High-Tech Santé Médecine Droit-Finances

Grippe A

Que dois-je faire ?

Rechercher : dans
Par :

Svchost

Dernière réponse le 25 nov 2009 à 22:59:55 suhelen, le 10 nov 2009 à 21:09:05 
 Signaler ce message aux modérateurs

Bonjour,

je viens vers vous car lorsque j'ai ctrl+supp j'ai 9 svchost.exe
lorsque je regarde sur le net je lis soit que c'est un element de win xp soit que cest un virus

si quelqu'un pouvait m'aider en me fesant faire les manip comme vous savez bien les faire et les comprendre !!

en + mon ordi rame a fond en ce moment

merci d'avance pour votre aide

Configuration: Windows XP
Firefox 3.5.5

Meilleures réponses pour « svchost » dans :
Svchost - svchost.exe Voir svchost - svchost.exe Le processus svchost.exe (svchost signifiant Service Host Process) est un processus générique de Windows 2000/XP servant d'hôtes pour les autres processus dont le fonctionnement repose sur des librairies dynamiques (DLLs). Il...
Télécharger Svchost Process Analyzer Voir
Télécharger Svchost Informations Voir
Posez votre question Répondre

1

Limon8, le 10 nov 2009 à 21:18:35

Salut,

Ces processus sont nombreux et c'est tout a fait normal, tout du moins, lorsqu'il sont placés au bon endroit dans ton systeme.

Télécharge ici :

http://images.malwareremoval.com/random/RSIT.exe

random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Lis le contenu de l'écran Disclaimer puis clique sur Continue (si tu acceptes les conditions).

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

NB : Les rapports sont sauvegardés dans le dossier C:\rsit

Ne pas se fier aux apparences ... 
*':._Tout petit, on nous apprend a jacter... une fois inseré dans la société, il faut imperativement la boucler _.:'*

