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.462.74
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.463.69
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.464.70
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.465.68
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.468.70
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.469.70
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.470.70
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.471.73
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.472.70
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.478.74
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.479.73
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.480.68
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.481.71
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.482.74
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.49.67
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.50.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.500.71
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.501.74
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.502.71
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.51.69
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.52.72
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.520.76
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.521.76
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.522.76
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.53.51
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.531.76
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.532.75
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.534.75
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.54.47
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.55.45
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.56.69
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.57.43
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.58.47
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.593.76
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.595.76
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.63.57
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.66.47
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.70.75
C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127\rules\rules.1.71.43
C:\Program Files\Dealio
C:\Program Files\Dealio\kb127
C:\Program Files\Dealio\DealioAU.exe
C:\Program Files\Dealio\SearchSettingsKit.exe
C:\Program Files\Dealio\kb127\res
C:\Program Files\Dealio\kb127\resDN
C:\Program Files\Dealio\kb127\rules
C:\Program Files\Dealio\kb127\temp
C:\Program Files\Dealio\kb127\Dealio.dll
C:\Program Files\Dealio\kb127\Dealio Deskbar.exe
C:\Program Files\Dealio\kb127\DealioRes409.dll
C:\Program Files\Dealio\kb127\res\man_toolbar.js
C:\Program Files\Dealio\kb127\res\alerts.gif
C:\Program Files\Dealio\kb127\res\alerts_over.gif
C:\Program Files\Dealio\kb127\res\alerts_rec.gif
C:\Program Files\Dealio\kb127\res\alerts_rec_over.gif
C:\Program Files\Dealio\kb127\res\chevron-small.gif
C:\Program Files\Dealio\kb127\res\deal_report.jpg
C:\Program Files\Dealio\kb127\res\DealioSearch.html
C:\Program Files\Dealio\kb127\res\deals-leftcap.gif
C:\Program Files\Dealio\kb127\res\err_mainwindow.html
C:\Program Files\Dealio\kb127\res\err_toolbar.html
C:\Program Files\Dealio\kb127\res\global_scripts.js
C:\Program Files\Dealio\kb127\res\headerbgthin.jpg
C:\Program Files\Dealio\kb127\res\highlight-bg.png
C:\Program Files\Dealio\kb127\res\logo.gif
C:\Program Files\Dealio\kb127\res\logo_over.gif
C:\Program Files\Dealio\kb127\res\man_toolbar.css
C:\Program Files\Dealio\kb127\res\post-this-deal.gif
C:\Program Files\Dealio\kb127\res\post-this-deal_over.gif
C:\Program Files\Dealio\kb127\res\scripts.js
C:\Program Files\Dealio\kb127\res\scroller.js
C:\Program Files\Dealio\kb127\res\search_bg_blink.gif
C:\Program Files\Dealio\kb127\res\search-chevron.gif
C:\Program Files\Dealio\kb127\res\search-chevron_over.gif
C:\Program Files\Dealio\kb127\res\separator.gif
C:\Program Files\Dealio\kb127\res\settings.gif
C:\Program Files\Dealio\kb127\res\settings_over.gif
C:\Program Files\Dealio\kb127\res\man_toolbar.html
C:\Program Files\Dealio\kb127\res\ebay_login.jpg
C:\Program Files\Dealio\kb127\res\man_toolbarl.js
C:\Program Files\Dealio\kb127\res\yahoo-search.png
C:\Program Files\Dealio\kb127\resDN\bottom.gif
C:\Program Files\Dealio\kb127\resDN\chevron_down.gif
C:\Program Files\Dealio\kb127\resDN\chevron_up.gif
C:\Program Files\Dealio\kb127\resDN\close.gif
C:\Program Files\Dealio\kb127\resDN\deskbar.css
C:\Program Files\Dealio\kb127\resDN\deskbar.js
C:\Program Files\Dealio\kb127\resDN\dispatch_helper.js
C:\Program Files\Dealio\kb127\resDN\ebay_compatible.jpg
C:\Program Files\Dealio\kb127\resDN\logo.gif
C:\Program Files\Dealio\kb127\resDN\logo_chevron_bkg.gif
C:\Program Files\Dealio\kb127\resDN\menu_arrow.gif
C:\Program Files\Dealio\kb127\resDN\menu_check.gif
C:\Program Files\Dealio\kb127\resDN\prod_img.gif
C:\Program Files\Dealio\kb127\resDN\search_chevron.gif
C:\Program Files\Dealio\kb127\resDN\spacer.gif
C:\Program Files\Dealio\kb127\resDN\textfield_bkg.gif
C:\Program Files\Dealio\kb127\resDN\top.gif
C:\Program Files\Dealio\kb127\resDN\unknown.gif
C:\Program Files\Dealio\kb127\resDN\man_deskbar.html
C:\Program Files\Dealio\kb127\resDN\losing.gif
C:\Program Files\Dealio\kb127\resDN\lost.gif
C:\Program Files\Dealio\kb127\resDN\no_image.gif
C:\Program Files\Dealio\kb127\resDN\winning.gif
C:\Program Files\Dealio\kb127\resDN\won.gif
C:\Program Files\Dealio\kb127\rules\index.76.35
C:\Program Files\Dealio\kb127\rules\rules.1.10.76
C:\Program Files\Dealio\kb127\rules\rules.1.109.43
C:\Program Files\Dealio\kb127\rules\rules.1.110.43
C:\Program Files\Dealio\kb127\rules\rules.1.12.52
C:\Program Files\Dealio\kb127\rules\rules.1.13.58
C:\Program Files\Dealio\kb127\rules\rules.1.130.58
C:\Program Files\Dealio\kb127\rules\rules.1.135.50
C:\Program Files\Dealio\kb127\rules\rules.1.153.44
C:\Program Files\Dealio\kb127\rules\rules.1.155.43
C:\Program Files\Dealio\kb127\rules\rules.1.156.49
C:\Program Files\Dealio\kb127\rules\rules.1.16.60
C:\Program Files\Dealio\kb127\rules\rules.1.161.52
C:\Program Files\Dealio\kb127\rules\rules.1.178.66
C:\Program Files\Dealio\kb127\rules\rules.1.184.55
C:\Program Files\Dealio\kb127\rules\rules.1.188.52
C:\Program Files\Dealio\kb127\rules\rules.1.189.45
C:\Program Files\Dealio\kb127\rules\rules.1.196.43
C:\Program Files\Dealio\kb127\rules\rules.1.198.56
C:\Program Files\Dealio\kb127\rules\rules.1.199.43
C:\Program Files\Dealio\kb127\rules\rules.1.200.53
C:\Program Files\Dealio\kb127\rules\rules.1.201.43
C:\Program Files\Dealio\kb127\rules\rules.1.202.43
C:\Program Files\Dealio\kb127\rules\rules.1.203.71
C:\Program Files\Dealio\kb127\rules\rules.1.205.62
C:\Program Files\Dealio\kb127\rules\rules.1.213.71
C:\Program Files\Dealio\kb127\rules\rules.1.214.49
C:\Program Files\Dealio\kb127\rules\rules.1.215.43
C:\Program Files\Dealio\kb127\rules\rules.1.216.67
C:\Program Files\Dealio\kb127\rules\rules.1.217.67
C:\Program Files\Dealio\kb127\rules\rules.1.218.52
C:\Program Files\Dealio\kb127\rules\rules.1.219.43
C:\Program Files\Dealio\kb127\rules\rules.1.220.43
C:\Program Files\Dealio\kb127\rules\rules.1.221.57
C:\Program Files\Dealio\kb127\rules\rules.1.222.43
C:\Program Files\Dealio\kb127\rules\rules.1.223.68
C:\Program Files\Dealio\kb127\rules\rules.1.226.68
C:\Program Files\Dealio\kb127\rules\rules.1.227.43
C:\Program Files\Dealio\kb127\rules\rules.1.228.62
C:\Program Files\Dealio\kb127\rules\rules.1.229.76
C:\Program Files\Dealio\kb127\rules\rules.1.23.63
C:\Program Files\Dealio\kb127\rules\rules.1.239.43
C:\Program Files\Dealio\kb127\rules\rules.1.24.43
C:\Program Files\Dealio\kb127\rules\rules.1.240.43
C:\Program Files\Dealio\kb127\rules\rules.1.241.43
C:\Program Files\Dealio\kb127\rules\rules.1.242.43
C:\Program Files\Dealio\kb127\rules\rules.1.243.43
C:\Program Files\Dealio\kb127\rules\rules.1.244.63
C:\Program Files\Dealio\kb127\rules\rules.1.245.43
C:\Program Files\Dealio\kb127\rules\rules.1.247.43
C:\Program Files\Dealio\kb127\rules\rules.1.248.43
C:\Program Files\Dealio\kb127\rules\rules.1.249.43
C:\Program Files\Dealio\kb127\rules\rules.1.250.43
C:\Program Files\Dealio\kb127\rules\rules.1.251.43
C:\Program Files\Dealio\kb127\rules\rules.1.252.43
C:\Program Files\Dealio\kb127\rules\rules.1.253.43
C:\Program Files\Dealio\kb127\rules\rules.1.254.43
C:\Program Files\Dealio\kb127\rules\rules.1.255.43
C:\Program Files\Dealio\kb127\rules\rules.1.256.43
C:\Program Files\Dealio\kb127\rules\rules.1.257.43
C:\Program Files\Dealio\kb127\rules\rules.1.279.43
C:\Program Files\Dealio\kb127\rules\rules.1.28.58
C:\Program Files\Dealio\kb127\rules\rules.1.282.75
C:\Program Files\Dealio\kb127\rules\rules.1.283.43
C:\Program Files\Dealio\kb127\rules\rules.1.284.43
C:\Program Files\Dealio\kb127\rules\rules.1.289.67
C:\Program Files\Dealio\kb127\rules\rules.1.290.62
C:\Program Files\Dealio\kb127\rules\rules.1.291.61
C:\Program Files\Dealio\kb127\rules\rules.1.296.43
C:\Program Files\Dealio\kb127\rules\rules.1.297.43
C:\Program Files\Dealio\kb127\rules\rules.1.304.43
C:\Program Files\Dealio\kb127\rules\rules.1.307.43
C:\Program Files\Dealio\kb127\rules\rules.1.308.75
C:\Program Files\Dealio\kb127\rules\rules.1.31.47
C:\Program Files\Dealio\kb127\rules\rules.1.310.46
C:\Program Files\Dealio\kb127\rules\rules.1.311.43
C:\Program Files\Dealio\kb127\rules\rules.1.315.43
C:\Program Files\Dealio\kb127\rules\rules.1.316.43
C:\Program Files\Dealio\kb127\rules\rules.1.317.43
C:\Program Files\Dealio\kb127\rules\rules.1.318.43
C:\Program Files\Dealio\kb127\rules\rules.1.319.49
C:\Program Files\Dealio\kb127\rules\rules.1.32.48
C:\Program Files\Dealio\kb127\rules\rules.1.334.44
C:\Program Files\Dealio\kb127\rules\rules.1.335.60
C:\Program Files\Dealio\kb127\rules\rules.1.336.44
C:\Program Files\Dealio\kb127\rules\rules.1.337.44
C:\Program Files\Dealio\kb127\rules\rules.1.338.75
C:\Program Files\Dealio\kb127\rules\rules.1.339.47
C:\Program Files\Dealio\kb127\rules\rules.1.34.43
C:\Program Files\Dealio\kb127\rules\rules.1.340.47
C:\Program Files\Dealio\kb127\rules\rules.1.341.47
C:\Program Files\Dealio\kb127\rules\rules.1.349.50
C:\Program Files\Dealio\kb127\rules\rules.1.35.48
C:\Program Files\Dealio\kb127\rules\rules.1.350.50
C:\Program Files\Dealio\kb127\rules\rules.1.351.51
C:\Program Files\Dealio\kb127\rules\rules.1.352.54
C:\Program Files\Dealio\kb127\rules\rules.1.353.51
C:\Program Files\Dealio\kb127\rules\rules.1.354.51
C:\Program Files\Dealio\kb127\rules\rules.1.357.62
C:\Program Files\Dealio\kb127\rules\rules.1.358.52
C:\Program Files\Dealio\kb127\rules\rules.1.359.52
C:\Program Files\Dealio\kb127\rules\rules.1.360.53
C:\Program Files\Dealio\kb127\rules\rules.1.361.54
C:\Program Files\Dealio\kb127\rules\rules.1.362.68
C:\Program Files\Dealio\kb127\rules\rules.1.363.58
C:\Program Files\Dealio\kb127\rules\rules.1.364.54
C:\Program Files\Dealio\kb127\rules\rules.1.365.53
C:\Program Files\Dealio\kb127\rules\rules.1.367.56
C:\Program Files\Dealio\kb127\rules\rules.1.368.58
C:\Program Files\Dealio\kb127\rules\rules.1.369.55
C:\Program Files\Dealio\kb127\rules\rules.1.370.56
C:\Program Files\Dealio\kb127\rules\rules.1.371.56
C:\Program Files\Dealio\kb127\rules\rules.1.372.57
C:\Program Files\Dealio\kb127\rules\rules.1.373.55
C:\Program Files\Dealio\kb127\rules\rules.1.375.56
C:\Program Files\Dealio\kb127\rules\rules.1.376.57
C:\Program Files\Dealio\kb127\rules\rules.1.377.55
C:\Program Files\Dealio\kb127\rules\rules.1.378.65
C:\Program Files\Dealio\kb127\rules\rules.1.384.58
C:\Program Files\Dealio\kb127\rules\rules.1.386.71
C:\Program Files\Dealio\kb127\rules\rules.1.387.59
C:\Program Files\Dealio\kb127\rules\rules.1.388.59
C:\Program Files\Dealio\kb127\rules\rules.1.389.59
C:\Program Files\Dealio\kb127\rules\rules.1.390.60
C:\Program Files\Dealio\kb127\rules\rules.1.391.60
C:\Program Files\Dealio\kb127\rules\rules.1.392.60
C:\Program Files\Dealio\kb127\rules\rules.1.393.60
C:\Program Files\Dealio\kb127\rules\rules.1.394.60
C:\Program Files\Dealio\kb127\rules\rules.1.396.61
C:\Program Files\Dealio\kb127\rules\rules.1.397.61
C:\Program Files\Dealio\kb127\rules\rules.1.398.60
C:\Program Files\Dealio\kb127\rules\rules.1.399.60
C:\Program Files\Dealio\kb127\rules\rules.1.403.61
C:\Program Files\Dealio\kb127\rules\rules.1.404.63
C:\Program Files\Dealio\kb127\rules\rules.1.405.61
C:\Program Files\Dealio\kb127\rules\rules.1.406.61
C:\Program Files\Dealio\kb127\rules\rules.1.407.76
C:\Program Files\Dealio\kb127\rules\rules.1.408.63
C:\Program Files\Dealio\kb127\rules\rules.1.409.61
C:\Program Files\Dealio\kb127\rules\rules.1.412.62
C:\Program Files\Dealio\kb127\rules\rules.1.413.62
C:\Program Files\Dealio\kb127\rules\rules.1.414.62
C:\Program Files\Dealio\kb127\rules\rules.1.415.62
C:\Program Files\Dealio\kb127\rules\rules.1.416.62
C:\Program Files\Dealio\kb127\rules\rules.1.417.62
C:\Program Files\Dealio\kb127\rules\rules.1.418.62
C:\Program Files\Dealio\kb127\rules\rules.1.419.62
C:\Program Files\Dealio\kb127\rules\rules.1.420.62
C:\Program Files\Dealio\kb127\rules\rules.1.421.62
C:\Program Files\Dealio\kb127\rules\rules.1.423.63
C:\Program Files\Dealio\kb127\rules\rules.1.424.63
C:\Program Files\Dealio\kb127\rules\rules.1.425.63
C:\Program Files\Dealio\kb127\rules\rules.1.426.63
C:\Program Files\Dealio\kb127\rules\rules.1.427.63
C:\Program Files\Dealio\kb127\rules\rules.1.428.65
C:\Program Files\Dealio\kb127\rules\rules.1.429.63
C:\Program Files\Dealio\kb127\rules\rules.1.430.63
C:\Program Files\Dealio\kb127\rules\rules.1.432.65
C:\Program Files\Dealio\kb127\rules\rules.1.433.64
C:\Program Files\Dealio\kb127\rules\rules.1.434.65
C:\Program Files\Dealio\kb127\rules\rules.1.435.64
C:\Program Files\Dealio\kb127\rules\rules.1.436.76
C:\Program Files\Dealio\kb127\rules\rules.1.437.64
C:\Program Files\Dealio\kb127\rules\rules.1.438.71
C:\Program Files\Dealio\kb127\rules\rules.1.439.71
C:\Program Files\Dealio\kb127\rules\rules.1.440.75
C:\Program Files\Dealio\kb127\rules\rules.1.442.73
C:\Program Files\Dealio\kb127\rules\rules.1.443.73
C:\Program Files\Dealio\kb127\rules\rules.1.444.73
C:\Program Files\Dealio\kb127\rules\rules.1.445.68
C:\Program Files\Dealio\kb127\rules\rules.1.446.69
C:\Program Files\Dealio\kb127\rules\rules.1.450.67
C:\Program Files\Dealio\kb127\rules\rules.1.451.67
C:\Program Files\Dealio\kb127\rules\rules.1.452.68
C:\Program Files\Dealio\kb127\rules\rules.1.453.68
C:\Program Files\Dealio\kb127\rules\rules.1.454.69
C:\Program Files\Dealio\kb127\rules\rules.1.456.69
C:\Program Files\Dealio\kb127\rules\rules.1.457.75
C:\Program Files\Dealio\kb127\rules\rules.1.458.70
C:\Program Files\Dealio\kb127\rules\rules.1.459.70
C:\Program Files\Dealio\kb127\rules\rules.1.460.69
C:\Program Files\Dealio\kb127\rules\rules.1.462.74
C:\Program Files\Dealio\kb127\rules\rules.1.463.69
C:\Program Files\Dealio\kb127\rules\rules.1.464.70
C:\Program Files\Dealio\kb127\rules\rules.1.465.68
C:\Program Files\Dealio\kb127\rules\rules.1.468.70
C:\Program Files\Dealio\kb127\rules\rules.1.469.70
C:\Program Files\Dealio\kb127\rules\rules.1.470.70
C:\Program Files\Dealio\kb127\rules\rules.1.471.73
C:\Program Files\Dealio\kb127\rules\rules.1.472.70
C:\Program Files\Dealio\kb127\rules\rules.1.478.74
C:\Program Files\Dealio\kb127\rules\rules.1.479.73
C:\Program Files\Dealio\kb127\rules\rules.1.480.68
C:\Program Files\Dealio\kb127\rules\rules.1.481.71
C:\Program Files\Dealio\kb127\rules\rules.1.482.74
C:\Program Files\Dealio\kb127\rules\rules.1.49.67
C:\Program Files\Dealio\kb127\rules\rules.1.50.43
C:\Program Files\Dealio\kb127\rules\rules.1.500.71
C:\Program Files\Dealio\kb127\rules\rules.1.501.74
C:\Program Files\Dealio\kb127\rules\rules.1.502.71
C:\Program Files\Dealio\kb127\rules\rules.1.51.69
C:\Program Files\Dealio\kb127\rules\rules.1.52.72
C:\Program Files\Dealio\kb127\rules\rules.1.520.76
C:\Program Files\Dealio\kb127\rules\rules.1.521.76
C:\Program Files\Dealio\kb127\rules\rules.1.522.76
C:\Program Files\Dealio\kb127\rules\rules.1.53.51
C:\Program Files\Dealio\kb127\rules\rules.1.531.76
C:\Program Files\Dealio\kb127\rules\rules.1.532.75
C:\Program Files\Dealio\kb127\rules\rules.1.534.75
C:\Program Files\Dealio\kb127\rules\rules.1.54.47
C:\Program Files\Dealio\kb127\rules\rules.1.55.45
C:\Program Files\Dealio\kb127\rules\rules.1.56.69
C:\Program Files\Dealio\kb127\rules\rules.1.57.43
C:\Program Files\Dealio\kb127\rules\rules.1.58.47
C:\Program Files\Dealio\kb127\rules\rules.1.593.76
C:\Program Files\Dealio\kb127\rules\rules.1.595.76
C:\Program Files\Dealio\kb127\rules\rules.1.63.57
C:\Program Files\Dealio\kb127\rules\rules.1.66.47
C:\Program Files\Dealio\kb127\rules\rules.1.70.75
C:\Program Files\Dealio\kb127\rules\rules.1.71.43
C:\WINDOWS\Prefetch\DEALIOAU.EXE-32C4A05D.pf
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\Dealio
C:\WINDOWS\Prefetch\SEARCHSETTINGS.EXE-253CB611.pf
C:\DOCUME~1\NORIC\APPLIC~1\Search Settings
C:\DOCUME~1\NORIC\APPLIC~1\Search Settings\kb127
C:\DOCUME~1\NORIC\APPLIC~1\Search Settings\kb127\temp
C:\DOCUME~1\NORIC\APPLIC~1\Search Settings\kb127\res
C:\DOCUME~1\NORIC\APPLIC~1\Search Settings\kb127\temp\ws-14217.log
C:\DOCUME~1\NORIC\APPLIC~1\Search Settings\kb127\temp\ws-14219.log
C:\DOCUME~1\NORIC\APPLIC~1\Search Settings\kb127\temp\ws-14220.log
C:\Program Files\Search Settings
C:\Program Files\Search Settings\kb127
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Search Settings\kb127\res
C:\Program Files\Search Settings\kb127\temp
C:\Program Files\Search Settings\kb127\SearchSettings.dll
C:\Program Files\Search Settings\kb127\SearchSettingsRes409.dll
C:\WINDOWS\iun6002.exe
-----------\\ Extensions
(Noric) - {987311C6-B504-4aa2-90BF-60CC49808D42} => bugmenot
(Noric) - {097d3191-e6fa-4728-9826-b533d755359d} => aios
(Noric) - {fce36c1e-58d8-498a-b2a5-66ad1cedebbb} => customizegoogle
(Noric) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.com/"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Bar"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.asus.com"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\NORIC\Mes documents\LimeWire\Incomplete\7FGOLIS4TAUNAKFLS7PNI7Y672NNTCRW\Cubase Studio 4 iso mac-pc -no crack-
C:\DOCUME~1\NORIC\Mes documents\LimeWire\Incomplete\7FGOLIS4TAUNAKFLS7PNI7Y672NNTCRW\.datCubase Studio 4 iso mac-pc -no crack-
C:\DOCUME~1\NORIC\Mes documents\LimeWire\Incomplete\7FGOLIS4TAUNAKFLS7PNI7Y672NNTCRW\Cubase Studio 4 iso mac-pc -no crack-\Cubase Studio 4 hybrid by sKizZo LFS cReW.iso
C:\DOCUME~1\NORIC\Mes documents\LimeWire\Incomplete\7FGOLIS4TAUNAKFLS7PNI7Y672NNTCRW\Cubase Studio 4 iso mac-pc -no crack-\Torrent downloaded from Demonoid.com.txt
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php.htm
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\ads_data_002
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\aireplay-sending-authtification-request.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\injection_graph_func.js
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\airmon-ng.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\show_ads.js
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\airmon-ng_002.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\iwconfig-changer-clef-wep2.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\ethereal-ip-trouver-plein.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\acceuil-bt2-mini.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\login-bt2.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\urchin.js
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\airodump-ng-injection-start.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\aireplay-ng-3-millieu.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\iwconfig-ath0.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\aireplay-ng-attente-ARP.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\ethereal-config-clef-wep-pr-decrypter-paquets.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\flechefaq.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\ifconfig-changer-adresse-mac.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\airodump-ng-channel2.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\airodump-ng-180k.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\drapeau-en.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\aireplay-ng-fakeauth-60s.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\iwconfig.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\ifconfig-airmon-ng.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\aircrack-key-found.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\airodump-lien-pour-parametre-de-aireplay.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\aireplay-ng-ARP-injection.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\iwconfig-passage-mode-managed.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\ethereal-config-options-capture.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\install-ptw-2.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\header-tuto-fr.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\console.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\style.css
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\aircrack-selection-reseau.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\ethereal-capture-paquets-en-cour.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\ethereal-paquet-decrypter-ip-trouve.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\airodump-ng-1.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\aircrack-crack-en-court.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\install-ptw-3.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\airodump-exemple-reseau-wifi-non-crypte.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\aircrack-ptw-45k.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\install-ptw1.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\hit.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\x-click-but04.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\pixel.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\ads.htm
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\ads_002.htm
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\Thumbs.db
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\ads_data_002\imgad.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\ads_data_002\Thumbs.db
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\commview wifi 5.6
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\CommView.for.WiFi.v5.2.484
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\CommView for WiFi - WEP Key Recovery [WEPKR]
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\Commview wifi 5.4
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\commview wifi 5.6\ReadMe.txt
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\commview wifi 5.6\setup.exe
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\CommView.for.WiFi.v5.2.484\crack
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\CommView.for.WiFi.v5.2.484\file_id.diz
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\CommView.for.WiFi.v5.2.484\readme.txt
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\CommView.for.WiFi.v5.2.484\setup.exe
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\CommView.for.WiFi.v5.2.484\ssg.nfo
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\CommView.for.WiFi.v5.2.484\crack\cv.exe
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\CommView for WiFi - WEP Key Recovery [WEPKR]\Tsft Wepkr.exe
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\CommView for WiFi - WEP Key Recovery [WEPKR]\WEP Key Recovery [WEPKR].pdf
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\Commview wifi 5.4\ReadMe.txt
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\Commview wifi 5.4\setup.exe
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\airmon-ng
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\AUTHORS
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\bin
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\ChangeLog
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\evalrev
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\INSTALLING
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\LICENSE
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\Makefile.cygwin
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\README
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\test
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\VERSION
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\bin\Aircrack-ng GUI.exe
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\bin\aircrack-ng.exe
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\bin\airdecap-ng.exe
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\bin\airodump-ng.exe
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\bin\cygwin1.dll
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\bin\ivstools.exe
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\bin\kstats.exe
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\bin\makeivs.exe
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\bin\msvcr70.dll
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\bin\packetforge-ng.exe
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\bin\wzcook.exe
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\aircrack-ng.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\aircrack-ng.h
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\aircrack-ptw-lib.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\aircrack-ptw-lib.h
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airdecap-ng.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\common.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\crc.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\crctable.h
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\crypto.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\crypto.h
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\ivstools.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\kstats.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\packetforge-ng.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\pcap.h
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\sha1-mmx.S
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\uniqueiv.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\version.h
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\wzcook
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek\airodump-ng.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek\airodump-ng.dsp
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek\airodump-ng.dsw
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek\airodump-ng.ico
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek\airodump-ng.rc
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek\capture.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek\capture.h
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek\console.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek\console.h
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek\pcap.h
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek\resource.h
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek\timeval.h
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek\uniqueiv.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek\version.h
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng.sln
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng.suo
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng\Aircrack-ng.csproj
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng\Aircrack-ng.csproj.user
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng\Form1.cs
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng\Form1.Designer.cs
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng\Form1.resx
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng\Program.cs
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng\Properties
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng\Properties\AssemblyInfo.cs
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng\Properties\Resources.Designer.cs
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng\Properties\Resources.resx
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng\Properties\Settings.Designer.cs
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng\Properties\Settings.settings
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\wzcook\console.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\wzcook\console.h
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\wzcook\resource.h
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\wzcook\wzcook.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\wzcook\wzcook.dsp
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\wzcook\wzcook.dsw
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\wzcook\wzcook.ico
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\wzcook\wzcook.rc
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\test\makeivs.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\test\password.lst
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\test\wep.open.system.authentication.cap
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\test\wep.shared.key.authentication.cap
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\test\wpa.cap
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\test\wpa2.eapol.cap
C:\DOCUME~1\ALLUSE~1\Menu D‚marrer\Programmes\CrackWepPack
C:\DOCUME~1\ALLUSE~1\Menu D‚marrer\Programmes\CrackWepPack\Etherchange.lnk
C:\DOCUME~1\ALLUSE~1\Menu D‚marrer\Programmes\CrackWepPack\Installation de Ethereal.lnk
C:\DOCUME~1\ALLUSE~1\Menu D‚marrer\Programmes\CrackWepPack\WlanDrv.lnk
C:\DOCUME~1\ALLUSE~1\Menu D‚marrer\Programmes\CrackWepPack\Page d'accueil de Support de CrackWepPack.lnk
C:\DOCUME~1\ALLUSE~1\Menu D‚marrer\Programmes\CrackWepPack\D‚sinstaller CrackWepPack.lnk
1 - "C:\ToolBar SD\TB_1.txt" - 07/12/2008|11:47 - Option : [1]
-----------\\ Fin du rapport a 11:47:43,07
merci pour votre aide! |
|
Posté le 07/12/2008 à 17:48 |
| oups, beaucoup de cracks ==> sources d'infections!!! 
on continue
Important! Désactive ton antivirus / antispyware résident / TeaTimer de Spybot (si présent et actif) - Aide en images
* Double clique sur le raccourci de ToolBarSD présent sur ton bureau. Sous Vista : clic droit -> Exécuter en tant qu'administrateur.
- Au menu principal, choisis l'option 2 et valide par la touche [Entrée].
/!\ Ne ferme pas la fenêtre lors de la suppression /!\
- Un rapport sera généré. Poste ce rapport avec un rapport RSIT et un rapport OTScanIT
Note : Pour les utilisateurs de Vista, ToolBar-SD se charge de désactiver le "Contrôle des comptes utilisateurs" (UAC), il va redémarrer l'ordinateur et réactiver l'UAC.
|
|
Posté le 07/12/2008 à 23:51 |
Petit astucien
| voila mon rapport de toolbar:
-----------\\ ToolBar S&D 1.2.6 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU T5600 @ 1.83GHz )
BIOS : Default System BIOS
USER : Noric ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Anti-Virus 7.0.0.125 (Activated)
Firewall : Norton Internet Security 2005 (Activated)
C:\ (Local Disk) - FAT32 - Total:55 Go (Free:11 Go)
D:\ (Local Disk) - FAT32 - Total:37 Go (Free:18 Go)
E:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )
Option : [2] ( 07/12/2008|23:46 )
-----------\\ SUPPRESSION
Supprime! - C:\DOCUME~1\NORIC\APPLIC~1\Dealio\kb127
Supprime! - C:\Program Files\Dealio\kb127
Supprime! - C:\Program Files\Dealio\DealioAU.exe
Supprime! - C:\Program Files\Dealio\SearchSettingsKit.exe
Supprime! - C:\WINDOWS\Prefetch\DEALIOAU.EXE-32C4A05D.pf
Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\Dealio
Supprime! - C:\WINDOWS\Prefetch\SEARCHSETTINGS.EXE-253CB611.pf
Supprime! - C:\DOCUME~1\NORIC\APPLIC~1\Search Settings\kb127
Supprime! - C:\Program Files\Search Settings\kb127
Supprime! - C:\Program Files\Search Settings\SearchSettings.exe
Supprime! - C:\WINDOWS\iun6002.exe
Supprime! - C:\DOCUME~1\NORIC\APPLIC~1\Dealio
Supprime! - C:\Program Files\Dealio
Supprime! - C:\DOCUME~1\NORIC\APPLIC~1\Search Settings
Supprime! - C:\Program Files\Search Settings
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(Noric) - {987311C6-B504-4aa2-90BF-60CC49808D42} => bugmenot
(Noric) - {097d3191-e6fa-4728-9826-b533d755359d} => aios
(Noric) - {fce36c1e-58d8-498a-b2a5-66ad1cedebbb} => customizegoogle
(Noric) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.com/"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Bar"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.asus.com"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://www.msn.com/"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\NORIC\Mes documents\LimeWire\Incomplete\7FGOLIS4TAUNAKFLS7PNI7Y672NNTCRW\Cubase Studio 4 iso mac-pc -no crack-
C:\DOCUME~1\NORIC\Mes documents\LimeWire\Incomplete\7FGOLIS4TAUNAKFLS7PNI7Y672NNTCRW\.datCubase Studio 4 iso mac-pc -no crack-
C:\DOCUME~1\NORIC\Mes documents\LimeWire\Incomplete\7FGOLIS4TAUNAKFLS7PNI7Y672NNTCRW\Cubase Studio 4 iso mac-pc -no crack-\Cubase Studio 4 hybrid by sKizZo LFS cReW.iso
C:\DOCUME~1\NORIC\Mes documents\LimeWire\Incomplete\7FGOLIS4TAUNAKFLS7PNI7Y672NNTCRW\Cubase Studio 4 iso mac-pc -no crack-\Torrent downloaded from Demonoid.com.txt
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php.htm
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\ads_data_002
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\aireplay-sending-authtification-request.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\injection_graph_func.js
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\airmon-ng.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\show_ads.js
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\airmon-ng_002.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\iwconfig-changer-clef-wep2.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\ethereal-ip-trouver-plein.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\acceuil-bt2-mini.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\login-bt2.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\urchin.js
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\airodump-ng-injection-start.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\aireplay-ng-3-millieu.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\iwconfig-ath0.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\aireplay-ng-attente-ARP.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\ethereal-config-clef-wep-pr-decrypter-paquets.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\flechefaq.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\ifconfig-changer-adresse-mac.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\airodump-ng-channel2.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\airodump-ng-180k.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\drapeau-en.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\aireplay-ng-fakeauth-60s.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\iwconfig.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\ifconfig-airmon-ng.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\aircrack-key-found.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\airodump-lien-pour-parametre-de-aireplay.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\aireplay-ng-ARP-injection.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\iwconfig-passage-mode-managed.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\ethereal-config-options-capture.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\install-ptw-2.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\header-tuto-fr.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\console.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\style.css
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\aircrack-selection-reseau.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\ethereal-capture-paquets-en-cour.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\ethereal-paquet-decrypter-ip-trouve.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\airodump-ng-1.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\aircrack-crack-en-court.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\install-ptw-3.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\airodump-exemple-reseau-wifi-non-crypte.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\aircrack-ptw-45k.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\install-ptw1.png
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\hit.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\x-click-but04.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\pixel.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\ads.htm
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\ads_002.htm
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\Thumbs.db
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\ads_data_002\imgad.gif
C:\DOCUME~1\NORIC\Mes documents\Hacking\tutorial-crack-wep-aircrack.php_fichiers\ads_data_002\Thumbs.db
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\commview wifi 5.6
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\CommView.for.WiFi.v5.2.484
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\CommView for WiFi - WEP Key Recovery [WEPKR]
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\Commview wifi 5.4
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\commview wifi 5.6\ReadMe.txt
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\commview wifi 5.6\setup.exe
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\CommView.for.WiFi.v5.2.484\crack
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\CommView.for.WiFi.v5.2.484\file_id.diz
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\CommView.for.WiFi.v5.2.484\readme.txt
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\CommView.for.WiFi.v5.2.484\setup.exe
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\CommView.for.WiFi.v5.2.484\ssg.nfo
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\CommView.for.WiFi.v5.2.484\crack\cv.exe
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\CommView for WiFi - WEP Key Recovery [WEPKR]\Tsft Wepkr.exe
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\CommView for WiFi - WEP Key Recovery [WEPKR]\WEP Key Recovery [WEPKR].pdf
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\Commview wifi 5.4\ReadMe.txt
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\Winaircrack - CommView for WiFi crack WEP Key Recovery [WEPKR]\Commview wifi 5.4\setup.exe
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\airmon-ng
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\AUTHORS
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\bin
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\ChangeLog
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\evalrev
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\INSTALLING
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\LICENSE
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\Makefile.cygwin
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\README
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\test
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\VERSION
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\bin\Aircrack-ng GUI.exe
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\bin\aircrack-ng.exe
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\bin\airdecap-ng.exe
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\bin\airodump-ng.exe
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\bin\cygwin1.dll
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\bin\ivstools.exe
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\bin\kstats.exe
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\bin\makeivs.exe
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\bin\msvcr70.dll
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\bin\packetforge-ng.exe
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\bin\wzcook.exe
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\aircrack-ng.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\aircrack-ng.h
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\aircrack-ptw-lib.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\aircrack-ptw-lib.h
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airdecap-ng.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\common.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\crc.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\crctable.h
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\crypto.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\crypto.h
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\ivstools.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\kstats.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\packetforge-ng.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\pcap.h
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\sha1-mmx.S
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\uniqueiv.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\version.h
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\wzcook
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek\airodump-ng.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek\airodump-ng.dsp
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek\airodump-ng.dsw
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek\airodump-ng.ico
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek\airodump-ng.rc
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek\capture.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek\capture.h
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek\console.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek\console.h
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek\pcap.h
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek\resource.h
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek\timeval.h
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek\uniqueiv.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\airodump-ng-peek\version.h
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng.sln
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng.suo
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng\Aircrack-ng.csproj
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng\Aircrack-ng.csproj.user
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng\Form1.cs
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng\Form1.Designer.cs
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng\Form1.resx
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng\Program.cs
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng\Properties
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng\Properties\AssemblyInfo.cs
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng\Properties\Resources.Designer.cs
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng\Properties\Resources.resx
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng\Properties\Settings.Designer.cs
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\GUI\Aircrack-ng\Properties\Settings.settings
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\wzcook\console.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\wzcook\console.h
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\wzcook\resource.h
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\wzcook\wzcook.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\wzcook\wzcook.dsp
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\wzcook\wzcook.dsw
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\wzcook\wzcook.ico
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\src\wzcook\wzcook.rc
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\test\makeivs.c
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\test\password.lst
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\test\wep.open.system.authentication.cap
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\test\wep.shared.key.authentication.cap
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\test\wpa.cap
C:\DOCUME~1\NORIC\Mes documents\Hack & Utilitaires\aircrack-ng-0.9-win\aircrack-ng-0.9-win\test\wpa2.eapol.cap
C:\DOCUME~1\ALLUSE~1\Menu D‚marrer\Programmes\CrackWepPack
C:\DOCUME~1\ALLUSE~1\Menu D‚marrer\Programmes\CrackWepPack\Etherchange.lnk
C:\DOCUME~1\ALLUSE~1\Menu D‚marrer\Programmes\CrackWepPack\Installation de Ethereal.lnk
C:\DOCUME~1\ALLUSE~1\Menu D‚marrer\Programmes\CrackWepPack\WlanDrv.lnk
C:\DOCUME~1\ALLUSE~1\Menu D‚marrer\Programmes\CrackWepPack\Page d'accueil de Support de CrackWepPack.lnk
C:\DOCUME~1\ALLUSE~1\Menu D‚marrer\Programmes\CrackWepPack\D‚sinstaller CrackWepPack.lnk
1 - "C:\ToolBar SD\TB_1.txt" - 07/12/2008|11:47 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 07/12/2008|23:48 - Option : [2]
-----------\\ Fin du rapport a 23:48:11,73
|
|
Posté le 07/12/2008 à 23:52 |
Petit astucien
| celui de RSIT:
Logfile of random's system information tool 1.04 (written by random/random)
Run by Noric at 2008-12-07 23:50:27
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 12 GB (21%) free of 57 GB
Total RAM: 2047 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:50:31, on 07/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CNAC4RPK.EXE
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\eMule\eMule.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox 3 Beta 3\firefox.exe
C:\Documents and Settings\Noric\Bureau\problème yoog search\RSIT.exe
C:\Program Files\trend micro\Noric.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
--
End of file - 6547 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Maintenance en 1 clic.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - Veoh Web Player Video Finder - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll [2008-11-03 463872]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-03-16 7561216]
"Wireless Console 2"=C:\Program Files\Wireless Console 2\wcourier.exe [2005-10-17 987136]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-10-20 761945]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2006-03-14 90112]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe [2007-06-28 218376]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-03-06 819200]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2007-03-06 970752]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-05-04 16206848]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"HControl"=C:\WINDOWS\ATK0100\HControl.exe [2006-05-30 98304]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TuneUp MemOptimizer"=C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe [2006-10-06 305152]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2008-06-25 1209584]
""= []
"RocketDock"=C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-19 630784]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\Noric\Menu Démarrer\Programmes\Démarrage
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2007-06-28 206088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\MSMSGS.EXE"="C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger"
"C:\Program Files\eMule\eMule.exe"="C:\Program Files\eMule\eMule.exe:*:Enabled:eMule Plus"
"C:\WINDOWS\System32\CNAC4RPK.EXE"="C:\WINDOWS\System32\CNAC4RPK.EXE:*:Enabled:Canon LBP5000 RPC Server Process"
"C:\Program Files\Autodesk\Maya8.5\bin\maya.exe"="C:\Program Files\Autodesk\Maya8.5\bin\maya.exe:*:Enabled:Maya"
"C:\Program Files\Cain\Cain.exe"="C:\Program Files\Cain\Cain.exe:*:Enabled:Cain - Password Recovery Utility"
"C:\Program Files\Mozilla Firefox 3 Beta 3\FIREFOX.EXE"="C:\Program Files\Mozilla Firefox 3 Beta 3\FIREFOX.EXE:*:Enabled:Firefox"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\e frontier\Poser 7\Poser.exe"="C:\Program Files\e frontier\Poser 7\Poser.exe:*:Enabled:Poser executable file"
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\Magentic\bin\MgImp.exe"="C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic"
"C:\Program Files\Magentic\bin\Magentic.exe"="C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic"
"C:\Program Files\Magentic\bin\MgApp.exe"="C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic"
"C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe"="C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic"
"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe:*:Enabled:Kaspersky Anti-Virus"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player "
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4ca4170c-f9af-11dc-9929-0018de0ff75a}]
shell\Auto\command - cmd /C launch.bat
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7f965fcb-e3be-11dc-9902-0018de0ff75a}]
shell\auto\command - Knight.exe open
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Knight.exe open
shell\explore\command - Knight.exe open
shell\find\command - Knight.exe open
shell\install\command - Knight.exe open
shell\open\command - Knight.exe open
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a3e64e16-8570-11dd-ae21-0018de0ff75a}]
shell\AutoRun\command - .\Encryption Tool\MaxtorEncryption.exe
======List of files/folders created in the last 1 months======
2008-12-07 11:45:53 ----A---- C:\TB.txt
2008-12-07 11:45:25 ----D---- C:\ToolBar SD
2008-12-06 11:52:25 ----D---- C:\rsit
2008-12-06 11:52:25 ----D---- C:\Program Files\trend micro
2008-12-06 11:29:45 ----D---- C:\Documents and Settings\Noric\Application Data\Malwarebytes
2008-12-06 11:29:39 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-06 11:29:39 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-11-25 11:26:30 ----A---- C:\WINDOWS\system32\WMAFile.dll
2008-11-25 11:26:30 ----A---- C:\WINDOWS\system32\AudPlayer.dll
2008-11-25 11:26:30 ----A---- C:\WINDOWS\system32\AudioVisu.dll
2008-11-25 11:26:30 ----A---- C:\WINDOWS\system32\AudioRecord.dll
2008-11-25 11:26:30 ----A---- C:\WINDOWS\system32\AudioInfos.dll
2008-11-25 11:26:30 ----A---- C:\WINDOWS\system32\AudFile.dll
2008-11-25 11:26:30 ----A---- C:\WINDOWS\system32\AudDisplay.dll
2008-11-25 11:26:29 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL
2008-11-25 11:26:29 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2008-11-25 11:26:29 ----A---- C:\WINDOWS\system32\TABCTFR.DLL
2008-11-25 11:26:29 ----A---- C:\WINDOWS\system32\inetfr.DLL
2008-11-25 11:26:29 ----A---- C:\WINDOWS\system32\AudDesign.dll
2008-11-25 11:26:28 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL
2008-11-25 11:26:28 ----A---- C:\WINDOWS\system32\Mscc2fr.dll
2008-11-25 11:26:28 ----A---- C:\WINDOWS\system32\CMDLGFR.DLL
2008-11-21 15:49:03 ----D---- C:\Documents and Settings\Noric\Application Data\.purple
2008-11-21 15:46:09 ----D---- C:\Program Files\Aspell
2008-11-21 15:45:32 ----D---- C:\Program Files\Pidgin
2008-11-21 15:45:20 ----D---- C:\Program Files\Fichiers communs\GTK
2008-11-13 23:43:30 ----D---- C:\Program Files\Anti Trojan Elite
2008-11-13 23:15:19 ----A---- C:\WINDOWS\system32\iesvcmon1.exe
2008-11-13 23:13:41 ----D---- C:\Program Files\SpeedTest
2008-11-13 23:13:34 ----A---- C:\WINDOWS\nc605007.exe
2008-11-13 23:13:33 ----D---- C:\Program Files\ppcbooster
2008-11-13 23:10:20 ----RAH---- C:\WINDOWS\system32\msconfig.exe
2008-11-13 22:59:58 ----A---- C:\WINDOWS\system32\jfjfsvtouatumih.exe
2008-11-13 22:59:49 ----A---- C:\WINDOWS\system32\cont_adzgalore-remove.exe
2008-11-13 22:51:14 ----D---- C:\Program Files\MSXML 4.0
2008-11-13 01:13:38 ----RAH---- C:\WINDOWS\kill.exe
2008-11-11 15:12:31 ----A---- C:\WINDOWS\system32\CSVer.dll
2008-11-11 15:12:04 ----D---- C:\Intel
2008-11-11 14:57:52 ----D---- C:\Program Files\Toshiba
2008-11-11 14:52:27 ----D---- C:\WINDOWS\Motorola
2008-11-11 14:52:21 ----A---- C:\WINDOWS\sm56kor.dll
2008-11-11 14:52:21 ----A---- C:\WINDOWS\sm56jpn.dll
2008-11-11 14:52:21 ----A---- C:\WINDOWS\sm56ita.dll
2008-11-11 14:52:21 ----A---- C:\WINDOWS\sm56hlpr.exe
2008-11-11 14:52:20 ----A---- C:\WINDOWS\sm56ger.dll
2008-11-11 14:52:19 ----A---- C:\WINDOWS\system32\sm56co.dll
2008-11-11 14:52:19 ----A---- C:\WINDOWS\sm56fra.dll
2008-11-11 14:52:19 ----A---- C:\WINDOWS\sm56esp.dll
2008-11-11 14:52:19 ----A---- C:\WINDOWS\sm56eng.dll
2008-11-11 14:52:19 ----A---- C:\WINDOWS\sm56dnk.dll
2008-11-11 14:52:19 ----A---- C:\WINDOWS\sm56cht.dll
2008-11-11 14:52:19 ----A---- C:\WINDOWS\sm56chs.dll
2008-11-11 14:52:19 ----A---- C:\WINDOWS\sm56brz.dll
2008-11-11 14:52:14 ----A---- C:\WINDOWS\system32\msxml4r.dll
2008-11-11 14:50:16 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2008-11-11 14:48:44 ----R---- C:\WINDOWS\system32\RtlCPAPI.dll
2008-11-11 14:47:18 ----R---- C:\WINDOWS\Alcmtr.exe
2008-11-11 14:37:06 ----D---- C:\Program Files\AIDA32 - Personal System Information
2008-11-11 14:15:02 ----A---- C:\WINDOWS\system32\AegisI5Installer.exe
2008-11-11 14:14:15 ----A---- C:\WINDOWS\system32\NETw4r32.dll
2008-11-11 14:14:15 ----A---- C:\WINDOWS\system32\NETw4c32.dll
2008-11-11 14:13:57 ----D---- C:\Documents and Settings\All Users\Application Data\Intel
2008-11-11 14:13:01 ----D---- C:\Documents and Settings\Noric\Application Data\Intel
======List of files/folders modified in the last 1 months======
2008-12-06 12:32:56 ----N---- C:\WINDOWS\SchedLgU.Txt
2008-11-20 00:29:22 ----A---- C:\Documents and Settings\Noric\Application Data\inst.exe
2008-11-11 14:54:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-11 14:15:36 ----A---- C:\WINDOWS\system32\results.txt
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 klif;Klif; \??\C:\WINDOWS\system32\drivers\klif.sys []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.6.0.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-11-11 21425]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-02-21 12416]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-05-04 4271616]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 24344]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 NETw4x32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows XP 32 bits; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-04-27 2203520]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-03-17 3655712]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-07-01 9856]
R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-09-17 28672]
R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-09-14 50560]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2005-11-16 78976]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-03-29 889472]
R3 SynMini;ASUS WebCam, 1.3M, USB2.0, FF; C:\WINDOWS\System32\Drivers\SynMini.sys [2006-01-20 841110]
R3 SynScan;ASUS WebCam Still Image; C:\WINDOWS\System32\Drivers\SynScan.sys [2006-01-02 8278]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-10-20 191936]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 Tosrfcom;Tosrfcom; C:\WINDOWS\system32\drivers\Tosrfcom.sys [2005-08-01 64896]
S3 ATE_PROCMON;ATE_PROCMON; \??\C:\Program Files\Anti Trojan Elite\ATEPMon.sys []
S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-09-13 47360]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 sffdisk;Pilote de classe de stockage SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;Pilote de protocole de stockage SFF pour SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2006-02-02 108928]
S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2006-02-08 62848]
S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2006-01-31 39808]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-04-04 1429632]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AVP;Kaspersky Anti-Virus 7.0; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe [2007-06-28 218376]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-03-06 643072]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-03-16 143426]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-03-06 327680]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-03-06 983040]
R2 UxTuneUp;Extension de conception TuneUp; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WLANKEEPER;Intel(R) PROSet/Wireless SSO Service; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2007-03-06 294912]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
-----------------EOF-----------------
|
|
Posté le 07/12/2008 à 23:56 |
Petit astucien
| et celui d'OtscanIt:
[code]
OTScanIt2 logfile created on: 07/12/2008 23:53:42 - Run 2
OTScanIt2 by OldTimer - Version 1.0.2.1 Folder = C:\Documents and Settings\Noric\Bureau\problème yoog search\OTScanIt2
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 1,31 Gb Available Physical Memory | 65,34% Memory free
3,35 Gb Paging File | 2,73 Gb Available in Paging File | 81,37% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55,95 Gb Total Space | 11,62 Gb Free Space | 20,77% Space Free | Partition Type: FAT32
Drive D: | 37,19 Gb Total Space | 18,57 Gb Free Space | 49,94% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: NORIC-7231E66C9
Current User Name: Noric
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days
[Processes - Safe List]
atkosd.exe -> %SystemRoot%\ATK0100\ATKOSD.exe -> [2006/05/17 16:55:30 | 02,355,200 | ---- | M] ()
avp.exe -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe -> [2007/06/28 12:51:38 | 00,218,376 | ---- | M] (Kaspersky Lab)
avp.exe -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe -> [2007/06/28 12:51:38 | 00,218,376 | ---- | M] (Kaspersky Lab)
batterylife.exe -> %ProgramFiles%\ASUS\Power4 Gear\BatteryLife.exe -> [2006/03/14 17:46:00 | 00,090,112 | ---- | M] (ASUSTeK Computer Inc.)
cnac4rpk.exe -> %SystemRoot%\system32\CNAC4RPK.EXE -> [2005/09/19 16:00:00 | 00,057,407 | ---- | M] (CANON INC.)
dot1xcfg.exe -> %ProgramFiles%\Intel\Wireless\Bin\Dot1XCfg.exe -> [2007/03/06 16:40:30 | 00,487,424 | ---- | M] (Intel Corporation)
emule.exe -> %ProgramFiles%\eMule\eMule.exe -> [2008/05/18 11:14:54 | 05,799,936 | ---- | M] (http://emuleplus.info)
evteng.exe -> %ProgramFiles%\Intel\Wireless\Bin\EvtEng.exe -> [2007/03/06 16:55:42 | 00,643,072 | ---- | M] (Intel Corporation)
firefox.exe -> %ProgramFiles%\Mozilla Firefox 3 Beta 3\firefox.exe -> [2008/11/07 20:54:32 | 00,307,712 | ---- | M] (Mozilla Corporation)
hcontrol.exe -> %SystemRoot%\ATK0100\HControl.exe -> [2006/05/30 21:31:08 | 00,098,304 | ---- | M] ()
ifrmewrk.exe -> %ProgramFiles%\Intel\Wireless\Bin\ifrmewrk.exe -> [2007/03/06 16:44:48 | 00,970,752 | ---- | M] (Intel Corporation)
memoptimizer.exe -> %ProgramFiles%\TuneUp Utilities 2006\MemOptimizer.exe -> [2006/10/06 06:27:18 | 00,305,152 | ---- | M] (TuneUp Software GmbH)
notepad.exe -> %SystemRoot%\system32\NOTEPAD.EXE -> [2008/04/14 04:34:16 | 00,070,656 | ---- | M] (Microsoft Corporation)
nvsvc32.exe -> %SystemRoot%\system32\nvsvc32.exe -> [2006/03/16 22:16:00 | 00,143,426 | ---- | M] (NVIDIA Corporation)
otscanit2.exe -> %UserProfile%\Bureau\problème yoog search\OTScanIt2\OTScanIt2.exe -> [2008/12/01 10:28:50 | 00,477,184 | ---- | M] (OldTimer Tools)
regsrvc.exe -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> [2007/03/06 16:37:04 | 00,327,680 | ---- | M] (Intel Corporation)
rocketdock.exe -> %SystemRoot%\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe -> [2007/03/19 00:05:02 | 00,630,784 | ---- | M] ()
rthdcpl.exe -> %SystemRoot%\RTHDCPL.EXE -> [2006/05/04 08:59:16 | 16,206,848 | R--- | M] (Realtek Semiconductor Corp.)
s24evmon.exe -> %ProgramFiles%\Intel\Wireless\Bin\S24EvMon.exe -> [2007/03/06 16:43:52 | 00,983,040 | ---- | M] (Intel Corporation )
syntpenh.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> [2005/10/20 23:26:48 | 00,761,945 | ---- | M] (Synaptics, Inc.)
ubericon manager.exe -> %SystemRoot%\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe -> [2006/05/21 09:43:08 | 00,180,224 | ---- | M] ()
wcourier.exe -> %ProgramFiles%\Wireless Console 2\wcourier.exe -> [2005/10/17 17:09:34 | 00,987,136 | ---- | M] ()
wlkeeper.exe -> %ProgramFiles%\Intel\Wireless\Bin\WLKeeper.exe -> [2007/03/06 16:46:46 | 00,294,912 | ---- | M] (Intel(R) Corporation)
zcfgsvc.exe -> %ProgramFiles%\Intel\Wireless\bin\ZCfgSvc.exe -> [2007/03/06 16:47:02 | 00,819,200 | ---- | M] (Intel Corporation)
[Win32 Services - Safe List]
(AVP) Kaspersky Anti-Virus 7.0 [Win32_Own | Auto | Running] -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe -> [2007/06/28 12:51:38 | 00,218,376 | ---- | M] (Kaspersky Lab)
(BthServ) Bluetooth Support Service [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\bthserv.dll -> [2008/04/14 04:33:20 | 00,030,208 | ---- | M] (Microsoft Corporation)
(EvtEng) Intel(R) PROSet/Wireless Event Log [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\EvtEng.exe -> [2007/03/06 16:55:42 | 00,643,072 | ---- | M] (Intel Corporation)
(helpsvc) Aide et support [Win32_Shared | Auto | Running] -> %SystemRoot%\PCHealth\HelpCtr\Binaries\pchsvc.dll -> [2008/04/14 04:33:38 | 00,038,400 | ---- | M] (Microsoft Corporation)
(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvsvc32.exe -> [2006/03/16 22:16:00 | 00,143,426 | ---- | M] (NVIDIA Corporation)
(odserv) Microsoft Office Diagnostics Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\OFFICE12\ODSERV.EXE -> [2007/08/24 03:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation)
(ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\Source Engine\OSE.EXE -> [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation)
(RegSrvc) Intel(R) PROSet/Wireless Registry Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> [2007/03/06 16:37:04 | 00,327,680 | ---- | M] (Intel Corporation)
(rpcapd) Remote Packet Capture Protocol v.0 (experimental) [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\WinPcap\rpcapd.exe -> [2007/11/06 22:22:26 | 00,092,792 | ---- | M] (CACE Technologies)
(S24EventMonitor) Intel(R) PROSet/Wireless Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\S24EvMon.exe -> [2007/03/06 16:43:52 | 00,983,040 | ---- | M] (Intel Corporation )
(usnjsvc) Service Messenger Sharing Folders USN Journal Reader [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Live\Messenger\usnsvc.exe -> [2007/10/18 11:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation)
(UxTuneUp) Extension de conception TuneUp [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\uxtuneup.dll -> [2006/10/06 06:27:20 | 00,024,072 | ---- | M] (TuneUp Software GmbH)
(WLANKEEPER) Intel(R) PROSet/Wireless SSO Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\WLKeeper.exe -> [2007/03/06 16:46:46 | 00,294,912 | ---- | M] (Intel(R) Corporation)
(WLSetupSvc) Windows Live Setup Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Live\installer\WLSetupSvc.exe -> [2007/10/25 15:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation)
(WMPNetworkSvc) Service Partage réseau du Lecteur Windows Media [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Media Player\WMPNetwk.exe -> [2006/11/03 09:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation)
(WudfSvc) Windows Driver Foundation - User-mode Driver Framework [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\System32\WUDFSvc.dll -> [2006/09/28 18:56:14 | 00,055,808 | ---- | M] (Microsoft Corporation)
[Driver Services - Safe List]
(AegisP) AEGIS Protocol (IEEE 802.1x) v3.6.0.0 [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\AegisP.sys -> [2008/11/11 14:15:10 | 00,021,425 | ---- | M] (Meetinghouse Data Communications)
(BthEnum) Service d'énumérateur Bluetooth [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\BthEnum.sys -> [2008/04/13 20:46:34 | 00,017,024 | ---- | M] (Microsoft Corporation)
(BthPan) Périphérique Bluetooth (réseau personnel) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\bthpan.sys -> [2008/04/13 20:51:34 | 00,101,120 | ---- | M] (Microsoft Corporation)
(BTHPORT) Pilote de port Bluetooth [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\Drivers\BTHport.sys -> [2008/06/14 18:33:38 | 00,272,768 | ---- | M] (Microsoft Corporation)
(BTHUSB) Pilote USB radio Bluetooth [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\Drivers\BTHUSB.sys -> [2008/04/13 20:46:30 | 00,018,944 | ---- | M] (Microsoft Corporation)
(Hardlock) Hardlock [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\hardlock.sys -> [2006/11/22 10:01:48 | 00,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.)
(HDAudBus) Pilote de bus Microsoft UAA pour High Definition Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HDAudBus.sys -> [2008/04/13 18:36:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider)
(IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\RtkHDAud.sys -> [2006/05/04 09:13:52 | 04,271,616 | R--- | M] (Realtek Semiconductor Corp.)
(kl1) kl1 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\kl1.sys -> [2008/05/28 23:41:02 | 00,112,144 | ---- | M] (Kaspersky Lab)
(klif) klif [Kernel | System | Running] -> %SystemRoot%\system32\drivers\klif.sys -> [2008/03/02 16:43:16 | 00,194,320 | ---- | M] (Kaspersky Lab)
(klim5) Kaspersky Anti-Virus NDIS Filter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\klim5.sys -> [2007/04/04 14:58:26 | 00,024,344 | ---- | M] (Kaspersky Lab)
(MODEMCSA) Périphérique de filtrage de flux Unimodem [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\MODEMCSA.sys -> [2001/08/17 21:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation)
(MTsensor) ATK0100 ACPI UTILITY [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\ATKACPI.sys -> [2005/02/17 23:07:48 | 00,005,632 | ---- | M] ()
(NETw4x32) Pilote de carte Intel(R) Wireless WiFi Link pour Windows XP 32 bits [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\NETw4x32.sys -> [2007/04/27 04:01:34 | 02,203,520 | ---- | M] (Intel Corporation)
(nm) Pilote du Moniteur réseau [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\NMnt.sys -> [2008/04/13 20:53:10 | 00,040,320 | ---- | M] (Microsoft Corporation)
(NPF) NetGroup Packet Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\npf.sys -> [2007/11/06 22:22:06 | 00,034,064 | ---- | M] (CACE Technologies)
(nv) nv [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\nv4_mini.sys -> [2006/03/17 06:16:00 | 03,655,712 | ---- | M] (NVIDIA Corporation)
(pcouffin) VSO Software pcouffin [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\Drivers\pcouffin.sys -> [2008/09/13 19:23:34 | 00,047,360 | ---- | M] (VSO Software)
(pfc) Padus ASPI Shell [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\pfc.sys -> [2003/07/01 18:47:08 | 00,009,856 | ---- | M] (Padus, Inc.)
(Ptilink) Pilote de liaison parallèle directe [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\ptilink.sys -> [2004/08/05 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.)
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\System32\Drivers\PxHelp20.sys -> [2008/07/23 18:50:48 | 00,043,528 | ---- | M] (Sonic Solutions)
(RFCOMM) Périphérique Bluetooth (TDI protocole RFCOMM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\rfcomm.sys -> [2008/04/13 20:46:32 | 00,059,136 | ---- | M] (Microsoft Corporation)
(rimmptsk) rimmptsk [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\rimmptsk.sys -> [2005/09/17 11:01:50 | 00,028,672 | ---- | M] (REDC)
(rimsptsk) rimsptsk [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\rimsptsk.sys -> [2005/09/14 12:45:24 | 00,050,560 | ---- | M] (REDC)
(RTL8023xp) Realtek 10/100/1000 NIC Family all in one NDIS XP Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\Rtenicxp.sys -> [2005/11/16 09:08:16 | 00,078,976 | ---- | M] (Realtek Semiconductor Corporation )
(s24trans) Transport RLAN [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\s24trans.sys -> [2007/02/21 12:16:12 | 00,012,416 | ---- | M] (Intel Corporation)
(sdbus) sdbus [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\sdbus.sys -> [2008/04/13 20:36:44 | 00,079,232 | ---- | M] (Microsoft Corporation)
(Secdrv) Secdrv [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\secdrv.sys -> [2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
(sffdisk) Pilote de classe de stockage SFF [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\sffdisk.sys -> [2008/04/13 20:40:48 | 00,011,904 | ---- | M] (Microsoft Corporation)
(sffp_sd) Pilote de protocole de stockage SFF pour SDBus [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\sffp_sd.sys -> [2008/04/13 20:40:48 | 00,011,008 | ---- | M] (Microsoft Corporation)
(smserial) smserial [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\smserial.sys -> [2006/03/29 18:36:26 | 00,889,472 | ---- | M] (Motorola Inc.)
(SymEvent) SymEvent [Kernel | On_Demand | Stopped] -> %ProgramFiles%\Symantec\SYMEVENT.SYS -> [2004/08/26 06:03:00 | 00,104,144 | ---- | M] (Symantec Corporation)
(SynMini) ASUS WebCam, 1.3M, USB2.0, FF [Kernel | On_Demand | Running] -> %SystemRoot%\System32\Drivers\SynMini.sys -> [2006/01/20 09:59:16 | 00,841,110 | R--- | M] (Syntek America Inc.)
(SynScan) ASUS WebCam Still Image [Kernel | On_Demand | Running] -> %SystemRoot%\System32\Drivers\SynScan.sys -> [2006/01/02 11:02:26 | 00,008,278 | R--- | M] (Syntek America Inc.)
(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\SynTP.sys -> [2005/10/20 23:13:08 | 00,191,936 | ---- | M] (Synaptics, Inc.)
(Tosrfbd) Bluetooth RFBUS from TOSHIBA [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\Drivers\tosrfbd.sys -> [2006/02/02 23:16:08 | 00,108,928 | ---- | M] (TOSHIBA CORPORATION)
(Tosrfcom) Tosrfcom [Kernel | System | Stopped] -> %SystemRoot%\System32\drivers\tosrfcom.sys -> [2005/08/01 16:45:08 | 00,064,896 | ---- | M] (TOSHIBA Corporation)
(Tosrfhid) Bluetooth RFHID from TOSHIBA [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\Tosrfhid.sys -> [2006/02/08 17:33:34 | 00,062,848 | ---- | M] (TOSHIBA Corporation.)
(Tosrfusb) Bluetooth USB Controller [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\Drivers\tosrfusb.sys -> [2006/01/31 18:35:28 | 00,039,808 | ---- | M] (TOSHIBA CORPORATION)
(w39n51) Intel(R) PRO/Wireless 3945ABG Adapter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\w39n51.sys -> [2006/04/04 03:17:24 | 01,429,632 | ---- | M] (Intel® Corporation)
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://www.asus.com ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://www.msn.com/ ->
HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_CURRENT_USER\: Main\\"Start Page" -> http://google.com/ ->
HKEY_CURRENT_USER\: Search\\"AutoSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/saautosearch.aspx ->
HKEY_CURRENT_USER\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_CURRENT_USER\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKEY_CURRENT_USER\: SearchURL\\"" -> http://home.microsoft.com/access/autosearch.asp?p=%s ->
HKEY_CURRENT_USER\: SearchURL\\"provider" -> msn ->
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 ->
< FireFox Settings [Default Profile] > -> C:\Documents and Settings\Noric\Application Data\Mozilla\FireFox\Profiles\nojmj8n6.default\prefs.js ->
browser.search.defaultenginename -> "MyStart Search" ->
browser.search.selectedEngine -> "Yoog Search" ->
browser.startup.homepage -> "http://www.google.fr/firefox" ->
browser.startup.homepage_override.mstone -> "rv:1.9.0.4" ->
extensions.enabledItems -> bettergmail2@ginatrapani.org:0.7.1 ->
extensions.enabledItems -> {987311C6-B504-4aa2-90BF-60CC49808D42}:2.0 ->
extensions.enabledItems -> piclens@cooliris.com:1.8.5.14751 ->
extensions.enabledItems -> ctrl-tab@design-noir.de:0.19.3 ->
extensions.enabledItems -> {fce36c1e-58d8-498a-b2a5-66ad1cedebbb}:0.76 ->
extensions.enabledItems -> {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:3.5.1 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07 ->
extensions.enabledItems -> {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.87 ->
extensions.enabledItems -> videofinder@veoh.com:1.3 ->
extensions.enabledItems -> web@veoh.com:1.4 ->
extensions.enabledItems -> {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.4 ->
< HOSTS File > (790 bytes and 20 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
127.0.0.1 localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/12/18 04:16:42 | 00,059,032 | ---- | M] (Adobe Systems Incorporated)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\ssv.dll [SSVHelper Class] -> [2008/06/10 04:27:02 | 00,509,328 | ---- | M] (Sun Microsystems, Inc.)
{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{0FBB9689-D3D7-4f7a-A2E2-585B10099BFC}" [HKLM] -> %ProgramFiles%\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll [Veoh Web Player Video Finder] -> [2008/11/03 23:35:58 | 00,463,872 | ---- | M] (Veoh Networks Inc)
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
ShellBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\"{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}" [HKLM] -> %ProgramFiles%\Dealio\kb127\Dealio.dll [Dealio] -> File not found
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Alcmtr" -> %SystemRoot%\ALCMTR.EXE [ALCMTR.EXE] -> [2005/05/03 11:43:28 | 00,069,632 | R--- | M] (Realtek Semiconductor Corp.)
"AVP" -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe ["C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"] -> [2007/06/28 12:51:38 | 00,218,376 | ---- | M] (Kaspersky Lab)
"HControl" -> %SystemRoot%\ATK0100\HControl.exe [C:\WINDOWS\ATK0100\HControl.exe] -> [2006/05/30 21:31:08 | 00,098,304 | ---- | M] ()
"IntelWireless" -> %ProgramFiles%\Intel\Wireless\Bin\ifrmewrk.exe ["C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless] -> [2007/03/06 16:44:48 | 00,970,752 | ---- | M] (Intel Corporation)
"IntelZeroConfig" -> %ProgramFiles%\Intel\Wireless\bin\ZCfgSvc.exe ["C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"] -> [2007/03/06 16:47:02 | 00,819,200 | ---- | M] (Intel Corporation)
"NvCplDaemon" -> %SystemRoot%\system32\NvCpl.DLL [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> [2006/03/16 22:16:00 | 07,561,216 | ---- | M] (NVIDIA Corporation)
"Power_Gear" -> %ProgramFiles%\ASUS\Power4 Gear\BatteryLife.exe [C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1] -> [2006/03/14 17:46:00 | 00,090,112 | ---- | M] (ASUSTeK Computer Inc.)
"RTHDCPL" -> %SystemRoot%\RTHDCPL.EXE [RTHDCPL.EXE] -> [2006/05/04 08:59:16 | 16,206,848 | R--- | M] (Realtek Semiconductor Corp.)
"SynTPEnh" -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] -> [2005/10/20 23:26:48 | 00,761,945 | ---- | M] (Synaptics, Inc.)
"Wireless Console 2" -> %ProgramFiles%\Wireless Console 2\wcourier.exe [C:\Program Files\Wireless Console 2\wcourier.exe] -> [2005/10/17 17:09:34 | 00,987,136 | ---- | M] ()
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"" -> [] -> File not found
"ccleaner" -> %ProgramFiles%\CCleaner\CCleaner.exe ["C:\Program Files\CCleaner\CCleaner.exe" /AUTO] -> [2008/06/25 15:58:36 | 01,209,584 | ---- | M] (Piriform Ltd)
"RocketDock" -> %SystemRoot%\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe ["C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"] -> [2007/03/19 00:05:02 | 00,630,784 | ---- | M] ()
"TuneUp MemOptimizer" -> %ProgramFiles%\TuneUp Utilities 2006\MemOptimizer.exe ["C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart] -> [2006/10/06 06:27:18 | 00,305,152 | ---- | M] (TuneUp Software GmbH)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage ->
< Noric Startup Folder > -> C:\Documents and Settings\Noric\Menu Démarrer\Programmes\Démarrage ->
%UserProfile%\Menu Démarrer\Programmes\Démarrage\RocketDock.lnk -> %SystemRoot%\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe -> [2007/03/19 00:05:02 | 00,630,784 | ---- | M] ()
%UserProfile%\Menu Démarrer\Programmes\Démarrage\UberIcon.lnk -> %SystemRoot%\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe -> [2006/05/21 09:43:08 | 00,180,224 | ---- | M] ()
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"dontdisplaylastusername" -> [0] -> File not found
\\"legalnoticecaption" -> [] -> File not found
\\"legalnoticetext" -> [] -> File not found
\\"shutdownwithoutlogon" -> [1] -> File not found
\\"undockwithoutlogon" -> [1] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
< CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
E&xporter vers Microsoft Excel -> %SystemDrive%\PROGRA~1\MICROS~2\Office12\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000] -> [2008/07/30 03:25:02 | 17,930,264 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Menu: Console Java (Sun)] -> [2008/06/10 04:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}:{85E0B171-04FA-11D1-B7DA-00A0C90348D6} [HKLM] -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll [Button: Statistiques d’Anti-Virus Internet] -> [2007/06/28 12:51:52 | 00,222,472 | ---- | M] (Kaspersky Lab)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> %SystemDrive%\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL [Button: Research] -> [2006/10/26 20:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation)
{e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Button: Messenger] -> [2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Console Java (Sun)] -> [2008/06/10 04:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\"{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}" [HKLM] -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll [Statistiques d’Anti-Virus Internet] -> [2007/06/28 12:51:52 | 00,222,472 | ---- | M] (Kaspersky Lab)
CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] -> %SystemDrive%\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL [Research] -> [2006/10/26 20:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{e2e2dd38-d088-4134-82b7-f2ba38496583}" [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{E908B145-C847-4e85-B315-07E2E70DECF8}" [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Bibliothèque de contrôles ActiveX Microsoft ->
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. ->
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] ->
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab[Shockwave Flash Object] ->
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{48E14897-A614-469E-81D8-4C8ADCB5118D} -> () ->
{CE0F151E-4F0A-4EBB-81BE-FA767FD6D421} -> (Intel(R) PRO/Wireless 3945ABG Network Connection) ->
{E17065E4-3089-4579-AA33-750E219E86F7} -> () ->
{E37C4E06-6080-4199-8802-46716FD04654} -> (Carte réseau 1394) ->
{EBE416CC-BE6A-41E2-9E54-6279AD5063A4} -> (Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC) ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
klogon -> %SystemRoot%\system32\klogon.dll -> [2007/06/28 12:51:48 | 00,206,088 | ---- | M] (Kaspersky Lab)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/14 04:34:22 | 00,142,848 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\livecall.exe" -> C:\Program Files\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> [2007/10/02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2007/10/18 11:34:04 | 05,724,184 | ---- | M] (Microsoft Corporation)
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/14 04:34:22 | 00,142,848 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Autodesk\Maya8.5\bin\maya.exe" -> C:\Program Files\Autodesk\Maya8.5\bin\maya.exe [C:\Program Files\Autodesk\Maya8.5\bin\maya.exe:*:Enabled:Maya] -> [2006/12/17 04:11:30 | 00,225,280 | ---- | M] (Autodesk)
"C:\Program Files\Cain\Cain.exe" -> C:\Program Files\Cain\Cain.exe [C:\Program Files\Cain\Cain.exe:*:Enabled:Cain - Password Recovery Utility] -> [2007/12/11 19:33:08 | 01,026,048 | ---- | M] (oxid.it)
"C:\Program Files\DNA\btdna.exe" -> C:\Program Files\DNA\btdna.exe [C:\Program Files\DNA\btdna.exe:*:Enabled:DNA] -> File not found
"C:\Program Files\e frontier\Poser 7\Poser.exe" -> C:\Program Files\e frontier\Poser 7\Poser.exe [C:\Program Files\e frontier\Poser 7\Poser.exe:*:Enabled:Poser executable file] -> File not found
"C:\Program Files\eMule\eMule.exe" -> C:\Program Files\eMule\eMule.exe [C:\Program Files\eMule\eMule.exe:*:Enabled:eMule Plus] -> [2008/05/18 11:14:54 | 05,799,936 | ---- | M] (http://emuleplus.info)
"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe:*:Enabled:Kaspersky Anti-Virus] -> [2007/06/28 12:51:38 | 00,218,376 | ---- | M] (Kaspersky Lab)
"C:\Program Files\LimeWire\LimeWire.exe" -> C:\Program Files\LimeWire\LimeWire.exe [C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire] -> [2008/09/18 19:50:22 | 00,147,456 | ---- | M] (Lime Wire, LLC)
"C:\Program Files\Magentic\bin\Magentic.exe" -> C:\Program Files\Magentic\bin\Magentic.exe [C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic] -> File not found
"C:\Program Files\Magentic\bin\MgApp.exe" -> C:\Program Files\Magentic\bin\MgApp.exe [C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic] -> File not found
"C:\Program Files\Magentic\bin\MgImp.exe" -> C:\Program Files\Magentic\bin\MgImp.exe [C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic] -> File not found
"C:\Program Files\Messenger\MSMSGS.EXE" -> C:\Program Files\Messenger\MSMSGS.EXE [C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger] -> [2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" -> C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook] -> [2008/05/21 04:37:24 | 12,844,576 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Mozilla Firefox 3 Beta 3\FIREFOX.EXE" -> C:\Program Files\Mozilla Firefox 3 Beta 3\FIREFOX.EXE [C:\Program Files\Mozilla Firefox 3 Beta 3\FIREFOX.EXE:*:Enabled:Firefox] -> [2008/11/07 20:54:32 | 00,307,712 | ---- | M] (Mozilla Corporation)
"C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe" -> C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe [C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic] -> File not found
"C:\Program Files\Skype\Phone\Skype.exe" -> C:\Program Files\Skype\Phone\Skype.exe [C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype] -> [2008/06/03 15:08:42 | 21,718,312 | R--- | M] (Skype Technologies S.A.)
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" -> C:\Program Files\Veoh Networks\Veoh\VeohClient.exe [C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client] -> [2008/08/28 10:18:24 | 03,660,848 | ---- | M] (Veoh Networks)
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" -> C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player ] -> [2008/11/03 23:45:50 | 03,522,296 | ---- | M] (Veoh Networks)
"C:\Program Files\Windows Live\Messenger\livecall.exe" -> C:\Program Files\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> [2007/10/02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2007/10/18 11:34:04 | 05,724,184 | ---- | M] (Microsoft Corporation)
"C:\WINDOWS\System32\CNAC4RPK.EXE" -> C:\WINDOWS\System32\CNAC4RPK.EXE [C:\WINDOWS\System32\CNAC4RPK.EXE:*:Enabled:Canon LBP5000 RPC Server Process] -> [2005/09/19 16:00:00 | 00,057,407 | ---- | M] (CANON INC.)
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
"AlternateShell" -> cmd.exe ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> Pilote de CD-ROM ->
"ImagePath" -> %SystemRoot%\system32\DRIVERS\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2008/04/13 20:40:46 | 00,062,976 | ---- | M] (Microsoft Corporation)
< Drives with AutoRun files > -> ->
C:\AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ FAT32 ] -> [2008/02/25 16:43:16 | 00,000,000 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
\{4ca4170c-f9af-11dc-9929-0018de0ff75a}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4ca4170c-f9af-11dc-9929-0018de0ff75a}\Shell\Auto\command
\{4ca4170c-f9af-11dc-9929-0018de0ff75a}\Shell\Auto\command\\"" -> %SystemRoot%\System32\cmd.exe [cmd /C launch.bat] -> [2008/04/14 04:33:58 | 00,401,408 | ---- | M] (Microsoft Corporation)
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\auto\command
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\auto\command\\"" -> [Knight.exe open] -> File not found
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\explore\command
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\explore\command\\"" -> [Knight.exe open] -> File not found
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\find\command
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\find\command\\"" -> [Knight.exe open] -> File not found
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\install\command
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\install\command\\"" -> [Knight.exe open] -> File not found
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\open\command
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\open\command\\"" -> [Knight.exe open] -> File not found
\{a3e64e16-8570-11dd-ae21-0018de0ff75a}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a3e64e16-8570-11dd-ae21-0018de0ff75a}\Shell\AutoRun\command
\{a3e64e16-8570-11dd-ae21-0018de0ff75a}\Shell\AutoRun\command\\"" -> [.\Encryption Tool\MaxtorEncryption.exe] -> File not found
|
|
Posté le 07/12/2008 à 23:56 |
Petit astucien
| [Registry - Additional Scans - Safe List]
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.bat [@ = batfile] -> "%1" %* ->
.chm [@ = chm.file] -> %SystemRoot%\hh.exe -> [2008/04/14 04:34:06 | 00,010,752 | ---- | M] (Microsoft Corporation)
.cmd [@ = cmdfile] -> "%1" %* ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
.hlp [@ = hlpfile] -> %SystemRoot%\System32\winhlp32.exe -> [2004/08/05 14:00:00 | 00,008,192 | ---- | M] (Microsoft Corporation)
.hta [@ = htafile] -> %SystemRoot%\system32\mshta.exe -> [2008/04/14 04:34:12 | 00,029,184 | ---- | M] (Microsoft Corporation)
.html [@ = htmlfile] -> %ProgramFiles%\Internet Explorer\iexplore.exe -> [2008/04/14 04:34:06 | 00,093,184 | ---- | M] (Microsoft Corporation)
.inf [@ = inffile] -> %SystemRoot%\System32\NOTEPAD.EXE -> [2008/04/14 04:34:16 | 00,070,656 | ---- | M] (Microsoft Corporation)
.ini [@ = inifile] -> %SystemRoot%\System32\NOTEPAD.EXE -> [2008/04/14 04:34:16 | 00,070,656 | ---- | M] (Microsoft Corporation)
.js [@ = JSFile] -> %SystemRoot%\System32\WScript.exe -> [2008/05/08 12:24:44 | 00,155,648 | ---- | M] (Microsoft Corporation)
.jse [@ = JSEFile] -> %SystemRoot%\System32\WScript.exe -> [2008/05/08 12:24:44 | 00,155,648 | ---- | M] (Microsoft Corporation)
.pif [@ = piffile] -> "%1" %* ->
.reg [@ = regfile] -> %SystemRoot%\regedit.exe -> [2008/04/14 04:34:20 | 00,153,088 | ---- | M] (Microsoft Corporation)
.scr [@ = scrfile] -> "%1" /S ->
.txt [@ = txtfile] -> %SystemRoot%\system32\NOTEPAD.EXE -> [2008/04/14 04:34:16 | 00,070,656 | ---- | M] (Microsoft Corporation)
.vbe [@ = VBEFile] -> %SystemRoot%\System32\WScript.exe -> [2008/05/08 12:24:44 | 00,155,648 | ---- | M] (Microsoft Corporation)
.vbs [@ = VBSFile] -> %SystemRoot%\System32\WScript.exe -> [2008/05/08 12:24:44 | 00,155,648 | ---- | M] (Microsoft Corporation)
.wsf [@ = WSFFile] -> %SystemRoot%\System32\WScript.exe -> [2008/05/08 12:24:44 | 00,155,648 | ---- | M] (Microsoft Corporation)
.wsh [@ = WSHFile] -> %SystemRoot%\System32\WScript.exe -> [2008/05/08 12:24:44 | 00,155,648 | ---- | M] (Microsoft Corporation)
< Protocol Filters [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ ->
text/xml:{807563E5-5146-11D5-A672-00B0D022E945} [HKLM] -> %SystemDrive%\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL[Microsoft Office InfoPath XML Mime Filter] -> [2006/10/26 21:41:48 | 00,044,344 | ---- | M] (Microsoft Corporation)
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
ipp: [HKLM] -> No CLSID value
ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} [HKLM] -> %SystemDrive%\PROGRA~1\FICHIE~1\SYSTEM\OLEDB~1\MSDAIPP.DLL[MSDAMON.BINDER] -> [2007/08/28 23:55:14 | 01,014,128 | ---- | M] (Microsoft Corporation)
livecall:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> %SystemDrive%\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL[Reg Error: Value does not exist or could not be read.] -> [2007/10/18 11:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation)
msdaipp: [HKLM] -> No CLSID value
msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} [HKLM] -> %SystemDrive%\PROGRA~1\FICHIE~1\SYSTEM\OLEDB~1\MSDAIPP.DLL[MSDAMON.BINDER] -> [2007/08/28 23:55:14 | 01,014,128 | ---- | M] (Microsoft Corporation)
msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} [HKLM] -> %SystemDrive%\PROGRA~1\FICHIE~1\SYSTEM\OLEDB~1\MSDAIPP.DLL[MSDAIPP.BINDER] -> [2007/08/28 23:55:14 | 01,014,128 | ---- | M] (Microsoft Corporation)
ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} [HKLM] -> %CommonProgramFiles%\Microsoft Shared\Help\hxds.dll[HxProtocol Class] -> [2006/10/26 13:45:02 | 00,873,216 | ---- | M] (Microsoft Corporation)
msnim:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> %SystemDrive%\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL[Reg Error: Value does not exist or could not be read.] -> [2007/10/18 11:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation)
skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKLM] -> %SystemDrive%\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL[IEProtocolHandler Class] -> [2008/06/03 15:08:42 | 01,942,864 | R--- | M] (Skype Technologies)
wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} [HKLM] -> %ProgramFiles%\Windows Live\Mail\mailcomm.dll[Windows Live Mail HTML Asynchronous Pluggable Protocol Handler] -> [2007/10/23 12:14:52 | 00,858,136 | ---- | M] (Microsoft Corporation)
< Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
\\"FirstRunDisabled" -> [1] -> File not found
\\"AntiVirusDisableNotify" -> [0] -> File not found
\\"FirewallDisableNotify" -> [0] -> File not found
\\"UpdatesDisableNotify" -> [0] -> File not found
\\"AntiVirusOverride" -> [0] -> File not found
\\"FirewallOverride" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus
\Monitoring\KasperskyAntiVirus\\"DisableMonitoring" -> [1] -> File not found
\Monitoring\KasperskyAntiVirus\\"" -> [] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus
\Monitoring\SymantecAntiVirus\\"DisableMonitoring" -> [1] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall
\Monitoring\SymantecFirewall\\"DisableMonitoring" -> [1] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
\\"EnableFirewall" -> [1] -> File not found
\\"DoNotAllowExceptions" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> ->
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
{0405E51E-9582-4207-8F38-AC44201D3808} -> VeohTV BETA
{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB} -> mSSO
{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7} -> mLogView
{110EB5C4-E995-4CFB-AB80-A5F315BEA9E8} -> Python 2.6
{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C} -> ATK Media
{17E2F183-BAC4-4D01-BD7A-59F781E17EFA} -> REALTEK PCIE NIC Driver
{23FB368F-1399-4EAC-817C-4B83ECBE3D83} -> mProSafe
{3248F0A8-6813-11D6-A77B-00B0D0160070} -> Java(TM) 6 Update 7
{350C940c-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP
{3E9D596A-61D4-4239-BD19-2DB984D2A16F} -> mIWA
{4462AD13-F2AA-4CBD-9F95-293C38EED870} -> Power4 Gear
{4B9BB601-13E9-4042-A3BC-E7955BF4A98F} -> Kaspersky Anti-Virus 7.0
{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} -> Skype™ 3.8
{6105648C-0C3C-481D-8C11-1F4952D6FB53} -> Dealio Toolbar 3.4
{63DB9CCD-2B56-4217-9A3D-507AC78320CA} -> mWMI
{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} -> Windows Media Player Firefox Plugin
{7299052b-02a4-4627-81f2-1818da5d550d} -> Microsoft Visual C++ 2005 Redistributable
{81525B87-9344-4834-883C-C6A9D78EA1DF} -> Maya 8.5 Documentation (en_US)
{829CD169-E692-48E8-9BDE-A3E8D8B65538} -> mSCfg
{83F73CB1-7705-49D1-9852-84D839CA2A45} -> Wireless Console 2
{85EBB283-65AF-4C53-9EBE-7C0A232762F7} -> AGEIA PhysX v7.03.21
{868D7896-99D4-4513-BC62-2B3AD3E24926} -> TuneUp Utilities 2006
{8B928BA1-EDEC-4227-A2DA-DD83026C36F5} -> mPfMgr
{8C6BB412-D3A8-4AAE-A01B-35B681789D68} -> mHelp
{90120000-0010-040C-0000-0000000FF1CE} -> Microsoft Software Update for Web Folders (French) 12
{90120000-0011-0000-0000-0000000FF1CE} -> Microsoft Office Professional Plus 2007
{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BEE75E01-DD3F-4D5F-B96C-609E6538D419} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-0015-040C-0000-0000000FF1CE} -> Microsoft Office Access MUI (French) 2007
{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-0016-040C-0000-0000000FF1CE} -> Microsoft Office Excel MUI (French) 2007
{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-0018-040C-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (French) 2007
{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-0019-040C-0000-0000000FF1CE} -> Microsoft Office Publisher MUI (French) 2007
{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001A-040C-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (French) 2007
{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001B-040C-0000-0000000FF1CE} -> Microsoft Office Word MUI (French) 2007
{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001F-0401-0000-0000000FF1CE} -> Microsoft Office Proof (Arabic) 2007
{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{5A2F65A4-808F-4A1E-973E-92E17824982D} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001F-0407-0000-0000000FF1CE} -> Microsoft Office Proof (German) 2007
{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2007
{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{3EC77D26-799B-4CD8-914F-C1565E796173} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001F-040C-0000-0000000FF1CE} -> Microsoft Office Proof (French) 2007
{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{430971B1-C31E-45DA-81E0-72C095BAB72C} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001F-0413-0000-0000000FF1CE} -> Microsoft Office Proof (Dutch) 2007
{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{B3F4DC34-7F60-4B7C-A79F-1C13012D99D4} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001F-0C0A-0000-0000000FF1CE} -> Microsoft Office Proof (Spanish) 2007
{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-002C-040C-0000-0000000FF1CE} -> Microsoft Office Proofing (French) 2007
{90120000-0044-040C-0000-0000000FF1CE} -> Microsoft Office InfoPath MUI (French) 2007
{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-006E-040C-0000-0000000FF1CE} -> Microsoft Office Shared MUI (French) 2007
{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{EC50B538-CBE1-42E6-B7FE-87AA540AADFB} -> Microsoft Office Language Pack 2007 Service Pack 1 (SP1)
{90B0D222-8C21-4B35-9262-53B042F18AF9} -> mPfWiz
{94658027-9F16-4509-BBD7-A59FE57C3023} -> mZConfig
{95120000-00AF-040C-0000-0000000FF1CE} -> Microsoft Office PowerPoint Viewer 2007 (French)
{A0F925BF-5C55-44C2-A4E7-5A4C59791C29} -> mDriver
{A1E0E88A-F5E9-4414-A0D7-31940E965EC5} -> Maya 8.5
{AC76BA86-7AD7-1033-7B44-A71000000002} -> Adobe Reader 7.1.0
{AEB9948B-4FF2-47C9-990E-47014492A0FE} -> MSXML 6.0 Parser
{BADF6744-3787-48F6-B8C9-4C4995401D65} -> Windows Live Messenger
{BFD96B89-B769-4CD6-B11E-E79FFD46F067} -> QuickTime
{C033BF6E-9D82-4E0B-A46E-ABC746D6F431} -> Autodesk DirectConnect 2.0
{C514C594-23AA-4F13-A070-DB8BDB27594F} -> Windows Live Mail
{C9D599E1-6B68-4a1f-8A4F-A1DB433DB1BF} -> Norton Internet Security
{CA9BAADB-C262-4E05-B2E2-CEE8CE9809EC} -> mToolkit
{CB099890-1D5F-11D5-9EA9-0050BAE317E1} -> PowerDirector
{CEBB6BFB-D708-4F99-A633-BC2600E01EF6} -> Bluetooth Stack for Windows
{D0C73318-7B4A-4D16-A0C4-3B83F075EA88} -> Search Settings 1.2
{DA42FDCA-7C5A-43EF-9A05-CCE148ADF919} -> CC_ccProxyExt
{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32} -> Command & Conquer 3
{DE10AB76-4756-4913-BE25-55D1C1051F9A} -> WinFlash
{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0} -> ASUS Live Update
{E81667C6-2856-46D6-ABEA-6A2F42166779} -> mCore
{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5} -> mMHouse
{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} -> Realtek High Definition Audio Driver
{F6090A17-0967-4A8A-B3C3-422A1B514D49} -> mDrWiFi
{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4} -> mWlsSafe
{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} -> Windows Live installer
7-Zip -> 7-Zip 4.57
Adobe Flash Player ActiveX -> Adobe Flash Player ActiveX
Adobe Flash Player Plugin -> Adobe Flash Player 10 Plugin
AIDA32_is1 -> AIDA32 v3.93
Aspell English Dictionary_is1 -> Aspell English Dictionary-0.50-2
Aspell French Dictionary_is1 -> Aspell French Dictionary-0.50-3
ASUS WebCam, 1.3M, USB2.0, FF -> ASUS WebCam, 1.3M, USB2.0, FF
Blender -> Blender (remove only)
Cain & Abel v4.9.10 -> Cain & Abel v4.9.10
Canon LBP5000 -> Canon LBP5000
CCleaner -> CCleaner (remove only)
cont_adzgalore -> Contextual Tool Adzgalore
CrackWepPack v0.1_is1 -> CrackWepPack v0.1
DPS -> DPS
eMule Plus_is1 -> eMule Plus 1.2d
GNU Aspell_is1 -> GNU Aspell 0.50-3
GTK 2.0 -> Bibliothèques GTK+ 2.12.12 rev a (supprimer uniquement)
HControl -> ATK0100 ACPI UTILITY
HijackThis -> HijackThis 2.0.2
InstallShield_{0405E51E-9582-4207-8F38-AC44201D3808} -> VeohTV BETA
InstallWIX_{4B9BB601-13E9-4042-A3BC-E7955BF4A98F} -> Kaspersky Anti-Virus 7.0
jfjfsvtouatumih -> RON Tool Cpmsky
LimeWire -> LimeWire 4.18.8
M3 -> Asus MiVo Messenger
Malwarebytes' Anti-Malware_is1 -> Malwarebytes' Anti-Malware
Messenger Plus! Live -> Messenger Plus! Live
Mozilla Firefox (3.0.4) -> Mozilla Firefox (3.0.4)
MSCompPackV1 -> Microsoft Compression Client Pack 1.0 for Windows XP
NVIDIA Drivers -> NVIDIA Drivers
Pack Vista Inspirat 2 -> Pack Vista Inspirat 2 1.0
Pidgin -> Pidgin
ppcbooster -> PPC Booster
ProInst -> Logiciel Intel(R) PROSet/Wireless
PROPLUS -> Microsoft Office Professional Plus 2007
SMSERIAL -> Motorola SM56 Speakerphone Modem
Switch -> Switch Uninstall
SynTPDeinstKey -> Synaptics Pointing Device Driver
Texture Maker_is1 -> Texture Maker 3.03
Unlocker -> Unlocker 1.8.7
Veoh Web Player Beta -> Veoh Web Player Beta
VLC media player -> VideoLAN VLC media player 0.8.6e
Windows Media Format Runtime -> Windows Media Format 11 runtime
Windows Media Player -> Lecteur Windows Media 11
Windows XP Service -> Windows XP Service Pack 3
WinPcapInst -> WinPcap 4.0.2
WMFDist11 -> Windows Media Format 11 runtime
wmp11 -> Windows Media Player 11
Wudf01000 -> Microsoft User-Mode Driver Framework Feature Pack 1.0
Yaf(a)Ray_is1 -> Yaf(a)Ray 0.1.0
< Uninstall List [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
SparkAngels -> SparkAngels
< Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ ->
NameSpace_Catalog5\Catalog_Entries\000000000004 [Espace de noms Bluetooth] -> %SystemRoot%\system32\wshbth.dll -> [2008/04/14 04:33:50 | 00,108,032 | ---- | M] (Microsoft Corporation)
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Application [ Error ] 13/09/2008 13:30:50 Computer Name = NOM-7231E66C98C | Source = Application Hang | ID = 1001 -> Description = Détecteur d'erreurs 126648864.
Application [ Error ] 18/09/2008 06:46:07 Computer Name = NOM-7231E66C98C | Source = Application Hang | ID = 1002 -> Description = Application bloquée nero.exe, version 6.3.1.4, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Application [ Error ] 05/10/2008 07:17:58 Computer Name = NOM-7231E66C98C | Source = Application Hang | ID = 1002 -> Description = Application bloquée Poser.exe, version 7.0.0.63, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Application [ Error ] 12/10/2008 04:17:41 Computer Name = NOM-7231E66C98C | Source = Application Error | ID = 1000 -> Description = Application défaillante zangosa.exe, version 10.3.75.0, module défaillant prloader.dll, version 7.0.0.125, adresse de défaillance 0x000155d0.
Application [ Error ] 12/10/2008 08:40:57 Computer Name = NOM-7231E66C98C | Source = Application Hang | ID = 1002 -> Description = Application bloquée OUTLOOK.EXE, version 12.0.6316.5000, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Application [ Error ] 19/10/2008 15:23:29 Computer Name = NOM-7231E66C98C | Source = Application Hang | ID = 1002 -> Description = Application bloquée rundll32.exe, version 5.1.2600.2180, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Application [ Error ] 26/10/2008 18:15:11 Computer Name = NOM-7231E66C98C | Source = Application Error | ID = 1000 -> Description = Application défaillante asusdvd.exe, version 6.0.0.3019, module défaillant clnavx.ax, version 6.0.0.2017, adresse de défaillance 0x00019ac2.
Application [ Error ] 02/11/2008 13:22:00 Computer Name = NOM-7231E66C98C | Source = Application Error | ID = 1000 -> Description = Application défaillante blender.exe, version 0.0.0.0, module défaillant nvoglnt.dll, version 6.14.10.8426, adresse de défaillance 0x001643b4.
Application [ Error ] 05/11/2008 05:42:19 Computer Name = NOM-7231E66C98C | Source = Application Hang | ID = 1002 -> Description = Application bloquée rundll32.exe, version 5.1.2600.5512, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Application [ Error ] 05/11/2008 05:42:19 Computer Name = NOM-7231E66C98C | Source = Application Hang | ID = 1002 -> Description = Application bloquée rundll32.exe, version 5.1.2600.5512, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
System [ Error ] 28/11/2008 18:28:30 Computer Name = NORIC-7231E66C9 | Source = DCOM | ID = 10005 -> Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56}
System [ Error ] 28/11/2008 19:13:48 Computer Name = NORIC-7231E66C9 | Source = DCOM | ID = 10005 -> Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56}
System [ Error ] 01/12/2008 15:30:05 Computer Name = NORIC-7231E66C9 | Source = DCOM | ID = 10000 -> Description = Le démarrage d'un serveur DCOM : {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} n'est pas possible. L'erreur : "%5" s'est produite lors du démarrage de la commande : C:\WINDOWS\system32\wbem\wmiprvse.exe -Embedding
System [ Error ] 01/12/2008 15:30:05 Computer Name = NORIC-7231E66C9 | Source = DCOM | ID = 10000 -> Description = Le démarrage d'un serveur DCOM : {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} n'est pas possible. L'erreur : "%5" s'est produite lors du démarrage de la commande : C:\WINDOWS\system32\wbem\wmiprvse.exe -Embedding
System [ Error ] 05/12/2008 18:34:27 Computer Name = NORIC-7231E66C9 | Source = Windows Update Agent | ID = 16 -> Description = Connexion impossible : Windows ne parvient pas à se connecter au service Mises à jour automatiques et ne peut donc pas procéder au téléchargement et à l'installation des mises à jour définies par la planification. Windows continuera d'essayer d'établir la connexion.
System [ Error ] 05/12/2008 18:34:34 Computer Name = NORIC-7231E66C9 | Source = Dhcp | ID = 1002 -> Description = Le bail de l'adresse IP 192.168.0.5 pour la carte réseau dont l'adresse réseau est 0018DE0FF75A a été refusé par le serveur DHCP 192.168.0.254 (celui-ci a envoyé un message DHCPNACK).
System [ Error ] 06/12/2008 06:15:45 Computer Name = NORIC-7231E66C9 | Source = DCOM | ID = 10005 -> Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56}
System [ Error ] 06/12/2008 06:39:54 Computer Name = NORIC-7231E66C9 | Source = sr | ID = 1 -> Description = Le filtre de restauration du système à rencontré l'erreur inattendue '0xC0000001' pendant le traitement du fichier '' sur le volume 'HarddiskVolume1'. Ceci a entraîné l'arrêt de la surveillance du volume.
System [ Error ] 07/12/2008 09:34:51 Computer Name = NORIC-7231E66C9 | Source = DCOM | ID = 10005 -> Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56}
System [ Error ] 07/12/2008 10:41:03 Computer Name = NORIC-7231E66C9 | Source = Dhcp | ID = 1001 -> Description = Le réseau n'a attribué aucune adresse à votre ordinateur (par le serveur DHCP) pour la carte réseau avec l'adresse réseau 0018DE0FF75A. Il s'est produit l'erreur suivante : %%1223. Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du serveur d'adresse réseau (DHCP). |
|
Posté le 07/12/2008 à 23:57 |
Petit astucien
| [Files/Folders - Created Within 30 Days]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [2008/12/07 15:49:37 | 00,054,156 | -H-- | C] ()
QTFont.for -> %SystemRoot%\QTFont.for -> [2008/12/07 15:49:37 | 00,001,409 | ---- | C] ()
LBAR.cd -> %UserProfile%\Bureau\LBAR.cd -> [2008/12/07 15:45:17 | 00,000,000 | ---D | C]
problème yoog search -> %UserProfile%\Bureau\problème yoog search -> [2008/12/07 15:31:01 | 00,000,000 | ---D | C]
ToolBar SD -> %SystemDrive%\ToolBar SD -> [2008/12/07 11:45:25 | 00,000,000 | ---D | C]
trend micro -> %ProgramFiles%\trend micro -> [2008/12/06 11:52:25 | 00,000,000 | ---D | C]
rsit -> %SystemDrive%\rsit -> [2008/12/06 11:52:25 | 00,000,000 | ---D | C]
Malwarebytes -> %AppData%\Malwarebytes -> [2008/12/06 11:29:45 | 00,000,000 | ---D | C]
mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2008/12/06 11:29:43 | 00,015,504 | ---- | C] (Malwarebytes Corporation)
mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2008/12/06 11:29:40 | 00,038,496 | ---- | C] (Malwarebytes Corporation)
Malwarebytes' Anti-Malware -> %ProgramFiles%\Malwarebytes' Anti-Malware -> [2008/12/06 11:29:39 | 00,000,000 | ---D | C]
Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes -> [2008/12/06 11:29:39 | 00,000,000 | ---D | C]
BAM11-fr.pdf -> %UserProfile%\Bureau\BAM11-fr.pdf -> [2008/12/06 10:09:45 | 06,846,437 | ---- | C] ()
Mes Historiques de Conversation -> %UserProfile%\Mes documents\Mes Historiques de Conversation -> [2008/12/01 14:23:54 | 00,000,000 | ---D | C]
COMCT232.OCX -> %SystemRoot%\System32\COMCT232.OCX -> [2008/11/25 11:26:34 | 00,164,144 | ---- | C] (Microsoft Corporation)
AudFile.dll -> %SystemRoot%\System32\AudFile.dll -> [2008/11/25 11:26:30 | 01,986,560 | ---- | C] (NCT Company Ltd.)
AudioInfos.dll -> %SystemRoot%\System32\AudioInfos.dll -> [2008/11/25 11:26:30 | 01,212,416 | ---- | C] (NCT Company Ltd.)
AudioVisu.dll -> %SystemRoot%\System32\AudioVisu.dll -> [2008/11/25 11:26:30 | 00,479,232 | ---- | C] (NCT Company Ltd.)
AudPlayer.dll -> %SystemRoot%\System32\AudPlayer.dll -> [2008/11/25 11:26:30 | 00,458,752 | ---- | C] (NCT Company Ltd.)
AudioRecord.dll -> %SystemRoot%\System32\AudioRecord.dll -> [2008/11/25 11:26:30 | 00,454,656 | ---- | C] (NCT Company Ltd.)
AudDisplay.dll -> %SystemRoot%\System32\AudDisplay.dll -> [2008/11/25 11:26:30 | 00,417,792 | ---- | C] (NCT Company Ltd.)
WMAFile.dll -> %SystemRoot%\System32\WMAFile.dll -> [2008/11/25 11:26:30 | 00,348,160 | ---- | C] (NCT Company Ltd.)
NCTWMAProfiles.prx -> %SystemRoot%\System32\NCTWMAProfiles.prx -> [2008/11/25 11:26:30 | 00,116,296 | ---- | C] ()
AudDesign.dll -> %SystemRoot%\System32\AudDesign.dll -> [2008/11/25 11:26:29 | 02,084,864 | ---- | C] (NCT Company Ltd.)
TABCTL32.OCX -> %SystemRoot%\System32\TABCTL32.OCX -> [2008/11/25 11:26:29 | 00,224,016 | ---- | C] (Microsoft Corporation)
VB6FR.DLL -> %SystemRoot%\System32\VB6FR.DLL -> [2008/11/25 11:26:29 | 00,119,568 | ---- | C] (Microsoft Corporation)
VB6STKIT.DLL -> %SystemRoot%\System32\VB6STKIT.DLL -> [2008/11/25 11:26:29 | 00,101,888 | ---- | C] (Microsoft Corporation)
TABCTFR.DLL -> %SystemRoot%\System32\TABCTFR.DLL -> [2008/11/25 11:26:29 | 00,021,504 | ---- | C] (Microsoft Corporation)
inetfr.DLL -> %SystemRoot%\System32\inetfr.DLL -> [2008/11/25 11:26:29 | 00,015,360 | ---- | C] (Microsoft Corporation)
MSCOMCT2.OCX -> %SystemRoot%\System32\MSCOMCT2.OCX -> [2008/11/25 11:26:28 | 00,662,288 | ---- | C] (Microsoft Corporation)
COMDLG32.OCX -> %SystemRoot%\System32\COMDLG32.OCX -> [2008/11/25 11:26:28 | 00,152,848 | ---- | C] (Microsoft Corporation)
MSCMCFR.DLL -> %SystemRoot%\System32\MSCMCFR.DLL -> [2008/11/25 11:26:28 | 00,141,312 | ---- | C] (Microsoft Corporation)
Mscc2fr.dll -> %SystemRoot%\System32\Mscc2fr.dll -> [2008/11/25 11:26:28 | 00,059,904 | ---- | C] (Microsoft Corporation)
CMDLGFR.DLL -> %SystemRoot%\System32\CMDLGFR.DLL -> [2008/11/25 11:26:28 | 00,032,768 | ---- | C] (Microsoft Corporation)
.purple -> %AppData%\.purple -> [2008/11/21 15:49:03 | 00,000,000 | ---D | C]
Aspell -> %ProgramFiles%\Aspell -> [2008/11/21 15:46:09 | 00,000,000 | ---D | C]
Pidgin -> %ProgramFiles%\Pidgin -> [2008/11/21 15:45:32 | 00,000,000 | ---D | C]
GTK -> %CommonProgramFiles%\GTK -> [2008/11/21 15:45:20 | 00,000,000 | ---D | C]
Ma Musique.lnk -> %UserProfile%\Mes documents\Ma Musique.lnk -> [2008/11/20 00:50:52 | 00,000,306 | ---- | C] ()
Anti Trojan Elite -> %ProgramFiles%\Anti Trojan Elite -> [2008/11/13 23:43:30 | 00,000,000 | ---D | C]
iesvcmon1.exe -> %SystemRoot%\System32\iesvcmon1.exe -> [2008/11/13 23:15:19 | 01,515,520 | ---- | C] (System Service)
SpeedTest -> %ProgramFiles%\SpeedTest -> [2008/11/13 23:13:41 | 00,000,000 | ---D | C]
nc605007.exe -> %SystemRoot%\nc605007.exe -> [2008/11/13 23:13:34 | 00,473,088 | ---- | C] ()
ppcbooster -> %ProgramFiles%\ppcbooster -> [2008/11/13 23:13:33 | 00,000,000 | ---D | C]
msconfig.exe -> %SystemRoot%\System32\msconfig.exe -> [2008/11/13 23:10:20 | 00,158,208 | RH-- | C] (Microsoft Corporation)
Raccourci vers LimeWire.lnk -> %UserProfile%\Bureau\Raccourci vers LimeWire.lnk -> [2008/11/13 23:08:51 | 00,000,337 | ---- | C] ()
CCleaner.lnk -> %UserProfile%\Bureau\CCleaner.lnk -> [2008/11/13 23:01:26 | 00,001,464 | ---- | C] ()
jfjfsvtouatumih.exe -> %SystemRoot%\System32\jfjfsvtouatumih.exe -> [2008/11/13 22:59:58 | 00,047,584 | ---- | C] ()
cont_adzgalore-remove.exe -> %SystemRoot%\System32\cont_adzgalore-remove.exe -> [2008/11/13 22:59:49 | 00,053,940 | ---- | C] ()
MSXML 4.0 -> %ProgramFiles%\MSXML 4.0 -> [2008/11/13 22:51:14 | 00,000,000 | ---D | C]
kill.exe -> %SystemRoot%\kill.exe -> [2008/11/13 01:13:38 | 00,009,488 | RH-- | C] (Microsoft Corporation)
mrxsmb.sys -> %SystemRoot%\System32\dllcache\mrxsmb.sys -> [2008/11/12 14:53:30 | 00,455,296 | ---- | C] (Microsoft Corporation)
msxml3.dll -> %SystemRoot%\System32\dllcache\msxml3.dll -> [2008/11/12 14:53:02 | 01,106,944 | ---- | C] (Microsoft Corporation)
Bric à Brac -> %UserProfile%\Bureau\Bric à Brac -> [2008/11/11 15:54:35 | 00,000,000 | ---D | C]
CSVer.dll -> %SystemRoot%\System32\CSVer.dll -> [2008/11/11 15:12:31 | 00,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User)
Intel -> %SystemDrive%\Intel -> [2008/11/11 15:12:04 | 00,000,000 | ---D | C]
Toshiba -> %ProgramFiles%\Toshiba -> [2008/11/11 14:57:52 | 00,000,000 | ---D | C]
Motorola -> %SystemRoot%\Motorola -> [2008/11/11 14:52:27 | 00,000,000 | ---D | C]
smserial.sys -> %SystemRoot%\System32\drivers\smserial.sys -> [2008/11/11 14:52:22 | 00,889,472 | ---- | C] (Motorola Inc.)
sm56hlpr.exe -> %SystemRoot%\sm56hlpr.exe -> [2008/11/11 14:52:21 | 00,544,768 | ---- | C] (Motorola Inc.)
sm56ita.dll -> %SystemRoot%\sm56ita.dll -> [2008/11/11 14:52:21 | 00,065,536 | ---- | C] (Motorola Inc.)
sm56kor.dll -> %SystemRoot%\sm56kor.dll -> [2008/11/11 14:52:21 | 00,053,248 | ---- | C] (Motorola Inc.)
sm56jpn.dll -> %SystemRoot%\sm56jpn.dll -> [2008/11/11 14:52:21 | 00,053,248 | ---- | C] (Motorola Inc.)
sm56ger.dll -> %SystemRoot%\sm56ger.dll -> [2008/11/11 14:52:20 | 00,065,536 | ---- | C] (Motorola Inc.)
sm56co.dll -> %SystemRoot%\System32\sm56co.dll -> [2008/11/11 14:52:19 | 00,139,264 | ---- | C] (Motorola Inc.)
sm56eng.dll -> %SystemRoot%\sm56eng.dll -> [2008/11/11 14:52:19 | 00,069,632 | ---- | C] (Motorola Inc.)
sm56fra.dll -> %SystemRoot%\sm56fra.dll -> [2008/11/11 14:52:19 | 00,065,536 | ---- | C] (Motorola Inc.)
sm56esp.dll -> %SystemRoot%\sm56esp.dll -> [2008/11/11 14:52:19 | 00,065,536 | ---- | C] (Motorola Inc.)
sm56brz.dll -> %SystemRoot%\sm56brz.dll -> [2008/11/11 14:52:19 | 00,065,536 | ---- | C] (Motorola Inc.)
sm56dnk.dll -> %SystemRoot%\sm56dnk.dll -> [2008/11/11 14:52:19 | 00,061,440 | ---- | C] (Motorola Inc.)
sm56cht.dll -> %SystemRoot%\sm56cht.dll -> [2008/11/11 14:52:19 | 00,053,248 | ---- | C] (Motorola Inc.)
sm56chs.dll -> %SystemRoot%\sm56chs.dll -> [2008/11/11 14:52:19 | 00,053,248 | ---- | C] (Motorola Inc.)
msxml4r.dll -> %SystemRoot%\System32\msxml4r.dll -> [2008/11/11 14:52:14 | 00,082,432 | ---- | C] (Microsoft Corporation)
RtlCPAPI.dll -> %SystemRoot%\System32\RtlCPAPI.dll -> [2008/11/11 14:48:44 | 00,135,168 | R--- | C] ()
AIDA32 - Personal System Information -> %ProgramFiles%\AIDA32 - Personal System Information -> [2008/11/11 14:37:06 | 00,000,000 | ---D | C]
AegisI5Installer.exe -> %SystemRoot%\System32\AegisI5Installer.exe -> [2008/11/11 14:15:02 | 00,319,488 | ---- | C] ()
Intel -> %AllUsersProfile%\Application Data\Intel -> [2008/11/11 14:13:57 | 00,000,000 | ---D | C]
Intel -> %AppData%\Intel -> [2008/11/11 14:13:01 | 00,000,000 | ---D | C]
Command & Conquer 3 Les guerres du Tiberium -> %UserProfile%\Mes documents\Command & Conquer 3 Les guerres du Tiberium -> [2008/11/08 13:48:44 | 00,000,000 | ---D | C]
ItDb.enc -> %AppData%\ItDb.enc -> [2008/11/08 09:28:16 | 00,000,048 | ---- | C] ()
[Files/Folders - Modified Within 30 Days]
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader -> [2008/02/25 20:40:00 | 00,000,000 | ---D | M]
qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [2008/11/13 23:58:40 | 00,004,646 | ---- | M] ()
qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [2008/11/13 23:58:40 | 00,004,232 | ---- | M] ()
C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data -> [2008/02/25 17:49:48 | 00,000,000 | ---D | M]
data.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\data.dat -> [2008/02/25 17:52:30 | 00,001,372 | ---- | M] ()
opa12.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\opa12.dat -> [2008/08/18 14:20:04 | 00,008,206 | ---- | M] ()
C:\Documents and Settings\Noric\Local Settings\Temp\ -> C:\Documents and Settings\Noric\Local Settings\Temp -> [2008/02/25 16:36:18 | 00,000,000 | ---D | M]
upx.exe -> C:\Documents and Settings\Noric\Local Settings\Temp\upx.exe -> [2008/12/07 16:49:14 | 00,126,464 | ---- | M] (The UPX Team http://upx.sf.net)
9 C:\Documents and Settings\Noric\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Noric\Local Settings\Temp\*.tmp ->
C:\Documents and Settings\Noric\Local Settings\Temp\ -> C:\Documents and Settings\Noric\Local Settings\Temp -> [2008/02/25 16:36:18 | 00,000,000 | ---D | M]
djtugrqh31E66C9.dll -> C:\Documents and Settings\Noric\Local Settings\Temp\djtugrqh31E66C9.dll -> [2008/12/06 12:04:30 | 00,053,248 | ---- | M] ()
9 C:\Documents and Settings\Noric\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Noric\Local Settings\Temp\*.tmp ->
C:\Documents and Settings\Noric\Local Settings\Temp\ -> C:\Documents and Settings\Noric\Local Settings\Temp -> [2008/02/25 16:36:18 | 00,000,000 | ---D | M]
Perflib_Perfdata_8d4.dat -> C:\Documents and Settings\Noric\Local Settings\Temp\Perflib_Perfdata_8d4.dat -> [2008/12/07 11:40:28 | 00,016,384 | ---- | M] ()
9 C:\Documents and Settings\Noric\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Noric\Local Settings\Temp\*.tmp ->
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [2008/12/07 15:49:38 | 00,054,156 | -H-- | M] ()
QTFont.for -> %SystemRoot%\QTFont.for -> [2008/12/07 15:49:38 | 00,001,409 | ---- | M] ()
nvapps.xml -> %SystemRoot%\System32\nvapps.xml -> [2008/12/07 11:40:20 | 00,050,868 | ---- | M] ()
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2008/12/07 11:40:12 | 00,000,006 | -H-- | M] ()
bootstat.dat -> %SystemRoot%\bootstat.dat -> [2008/12/07 11:40:10 | 00,002,048 | --S- | M] ()
wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [2008/12/07 11:40:10 | 00,001,158 | ---- | M] ()
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [2008/12/07 11:40:00 | 21,467,17696 | -HS- | M] ()
fidbox.dat -> %SystemRoot%\System32\drivers\fidbox.dat -> [2008/12/06 12:33:02 | 00,014,368 | -HS- | M] ()
fidbox.idx -> %SystemRoot%\System32\drivers\fidbox.idx -> [2008/12/06 12:33:02 | 00,001,268 | -HS- | M] ()
fidbox2.idx -> %SystemRoot%\System32\drivers\fidbox2.idx -> [2008/12/06 12:33:02 | 00,001,100 | -HS- | M] ()
fidbox2.dat -> %SystemRoot%\System32\drivers\fidbox2.dat -> [2008/12/06 12:33:02 | 00,000,288 | -HS- | M] ()
bthservsdp.dat -> %SystemRoot%\bthservsdp.dat -> [2008/12/06 12:32:56 | 00,000,012 | ---- | M] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2008/12/06 11:21:48 | 00,067,072 | ---- | M] ()
BAM11-fr.pdf -> %UserProfile%\Bureau\BAM11-fr.pdf -> [2008/12/06 10:10:34 | 06,846,437 | ---- | M] ()
mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2008/12/03 19:52:38 | 00,038,496 | ---- | M] (Malwarebytes Corporation)
mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2008/12/03 19:52:34 | 00,015,504 | ---- | M] (Malwarebytes Corporation)
cont_adzgalore-remove.exe -> %SystemRoot%\System32\cont_adzgalore-remove.exe -> [2008/12/03 16:23:22 | 00,053,940 | ---- | M] ()
GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [2008/11/20 09:32:08 | 00,071,672 | ---- | M] ()
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2008/11/20 09:31:34 | 00,276,560 | ---- | M] ()
Ma Musique.lnk -> %UserProfile%\Mes documents\Ma Musique.lnk -> [2008/11/20 00:50:54 | 00,000,306 | ---- | M] ()
inst.exe -> %AppData%\inst.exe -> [2008/11/20 00:29:22 | 00,087,608 | ---- | M] ()
pcouffin.sys -> %AppData%\pcouffin.sys -> [2008/11/20 00:29:20 | 00,047,360 | ---- | M] (VSO Software)
pcouffin.cat -> %AppData%\pcouffin.cat -> [2008/11/20 00:29:20 | 00,007,887 | ---- | M] ()
pcouffin.inf -> %AppData%\pcouffin.inf -> [2008/11/20 00:29:20 | 00,001,144 | ---- | M] ()
jfjfsvtouatumih.exe -> %SystemRoot%\System32\jfjfsvtouatumih.exe -> [2008/11/18 18:41:04 | 00,047,584 | ---- | M] ()
Maintenance en 1 clic.job -> %SystemRoot%\tasks\Maintenance en 1 clic.job -> [2008/11/14 17:17:14 | 00,000,408 | ---- | M] ()
iesvcmon1.exe -> %SystemRoot%\System32\iesvcmon1.exe -> [2008/11/13 23:15:20 | 01,515,520 | ---- | M] (System Service)
nc605007.exe -> %SystemRoot%\nc605007.exe -> [2008/11/13 23:15:20 | 00,473,088 | ---- | M] ()
Raccourci vers LimeWire.lnk -> %UserProfile%\Bureau\Raccourci vers LimeWire.lnk -> [2008/11/13 23:08:52 | 00,000,337 | ---- | M] ()
CCleaner.lnk -> %UserProfile%\Bureau\CCleaner.lnk -> [2008/11/13 23:01:28 | 00,001,464 | ---- | M] ()
PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [2008/11/11 14:54:00 | 00,782,748 | ---- | M] ()
perfh00C.dat -> %SystemRoot%\System32\perfh00C.dat -> [2008/11/11 14:54:00 | 00,371,070 | ---- | M] ()
perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [2008/11/11 14:54:00 | 00,314,842 | ---- | M] ()
perfc00C.dat -> %SystemRoot%\System32\perfc00C.dat -> [2008/11/11 14:54:00 | 00,049,932 | ---- | M] ()
perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [2008/11/11 14:54:00 | 00,041,170 | ---- | M] ()
AegisI5Installer.exe -> %SystemRoot%\System32\AegisI5Installer.exe -> [2008/11/11 14:15:04 | 00,319,488 | ---- | M] ()
IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [2008/11/11 14:00:10 | 06,958,444 | -H-- | M] ()
ItDb.enc -> %AppData%\ItDb.enc -> [2008/11/08 09:28:18 | 00,000,048 | ---- | M] ()
[CatchMe Rootkit Scan by GMER]
< Windows folder & sub-folders >
scanning hidden processes ...
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
< Document and Settings folder & sub folders >
scanning hidden files ...
scan completed successfully
hidden files: 0
< End of report >
[/code] |
|
Posté le 08/12/2008 à 10:00 |
| on continue
tu as aussi une infection par disques amovibles...
c'est une infection qui se propage par les périphériques externes, donc si tu désinfectes ton Pc mais pas tes périphériques - clé USB, DD externe, tout périphérique qui se connecte sur ton PC, etc... cela se relance..
Tu vas faire ceci dans un 1er temps
Si tu as une clé USB, disque dur externe, etc., branche-les sans les ouvrir avant de lancer ce FIX
Télécharge Rav Antivirus: http://www.evosla.com/compteur.php?soft=rav_antivirus
· Clique droit sur le fichier .ZIP > Extraire sur > le Bureau
· Double clique sur >> RAV.exe << afin de lancer l'outil.
· Une fois RAV ANTIVIRUS lancé, laisse-le réagir, il Scanne automatiquement tous les lecteurs (disques fixes et amovibles)
· Si infection > un rapport s'établira, sinon s'affichera (très rapide) ==>Votre Ordinateur est sain.
· Retire tes disques amovibles et redémarre ton ordinateur.
poste un nouveau rapport RSIT
|
|
Posté le 08/12/2008 à 19:14 |
Petit astucien
| voila mon dernier rapport RSIT après désinfection par RAV:
Logfile of random's system information tool 1.04 (written by random/random)
Run by Noric at 2008-12-08 19:09:18
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 12 GB (21%) free of 57 GB
Total RAM: 2047 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:09:46, on 08/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CNAC4RPK.EXE
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Documents and Settings\Noric\Bureau\problème yoog search\RSIT.exe
C:\Program Files\Mozilla Firefox 3 Beta 3\firefox.exe
C:\Program Files\trend micro\Noric.exe
C:\WINDOWS\system32\wuauclt.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
--
End of file - 6484 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Maintenance en 1 clic.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - Veoh Web Player Video Finder - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll [2008-11-03 463872]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-03-16 7561216]
"Wireless Console 2"=C:\Program Files\Wireless Console 2\wcourier.exe [2005-10-17 987136]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-10-20 761945]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2006-03-14 90112]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe [2007-06-28 218376]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-03-06 819200]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2007-03-06 970752]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-05-04 16206848]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"HControl"=C:\WINDOWS\ATK0100\HControl.exe [2006-05-30 98304]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TuneUp MemOptimizer"=C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe [2006-10-06 305152]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2008-06-25 1209584]
"RocketDock"=C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-19 630784]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\Noric\Menu Démarrer\Programmes\Démarrage
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2007-06-28 206088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NofolderOptions"=0
"NoFind"=0
"NoRun"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoFolderOptions"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\MSMSGS.EXE"="C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger"
"C:\Program Files\eMule\eMule.exe"="C:\Program Files\eMule\eMule.exe:*:Enabled:eMule Plus"
"C:\WINDOWS\System32\CNAC4RPK.EXE"="C:\WINDOWS\System32\CNAC4RPK.EXE:*:Enabled:Canon LBP5000 RPC Server Process"
"C:\Program Files\Autodesk\Maya8.5\bin\maya.exe"="C:\Program Files\Autodesk\Maya8.5\bin\maya.exe:*:Enabled:Maya"
"C:\Program Files\Cain\Cain.exe"="C:\Program Files\Cain\Cain.exe:*:Enabled:Cain - Password Recovery Utility"
"C:\Program Files\Mozilla Firefox 3 Beta 3\FIREFOX.EXE"="C:\Program Files\Mozilla Firefox 3 Beta 3\FIREFOX.EXE:*:Enabled:Firefox"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\e frontier\Poser 7\Poser.exe"="C:\Program Files\e frontier\Poser 7\Poser.exe:*:Enabled:Poser executable file"
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\Magentic\bin\MgImp.exe"="C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic"
"C:\Program Files\Magentic\bin\Magentic.exe"="C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic"
"C:\Program Files\Magentic\bin\MgApp.exe"="C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic"
"C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe"="C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic"
"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe:*:Enabled:Kaspersky Anti-Virus"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player "
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4ca4170c-f9af-11dc-9929-0018de0ff75a}]
shell\Auto\command - cmd /C launch.bat
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7f965fcb-e3be-11dc-9902-0018de0ff75a}]
shell\auto\command - Knight.exe open
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Knight.exe open
shell\explore\command - Knight.exe open
shell\find\command - Knight.exe open
shell\install\command - Knight.exe open
shell\open\command - Knight.exe open
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a3e64e16-8570-11dd-ae21-0018de0ff75a}]
shell\AutoRun\command - .\Encryption Tool\MaxtorEncryption.exe
======List of files/folders created in the last 1 months======
2008-12-08 19:06:36 ----A---- C:\curr_ver.tmp
2008-12-07 11:45:53 ----A---- C:\TB.txt
2008-12-07 11:45:25 ----D---- C:\ToolBar SD
2008-12-06 11:52:25 ----D---- C:\rsit
2008-12-06 11:52:25 ----D---- C:\Program Files\trend micro
2008-12-06 11:29:45 ----D---- C:\Documents and Settings\Noric\Application Data\Malwarebytes
2008-12-06 11:29:39 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-06 11:29:39 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-11-25 11:26:30 ----A---- C:\WINDOWS\system32\WMAFile.dll
2008-11-25 11:26:30 ----A---- C:\WINDOWS\system32\AudPlayer.dll
2008-11-25 11:26:30 ----A---- C:\WINDOWS\system32\AudioVisu.dll
2008-11-25 11:26:30 ----A---- C:\WINDOWS\system32\AudioRecord.dll
2008-11-25 11:26:30 ----A---- C:\WINDOWS\system32\AudioInfos.dll
2008-11-25 11:26:30 ----A---- C:\WINDOWS\system32\AudFile.dll
2008-11-25 11:26:30 ----A---- C:\WINDOWS\system32\AudDisplay.dll
2008-11-25 11:26:29 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL
2008-11-25 11:26:29 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2008-11-25 11:26:29 ----A---- C:\WINDOWS\system32\TABCTFR.DLL
2008-11-25 11:26:29 ----A---- C:\WINDOWS\system32\inetfr.DLL
2008-11-25 11:26:29 ----A---- C:\WINDOWS\system32\AudDesign.dll
2008-11-25 11:26:28 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL
2008-11-25 11:26:28 ----A---- C:\WINDOWS\system32\Mscc2fr.dll
2008-11-25 11:26:28 ----A---- C:\WINDOWS\system32\CMDLGFR.DLL
2008-11-21 15:49:03 ----D---- C:\Documents and Settings\Noric\Application Data\.purple
2008-11-21 15:46:09 ----D---- C:\Program Files\Aspell
2008-11-21 15:45:32 ----D---- C:\Program Files\Pidgin
2008-11-21 15:45:20 ----D---- C:\Program Files\Fichiers communs\GTK
2008-11-13 23:43:30 ----D---- C:\Program Files\Anti Trojan Elite
2008-11-13 23:15:19 ----A---- C:\WINDOWS\system32\iesvcmon1.exe
2008-11-13 23:13:41 ----D---- C:\Program Files\SpeedTest
2008-11-13 23:13:34 ----A---- C:\WINDOWS\nc605007.exe
2008-11-13 23:13:33 ----D---- C:\Program Files\ppcbooster
2008-11-13 23:10:20 ----RAH---- C:\WINDOWS\system32\msconfig.exe
2008-11-13 22:59:58 ----A---- C:\WINDOWS\system32\jfjfsvtouatumih.exe
2008-11-13 22:59:49 ----A---- C:\WINDOWS\system32\cont_adzgalore-remove.exe
2008-11-13 22:51:14 ----D---- C:\Program Files\MSXML 4.0
2008-11-13 01:13:38 ----RAH---- C:\WINDOWS\kill.exe
2008-11-11 15:12:31 ----A---- C:\WINDOWS\system32\CSVer.dll
2008-11-11 15:12:04 ----D---- C:\Intel
2008-11-11 14:57:52 ----D---- C:\Program Files\Toshiba
2008-11-11 14:52:27 ----D---- C:\WINDOWS\Motorola
2008-11-11 14:52:21 ----A---- C:\WINDOWS\sm56kor.dll
2008-11-11 14:52:21 ----A---- C:\WINDOWS\sm56jpn.dll
2008-11-11 14:52:21 ----A---- C:\WINDOWS\sm56ita.dll
2008-11-11 14:52:21 ----A---- C:\WINDOWS\sm56hlpr.exe
2008-11-11 14:52:20 ----A---- C:\WINDOWS\sm56ger.dll
2008-11-11 14:52:19 ----A---- C:\WINDOWS\system32\sm56co.dll
2008-11-11 14:52:19 ----A---- C:\WINDOWS\sm56fra.dll
2008-11-11 14:52:19 ----A---- C:\WINDOWS\sm56esp.dll
2008-11-11 14:52:19 ----A---- C:\WINDOWS\sm56eng.dll
2008-11-11 14:52:19 ----A---- C:\WINDOWS\sm56dnk.dll
2008-11-11 14:52:19 ----A---- C:\WINDOWS\sm56cht.dll
2008-11-11 14:52:19 ----A---- C:\WINDOWS\sm56chs.dll
2008-11-11 14:52:19 ----A---- C:\WINDOWS\sm56brz.dll
2008-11-11 14:52:14 ----A---- C:\WINDOWS\system32\msxml4r.dll
2008-11-11 14:50:16 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2008-11-11 14:48:44 ----R---- C:\WINDOWS\system32\RtlCPAPI.dll
2008-11-11 14:47:18 ----R---- C:\WINDOWS\Alcmtr.exe
2008-11-11 14:37:06 ----D---- C:\Program Files\AIDA32 - Personal System Information
2008-11-11 14:15:02 ----A---- C:\WINDOWS\system32\AegisI5Installer.exe
2008-11-11 14:14:15 ----A---- C:\WINDOWS\system32\NETw4r32.dll
2008-11-11 14:14:15 ----A---- C:\WINDOWS\system32\NETw4c32.dll
2008-11-11 14:13:57 ----D---- C:\Documents and Settings\All Users\Application Data\Intel
2008-11-11 14:13:01 ----D---- C:\Documents and Settings\Noric\Application Data\Intel
======List of files/folders modified in the last 1 months======
2008-12-08 19:07:50 ----N---- C:\WINDOWS\SchedLgU.Txt
2008-11-20 00:29:22 ----A---- C:\Documents and Settings\Noric\Application Data\inst.exe
2008-11-11 14:54:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-11 14:15:36 ----A---- C:\WINDOWS\system32\results.txt
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 klif;Klif; \??\C:\WINDOWS\system32\drivers\klif.sys []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.6.0.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-11-11 21425]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-02-21 12416]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-05-04 4271616]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 24344]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 NETw4x32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows XP 32 bits; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-04-27 2203520]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-03-17 3655712]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-07-01 9856]
R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-09-17 28672]
R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-09-14 50560]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2005-11-16 78976]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-03-29 889472]
R3 SynMini;ASUS WebCam, 1.3M, USB2.0, FF; C:\WINDOWS\System32\Drivers\SynMini.sys [2006-01-20 841110]
R3 SynScan;ASUS WebCam Still Image; C:\WINDOWS\System32\Drivers\SynScan.sys [2006-01-02 8278]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-10-20 191936]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 Tosrfcom;Tosrfcom; C:\WINDOWS\system32\drivers\Tosrfcom.sys [2005-08-01 64896]
S3 ATE_PROCMON;ATE_PROCMON; \??\C:\Program Files\Anti Trojan Elite\ATEPMon.sys []
S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-09-13 47360]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 sffdisk;Pilote de classe de stockage SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;Pilote de protocole de stockage SFF pour SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2006-02-02 108928]
S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2006-02-08 62848]
S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2006-01-31 39808]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-04-04 1429632]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AVP;Kaspersky Anti-Virus 7.0; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe [2007-06-28 218376]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-03-06 643072]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-03-16 143426]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-03-06 327680]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-03-06 983040]
R2 UxTuneUp;Extension de conception TuneUp; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WLANKEEPER;Intel(R) PROSet/Wireless SSO Service; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2007-03-06 294912]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
-----------------EOF-----------------
encore merci pour l'aide fournie! |
 | Soutenez PC Astuces |
. Nos conseils et astuces vous ont aidé ? Vous avez résolu un problème sur votre ordinateur ? Vous avez profité de nos bons plans ? Aidez-nous en retour avec un abonnement de soutien mensuel.
5 € par mois
10 € par mois
20 € par mois
|
|
Posté le 08/12/2008 à 19:31 |
| as tu encore ces redirections?
Télécharge OAD ( par !aur3n7) http://sosvirus.changelog.fr/OAD.exe
- Enregistre-le sur ton Bureau
Double clique sur le OAD pour le lancer
- nom de fichier à rechercher tape ou fais un copier coller de :Yoog
- Type de recherche : Sélectionne l'option 6 puis valide [entrée]
OAD va maintenant rechercher le fichier. Laisse le travailler jusqu'à ce qu'il en ait terminé.
Le rapport de recherche s'affichera automatiquement à l'écran dès qu'il aura terminé.
- Fais un copier / coller de ce rapport dans ton prochain post.
Note importante : Suivant la taille des disques durs cette recherche peut prendre plusieurs minutes. Sois patient
Modifié par chrifleur le 08/12/2008 19:33 |
|
Posté le 08/12/2008 à 22:12 |
Petit astucien
| merci, voici mon rapport OAD:
08/12/2008 ---- 22:09:49,34
----------------------------------
§§§§§§ [yoog] §§§§§§
----------------------------------
[X] Registre
-------------- [ ] rapide
-- Fichier --- [ ] disque systeme
------------- [X] complete
********************
[Registre]
********************
[HKEY_USERS\S-1-5-21-228544307-3654959823-909112848-1005\Software\Microsoft\Internet Explorer\SearchScopes\{CD10120B-C165-4f8d-8C74-639629E238FF}]
"URL"="http://www3.yoog.com/search.php?q={searchTerms}"
[HKEY_USERS\S-1-5-21-228544307-3654959823-909112848-1005\Software\Microsoft\Internet Explorer\SearchScopes\{CD10120B-C165-4f8d-8C74-639629E238FF}]
"DisplayName"="Yoog Search"
[HKEY_USERS\S-1-5-21-228544307-3654959823-909112848-1005\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Documents and Settings\\Noric\\Bureau\\problème yoog search\\ToolBarSD.exe"="ToolBarSD"
[HKEY_USERS\S-1-5-21-228544307-3654959823-909112848-1005\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Documents and Settings\\Noric\\Bureau\\problème yoog search\\RSIT.exe"="RSIT"
[HKEY_USERS\S-1-5-21-228544307-3654959823-909112848-1005\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Documents and Settings\\Noric\\Bureau\\problème yoog search\\OTScanIt2.exe"="OTScanIt2"
[HKEY_USERS\S-1-5-21-228544307-3654959823-909112848-1005\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Documents and Settings\\Noric\\Bureau\\problème yoog search\\OTScanIt2\\OTScanIt2.exe"="OTScanIt2"
[HKEY_USERS\S-1-5-21-228544307-3654959823-909112848-1005\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Documents and Settings\\Noric\\Bureau\\problème yoog search\\OTScanIt2\\CatchMe.exe"="CatchMe"
*******************
[Fichier]
*******************
*********************
[Même date]
*********************
Aucun fichier créé à la même date détecté
Outil Aide Diagnostic By !aur3n7 Version 1.1
----------------------------------
§§§§§ Fin Rapport §§§§§
----------------------------------
encore merci pour ton aide!  |
|
Posté le 09/12/2008 à 09:16 |
| bonjour
remet un rapport OTSCanIT stp |
|
Posté le 12/12/2008 à 09:46 |
| 
où en es tu? |
|
Posté le 12/12/2008 à 23:31 |
Petit astucien
| bonjour, je suis désolé de ne pas avoir répondu plus tôt mais j'ai eu une semaine agitée par les manifestations et les bloquages de lycée, je n'ai pas trop eu le temps de me concentrer sur mon PC.
voici mon rapport: OTscanit:
[code]
OTScanIt2 logfile created on: 12/12/2008 23:24:03 - Run 3
OTScanIt2 by OldTimer - Version 1.0.2.1 Folder = C:\Documents and Settings\Noric\Bureau\problème yoog search\OTScanIt2
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 56,14% Memory free
3,35 Gb Paging File | 2,74 Gb Available in Paging File | 81,71% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55,95 Gb Total Space | 11,83 Gb Free Space | 21,15% Space Free | Partition Type: FAT32
Drive D: | 37,19 Gb Total Space | 18,48 Gb Free Space | 49,69% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: NORIC-7231E66C9
Current User Name: Noric
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days
[Processes - Safe List]
atkosd.exe -> %SystemRoot%\ATK0100\ATKOSD.exe -> [2006/05/17 16:55:30 | 02,355,200 | ---- | M] ()
avp.exe -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe -> [2007/06/28 12:51:38 | 00,218,376 | ---- | M] (Kaspersky Lab)
avp.exe -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe -> [2007/06/28 12:51:38 | 00,218,376 | ---- | M] (Kaspersky Lab)
batterylife.exe -> %ProgramFiles%\ASUS\Power4 Gear\BatteryLife.exe -> [2006/03/14 17:46:00 | 00,090,112 | ---- | M] (ASUSTeK Computer Inc.)
cnac4rpk.exe -> %SystemRoot%\system32\CNAC4RPK.EXE -> [2005/09/19 16:00:00 | 00,057,407 | ---- | M] (CANON INC.)
dot1xcfg.exe -> %ProgramFiles%\Intel\Wireless\Bin\Dot1XCfg.exe -> [2007/03/06 16:40:30 | 00,487,424 | ---- | M] (Intel Corporation)
evteng.exe -> %ProgramFiles%\Intel\Wireless\Bin\EvtEng.exe -> [2007/03/06 16:55:42 | 00,643,072 | ---- | M] (Intel Corporation)
firefox.exe -> %ProgramFiles%\Mozilla Firefox 3 Beta 3\firefox.exe -> [2008/11/07 20:54:32 | 00,307,712 | ---- | M] (Mozilla Corporation)
hcontrol.exe -> %SystemRoot%\ATK0100\HControl.exe -> [2006/05/30 21:31:08 | 00,098,304 | ---- | M] ()
ifrmewrk.exe -> %ProgramFiles%\Intel\Wireless\Bin\ifrmewrk.exe -> [2007/03/06 16:44:48 | 00,970,752 | ---- | M] (Intel Corporation)
memoptimizer.exe -> %ProgramFiles%\TuneUp Utilities 2006\MemOptimizer.exe -> [2006/10/06 06:27:18 | 00,305,152 | ---- | M] (TuneUp Software GmbH)
nvsvc32.exe -> %SystemRoot%\system32\nvsvc32.exe -> [2006/03/16 22:16:00 | 00,143,426 | ---- | M] (NVIDIA Corporation)
otscanit2.exe -> %UserProfile%\Bureau\problème yoog search\OTScanIt2\OTScanIt2.exe -> [2008/12/01 10:28:50 | 00,477,184 | ---- | M] (OldTimer Tools)
regsrvc.exe -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> [2007/03/06 16:37:04 | 00,327,680 | ---- | M] (Intel Corporation)
rocketdock.exe -> %SystemRoot%\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe -> [2007/03/19 00:05:02 | 00,630,784 | ---- | M] ()
rthdcpl.exe -> %SystemRoot%\RTHDCPL.EXE -> [2006/05/04 08:59:16 | 16,206,848 | R--- | M] (Realtek Semiconductor Corp.)
s24evmon.exe -> %ProgramFiles%\Intel\Wireless\Bin\S24EvMon.exe -> [2007/03/06 16:43:52 | 00,983,040 | ---- | M] (Intel Corporation )
syntpenh.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> [2005/10/20 23:26:48 | 00,761,945 | ---- | M] (Synaptics, Inc.)
ubericon manager.exe -> %SystemRoot%\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe -> [2006/05/21 09:43:08 | 00,180,224 | ---- | M] ()
wcourier.exe -> %ProgramFiles%\Wireless Console 2\wcourier.exe -> [2005/10/17 17:09:34 | 00,987,136 | ---- | M] ()
wlkeeper.exe -> %ProgramFiles%\Intel\Wireless\Bin\WLKeeper.exe -> [2007/03/06 16:46:46 | 00,294,912 | ---- | M] (Intel(R) Corporation)
wuauclt.exe -> %SystemRoot%\system32\wuauclt.exe -> [2008/10/16 14:09:44 | 00,051,224 | ---- | M] (Microsoft Corporation)
wuauclt.exe -> %SystemRoot%\system32\wuauclt.exe -> [2008/10/16 14:09:44 | 00,051,224 | ---- | M] (Microsoft Corporation)
zcfgsvc.exe -> %ProgramFiles%\Intel\Wireless\bin\ZCfgSvc.exe -> [2007/03/06 16:47:02 | 00,819,200 | ---- | M] (Intel Corporation)
[Win32 Services - Safe List]
(AVP) Kaspersky Anti-Virus 7.0 [Win32_Own | Auto | Running] -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe -> [2007/06/28 12:51:38 | 00,218,376 | ---- | M] (Kaspersky Lab)
(BthServ) Bluetooth Support Service [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\bthserv.dll -> [2008/04/14 04:33:20 | 00,030,208 | ---- | M] (Microsoft Corporation)
(EvtEng) Intel(R) PROSet/Wireless Event Log [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\EvtEng.exe -> [2007/03/06 16:55:42 | 00,643,072 | ---- | M] (Intel Corporation)
(helpsvc) Aide et support [Win32_Shared | Auto | Running] -> %SystemRoot%\PCHealth\HelpCtr\Binaries\pchsvc.dll -> [2008/04/14 04:33:38 | 00,038,400 | ---- | M] (Microsoft Corporation)
(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvsvc32.exe -> [2006/03/16 22:16:00 | 00,143,426 | ---- | M] (NVIDIA Corporation)
(odserv) Microsoft Office Diagnostics Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\OFFICE12\ODSERV.EXE -> [2007/08/24 03:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation)
(ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\Source Engine\OSE.EXE -> [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation)
(RegSrvc) Intel(R) PROSet/Wireless Registry Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> [2007/03/06 16:37:04 | 00,327,680 | ---- | M] (Intel Corporation)
(rpcapd) Remote Packet Capture Protocol v.0 (experimental) [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\WinPcap\rpcapd.exe -> [2007/11/06 22:22:26 | 00,092,792 | ---- | M] (CACE Technologies)
(S24EventMonitor) Intel(R) PROSet/Wireless Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\S24EvMon.exe -> [2007/03/06 16:43:52 | 00,983,040 | ---- | M] (Intel Corporation )
(usnjsvc) Service Messenger Sharing Folders USN Journal Reader [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Live\Messenger\usnsvc.exe -> [2007/10/18 11:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation)
(UxTuneUp) Extension de conception TuneUp [Win32_Shared | Auto | Running] -> %SystemRoot%\System32\uxtuneup.dll -> [2006/10/06 06:27:20 | 00,024,072 | ---- | M] (TuneUp Software GmbH)
(WLANKEEPER) Intel(R) PROSet/Wireless SSO Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\WLKeeper.exe -> [2007/03/06 16:46:46 | 00,294,912 | ---- | M] (Intel(R) Corporation)
(WLSetupSvc) Windows Live Setup Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Live\installer\WLSetupSvc.exe -> [2007/10/25 15:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation)
(WMPNetworkSvc) Service Partage réseau du Lecteur Windows Media [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Media Player\WMPNetwk.exe -> [2006/11/03 09:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation)
(WudfSvc) Windows Driver Foundation - User-mode Driver Framework [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\System32\WUDFSvc.dll -> [2006/09/28 18:56:14 | 00,055,808 | ---- | M] (Microsoft Corporation)
[Driver Services - Safe List]
(AegisP) AEGIS Protocol (IEEE 802.1x) v3.6.0.0 [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\AegisP.sys -> [2008/11/11 14:15:10 | 00,021,425 | ---- | M] (Meetinghouse Data Communications)
(BthEnum) Service d'énumérateur Bluetooth [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\BthEnum.sys -> [2008/04/13 20:46:34 | 00,017,024 | ---- | M] (Microsoft Corporation)
(BthPan) Périphérique Bluetooth (réseau personnel) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\bthpan.sys -> [2008/04/13 20:51:34 | 00,101,120 | ---- | M] (Microsoft Corporation)
(BTHPORT) Pilote de port Bluetooth [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\Drivers\BTHport.sys -> [2008/06/14 18:33:38 | 00,272,768 | ---- | M] (Microsoft Corporation)
(BTHUSB) Pilote USB radio Bluetooth [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\Drivers\BTHUSB.sys -> [2008/04/13 20:46:30 | 00,018,944 | ---- | M] (Microsoft Corporation)
(Hardlock) Hardlock [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\hardlock.sys -> [2006/11/22 10:01:48 | 00,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.)
(HDAudBus) Pilote de bus Microsoft UAA pour High Definition Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HDAudBus.sys -> [2008/04/13 18:36:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider)
(IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\RtkHDAud.sys -> [2006/05/04 09:13:52 | 04,271,616 | R--- | M] (Realtek Semiconductor Corp.)
(kl1) kl1 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\kl1.sys -> [2008/05/28 23:41:02 | 00,112,144 | ---- | M] (Kaspersky Lab)
(klif) klif [Kernel | System | Running] -> %SystemRoot%\system32\drivers\klif.sys -> [2008/03/02 16:43:16 | 00,194,320 | ---- | M] (Kaspersky Lab)
(klim5) Kaspersky Anti-Virus NDIS Filter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\klim5.sys -> [2007/04/04 14:58:26 | 00,024,344 | ---- | M] (Kaspersky Lab)
(MODEMCSA) Périphérique de filtrage de flux Unimodem [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\MODEMCSA.sys -> [2001/08/17 21:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation)
(MTsensor) ATK0100 ACPI UTILITY [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\ATKACPI.sys -> [2005/02/17 23:07:48 | 00,005,632 | ---- | M] ()
(NETw4x32) Pilote de carte Intel(R) Wireless WiFi Link pour Windows XP 32 bits [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\NETw4x32.sys -> [2007/04/27 04:01:34 | 02,203,520 | ---- | M] (Intel Corporation)
(nm) Pilote du Moniteur réseau [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\NMnt.sys -> [2008/04/13 20:53:10 | 00,040,320 | ---- | M] (Microsoft Corporation)
(NPF) NetGroup Packet Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\npf.sys -> [2007/11/06 22:22:06 | 00,034,064 | ---- | M] (CACE Technologies)
(nv) nv [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\nv4_mini.sys -> [2006/03/17 06:16:00 | 03,655,712 | ---- | M] (NVIDIA Corporation)
(pcouffin) VSO Software pcouffin [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\Drivers\pcouffin.sys -> [2008/09/13 19:23:34 | 00,047,360 | ---- | M] (VSO Software)
(pfc) Padus ASPI Shell [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\pfc.sys -> [2003/07/01 18:47:08 | 00,009,856 | ---- | M] (Padus, Inc.)
(Ptilink) Pilote de liaison parallèle directe [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\ptilink.sys -> [2004/08/05 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.)
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\System32\Drivers\PxHelp20.sys -> [2008/07/23 18:50:48 | 00,043,528 | ---- | M] (Sonic Solutions)
(RFCOMM) Périphérique Bluetooth (TDI protocole RFCOMM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\rfcomm.sys -> [2008/04/13 20:46:32 | 00,059,136 | ---- | M] (Microsoft Corporation)
(rimmptsk) rimmptsk [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\rimmptsk.sys -> [2005/09/17 11:01:50 | 00,028,672 | ---- | M] (REDC)
(rimsptsk) rimsptsk [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\rimsptsk.sys -> [2005/09/14 12:45:24 | 00,050,560 | ---- | M] (REDC)
(RTL8023xp) Realtek 10/100/1000 NIC Family all in one NDIS XP Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\Rtenicxp.sys -> [2005/11/16 09:08:16 | 00,078,976 | ---- | M] (Realtek Semiconductor Corporation )
(s24trans) Transport RLAN [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\s24trans.sys -> [2007/02/21 12:16:12 | 00,012,416 | ---- | M] (Intel Corporation)
(sdbus) sdbus [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\sdbus.sys -> [2008/04/13 20:36:44 | 00,079,232 | ---- | M] (Microsoft Corporation)
(Secdrv) Secdrv [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\secdrv.sys -> [2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
(sffdisk) Pilote de classe de stockage SFF [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\sffdisk.sys -> [2008/04/13 20:40:48 | 00,011,904 | ---- | M] (Microsoft Corporation)
(sffp_sd) Pilote de protocole de stockage SFF pour SDBus [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\sffp_sd.sys -> [2008/04/13 20:40:48 | 00,011,008 | ---- | M] (Microsoft Corporation)
(smserial) smserial [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\smserial.sys -> [2006/03/29 18:36:26 | 00,889,472 | ---- | M] (Motorola Inc.)
(SymEvent) SymEvent [Kernel | On_Demand | Stopped] -> %ProgramFiles%\Symantec\SYMEVENT.SYS -> [2004/08/26 06:03:00 | 00,104,144 | ---- | M] (Symantec Corporation)
(SynMini) ASUS WebCam, 1.3M, USB2.0, FF [Kernel | On_Demand | Running] -> %SystemRoot%\System32\Drivers\SynMini.sys -> [2006/01/20 09:59:16 | 00,841,110 | R--- | M] (Syntek America Inc.)
(SynScan) ASUS WebCam Still Image [Kernel | On_Demand | Running] -> %SystemRoot%\System32\Drivers\SynScan.sys -> [2006/01/02 11:02:26 | 00,008,278 | R--- | M] (Syntek America Inc.)
(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\SynTP.sys -> [2005/10/20 23:13:08 | 00,191,936 | ---- | M] (Synaptics, Inc.)
(Tosrfbd) Bluetooth RFBUS from TOSHIBA [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\Drivers\tosrfbd.sys -> [2006/02/02 23:16:08 | 00,108,928 | ---- | M] (TOSHIBA CORPORATION)
(Tosrfcom) Tosrfcom [Kernel | System | Stopped] -> %SystemRoot%\System32\drivers\tosrfcom.sys -> [2005/08/01 16:45:08 | 00,064,896 | ---- | M] (TOSHIBA Corporation)
(Tosrfhid) Bluetooth RFHID from TOSHIBA [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\Tosrfhid.sys -> [2006/02/08 17:33:34 | 00,062,848 | ---- | M] (TOSHIBA Corporation.)
(Tosrfusb) Bluetooth USB Controller [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\Drivers\tosrfusb.sys -> [2006/01/31 18:35:28 | 00,039,808 | ---- | M] (TOSHIBA CORPORATION)
(w39n51) Intel(R) PRO/Wireless 3945ABG Adapter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\w39n51.sys -> [2006/04/04 03:17:24 | 01,429,632 | ---- | M] (Intel® Corporation)
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://www.asus.com ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://www.msn.com/ ->
HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_CURRENT_USER\: Main\\"Start Page" -> http://google.com/ ->
HKEY_CURRENT_USER\: Search\\"AutoSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/saautosearch.aspx ->
HKEY_CURRENT_USER\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_CURRENT_USER\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKEY_CURRENT_USER\: SearchURL\\"" -> http://home.microsoft.com/access/autosearch.asp?p=%s ->
HKEY_CURRENT_USER\: SearchURL\\"provider" -> msn ->
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 ->
< FireFox Settings [Default Profile] > -> C:\Documents and Settings\Noric\Application Data\Mozilla\FireFox\Profiles\nojmj8n6.default\prefs.js ->
browser.search.defaultenginename -> "MyStart Search" ->
browser.search.selectedEngine -> "Yoog Search" ->
browser.startup.homepage -> "http://www.google.fr/firefox" ->
browser.startup.homepage_override.mstone -> "rv:1.9.0.4" ->
extensions.enabledItems -> bettergmail2@ginatrapani.org:0.7.1 ->
extensions.enabledItems -> {987311C6-B504-4aa2-90BF-60CC49808D42}:2.0 ->
extensions.enabledItems -> piclens@cooliris.com:1.8.5.14751 ->
extensions.enabledItems -> ctrl-tab@design-noir.de:0.19.3 ->
extensions.enabledItems -> {fce36c1e-58d8-498a-b2a5-66ad1cedebbb}:0.76 ->
extensions.enabledItems -> {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:3.5.1 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07 ->
extensions.enabledItems -> {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.87 ->
extensions.enabledItems -> videofinder@veoh.com:1.3 ->
extensions.enabledItems -> web@veoh.com:1.4 ->
extensions.enabledItems -> {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.4 ->
< HOSTS File > (790 bytes and 20 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
127.0.0.1 localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/12/18 04:16:42 | 00,059,032 | ---- | M] (Adobe Systems Incorporated)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\ssv.dll [SSVHelper Class] -> [2008/06/10 04:27:02 | 00,509,328 | ---- | M] (Sun Microsystems, Inc.)
{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{0FBB9689-D3D7-4f7a-A2E2-585B10099BFC}" [HKLM] -> %ProgramFiles%\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll [Veoh Web Player Video Finder] -> [2008/11/03 23:35:58 | 00,463,872 | ---- | M] (Veoh Networks Inc)
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
ShellBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\"{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}" [HKLM] -> %ProgramFiles%\Dealio\kb127\Dealio.dll [Dealio] -> File not found
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Alcmtr" -> %SystemRoot%\ALCMTR.EXE [ALCMTR.EXE] -> [2005/05/03 11:43:28 | 00,069,632 | R--- | M] (Realtek Semiconductor Corp.)
"AVP" -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe ["C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"] -> [2007/06/28 12:51:38 | 00,218,376 | ---- | M] (Kaspersky Lab)
"HControl" -> %SystemRoot%\ATK0100\HControl.exe [C:\WINDOWS\ATK0100\HControl.exe] -> [2006/05/30 21:31:08 | 00,098,304 | ---- | M] ()
"IntelWireless" -> %ProgramFiles%\Intel\Wireless\Bin\ifrmewrk.exe ["C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless] -> [2007/03/06 16:44:48 | 00,970,752 | ---- | M] (Intel Corporation)
"IntelZeroConfig" -> %ProgramFiles%\Intel\Wireless\bin\ZCfgSvc.exe ["C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"] -> [2007/03/06 16:47:02 | 00,819,200 | ---- | M] (Intel Corporation)
"NvCplDaemon" -> %SystemRoot%\system32\NvCpl.DLL [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> [2006/03/16 22:16:00 | 07,561,216 | ---- | M] (NVIDIA Corporation)
"Power_Gear" -> %ProgramFiles%\ASUS\Power4 Gear\BatteryLife.exe [C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1] -> [2006/03/14 17:46:00 | 00,090,112 | ---- | M] (ASUSTeK Computer Inc.)
"RTHDCPL" -> %SystemRoot%\RTHDCPL.EXE [RTHDCPL.EXE] -> [2006/05/04 08:59:16 | 16,206,848 | R--- | M] (Realtek Semiconductor Corp.)
"SynTPEnh" -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] -> [2005/10/20 23:26:48 | 00,761,945 | ---- | M] (Synaptics, Inc.)
"Wireless Console 2" -> %ProgramFiles%\Wireless Console 2\wcourier.exe [C:\Program Files\Wireless Console 2\wcourier.exe] -> [2005/10/17 17:09:34 | 00,987,136 | ---- | M] ()
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"ccleaner" -> %ProgramFiles%\CCleaner\CCleaner.exe ["C:\Program Files\CCleaner\CCleaner.exe" /AUTO] -> [2008/06/25 15:58:36 | 01,209,584 | ---- | M] (Piriform Ltd)
"RocketDock" -> %SystemRoot%\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe ["C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"] -> [2007/03/19 00:05:02 | 00,630,784 | ---- | M] ()
"TuneUp MemOptimizer" -> %ProgramFiles%\TuneUp Utilities 2006\MemOptimizer.exe ["C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart] -> [2006/10/06 06:27:18 | 00,305,152 | ---- | M] (TuneUp Software GmbH)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage ->
< Noric Startup Folder > -> C:\Documents and Settings\Noric\Menu Démarrer\Programmes\Démarrage ->
%UserProfile%\Menu Démarrer\Programmes\Démarrage\RocketDock.lnk -> %SystemRoot%\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe -> [2007/03/19 00:05:02 | 00,630,784 | ---- | M] ()
%UserProfile%\Menu Démarrer\Programmes\Démarrage\UberIcon.lnk -> %SystemRoot%\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe -> [2006/05/21 09:43:08 | 00,180,224 | ---- | M] ()
%UserProfile%\Menu Démarrer\Programmes\Démarrage\Internet.lnk -> -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [255] -> File not found
\\"NoFolderOptions" -> [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"dontdisplaylastusername" -> [0] -> File not found
\\"legalnoticecaption" -> [] -> File not found
\\"legalnoticetext" -> [] -> File not found
\\"shutdownwithoutlogon" -> [1] -> File not found
\\"undockwithoutlogon" -> [1] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NofolderOptions" -> [0] -> File not found
\\"NoFind" -> [0] -> File not found
\\"NoRun" -> [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"DisableTaskMgr" -> [0] -> File not found
\\"DisableRegistryTools" -> [0] -> File not found
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
E&xporter vers Microsoft Excel -> %SystemDrive%\PROGRA~1\MICROS~2\Office12\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000] -> [2008/07/30 03:25:02 | 17,930,264 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Menu: Console Java (Sun)] -> [2008/06/10 04:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}:{85E0B171-04FA-11D1-B7DA-00A0C90348D6} [HKLM] -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll [Button: Statistiques d’Anti-Virus Internet] -> [2007/06/28 12:51:52 | 00,222,472 | ---- | M] (Kaspersky Lab)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> %SystemDrive%\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL [Button: Research] -> [2006/10/26 20:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation)
{e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Button: Messenger] -> [2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Console Java (Sun)] -> [2008/06/10 04:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\"{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}" [HKLM] -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll [Statistiques d’Anti-Virus Internet] -> [2007/06/28 12:51:52 | 00,222,472 | ---- | M] (Kaspersky Lab)
CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] -> %SystemDrive%\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL [Research] -> [2006/10/26 20:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{e2e2dd38-d088-4134-82b7-f2ba38496583}" [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{E908B145-C847-4e85-B315-07E2E70DECF8}" [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Bibliothèque de contrôles ActiveX Microsoft ->
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. ->
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] ->
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab[Shockwave Flash Object] ->
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{48E14897-A614-469E-81D8-4C8ADCB5118D} -> () ->
{CE0F151E-4F0A-4EBB-81BE-FA767FD6D421} -> (Intel(R) PRO/Wireless 3945ABG Network Connection) ->
{E17065E4-3089-4579-AA33-750E219E86F7} -> () ->
{E37C4E06-6080-4199-8802-46716FD04654} -> (Carte réseau 1394) ->
{EBE416CC-BE6A-41E2-9E54-6279AD5063A4} -> (Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC) ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
klogon -> %SystemRoot%\system32\klogon.dll -> [2007/06/28 12:51:48 | 00,206,088 | ---- | M] (Kaspersky Lab)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/14 04:34:22 | 00,142,848 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\livecall.exe" -> C:\Program Files\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> [2007/10/02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2007/10/18 11:34:04 | 05,724,184 | ---- | M] (Microsoft Corporation)
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/14 04:34:22 | 00,142,848 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Autodesk\Maya8.5\bin\maya.exe" -> C:\Program Files\Autodesk\Maya8.5\bin\maya.exe [C:\Program Files\Autodesk\Maya8.5\bin\maya.exe:*:Enabled:Maya] -> [2006/12/17 04:11:30 | 00,225,280 | ---- | M] (Autodesk)
"C:\Program Files\Cain\Cain.exe" -> C:\Program Files\Cain\Cain.exe [C:\Program Files\Cain\Cain.exe:*:Enabled:Cain - Password Recovery Utility] -> [2007/12/11 19:33:08 | 01,026,048 | ---- | M] (oxid.it)
"C:\Program Files\DNA\btdna.exe" -> C:\Program Files\DNA\btdna.exe [C:\Program Files\DNA\btdna.exe:*:Enabled:DNA] -> File not found
"C:\Program Files\e frontier\Poser 7\Poser.exe" -> C:\Program Files\e frontier\Poser 7\Poser.exe [C:\Program Files\e frontier\Poser 7\Poser.exe:*:Enabled:Poser executable file] -> File not found
"C:\Program Files\eMule\eMule.exe" -> C:\Program Files\eMule\eMule.exe [C:\Program Files\eMule\eMule.exe:*:Enabled:eMule Plus] -> [2008/05/18 11:14:54 | 05,799,936 | ---- | M] (http://emuleplus.info)
"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe:*:Enabled:Kaspersky Anti-Virus] -> [2007/06/28 12:51:38 | 00,218,376 | ---- | M] (Kaspersky Lab)
"C:\Program Files\LimeWire\LimeWire.exe" -> C:\Program Files\LimeWire\LimeWire.exe [C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire] -> [2008/09/18 19:50:22 | 00,147,456 | ---- | M] (Lime Wire, LLC)
"C:\Program Files\Magentic\bin\Magentic.exe" -> C:\Program Files\Magentic\bin\Magentic.exe [C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic] -> File not found
"C:\Program Files\Magentic\bin\MgApp.exe" -> C:\Program Files\Magentic\bin\MgApp.exe [C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic] -> File not found
"C:\Program Files\Magentic\bin\MgImp.exe" -> C:\Program Files\Magentic\bin\MgImp.exe [C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic] -> File not found
"C:\Program Files\Messenger\MSMSGS.EXE" -> C:\Program Files\Messenger\MSMSGS.EXE [C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger] -> [2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" -> C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook] -> [2008/05/21 04:37:24 | 12,844,576 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Mozilla Firefox 3 Beta 3\FIREFOX.EXE" -> C:\Program Files\Mozilla Firefox 3 Beta 3\FIREFOX.EXE [C:\Program Files\Mozilla Firefox 3 Beta 3\FIREFOX.EXE:*:Enabled:Firefox] -> [2008/11/07 20:54:32 | 00,307,712 | ---- | M] (Mozilla Corporation)
"C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe" -> C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe [C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic] -> File not found
"C:\Program Files\Skype\Phone\Skype.exe" -> C:\Program Files\Skype\Phone\Skype.exe [C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype] -> [2008/06/03 15:08:42 | 21,718,312 | R--- | M] (Skype Technologies S.A.)
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" -> C:\Program Files\Veoh Networks\Veoh\VeohClient.exe [C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client] -> [2008/08/28 10:18:24 | 03,660,848 | ---- | M] (Veoh Networks)
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" -> C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player ] -> [2008/11/03 23:45:50 | 03,522,296 | ---- | M] (Veoh Networks)
"C:\Program Files\Windows Live\Messenger\livecall.exe" -> C:\Program Files\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> [2007/10/02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2007/10/18 11:34:04 | 05,724,184 | ---- | M] (Microsoft Corporation)
"C:\WINDOWS\System32\CNAC4RPK.EXE" -> C:\WINDOWS\System32\CNAC4RPK.EXE [C:\WINDOWS\System32\CNAC4RPK.EXE:*:Enabled:Canon LBP5000 RPC Server Process] -> [2005/09/19 16:00:00 | 00,057,407 | ---- | M] (CANON INC.)
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
"AlternateShell" -> cmd.exe ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> Pilote de CD-ROM ->
"ImagePath" -> %SystemRoot%\system32\DRIVERS\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2008/04/13 20:40:46 | 00,062,976 | ---- | M] (Microsoft Corporation)
< Drives with AutoRun files > -> ->
C:\AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ FAT32 ] -> [2008/02/25 16:43:16 | 00,000,000 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
\{4ca4170c-f9af-11dc-9929-0018de0ff75a}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4ca4170c-f9af-11dc-9929-0018de0ff75a}\Shell\Auto\command
\{4ca4170c-f9af-11dc-9929-0018de0ff75a}\Shell\Auto\command\\"" -> %SystemRoot%\System32\cmd.exe [cmd /C launch.bat] -> [2008/04/14 04:33:58 | 00,401,408 | ---- | M] (Microsoft Corporation)
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\auto\command
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\auto\command\\"" -> [Knight.exe open] -> File not found
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\explore\command
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\explore\command\\"" -> [Knight.exe open] -> File not found
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\find\command
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\find\command\\"" -> [Knight.exe open] -> File not found
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\install\command
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\install\command\\"" -> [Knight.exe open] -> File not found
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\open\command
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\open\command\\"" -> [Knight.exe open] -> File not found
\{a3e64e16-8570-11dd-ae21-0018de0ff75a}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a3e64e16-8570-11dd-ae21-0018de0ff75a}\Shell\AutoRun\command
\{a3e64e16-8570-11dd-ae21-0018de0ff75a}\Shell\AutoRun\command\\"" -> [.\Encryption Tool\MaxtorEncryption.exe] -> File not found
|
|
Posté le 12/12/2008 à 23:32 |
Petit astucien
| [Registry - Additional Scans - Safe List]
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.bat [@ = batfile] -> "%1" %* ->
.chm [@ = chm.file] -> %SystemRoot%\hh.exe -> [2008/04/14 04:34:06 | 00,010,752 | ---- | M] (Microsoft Corporation)
.cmd [@ = cmdfile] -> "%1" %* ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
.hlp [@ = hlpfile] -> %SystemRoot%\System32\winhlp32.exe -> [2004/08/05 14:00:00 | 00,008,192 | ---- | M] (Microsoft Corporation)
.hta [@ = htafile] -> %SystemRoot%\system32\mshta.exe -> [2008/04/14 04:34:12 | 00,029,184 | ---- | M] (Microsoft Corporation)
.html [@ = htmlfile] -> %ProgramFiles%\Internet Explorer\iexplore.exe -> [2008/04/14 04:34:06 | 00,093,184 | ---- | M] (Microsoft Corporation)
.inf [@ = inffile] -> %SystemRoot%\System32\NOTEPAD.EXE -> [2008/04/14 04:34:16 | 00,070,656 | ---- | M] (Microsoft Corporation)
.ini [@ = inifile] -> %SystemRoot%\System32\NOTEPAD.EXE -> [2008/04/14 04:34:16 | 00,070,656 | ---- | M] (Microsoft Corporation)
.js [@ = JSFile] -> %SystemRoot%\System32\WScript.exe -> [2008/05/08 12:24:44 | 00,155,648 | ---- | M] (Microsoft Corporation)
.jse [@ = JSEFile] -> %SystemRoot%\System32\WScript.exe -> [2008/05/08 12:24:44 | 00,155,648 | ---- | M] (Microsoft Corporation)
.pif [@ = piffile] -> "%1" %* ->
.reg [@ = regfile] -> %SystemRoot%\regedit.exe -> [2008/04/14 04:34:20 | 00,153,088 | ---- | M] (Microsoft Corporation)
.scr [@ = scrfile] -> "%1" /S ->
.txt [@ = txtfile] -> %SystemRoot%\system32\NOTEPAD.EXE -> [2008/04/14 04:34:16 | 00,070,656 | ---- | M] (Microsoft Corporation)
.vbe [@ = VBEFile] -> %SystemRoot%\System32\WScript.exe -> [2008/05/08 12:24:44 | 00,155,648 | ---- | M] (Microsoft Corporation)
.vbs [@ = VBSFile] -> %SystemRoot%\System32\WScript.exe -> [2008/05/08 12:24:44 | 00,155,648 | ---- | M] (Microsoft Corporation)
.wsf [@ = WSFFile] -> %SystemRoot%\System32\WScript.exe -> [2008/05/08 12:24:44 | 00,155,648 | ---- | M] (Microsoft Corporation)
.wsh [@ = WSHFile] -> %SystemRoot%\System32\WScript.exe -> [2008/05/08 12:24:44 | 00,155,648 | ---- | M] (Microsoft Corporation)
< Protocol Filters [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ ->
text/xml:{807563E5-5146-11D5-A672-00B0D022E945} [HKLM] -> %SystemDrive%\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL[Microsoft Office InfoPath XML Mime Filter] -> [2006/10/26 21:41:48 | 00,044,344 | ---- | M] (Microsoft Corporation)
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
ipp: [HKLM] -> No CLSID value
ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} [HKLM] -> %SystemDrive%\PROGRA~1\FICHIE~1\SYSTEM\OLEDB~1\MSDAIPP.DLL[MSDAMON.BINDER] -> [2007/08/28 23:55:14 | 01,014,128 | ---- | M] (Microsoft Corporation)
livecall:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> %SystemDrive%\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL[Reg Error: Value does not exist or could not be read.] -> [2007/10/18 11:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation)
msdaipp: [HKLM] -> No CLSID value
msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} [HKLM] -> %SystemDrive%\PROGRA~1\FICHIE~1\SYSTEM\OLEDB~1\MSDAIPP.DLL[MSDAMON.BINDER] -> [2007/08/28 23:55:14 | 01,014,128 | ---- | M] (Microsoft Corporation)
msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} [HKLM] -> %SystemDrive%\PROGRA~1\FICHIE~1\SYSTEM\OLEDB~1\MSDAIPP.DLL[MSDAIPP.BINDER] -> [2007/08/28 23:55:14 | 01,014,128 | ---- | M] (Microsoft Corporation)
ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} [HKLM] -> %CommonProgramFiles%\Microsoft Shared\Help\hxds.dll[HxProtocol Class] -> [2006/10/26 13:45:02 | 00,873,216 | ---- | M] (Microsoft Corporation)
msnim:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> %SystemDrive%\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL[Reg Error: Value does not exist or could not be read.] -> [2007/10/18 11:31:54 | 00,066,072 | ---- | M] (Microsoft Corporation)
skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKLM] -> %SystemDrive%\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL[IEProtocolHandler Class] -> [2008/06/03 15:08:42 | 01,942,864 | R--- | M] (Skype Technologies)
wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} [HKLM] -> %ProgramFiles%\Windows Live\Mail\mailcomm.dll[Windows Live Mail HTML Asynchronous Pluggable Protocol Handler] -> [2007/10/23 12:14:52 | 00,858,136 | ---- | M] (Microsoft Corporation)
< Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
\\"FirstRunDisabled" -> [1] -> File not found
\\"AntiVirusDisableNotify" -> [0] -> File not found
\\"FirewallDisableNotify" -> [0] -> File not found
\\"UpdatesDisableNotify" -> [0] -> File not found
\\"AntiVirusOverride" -> [0] -> File not found
\\"FirewallOverride" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus
\Monitoring\KasperskyAntiVirus\\"DisableMonitoring" -> [1] -> File not found
\Monitoring\KasperskyAntiVirus\\"" -> [] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus
\Monitoring\SymantecAntiVirus\\"DisableMonitoring" -> [1] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall
\Monitoring\SymantecFirewall\\"DisableMonitoring" -> [1] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
\\"EnableFirewall" -> [1] -> File not found
\\"DoNotAllowExceptions" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> ->
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
{0405E51E-9582-4207-8F38-AC44201D3808} -> VeohTV BETA
{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB} -> mSSO
{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7} -> mLogView
{110EB5C4-E995-4CFB-AB80-A5F315BEA9E8} -> Python 2.6
{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C} -> ATK Media
{17E2F183-BAC4-4D01-BD7A-59F781E17EFA} -> REALTEK PCIE NIC Driver
{23FB368F-1399-4EAC-817C-4B83ECBE3D83} -> mProSafe
{3248F0A8-6813-11D6-A77B-00B0D0160070} -> Java(TM) 6 Update 7
{350C940c-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP
{3E9D596A-61D4-4239-BD19-2DB984D2A16F} -> mIWA
{4462AD13-F2AA-4CBD-9F95-293C38EED870} -> Power4 Gear
{4B9BB601-13E9-4042-A3BC-E7955BF4A98F} -> Kaspersky Anti-Virus 7.0
{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} -> Skype™ 3.8
{6105648C-0C3C-481D-8C11-1F4952D6FB53} -> Dealio Toolbar 3.4
{63DB9CCD-2B56-4217-9A3D-507AC78320CA} -> mWMI
{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} -> Windows Media Player Firefox Plugin
{7299052b-02a4-4627-81f2-1818da5d550d} -> Microsoft Visual C++ 2005 Redistributable
{81525B87-9344-4834-883C-C6A9D78EA1DF} -> Maya 8.5 Documentation (en_US)
{829CD169-E692-48E8-9BDE-A3E8D8B65538} -> mSCfg
{83F73CB1-7705-49D1-9852-84D839CA2A45} -> Wireless Console 2
{85EBB283-65AF-4C53-9EBE-7C0A232762F7} -> AGEIA PhysX v7.03.21
{868D7896-99D4-4513-BC62-2B3AD3E24926} -> TuneUp Utilities 2006
{8B928BA1-EDEC-4227-A2DA-DD83026C36F5} -> mPfMgr
{8C6BB412-D3A8-4AAE-A01B-35B681789D68} -> mHelp
{90120000-0010-040C-0000-0000000FF1CE} -> Microsoft Software Update for Web Folders (French) 12
{90120000-0011-0000-0000-0000000FF1CE} -> Microsoft Office Professional Plus 2007
{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BEE75E01-DD3F-4D5F-B96C-609E6538D419} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-0015-040C-0000-0000000FF1CE} -> Microsoft Office Access MUI (French) 2007
{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-0016-040C-0000-0000000FF1CE} -> Microsoft Office Excel MUI (French) 2007
{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-0018-040C-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (French) 2007
{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-0019-040C-0000-0000000FF1CE} -> Microsoft Office Publisher MUI (French) 2007
{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001A-040C-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (French) 2007
{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001B-040C-0000-0000000FF1CE} -> Microsoft Office Word MUI (French) 2007
{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001F-0401-0000-0000000FF1CE} -> Microsoft Office Proof (Arabic) 2007
{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{5A2F65A4-808F-4A1E-973E-92E17824982D} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001F-0407-0000-0000000FF1CE} -> Microsoft Office Proof (German) 2007
{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2007
{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{3EC77D26-799B-4CD8-914F-C1565E796173} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001F-040C-0000-0000000FF1CE} -> Microsoft Office Proof (French) 2007
{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{430971B1-C31E-45DA-81E0-72C095BAB72C} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001F-0413-0000-0000000FF1CE} -> Microsoft Office Proof (Dutch) 2007
{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{B3F4DC34-7F60-4B7C-A79F-1C13012D99D4} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001F-0C0A-0000-0000000FF1CE} -> Microsoft Office Proof (Spanish) 2007
{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-002C-040C-0000-0000000FF1CE} -> Microsoft Office Proofing (French) 2007
{90120000-0044-040C-0000-0000000FF1CE} -> Microsoft Office InfoPath MUI (French) 2007
{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-006E-040C-0000-0000000FF1CE} -> Microsoft Office Shared MUI (French) 2007
{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{EC50B538-CBE1-42E6-B7FE-87AA540AADFB} -> Microsoft Office Language Pack 2007 Service Pack 1 (SP1)
{90B0D222-8C21-4B35-9262-53B042F18AF9} -> mPfWiz
{94658027-9F16-4509-BBD7-A59FE57C3023} -> mZConfig
{95120000-00AF-040C-0000-0000000FF1CE} -> Microsoft Office PowerPoint Viewer 2007 (French)
{A0F925BF-5C55-44C2-A4E7-5A4C59791C29} -> mDriver
{A1E0E88A-F5E9-4414-A0D7-31940E965EC5} -> Maya 8.5
{AC76BA86-7AD7-1033-7B44-A71000000002} -> Adobe Reader 7.1.0
{AEB9948B-4FF2-47C9-990E-47014492A0FE} -> MSXML 6.0 Parser
{BADF6744-3787-48F6-B8C9-4C4995401D65} -> Windows Live Messenger
{BFD96B89-B769-4CD6-B11E-E79FFD46F067} -> QuickTime
{C033BF6E-9D82-4E0B-A46E-ABC746D6F431} -> Autodesk DirectConnect 2.0
{C514C594-23AA-4F13-A070-DB8BDB27594F} -> Windows Live Mail
{C9D599E1-6B68-4a1f-8A4F-A1DB433DB1BF} -> Norton Internet Security
{CA9BAADB-C262-4E05-B2E2-CEE8CE9809EC} -> mToolkit
{CB099890-1D5F-11D5-9EA9-0050BAE317E1} -> PowerDirector
{CEBB6BFB-D708-4F99-A633-BC2600E01EF6} -> Bluetooth Stack for Windows
{D0C73318-7B4A-4D16-A0C4-3B83F075EA88} -> Search Settings 1.2
{DA42FDCA-7C5A-43EF-9A05-CCE148ADF919} -> CC_ccProxyExt
{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32} -> Command & Conquer 3
{DE10AB76-4756-4913-BE25-55D1C1051F9A} -> WinFlash
{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0} -> ASUS Live Update
{E81667C6-2856-46D6-ABEA-6A2F42166779} -> mCore
{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5} -> mMHouse
{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} -> Realtek High Definition Audio Driver
{F6090A17-0967-4A8A-B3C3-422A1B514D49} -> mDrWiFi
{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4} -> mWlsSafe
{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} -> Windows Live installer
7-Zip -> 7-Zip 4.57
Adobe Flash Player ActiveX -> Adobe Flash Player ActiveX
Adobe Flash Player Plugin -> Adobe Flash Player 10 Plugin
AIDA32_is1 -> AIDA32 v3.93
Aspell English Dictionary_is1 -> Aspell English Dictionary-0.50-2
Aspell French Dictionary_is1 -> Aspell French Dictionary-0.50-3
ASUS WebCam, 1.3M, USB2.0, FF -> ASUS WebCam, 1.3M, USB2.0, FF
Blender -> Blender (remove only)
Cain & Abel v4.9.10 -> Cain & Abel v4.9.10
Canon LBP5000 -> Canon LBP5000
CCleaner -> CCleaner (remove only)
cont_adzgalore -> Contextual Tool Adzgalore
CrackWepPack v0.1_is1 -> CrackWepPack v0.1
DPS -> DPS
eMule Plus_is1 -> eMule Plus 1.2d
GNU Aspell_is1 -> GNU Aspell 0.50-3
GTK 2.0 -> Bibliothèques GTK+ 2.12.12 rev a (supprimer uniquement)
HControl -> ATK0100 ACPI UTILITY
HijackThis -> HijackThis 2.0.2
InstallShield_{0405E51E-9582-4207-8F38-AC44201D3808} -> VeohTV BETA
InstallWIX_{4B9BB601-13E9-4042-A3BC-E7955BF4A98F} -> Kaspersky Anti-Virus 7.0
jfjfsvtouatumih -> RON Tool Cpmsky
LimeWire -> LimeWire 4.18.8
M3 -> Asus MiVo Messenger
Malwarebytes' Anti-Malware_is1 -> Malwarebytes' Anti-Malware
Messenger Plus! Live -> Messenger Plus! Live
Mozilla Firefox (3.0.4) -> Mozilla Firefox (3.0.4)
MSCompPackV1 -> Microsoft Compression Client Pack 1.0 for Windows XP
NVIDIA Drivers -> NVIDIA Drivers
Pack Vista Inspirat 2 -> Pack Vista Inspirat 2 1.0
Pidgin -> Pidgin
ppcbooster -> PPC Booster
ProInst -> Logiciel Intel(R) PROSet/Wireless
PROPLUS -> Microsoft Office Professional Plus 2007
SMSERIAL -> Motorola SM56 Speakerphone Modem
Switch -> Switch Uninstall
SynTPDeinstKey -> Synaptics Pointing Device Driver
Texture Maker_is1 -> Texture Maker 3.03
Unlocker -> Unlocker 1.8.7
Veoh Web Player Beta -> Veoh Web Player Beta
VLC media player -> VideoLAN VLC media player 0.8.6e
Windows Media Format Runtime -> Windows Media Format 11 runtime
Windows Media Player -> Lecteur Windows Media 11
Windows XP Service -> Windows XP Service Pack 3
WinPcapInst -> WinPcap 4.0.2
WMFDist11 -> Windows Media Format 11 runtime
wmp11 -> Windows Media Player 11
Wudf01000 -> Microsoft User-Mode Driver Framework Feature Pack 1.0
Yaf(a)Ray_is1 -> Yaf(a)Ray 0.1.0
< Uninstall List [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
SparkAngels -> SparkAngels
< Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ ->
NameSpace_Catalog5\Catalog_Entries\000000000004 [Espace de noms Bluetooth] -> %SystemRoot%\system32\wshbth.dll -> [2008/04/14 04:33:50 | 00,108,032 | ---- | M] (Microsoft Corporation)
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Application [ Error ] 13/09/2008 13:30:50 Computer Name = NOM-7231E66C98C | Source = Application Hang | ID = 1001 -> Description = Détecteur d'erreurs 126648864.
Application [ Error ] 18/09/2008 06:46:07 Computer Name = NOM-7231E66C98C | Source = Application Hang | ID = 1002 -> Description = Application bloquée nero.exe, version 6.3.1.4, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Application [ Error ] 05/10/2008 07:17:58 Computer Name = NOM-7231E66C98C | Source = Application Hang | ID = 1002 -> Description = Application bloquée Poser.exe, version 7.0.0.63, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Application [ Error ] 12/10/2008 04:17:41 Computer Name = NOM-7231E66C98C | Source = Application Error | ID = 1000 -> Description = Application défaillante zangosa.exe, version 10.3.75.0, module défaillant prloader.dll, version 7.0.0.125, adresse de défaillance 0x000155d0.
Application [ Error ] 12/10/2008 08:40:57 Computer Name = NOM-7231E66C98C | Source = Application Hang | ID = 1002 -> Description = Application bloquée OUTLOOK.EXE, version 12.0.6316.5000, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Application [ Error ] 19/10/2008 15:23:29 Computer Name = NOM-7231E66C98C | Source = Application Hang | ID = 1002 -> Description = Application bloquée rundll32.exe, version 5.1.2600.2180, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Application [ Error ] 26/10/2008 18:15:11 Computer Name = NOM-7231E66C98C | Source = Application Error | ID = 1000 -> Description = Application défaillante asusdvd.exe, version 6.0.0.3019, module défaillant clnavx.ax, version 6.0.0.2017, adresse de défaillance 0x00019ac2.
Application [ Error ] 02/11/2008 13:22:00 Computer Name = NOM-7231E66C98C | Source = Application Error | ID = 1000 -> Description = Application défaillante blender.exe, version 0.0.0.0, module défaillant nvoglnt.dll, version 6.14.10.8426, adresse de défaillance 0x001643b4.
Application [ Error ] 05/11/2008 05:42:19 Computer Name = NOM-7231E66C98C | Source = Application Hang | ID = 1002 -> Description = Application bloquée rundll32.exe, version 5.1.2600.5512, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Application [ Error ] 05/11/2008 05:42:19 Computer Name = NOM-7231E66C98C | Source = Application Hang | ID = 1002 -> Description = Application bloquée rundll32.exe, version 5.1.2600.5512, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
System [ Error ] 05/12/2008 18:34:34 Computer Name = NORIC-7231E66C9 | Source = Dhcp | ID = 1002 -> Description = Le bail de l'adresse IP 192.168.0.5 pour la carte réseau dont l'adresse réseau est 0018DE0FF75A a été refusé par le serveur DHCP 192.168.0.254 (celui-ci a envoyé un message DHCPNACK).
System [ Error ] 06/12/2008 06:15:45 Computer Name = NORIC-7231E66C9 | Source = DCOM | ID = 10005 -> Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56}
System [ Error ] 06/12/2008 06:39:54 Computer Name = NORIC-7231E66C9 | Source = sr | ID = 1 -> Description = Le filtre de restauration du système à rencontré l'erreur inattendue '0xC0000001' pendant le traitement du fichier '' sur le volume 'HarddiskVolume1'. Ceci a entraîné l'arrêt de la surveillance du volume.
System [ Error ] 07/12/2008 09:34:51 Computer Name = NORIC-7231E66C9 | Source = DCOM | ID = 10005 -> Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56}
System [ Error ] 07/12/2008 10:41:03 Computer Name = NORIC-7231E66C9 | Source = Dhcp | ID = 1001 -> Description = Le réseau n'a attribué aucune adresse à votre ordinateur (par le serveur DHCP) pour la carte réseau avec l'adresse réseau 0018DE0FF75A. Il s'est produit l'erreur suivante : %%1223. Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du serveur d'adresse réseau (DHCP).
System [ Error ] 07/12/2008 19:09:24 Computer Name = NORIC-7231E66C9 | Source = DCOM | ID = 10005 -> Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56}
System [ Error ] 08/12/2008 13:46:47 Computer Name = NORIC-7231E66C9 | Source = DCOM | ID = 10005 -> Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56}
System [ Error ] 08/12/2008 13:53:48 Computer Name = NORIC-7231E66C9 | Source = DCOM | ID = 10005 -> Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56}
System [ Error ] 08/12/2008 14:01:14 Computer Name = NORIC-7231E66C9 | Source = DCOM | ID = 10005 -> Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56}
System [ Error ] 09/12/2008 18:38:13 Computer Name = NORIC-7231E66C9 | Source = DCOM | ID = 10005 -> Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56} |
|
Posté le 12/12/2008 à 23:33 |
Petit astucien
| [Files/Folders - Created Within 30 Days]
1 C:\*.tmp files -> C:\*.tmp ->
Internet.lnk -> %UserProfile%\Menu Démarrer\Programmes\Démarrage\Internet.lnk -> [2008/12/09 23:11:30 | 00,000,104 | ---- | C] ()
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [2008/12/07 15:49:37 | 00,054,156 | -H-- | C] ()
QTFont.for -> %SystemRoot%\QTFont.for -> [2008/12/07 15:49:37 | 00,001,409 | ---- | C] ()
LBAR.cd -> %UserProfile%\Bureau\LBAR.cd -> [2008/12/07 15:45:17 | 00,000,000 | ---D | C]
problème yoog search -> %UserProfile%\Bureau\problème yoog search -> [2008/12/07 15:31:01 | 00,000,000 | ---D | C]
ToolBar SD -> %SystemDrive%\ToolBar SD -> [2008/12/07 11:45:25 | 00,000,000 | ---D | C]
trend micro -> %ProgramFiles%\trend micro -> [2008/12/06 11:52:25 | 00,000,000 | ---D | C]
rsit -> %SystemDrive%\rsit -> [2008/12/06 11:52:25 | 00,000,000 | ---D | C]
Malwarebytes -> %AppData%\Malwarebytes -> [2008/12/06 11:29:45 | 00,000,000 | ---D | C]
mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2008/12/06 11:29:43 | 00,015,504 | ---- | C] (Malwarebytes Corporation)
mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2008/12/06 11:29:40 | 00,038,496 | ---- | C] (Malwarebytes Corporation)
Malwarebytes' Anti-Malware -> %ProgramFiles%\Malwarebytes' Anti-Malware -> [2008/12/06 11:29:39 | 00,000,000 | ---D | C]
Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes -> [2008/12/06 11:29:39 | 00,000,000 | ---D | C]
Mes Historiques de Conversation -> %UserProfile%\Mes documents\Mes Historiques de Conversation -> [2008/12/01 14:23:54 | 00,000,000 | ---D | C]
COMCT232.OCX -> %SystemRoot%\System32\COMCT232.OCX -> [2008/11/25 11:26:34 | 00,164,144 | ---- | C] (Microsoft Corporation)
AudFile.dll -> %SystemRoot%\System32\AudFile.dll -> [2008/11/25 11:26:30 | 01,986,560 | ---- | C] (NCT Company Ltd.)
AudioInfos.dll -> %SystemRoot%\System32\AudioInfos.dll -> [2008/11/25 11:26:30 | 01,212,416 | ---- | C] (NCT Company Ltd.)
AudioVisu.dll -> %SystemRoot%\System32\AudioVisu.dll -> [2008/11/25 11:26:30 | 00,479,232 | ---- | C] (NCT Company Ltd.)
AudPlayer.dll -> %SystemRoot%\System32\AudPlayer.dll -> [2008/11/25 11:26:30 | 00,458,752 | ---- | C] (NCT Company Ltd.)
AudioRecord.dll -> %SystemRoot%\System32\AudioRecord.dll -> [2008/11/25 11:26:30 | 00,454,656 | ---- | C] (NCT Company Ltd.)
AudDisplay.dll -> %SystemRoot%\System32\AudDisplay.dll -> [2008/11/25 11:26:30 | 00,417,792 | ---- | C] (NCT Company Ltd.)
WMAFile.dll -> %SystemRoot%\System32\WMAFile.dll -> [2008/11/25 11:26:30 | 00,348,160 | ---- | C] (NCT Company Ltd.)
NCTWMAProfiles.prx -> %SystemRoot%\System32\NCTWMAProfiles.prx -> [2008/11/25 11:26:30 | 00,116,296 | ---- | C] ()
AudDesign.dll -> %SystemRoot%\System32\AudDesign.dll -> [2008/11/25 11:26:29 | 02,084,864 | ---- | C] (NCT Company Ltd.)
TABCTL32.OCX -> %SystemRoot%\System32\TABCTL32.OCX -> [2008/11/25 11:26:29 | 00,224,016 | ---- | C] (Microsoft Corporation)
VB6FR.DLL -> %SystemRoot%\System32\VB6FR.DLL -> [2008/11/25 11:26:29 | 00,119,568 | ---- | C] (Microsoft Corporation)
VB6STKIT.DLL -> %SystemRoot%\System32\VB6STKIT.DLL -> [2008/11/25 11:26:29 | 00,101,888 | ---- | C] (Microsoft Corporation)
TABCTFR.DLL -> %SystemRoot%\System32\TABCTFR.DLL -> [2008/11/25 11:26:29 | 00,021,504 | ---- | C] (Microsoft Corporation)
inetfr.DLL -> %SystemRoot%\System32\inetfr.DLL -> [2008/11/25 11:26:29 | 00,015,360 | ---- | C] (Microsoft Corporation)
MSCOMCT2.OCX -> %SystemRoot%\System32\MSCOMCT2.OCX -> [2008/11/25 11:26:28 | 00,662,288 | ---- | C] (Microsoft Corporation)
COMDLG32.OCX -> %SystemRoot%\System32\COMDLG32.OCX -> [2008/11/25 11:26:28 | 00,152,848 | ---- | C] (Microsoft Corporation)
MSCMCFR.DLL -> %SystemRoot%\System32\MSCMCFR.DLL -> [2008/11/25 11:26:28 | 00,141,312 | ---- | C] (Microsoft Corporation)
Mscc2fr.dll -> %SystemRoot%\System32\Mscc2fr.dll -> [2008/11/25 11:26:28 | 00,059,904 | ---- | C] (Microsoft Corporation)
CMDLGFR.DLL -> %SystemRoot%\System32\CMDLGFR.DLL -> [2008/11/25 11:26:28 | 00,032,768 | ---- | C] (Microsoft Corporation)
.purple -> %AppData%\.purple -> [2008/11/21 15:49:03 | 00,000,000 | ---D | C]
Aspell -> %ProgramFiles%\Aspell -> [2008/11/21 15:46:09 | 00,000,000 | ---D | C]
Pidgin -> %ProgramFiles%\Pidgin -> [2008/11/21 15:45:32 | 00,000,000 | ---D | C]
GTK -> %CommonProgramFiles%\GTK -> [2008/11/21 15:45:20 | 00,000,000 | ---D | C]
Ma Musique.lnk -> %UserProfile%\Mes documents\Ma Musique.lnk -> [2008/11/20 00:50:52 | 00,000,306 | ---- | C] ()
Anti Trojan Elite -> %ProgramFiles%\Anti Trojan Elite -> [2008/11/13 23:43:30 | 00,000,000 | ---D | C]
iesvcmon1.exe -> %SystemRoot%\System32\iesvcmon1.exe -> [2008/11/13 23:15:19 | 01,515,520 | ---- | C] (System Service)
SpeedTest -> %ProgramFiles%\SpeedTest -> [2008/11/13 23:13:41 | 00,000,000 | ---D | C]
nc605007.exe -> %SystemRoot%\nc605007.exe -> [2008/11/13 23:13:34 | 00,473,088 | ---- | C] ()
ppcbooster -> %ProgramFiles%\ppcbooster -> [2008/11/13 23:13:33 | 00,000,000 | ---D | C]
msconfig.exe -> %SystemRoot%\System32\msconfig.exe -> [2008/11/13 23:10:20 | 00,158,208 | RH-- | C] (Microsoft Corporation)
Raccourci vers LimeWire.lnk -> %UserProfile%\Bureau\Raccourci vers LimeWire.lnk -> [2008/11/13 23:08:51 | 00,000,337 | ---- | C] ()
CCleaner.lnk -> %UserProfile%\Bureau\CCleaner.lnk -> [2008/11/13 23:01:26 | 00,001,464 | ---- | C] ()
jfjfsvtouatumih.exe -> %SystemRoot%\System32\jfjfsvtouatumih.exe -> [2008/11/13 22:59:58 | 00,047,584 | ---- | C] ()
cont_adzgalore-remove.exe -> %SystemRoot%\System32\cont_adzgalore-remove.exe -> [2008/11/13 22:59:49 | 00,053,940 | ---- | C] ()
MSXML 4.0 -> %ProgramFiles%\MSXML 4.0 -> [2008/11/13 22:51:14 | 00,000,000 | ---D | C]
kill.exe -> %SystemRoot%\kill.exe -> [2008/11/13 01:13:38 | 00,009,488 | RH-- | C] (Microsoft Corporation)
[Files/Folders - Modified Within 30 Days]
1 C:\*.tmp files -> C:\*.tmp ->
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader -> [2008/02/25 20:40:00 | 00,000,000 | ---D | M]
qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [2008/11/13 23:58:40 | 00,004,646 | ---- | M] ()
qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [2008/11/13 23:58:40 | 00,004,232 | ---- | M] ()
C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data -> [2008/02/25 17:49:48 | 00,000,000 | ---D | M]
data.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\data.dat -> [2008/02/25 17:52:30 | 00,001,372 | ---- | M] ()
opa12.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\opa12.dat -> [2008/08/18 14:20:04 | 00,008,206 | ---- | M] ()
C:\Documents and Settings\Noric\Local Settings\Temp\ -> C:\Documents and Settings\Noric\Local Settings\Temp -> [2008/02/25 16:36:18 | 00,000,000 | ---D | M]
Perflib_Perfdata_fdc.dat -> C:\Documents and Settings\Noric\Local Settings\Temp\Perflib_Perfdata_fdc.dat -> [2008/12/12 23:19:06 | 00,016,384 | ---- | M] ()
2 C:\Documents and Settings\Noric\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Noric\Local Settings\Temp\*.tmp ->
nvapps.xml -> %SystemRoot%\System32\nvapps.xml -> [2008/12/12 23:19:00 | 00,050,868 | ---- | M] ()
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2008/12/12 23:18:52 | 00,000,006 | -H-- | M] ()
wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [2008/12/12 23:18:50 | 00,001,158 | ---- | M] ()
bootstat.dat -> %SystemRoot%\bootstat.dat -> [2008/12/12 23:18:46 | 00,002,048 | --S- | M] ()
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [2008/12/12 23:18:42 | 21,467,17696 | -HS- | M] ()
fidbox.dat -> %SystemRoot%\System32\drivers\fidbox.dat -> [2008/12/09 23:53:38 | 00,014,368 | -HS- | M] ()
fidbox.idx -> %SystemRoot%\System32\drivers\fidbox.idx -> [2008/12/09 23:53:38 | 00,001,268 | -HS- | M] ()
fidbox2.idx -> %SystemRoot%\System32\drivers\fidbox2.idx -> [2008/12/09 23:53:38 | 00,001,100 | -HS- | M] ()
fidbox2.dat -> %SystemRoot%\System32\drivers\fidbox2.dat -> [2008/12/09 23:53:38 | 00,000,288 | -HS- | M] ()
bthservsdp.dat -> %SystemRoot%\bthservsdp.dat -> [2008/12/09 23:53:34 | 00,000,012 | ---- | M] ()
Internet.lnk -> %UserProfile%\Menu Démarrer\Programmes\Démarrage\Internet.lnk -> [2008/12/09 23:11:32 | 00,000,104 | ---- | M] ()
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [2008/12/07 15:49:38 | 00,054,156 | -H-- | M] ()
QTFont.for -> %SystemRoot%\QTFont.for -> [2008/12/07 15:49:38 | 00,001,409 | ---- | M] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2008/12/06 11:21:48 | 00,067,072 | ---- | M] ()
mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2008/12/03 19:52:38 | 00,038,496 | ---- | M] (Malwarebytes Corporation)
mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2008/12/03 19:52:34 | 00,015,504 | ---- | M] (Malwarebytes Corporation)
cont_adzgalore-remove.exe -> %SystemRoot%\System32\cont_adzgalore-remove.exe -> [2008/12/03 16:23:22 | 00,053,940 | ---- | M] ()
GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [2008/11/20 09:32:08 | 00,071,672 | ---- | M] ()
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2008/11/20 09:31:34 | 00,276,560 | ---- | M] ()
Ma Musique.lnk -> %UserProfile%\Mes documents\Ma Musique.lnk -> [2008/11/20 00:50:54 | 00,000,306 | ---- | M] ()
inst.exe -> %AppData%\inst.exe -> [2008/11/20 00:29:22 | 00,087,608 | ---- | M] ()
pcouffin.sys -> %AppData%\pcouffin.sys -> [2008/11/20 00:29:20 | 00,047,360 | ---- | M] (VSO Software)
pcouffin.cat -> %AppData%\pcouffin.cat -> [2008/11/20 00:29:20 | 00,007,887 | ---- | M] ()
pcouffin.inf -> %AppData%\pcouffin.inf -> [2008/11/20 00:29:20 | 00,001,144 | ---- | M] ()
jfjfsvtouatumih.exe -> %SystemRoot%\System32\jfjfsvtouatumih.exe -> [2008/11/18 18:41:04 | 00,047,584 | ---- | M] ()
Maintenance en 1 clic.job -> %SystemRoot%\tasks\Maintenance en 1 clic.job -> [2008/11/14 17:17:14 | 00,000,408 | ---- | M] ()
iesvcmon1.exe -> %SystemRoot%\System32\iesvcmon1.exe -> [2008/11/13 23:15:20 | 01,515,520 | ---- | M] (System Service)
nc605007.exe -> %SystemRoot%\nc605007.exe -> [2008/11/13 23:15:20 | 00,473,088 | ---- | M] ()
Raccourci vers LimeWire.lnk -> %UserProfile%\Bureau\Raccourci vers LimeWire.lnk -> [2008/11/13 23:08:52 | 00,000,337 | ---- | M] ()
CCleaner.lnk -> %UserProfile%\Bureau\CCleaner.lnk -> [2008/11/13 23:01:28 | 00,001,464 | ---- | M] ()
[CatchMe Rootkit Scan by GMER]
< Windows folder & sub-folders >
scanning hidden processes ...
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
< Document and Settings folder & sub folders >
scanning hidden files ...
scan completed successfully
hidden files: 0
< End of report >
[/code] |
|
Posté le 12/12/2008 à 23:34 |
Petit astucien
| encore merci pour tout ce qui est fait pour mon cas!
bon week end! |
|
Posté le 13/12/2008 à 15:10 |
| on continue
suis bien les consignes données stp
Procédure OTScanIt :
- Désactive temporairement ton antivirus (mais pas le pare-feu),
- Ouvre OTScanIt.exe dans le dossier OTScanIt sur le Bureau (pour Vista : clic droit et exécuter en tant qu'administrateur),
- Clique sur None dans la barre d'outils,
- Dans Registry, clique sur Safe-List,
- Dans Files created within, choisir WhiteList
- Dans Files modified within, choisir WhiteList
- Fais un copier/coller de ce texte dans la zone "Custom Scans" :
C:\Program Files\Mozilla Firefox\components\*.* /s
C:\Program files\Mozilla Firefox\searchplugins\*.* /s
C:\Program files\Mozilla Firefox\plugins\*.* /s
- Ne modifie aucun autre paramètre,
- Ensuite, clique sur le bouton "Run Scan" dans la barre d'outils et laisse tourner le programme,
- Lorsque l'analyse est terminée, le bloc-note va s'ouvrir avec le rapport d'analyse.
- Cliquer sur le menu Format et vérifier que Retour automatique à la ligne n'est pas coché.
Edite le rapport, en plusieurs si nécessaire si un message d'erreur apparait dans ta prochaine réponse quand tu veux le coller sur le forum.
- Vérifie que la 1ère ligne et la dernière ligne du rapport édité est [code]
- Réactive l'antivirus.
|
|
Posté le 13/12/2008 à 18:32 |
| Bonsoir tous les deux
... Chrifleur => 
Pour suivre donc, il y en a deux en cours sur PCA Sécurité ( je suis les deux )
Bonne fin de journée |
|
Posté le 14/12/2008 à 10:10 |
Petit astucien
| voici mon rapport Otscanit:
[code]
OTScanIt2 logfile created on: 14/12/2008 10:07:58 - Run 4
OTScanIt2 by OldTimer - Version 1.0.2.1 Folder = C:\Documents and Settings\Noric\Bureau\problème yoog search\OTScanIt2
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 1,28 Gb Available Physical Memory | 63,95% Memory free
3,35 Gb Paging File | 2,80 Gb Available in Paging File | 83,47% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55,95 Gb Total Space | 11,87 Gb Free Space | 21,22% Space Free | Partition Type: FAT32
Drive D: | 37,19 Gb Total Space | 18,45 Gb Free Space | 49,61% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: NORIC-7231E66C9
Current User Name: Noric
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://www.asus.com ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://www.msn.com/ ->
HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_CURRENT_USER\: Main\\"Start Page" -> http://google.com/ ->
HKEY_CURRENT_USER\: Search\\"AutoSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/saautosearch.aspx ->
HKEY_CURRENT_USER\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_CURRENT_USER\: Search\\"SearchAssistant" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKEY_CURRENT_USER\: SearchURL\\"" -> http://home.microsoft.com/access/autosearch.asp?p=%s ->
HKEY_CURRENT_USER\: SearchURL\\"provider" -> msn ->
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 ->
< FireFox Settings [Default Profile] > -> C:\Documents and Settings\Noric\Application Data\Mozilla\FireFox\Profiles\nojmj8n6.default\prefs.js ->
browser.search.defaultenginename -> "MyStart Search" ->
browser.search.selectedEngine -> "Yoog Search" ->
browser.startup.homepage -> "http://www.google.fr/firefox" ->
browser.startup.homepage_override.mstone -> "rv:1.9.0.4" ->
extensions.enabledItems -> bettergmail2@ginatrapani.org:0.7.1 ->
extensions.enabledItems -> {987311C6-B504-4aa2-90BF-60CC49808D42}:2.0 ->
extensions.enabledItems -> piclens@cooliris.com:1.8.5.14751 ->
extensions.enabledItems -> ctrl-tab@design-noir.de:0.19.3 ->
extensions.enabledItems -> {fce36c1e-58d8-498a-b2a5-66ad1cedebbb}:0.76 ->
extensions.enabledItems -> {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:3.5.1 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07 ->
extensions.enabledItems -> {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.87 ->
extensions.enabledItems -> videofinder@veoh.com:1.3 ->
extensions.enabledItems -> web@veoh.com:1.4 ->
extensions.enabledItems -> {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.4 ->
< HOSTS File > (790 bytes and 20 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
127.0.0.1 localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/12/18 04:16:42 | 00,059,032 | ---- | M] (Adobe Systems Incorporated)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\ssv.dll [SSVHelper Class] -> [2008/06/10 04:27:02 | 00,509,328 | ---- | M] (Sun Microsystems, Inc.)
{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{0FBB9689-D3D7-4f7a-A2E2-585B10099BFC}" [HKLM] -> %ProgramFiles%\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll [Veoh Web Player Video Finder] -> [2008/11/03 23:35:58 | 00,463,872 | ---- | M] (Veoh Networks Inc)
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
ShellBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\"{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}" [HKLM] -> %ProgramFiles%\Dealio\kb127\Dealio.dll [Dealio] -> File not found
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Alcmtr" -> %SystemRoot%\ALCMTR.EXE [ALCMTR.EXE] -> [2005/05/03 11:43:28 | 00,069,632 | R--- | M] (Realtek Semiconductor Corp.)
"AVP" -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe ["C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"] -> [2007/06/28 12:51:38 | 00,218,376 | ---- | M] (Kaspersky Lab)
"HControl" -> %SystemRoot%\ATK0100\HControl.exe [C:\WINDOWS\ATK0100\HControl.exe] -> [2006/05/30 21:31:08 | 00,098,304 | ---- | M] ()
"IntelWireless" -> %ProgramFiles%\Intel\Wireless\Bin\ifrmewrk.exe ["C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless] -> [2007/03/06 16:44:48 | 00,970,752 | ---- | M] (Intel Corporation)
"IntelZeroConfig" -> %ProgramFiles%\Intel\Wireless\bin\ZCfgSvc.exe ["C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"] -> [2007/03/06 16:47:02 | 00,819,200 | ---- | M] (Intel Corporation)
"NvCplDaemon" -> %SystemRoot%\system32\NvCpl.DLL [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> [2006/03/16 22:16:00 | 07,561,216 | ---- | M] (NVIDIA Corporation)
"Power_Gear" -> %ProgramFiles%\ASUS\Power4 Gear\BatteryLife.exe [C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1] -> [2006/03/14 17:46:00 | 00,090,112 | ---- | M] (ASUSTeK Computer Inc.)
"RTHDCPL" -> %SystemRoot%\RTHDCPL.EXE [RTHDCPL.EXE] -> [2006/05/04 08:59:16 | 16,206,848 | R--- | M] (Realtek Semiconductor Corp.)
"SynTPEnh" -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] -> [2005/10/20 23:26:48 | 00,761,945 | ---- | M] (Synaptics, Inc.)
"Wireless Console 2" -> %ProgramFiles%\Wireless Console 2\wcourier.exe [C:\Program Files\Wireless Console 2\wcourier.exe] -> [2005/10/17 17:09:34 | 00,987,136 | ---- | M] ()
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"ccleaner" -> %ProgramFiles%\CCleaner\CCleaner.exe ["C:\Program Files\CCleaner\CCleaner.exe" /AUTO] -> [2008/06/25 15:58:36 | 01,209,584 | ---- | M] (Piriform Ltd)
"RocketDock" -> %SystemRoot%\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe ["C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"] -> [2007/03/19 00:05:02 | 00,630,784 | ---- | M] ()
"TuneUp MemOptimizer" -> %ProgramFiles%\TuneUp Utilities 2006\MemOptimizer.exe ["C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart] -> [2006/10/06 06:27:18 | 00,305,152 | ---- | M] (TuneUp Software GmbH)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage ->
< Noric Startup Folder > -> C:\Documents and Settings\Noric\Menu Démarrer\Programmes\Démarrage ->
%UserProfile%\Menu Démarrer\Programmes\Démarrage\RocketDock.lnk -> %SystemRoot%\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe -> [2007/03/19 00:05:02 | 00,630,784 | ---- | M] ()
%UserProfile%\Menu Démarrer\Programmes\Démarrage\UberIcon.lnk -> %SystemRoot%\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe -> [2006/05/21 09:43:08 | 00,180,224 | ---- | M] ()
%UserProfile%\Menu Démarrer\Programmes\Démarrage\Internet.lnk -> -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [255] -> File not found
\\"NoFolderOptions" -> [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"dontdisplaylastusername" -> [0] -> File not found
\\"legalnoticecaption" -> [] -> File not found
\\"legalnoticetext" -> [] -> File not found
\\"shutdownwithoutlogon" -> [1] -> File not found
\\"undockwithoutlogon" -> [1] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NofolderOptions" -> [0] -> File not found
\\"NoFind" -> [0] -> File not found
\\"NoRun" -> [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"DisableTaskMgr" -> [0] -> File not found
\\"DisableRegistryTools" -> [0] -> File not found
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
E&xporter vers Microsoft Excel -> %SystemDrive%\PROGRA~1\MICROS~2\Office12\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000] -> [2008/07/30 03:25:02 | 17,930,264 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Menu: Console Java (Sun)] -> [2008/06/10 04:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}:{85E0B171-04FA-11D1-B7DA-00A0C90348D6} [HKLM] -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll [Button: Statistiques d’Anti-Virus Internet] -> [2007/06/28 12:51:52 | 00,222,472 | ---- | M] (Kaspersky Lab)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> %SystemDrive%\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL [Button: Research] -> [2006/10/26 20:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation)
{e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Button: Messenger] -> [2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [Console Java (Sun)] -> [2008/06/10 04:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
CmdMapping\\"{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}" [HKLM] -> %ProgramFiles%\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll [Statistiques d’Anti-Virus Internet] -> [2007/06/28 12:51:52 | 00,222,472 | ---- | M] (Kaspersky Lab)
CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] -> %SystemDrive%\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL [Research] -> [2006/10/26 20:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{e2e2dd38-d088-4134-82b7-f2ba38496583}" [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{E908B145-C847-4e85-B315-07E2E70DECF8}" [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Bibliothèque de contrôles ActiveX Microsoft ->
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. ->
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] ->
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[Java Plug-in 1.6.0_07] ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab[Shockwave Flash Object] ->
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{48E14897-A614-469E-81D8-4C8ADCB5118D} -> () ->
{CE0F151E-4F0A-4EBB-81BE-FA767FD6D421} -> (Intel(R) PRO/Wireless 3945ABG Network Connection) ->
{E17065E4-3089-4579-AA33-750E219E86F7} -> () ->
{E37C4E06-6080-4199-8802-46716FD04654} -> (Carte réseau 1394) ->
{EBE416CC-BE6A-41E2-9E54-6279AD5063A4} -> (Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC) ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
klogon -> %SystemRoot%\system32\klogon.dll -> [2007/06/28 12:51:48 | 00,206,088 | ---- | M] (Kaspersky Lab)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/14 04:34:22 | 00,142,848 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\livecall.exe" -> C:\Program Files\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> [2007/10/02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2007/10/18 11:34:04 | 05,724,184 | ---- | M] (Microsoft Corporation)
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/14 04:34:22 | 00,142,848 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Autodesk\Maya8.5\bin\maya.exe" -> C:\Program Files\Autodesk\Maya8.5\bin\maya.exe [C:\Program Files\Autodesk\Maya8.5\bin\maya.exe:*:Enabled:Maya] -> [2006/12/17 04:11:30 | 00,225,280 | ---- | M] (Autodesk)
"C:\Program Files\Cain\Cain.exe" -> C:\Program Files\Cain\Cain.exe [C:\Program Files\Cain\Cain.exe:*:Enabled:Cain - Password Recovery Utility] -> [2007/12/11 19:33:08 | 01,026,048 | ---- | M] (oxid.it)
"C:\Program Files\DNA\btdna.exe" -> C:\Program Files\DNA\btdna.exe [C:\Program Files\DNA\btdna.exe:*:Enabled:DNA] -> File not found
"C:\Program Files\e frontier\Poser 7\Poser.exe" -> C:\Program Files\e frontier\Poser 7\Poser.exe [C:\Program Files\e frontier\Poser 7\Poser.exe:*:Enabled:Poser executable file] -> File not found
"C:\Program Files\eMule\eMule.exe" -> C:\Program Files\eMule\eMule.exe [C:\Program Files\eMule\eMule.exe:*:Enabled:eMule Plus] -> [2008/05/18 11:14:54 | 05,799,936 | ---- | M] (http://emuleplus.info)
"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe:*:Enabled:Kaspersky Anti-Virus] -> [2007/06/28 12:51:38 | 00,218,376 | ---- | M] (Kaspersky Lab)
"C:\Program Files\LimeWire\LimeWire.exe" -> C:\Program Files\LimeWire\LimeWire.exe [C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire] -> [2008/09/18 19:50:22 | 00,147,456 | ---- | M] (Lime Wire, LLC)
"C:\Program Files\Magentic\bin\Magentic.exe" -> C:\Program Files\Magentic\bin\Magentic.exe [C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic] -> File not found
"C:\Program Files\Magentic\bin\MgApp.exe" -> C:\Program Files\Magentic\bin\MgApp.exe [C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic] -> File not found
"C:\Program Files\Magentic\bin\MgImp.exe" -> C:\Program Files\Magentic\bin\MgImp.exe [C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic] -> File not found
"C:\Program Files\Messenger\MSMSGS.EXE" -> C:\Program Files\Messenger\MSMSGS.EXE [C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger] -> [2008/04/14 04:34:14 | 01,695,232 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" -> C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook] -> [2008/05/21 04:37:24 | 12,844,576 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Mozilla Firefox 3 Beta 3\FIREFOX.EXE" -> C:\Program Files\Mozilla Firefox 3 Beta 3\FIREFOX.EXE [C:\Program Files\Mozilla Firefox 3 Beta 3\FIREFOX.EXE:*:Enabled:Firefox] -> [2008/11/07 20:54:32 | 00,307,712 | ---- | M] (Mozilla Corporation)
"C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe" -> C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe [C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic] -> File not found
"C:\Program Files\Skype\Phone\Skype.exe" -> C:\Program Files\Skype\Phone\Skype.exe [C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype] -> [2008/06/03 15:08:42 | 21,718,312 | R--- | M] (Skype Technologies S.A.)
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" -> C:\Program Files\Veoh Networks\Veoh\VeohClient.exe [C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client] -> [2008/08/28 10:18:24 | 03,660,848 | ---- | M] (Veoh Networks)
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" -> C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player ] -> [2008/11/03 23:45:50 | 03,522,296 | ---- | M] (Veoh Networks)
"C:\Program Files\Windows Live\Messenger\livecall.exe" -> C:\Program Files\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> [2007/10/02 17:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2007/10/18 11:34:04 | 05,724,184 | ---- | M] (Microsoft Corporation)
"C:\WINDOWS\System32\CNAC4RPK.EXE" -> C:\WINDOWS\System32\CNAC4RPK.EXE [C:\WINDOWS\System32\CNAC4RPK.EXE:*:Enabled:Canon LBP5000 RPC Server Process] -> [2005/09/19 16:00:00 | 00,057,407 | ---- | M] (CANON INC.)
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
"AlternateShell" -> cmd.exe ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> Pilote de CD-ROM ->
"ImagePath" -> %SystemRoot%\system32\DRIVERS\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2008/04/13 20:40:46 | 00,062,976 | ---- | M] (Microsoft Corporation)
< Drives with AutoRun files > -> ->
C:\AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ FAT32 ] -> [2008/02/25 16:43:16 | 00,000,000 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\auto\command
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\auto\command\\"" -> [Knight.exe open] -> File not found
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\explore\command
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\explore\command\\"" -> [Knight.exe open] -> File not found
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\find\command
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\find\command\\"" -> [Knight.exe open] -> File not found
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\install\command
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\install\command\\"" -> [Knight.exe open] -> File not found
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\open\command
\{7f965fcb-e3be-11dc-9902-0018de0ff75a}\Shell\open\command\\"" -> [Knight.exe open] -> File not found
\{a3e64e16-8570-11dd-ae21-0018de0ff75a}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a3e64e16-8570-11dd-ae21-0018de0ff75a}\Shell\AutoRun\command
\{a3e64e16-8570-11dd-ae21-0018de0ff75a}\Shell\AutoRun\command\\"" -> [.\Encryption Tool\MaxtorEncryption.exe] -> File not found
[Files/Folders - Created Within 30 Days]
1 C:\*.tmp files -> C:\*.tmp ->
Internet.lnk -> %UserProfile%\Menu Démarrer\Programmes\Démarrage\Internet.lnk -> [2008/12/09 23:11:30 | 00,000,104 | ---- | C] ()
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [2008/12/07 15:49:37 | 00,054,156 | -H-- | C] ()
QTFont.for -> %SystemRoot%\QTFont.for -> [2008/12/07 15:49:37 | 00,001,409 | ---- | C] ()
LBAR.cd -> %UserProfile%\Bureau\LBAR.cd -> [2008/12/07 15:45:17 | 00,000,000 | ---D | C]
problème yoog search -> %UserProfile%\Bureau\problème yoog search -> [2008/12/07 15:31:01 | 00,000,000 | ---D | C]
ToolBar SD -> %SystemDrive%\ToolBar SD -> [2008/12/07 11:45:25 | 00,000,000 | ---D | C]
trend micro -> %ProgramFiles%\trend micro -> [2008/12/06 11:52:25 | 00,000,000 | ---D | C]
rsit -> %SystemDrive%\rsit -> [2008/12/06 11:52:25 | 00,000,000 | ---D | C]
Malwarebytes -> %AppData%\Malwarebytes -> [2008/12/06 11:29:45 | 00,000,000 | ---D | C]
mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2008/12/06 11:29:43 | 00,015,504 | ---- | C] (Malwarebytes Corporation)
mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2008/12/06 11:29:40 | 00,038,496 | ---- | C] (Malwarebytes Corporation)
Malwarebytes' Anti-Malware -> %ProgramFiles%\Malwarebytes' Anti-Malware -> [2008/12/06 11:29:39 | 00,000,000 | ---D | C]
Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes -> [2008/12/06 11:29:39 | 00,000,000 | ---D | C]
Mes Historiques de Conversation -> %UserProfile%\Mes documents\Mes Historiques de Conversation -> [2008/12/01 14:23:54 | 00,000,000 | ---D | C]
COMCT232.OCX -> %SystemRoot%\System32\COMCT232.OCX -> [2008/11/25 11:26:34 | 00,164,144 | ---- | C] (Microsoft Corporation)
AudFile.dll -> %SystemRoot%\System32\AudFile.dll -> [2008/11/25 11:26:30 | 01,986,560 | ---- | C] (NCT Company Ltd.)
AudioInfos.dll -> %SystemRoot%\System32\AudioInfos.dll -> [2008/11/25 11:26:30 | 01,212,416 | ---- | C] (NCT Company Ltd.)
AudioVisu.dll -> %SystemRoot%\System32\AudioVisu.dll -> [2008/11/25 11:26:30 | 00,479,232 | ---- | C] (NCT Company Ltd.)
AudPlayer.dll -> %SystemRoot%\System32\AudPlayer.dll -> [2008/11/25 11:26:30 | 00,458,752 | ---- | C] (NCT Company Ltd.)
AudioRecord.dll -> %SystemRoot%\System32\AudioRecord.dll -> [2008/11/25 11:26:30 | 00,454,656 | ---- | C] (NCT Company Ltd.)
AudDisplay.dll -> %SystemRoot%\System32\AudDisplay.dll -> [2008/11/25 11:26:30 | 00,417,792 | ---- | C] (NCT Company Ltd.)
WMAFile.dll -> %SystemRoot%\System32\WMAFile.dll -> [2008/11/25 11:26:30 | 00,348,160 | ---- | C] (NCT Company Ltd.)
NCTWMAProfiles.prx -> %SystemRoot%\System32\NCTWMAProfiles.prx -> [2008/11/25 11:26:30 | 00,116,296 | ---- | C] ()
AudDesign.dll -> %SystemRoot%\System32\AudDesign.dll -> [2008/11/25 11:26:29 | 02,084,864 | ---- | C] (NCT Company Ltd.)
TABCTL32.OCX -> %SystemRoot%\System32\TABCTL32.OCX -> [2008/11/25 11:26:29 | 00,224,016 | ---- | C] (Microsoft Corporation)
VB6FR.DLL -> %SystemRoot%\System32\VB6FR.DLL -> [2008/11/25 11:26:29 | 00,119,568 | ---- | C] (Microsoft Corporation)
VB6STKIT.DLL -> %SystemRoot%\System32\VB6STKIT.DLL -> [2008/11/25 11:26:29 | 00,101,888 | ---- | C] (Microsoft Corporation)
TABCTFR.DLL -> %SystemRoot%\System32\TABCTFR.DLL -> [2008/11/25 11:26:29 | 00,021,504 | ---- | C] (Microsoft Corporation)
inetfr.DLL -> %SystemRoot%\System32\inetfr.DLL -> [2008/11/25 11:26:29 | 00,015,360 | ---- | C] (Microsoft Corporation)
MSCOMCT2.OCX -> %SystemRoot%\System32\MSCOMCT2.OCX -> [2008/11/25 11:26:28 | 00,662,288 | ---- | C] (Microsoft Corporation)
COMDLG32.OCX -> %SystemRoot%\System32\COMDLG32.OCX -> [2008/11/25 11:26:28 | 00,152,848 | ---- | C] (Microsoft Corporation)
MSCMCFR.DLL -> %SystemRoot%\System32\MSCMCFR.DLL -> [2008/11/25 11:26:28 | 00,141,312 | ---- | C] (Microsoft Corporation)
Mscc2fr.dll -> %SystemRoot%\System32\Mscc2fr.dll -> [2008/11/25 11:26:28 | 00,059,904 | ---- | C] (Microsoft Corporation)
CMDLGFR.DLL -> %SystemRoot%\System32\CMDLGFR.DLL -> [2008/11/25 11:26:28 | 00,032,768 | ---- | C] (Microsoft Corporation)
.purple -> %AppData%\.purple -> [2008/11/21 15:49:03 | 00,000,000 | ---D | C]
Aspell -> %ProgramFiles%\Aspell -> [2008/11/21 15:46:09 | 00,000,000 | ---D | C]
Pidgin -> %ProgramFiles%\Pidgin -> [2008/11/21 15:45:32 | 00,000,000 | ---D | C]
GTK -> %CommonProgramFiles%\GTK -> [2008/11/21 15:45:20 | 00,000,000 | ---D | C]
Ma Musique.lnk -> %UserProfile%\Mes documents\Ma Musique.lnk -> [2008/11/20 00:50:52 | 00,000,306 | ---- | C] ()
[Files/Folders - Modified Within 30 Days]
1 C:\*.tmp files -> C:\*.tmp ->
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader -> [2008/02/25 20:40:00 | 00,000,000 | ---D | M]
qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [2008/11/13 23:58:40 | 00,004,646 | ---- | M] ()
qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [2008/11/13 23:58:40 | 00,004,232 | ---- | M] ()
C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\ -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data -> [2008/02/25 17:49:48 | 00,000,000 | ---D | M]
data.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\data.dat -> [2008/02/25 17:52:30 | 00,001,372 | ---- | M] ()
opa12.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\opa12.dat -> [2008/08/18 14:20:04 | 00,008,206 | ---- | M] ()
C:\Documents and Settings\Noric\Local Settings\Temp\ -> C:\Documents and Settings\Noric\Local Settings\Temp -> [2008/02/25 16:36:18 | 00,000,000 | ---D | M]
Perflib_Perfdata_824.dat -> C:\Documents and Settings\Noric\Local Settings\Temp\Perflib_Perfdata_824.dat -> [2008/12/14 09:32:14 | 00,016,384 | ---- | M] ()
3 C:\Documents and Settings\Noric\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Noric\Local Settings\Temp\*.tmp ->
nvapps.xml -> %SystemRoot%\System32\nvapps.xml -> [2008/12/14 09:32:04 | 00,050,868 | ---- | M] ()
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2008/12/14 09:31:58 | 00,000,006 | -H-- | M] ()
bootstat.dat -> %SystemRoot%\bootstat.dat -> [2008/12/14 09:31:54 | 00,002,048 | --S- | M] ()
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [2008/12/14 09:31:50 | 21,467,17696 | -HS- | M] ()
fidbox.dat -> %SystemRoot%\System32\drivers\fidbox.dat -> [2008/12/13 22:39:34 | 00,014,368 | -HS- | M] ()
fidbox.idx -> %SystemRoot%\System32\drivers\fidbox.idx -> [2008/12/13 22:39:34 | 00,001,268 | -HS- | M] ()
fidbox2.idx -> %SystemRoot%\System32\drivers\fidbox2.idx -> [2008/12/13 22:39:34 | 00,001,100 | -HS- | M] ()
fidbox2.dat -> %SystemRoot%\System32\drivers\fidbox2.dat -> [2008/12/13 22:39:34 | 00,000,288 | -HS- | M] ()
bthservsdp.dat -> %SystemRoot%\bthservsdp.dat -> [2008/12/13 22:39:28 | 00,000,012 | ---- | M] ()
wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [2008/12/12 23:18:50 | 00,001,158 | ---- | M] ()
Internet.lnk -> %UserProfile%\Menu Démarrer\Programmes\Démarrage\Internet.lnk -> [2008/12/09 23:11:32 | 00,000,104 | ---- | M] ()
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [2008/12/07 15:49:38 | 00,054,156 | -H-- | M] ()
QTFont.for -> %SystemRoot%\QTFont.for -> [2008/12/07 15:49:38 | 00,001,409 | ---- | M] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2008/12/06 11:21:48 | 00,067,072 | ---- | M] ()
mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2008/12/03 19:52:38 | 00,038,496 | ---- | M] (Malwarebytes Corporation)
mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2008/12/03 19:52:34 | 00,015,504 | ---- | M] (Malwarebytes Corporation)
cont_adzgalore-remove.exe -> %SystemRoot%\System32\cont_adzgalore-remove.exe -> [2008/12/03 16:23:22 | 00,053,940 | ---- | M] ()
GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [2008/11/20 09:32:08 | 00,071,672 | ---- | M] ()
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2008/11/20 09:31:34 | 00,276,560 | ---- | M] ()
Ma Musique.lnk -> %UserProfile%\Mes documents\Ma Musique.lnk -> [2008/11/20 00:50:54 | 00,000,306 | ---- | M] ()
inst.exe -> %AppData%\inst.exe -> [2008/11/20 00:29:22 | 00,087,608 | ---- | M] ()
pcouffin.sys -> %AppData%\pcouffin.sys -> [2008/11/20 00:29:20 | 00,047,360 | ---- | M] (VSO Software)
pcouffin.cat -> %AppData%\pcouffin.cat -> [2008/11/20 00:29:20 | 00,007,887 | ---- | M] ()
pcouffin.inf -> %AppData%\pcouffin.inf -> [2008/11/20 00:29:20 | 00,001,144 | ---- | M] ()
jfjfsvtouatumih.exe -> %SystemRoot%\System32\jfjfsvtouatumih.exe -> [2008/11/18 18:41:04 | 00,047,584 | ---- | M] ()
Maintenance en 1 clic.job -> %SystemRoot%\tasks\Maintenance en 1 clic.job -> [2008/11/14 17:17:14 | 00,000,408 | ---- | M] ()
[Custom Scans]
< C:\Program Files\Mozilla Firefox\components\*.* /s >
< C:\Program files\Mozilla Firefox\searchplugins\*.* /s >
< C:\Program files\Mozilla Firefox\plugins\*.* /s >
< End of report >
[/code]
merci!! |
|
Posté le 14/12/2008 à 10:47 |
| on y va
1/
suis ce tutoriel et sauvegarde ton Registre
https://forum.pcastuces.com/tuto_erunt-f31s5.htm
2/
- Désactive temporairement ton antivirus (mais pas le pare-feu),
- Ouvre OTScanIt.exe dans le dossier OTScanIt sur le Bureau (pour Vista : clic droit et exécuter en tant qu'administrateur),
- Fais un copier/coller des lignes suivantes dans la zone Paste fix here :
[Kill Explorer]
[Unregister Dlls]
[Registry - Safe List]
< Firefox Settings [Default Profile] > -> C:\Documents and Settings\Noric\Application Data\Mozilla\FireFox\Profiles\nojmj8n6.default\prefs.js
YN -> browser.search.defaultenginename -> "MyStart Search"
YN -> browser.search.selectedEngine -> "Yoog Search"
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
YN -> WebBrowser\\"{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}" [HKLM] -> %ProgramFiles%\Dealio\kb127\Dealio.dll [Dealio]
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
YY -> "C:\Program Files\Cain\Cain.exe" -> C:\Program Files\Cain\Cain.exe [C:\Program Files\Cain\Cain.exe:*:Enabled:Cain - Password Recovery Utility]
YN -> "C:\Program Files\DNA\btdna.exe" -> C:\Program Files\DNA\btdna.exe [C:\Program Files\DNA\btdna.exe:*:Enabled:DNA]
YN -> "C:\Program Files\e frontier\Poser 7\Poser.exe" -> C:\Program Files\e frontier\Poser 7\Poser.exe [C:\Program Files\e frontier\Poser 7\Poser.exe:*:Enabled:Poser executable file]
YN -> "C:\Program Files\Magentic\bin\Magentic.exe" -> C:\Program Files\Magentic\bin\Magentic.exe [C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic]
YN -> "C:\Program Files\Magentic\bin\MgApp.exe" -> C:\Program Files\Magentic\bin\MgApp.exe [C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic]
YN -> "C:\Program Files\Magentic\bin\MgImp.exe" -> C:\Program Files\Magentic\bin\MgImp.exe [C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic]
YN -> "C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe" -> C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe [C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic]
[Files/Folders - Modified Within 30 Days]
NY -> cont_adzgalore-remove.exe -> %SystemRoot%\System32\cont_adzgalore-remove.exe
NY -> inst.exe -> %AppData%\inst.exe
NY -> jfjfsvtouatumih.exe -> %SystemRoot%\System32\jfjfsvtouatumih.exe
[Commandline Commands]
:zipfilestoupload
%SystemRoot%\System32\jfjfsvtouatumih.exe
%SystemRoot%\System32\cont_adzgalore-remove.exe
:SENDTOMRC
channel=1
https://forum.pcastuces.com/probleme_avec_yoog_search-f25s44828.htm
[Empty Temp Folders]
[Start Explorer]
- Clique sur le bouton Run fix.
- L'exécution devrait être rapide. Lorsque la correction est terminée, un message indiquant que c'est fini (finished) devrait apparaître. Il est possible que l'on te demande de redémarrer le pc pour finaliser la correction si certains éléments n'ont pu être corrigés précédemment. Fais-le afin de finaliser la correction dans ce cas-là, en cliquant sur Yes.
- Le bloc-note s'ouvre. Copie/colle son contenu dans ta prochaine réponse.
- N'oublie pas de préciser tout problème rencontré ou tout problème persistant sur ton pc.
- Réactive l'antivirus.
- Si ton Bureau n'apparait pas, fais ceci : fais CTRL+ALT+SUP pour faire apparaître le gestionnaire de tâches.
Rends-toi à l'onglet Processus, clique en haut à gauche sur "Fichiers" et choisis "Exécuter". Tape "explorer" et valide. Cela te fera ré-apparaître ton Bureau.
3/
démarrer/exécuter
tape regedit
suis l'arborescence et supprime uniquement les valeurs indiquées en gras
[HKEY_USERS
clique sur le +
\S-1-5-21-228544307-3654959823-909112848-1005\
clique sur le plus
Software\
idem
Microsoft\
idem
Internet Explorer\
idem
SearchScopes\
idem
{CD10120B-C165-4f8d-8C74-639629E238FF}]
dans le panneau de droite recherche cette valeur
"URL"="http://www3.yoog.com/search.php?q={searchTerms}"
clique droit dessus / modifier et tu supprimes
http://www3.yoog.com/search.php?q={searchTerms}"
rien d'autre
fais pareil avec ceci
[HKEY_USERS\S-1-5-21-228544307-3654959823-909112848-1005\Software\Microsoft\Internet Explorer\SearchScopes\{CD10120B-C165-4f8d-8C74-639629E238FF}]
"DisplayName"="Yoog Search"
4/
sauvegarde tes marques pages de Firefox de cette manière
cliquer sur Marque-Pages > Organiser les marques pages.
Dans la nouvelle fenêtre, en haut, Importation et sauvegarder > Exporter au format HTML
supprime Firefox par ajout suppression de programmes (tu le réinstalleras ensuite ainsi que tes marques pages)
recherche et supprime
C:\Program Files\Mozilla FireFox
C:\Documents and Settings\Noric\Application Data\Mozilla
redémarre ton PC et poste moi un nouveau rapport OTScanIt
Modifié par chrifleur le 14/12/2008 12:09 |
|
Posté le 17/12/2008 à 20:04 |
| tu y es arrivé? |
|
Posté le 20/12/2008 à 12:00 |
Petit astucien
| bonjour et désolé pour ma réponse si tardive mais les fêtes approchant j'ai été bombardé de devoirs en 4h et je n'ai donc pas eu le teps de retourner sur mon PC.
alors en fait au moment où je clic sur RUN FIX, une console CMD.exe s'ouvre et à partir de ce moment mon PC plante...
j'ai peut-être trouvé une solution à ce problème: migrer sous linux, chose qui me tente depuis pas mal de temps déja. Après des recherches j'ai bien pu voir que ce problème (et tant d'autres) n'existe pas sous linux.
merci bien! |
|
Posté le 20/12/2008 à 12:05 |
| redémarre et dis moi si tu as toujours ce moteur de recherche...
linux c'est aussi une solution |
|
Posté le 21/12/2008 à 19:26 |
Petit astucien
| hello everybody!
Yoog Search m'em de; (oups!); m'embette toujours!
Je suis en train de préparer mes CD's de sauvegarde pour ma migration linuxienne (et je dois dire qu'il me tarde!) sous Ubuntu. Je vous remercie pour l'attention et l'aide que vous m'avez apporté, parce qu'il faut de la patiente pour traiter ces tas de problèmes, toujours nouveaux et plus compliqués! C'est cool de pouvoir trouver des gens comme vous sur la toile!
Encore merci et bonnes fêtes à vous tous!
Ciao.
|
|
Posté le 22/12/2008 à 09:23 |
| tu comptes ne plus garder du tout windows?
et être complètement sous linux? |
|
Posté le 22/12/2008 à 11:28 |
Petit astucien
| Oui, c'est bien ce que je compte faire. J'avais déja essayé l'an dernier pendant plusieurs mois mais comme la totalité de mon matériel n'était pas pris en charge j'avais pas de bons résultats, mais maintenant c'est ok. Ce matin je passe à l'install d'Ubuntu 8.10.
Bonnes fêtes à vous! |
|
Posté le 22/12/2008 à 13:32 |
|  joyeuses fêtes de Noël
|
|
Posté le 22/12/2008 à 19:10 |
Petit astucien
| Merci bien!
Au fait, en bidouillant mon PC pour récuprérer mes mots de passe et favoris Firefox j'ai trouvé la solution à notre problème:
C:\Documents and Settings\Noric\Application Data\Mozilla\Firefox\Profiles\nojmj8n6.default\searchplugins
il y avait dans ce dernier dossier un petit fichier nommé Yoog (ou quelque chose comme ça...) que je me suis empressé de supprimer et qui, depuis ne fait plus effet sur firefox.
Voila, encore merci et bonnes vacances (si en vacances vous êtes!)!
|
|
Problème avec YOOG SEARCH
À LA UNE
PRATIQUE
LOGITHÈQUE
TABLETTE ET MOBILE
BONS PLANS
FONDS D'ÉCRAN
JEUX
FORUM