   
Répondre à Limon8

2

suhelen, le 10 nov 2009 à 21:32:43

Merci voici le log.txt :
Logfile of random's system information tool 1.06 (written by random/random)
Run by DEMANGEOT Solène at 2009-11-10 21:30:41
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 175 GB (73%) free of 238 GB
Total RAM: 1023 MB (31% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:30:50, on 10/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Fichiers communs\alq.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Ahead\nero\nero.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\DEMANGEOT Solène\Mes documents\Téléchargements\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\DEMANGEOT Solène.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.shareware.pro/search-fr/?ctid=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: Shareware.Pro-FR Toolbar - {280b5d37-4a76-467a-b3d6-942fca90acde} - C:\Program Files\Shareware.Pro-FR\tbShar.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Shareware.Pro-FR Toolbar - {280b5d37-4a76-467a-b3d6-942fca90acde} - C:\Program Files\Shareware.Pro-FR\tbShar.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {cd36797a-70f3-4acd-8825-623d3b896881} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Shareware.Pro-FR Toolbar - {280b5d37-4a76-467a-b3d6-942fca90acde} - C:\Program Files\Shareware.Pro-FR\tbShar.dll
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Application Layer Gateway] C:\Program Files\Fichiers communs\alq.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} -
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by115w.bay115.mail.live.com/mail/resources/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/...
O16 - DPF: {935F9B04-0C7B-4454-A391-348C54AD7ADD} (Jolly Bear Games Player) - http://games.bigfishgames.com/fr_bigcityadventuresa/online/JBGamePlayer.cab
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.6.0_01) -
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
End of file - 10176 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\BA7D9D6D943207C1.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{280b5d37-4a76-467a-b3d6-942fca90acde}]
Shareware.Pro-FR Toolbar - C:\Program Files\Shareware.Pro-FR\tbShar.dll [2009-02-16 1882136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-08-05 113512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cd36797a-70f3-4acd-8825-623d3b896881}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{280b5d37-4a76-467a-b3d6-942fca90acde} - Shareware.Pro-FR Toolbar - C:\Program Files\Shareware.Pro-FR\tbShar.dll [2009-02-16 1882136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2004-09-23 860160]
"SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2004-10-14 1388544]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam\Quickcam.exe [2008-12-20 2656528]
"fssui"=C:\Program Files\Windows Live\Family Safety\fsui.exe [2009-08-05 647520]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-10-30 788368]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"Application Layer Gateway"=C:\Program Files\Fichiers communs\alq.exe [2009-07-31 31744]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-08-27 247144]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe [2007-06-11 6731312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe /hide []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
C:\Program Files\SweetIM\Messenger\SweetIM.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^D-Link AirPlus.lnk]
C:\PROGRA~1\D-LINK~1\AirPlus.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^DEMANGEOT Solène^Menu Démarrer^Programmes^Démarrage^NetAnalyse.lnk]
C:\PROGRA~1\NETANA~1\NETANA~1.EXE []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-11-23 47104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\windows\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [2007-05-30 79408]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\Freeplayer\vlc\vlc.exe"="C:\Program Files\Freeplayer\vlc\vlc.exe:*:Enabled:VLC media player"
"C:\WINDOWS\Temp\NavBrowser.exe"="C:\WINDOWS\Temp\NavBrowser.exe:*:Enabled:NAVBrowser"
"C:\Program Files\FileZilla\FileZilla.exe"="C:\Program Files\FileZilla\FileZilla.exe:*:Enabled:FileZilla"
"C:\WINDOWS\system32\svchost.exe"="C:\WINDOWS\system32\svchost.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\56ex3.modul32.exe"="C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\56ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\74ex3.modul32.exe"="C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\74ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\11ex3.modul32.exe"="C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\11ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\32ex3.modul32.exe"="C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\32ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\87ex3.modul32.exe"="C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\87ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\63ex3.modul32.exe"="C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\63ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\14ex3.modul32.exe"="C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\14ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\43ex3.modul32.exe"="C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\43ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\5ex3.modul32.exe"="C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\5ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\98ex3.modul32.exe"="C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\98ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\1ex3.modul32.exe"="C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\1ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\12ex3.modul32.exe"="C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\12ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\90ex3.modul32.exe"="C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\90ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\52ex3.modul32.exe"="C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\52ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\93ex3.modul32.exe"="C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\93ex3.modul32.exe:*:Enabled:Microsoft Update"
"C:\Program Files\Messenger\Msmsgs.exe"="C:\Program Files\Messenger\Msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\TribalWeb.net\tribalweb.exe"="C:\Program Files\TribalWeb.net\tribalweb.exe:*:Enabled:TribalWeb.net : Réseau privé sur Internet"
"C:\Program Files\BitDownload\BitDownload.exe"="C:\Program Files\BitDownload\BitDownload.exe:*:Enabled:Torrent P2P application"
"C:\WINDOWS\system32\rtcshare.exe"="C:\WINDOWS\system32\rtcshare.exe:*:Enabled:Partage de l'application RTC"
"C:\Program Files\NetMeeting\conf.exe"="C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®"
"C:\Program Files\WINSOS\winsos.exe"="C:\Program Files\Winsos\winsos.exe:*:Enabled:Winsos"
"C:\Program Files\WINSOS\anti-spy.exe"="C:\Program Files\Winsos\anti-spy.exe:*:Enabled:anti-spy Winsos"
"C:\Program Files\WINSOS\help.exe"="C:\Program Files\Winsos\help.exe:*:Enabled:Winsos Help"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\BitLord\BitLord.exe"="C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord"
"C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console"
"C:\Program Files\GigaTribe\gigatribe.exe"="C:\Program Files\GigaTribe\gigatribe.exe:*:Enabled:gigatribe"
"D:\eSKernel.exe"="D:\eSKernel.exe:*:Enabled:Bbox assistant d'installation"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{05885f7b-d66d-11dc-8211-0015f260c369}]
shell\Auto\command - cmd /C launch.bat
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3d89ffc5-9c4d-11de-8369-0015f260c369}]
shell\AutoRun\command - E:\InstallTomTomHOME.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5cc7dbc6-1e18-11de-82f3-0015f260c369}]
shell\Auto\command - infrom.exe
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL infrom.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{71d3eda1-daa5-11dd-82b6-0015f260c369}]
shell\Auto\command - cmd /C launch.bat
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7428f1ef-954d-11dd-8292-0015f260c369}]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7541a31c-4de9-11dd-8261-0015f260c369}]
shell\Auto\command - cmd /C launch.bat
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{83be5959-d10c-11dc-8210-0015f260c369}]
shell\Auto\command - cmd /C launch.bat
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat


======File associations======

.js - open -

======List of files/folders created in the last 1 months======

2009-11-10 21:30:41 ----D---- C:\rsit
2009-11-08 12:59:20 ----D---- C:\Documents and Settings\DEMANGEOT Solène\Application Data\she_is_a_shadow
2009-11-06 11:56:58 ----D---- C:\Documents and Settings\DEMANGEOT Solène\Application Data\ERS G-Studio
2009-11-04 12:34:21 ----D---- C:\Documents and Settings\DEMANGEOT Solène\Application Data\Island
2009-11-02 23:12:18 ----D---- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-11-02 23:11:23 ----D---- C:\Program Files\Bonjour
2009-11-02 23:01:20 ----D---- C:\Program Files\Fichiers communs\Apple
2009-11-02 22:55:37 ----D---- C:\Program Files\Apple Software Update
2009-11-02 22:55:37 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-11-02 22:54:05 ----D---- C:\Documents and Settings\DEMANGEOT Solène\Application Data\Zylom 3 Days Zoo Mystery
2009-11-02 21:27:44 ----D---- C:\Program Files\Jeux Rico
2009-10-30 18:21:49 ----HDC---- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-10-29 13:49:06 ----D---- C:\Documents and Settings\DEMANGEOT Solène\Application Data\SprillRichiEng
2009-10-23 16:47:12 ----A---- C:\WINDOWS\system32\ptpusb.dll
2009-10-23 16:47:10 ----A---- C:\WINDOWS\system32\ptpusd.dll
2009-10-23 09:42:07 ----D---- C:\Program Files\CCleaner
2009-10-20 17:13:31 ----D---- C:\Documents and Settings\DEMANGEOT Solène\Application Data\Skype
2009-10-20 17:12:50 ----D---- C:\Program Files\Fichiers communs\Skype
2009-10-20 17:12:40 ----RD---- C:\Program Files\Skype
2009-10-19 10:23:52 ----D---- C:\Program Files\Fichiers communs\SWF Studio
2009-10-15 02:17:28 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-15 02:10:52 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-15 02:09:43 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-15 02:09:33 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-15 02:09:21 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-15 02:06:40 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-15 02:04:38 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-15 02:02:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-15 02:02:15 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-14 11:11:14 ----D---- C:\Documents and Settings\All Users\Application Data\HideAndSecret3
2009-10-11 17:58:32 ----A---- C:\WINDOWS\system32\psisdecd.dll
2009-10-11 17:58:17 ----A---- C:\WINDOWS\system32\dxdllreg.exe

======List of files/folders modified in the last 1 months======

2009-11-10 21:29:27 ----D---- C:\Program Files\Mozilla Firefox
2009-11-10 21:24:40 ----D---- C:\WINDOWS\Temp
2009-11-10 21:18:38 ----SD---- C:\WINDOWS\Tasks
2009-11-10 21:16:41 ----D---- C:\Documents and Settings\DEMANGEOT Solène\Application Data\skypePM
2009-11-10 21:15:23 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-10 21:15:22 ----D---- C:\WINDOWS
2009-11-10 21:12:54 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-10 21:12:20 ----D---- C:\Documents and Settings\DEMANGEOT Solène\Application Data\uTorrent
2009-11-10 21:00:31 ----A---- C:\WINDOWS\NeroDigital.ini
2009-11-10 19:33:43 ----AD---- C:\Program Files
2009-11-10 19:33:39 ----D---- C:\WINDOWS\Prefetch
2009-11-10 19:32:20 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-11-10 18:55:54 ----D---- C:\Documents and Settings\All Users\Application Data\BigFishGamesCache
2009-11-08 21:16:58 ----D---- C:\Program Files\Zylom Games
2009-11-08 11:21:03 ----D---- C:\Documents and Settings\DEMANGEOT Solène\Application Data\Artogon
2009-11-05 13:52:12 ----SHD---- C:\System Volume Information
2009-11-05 13:52:12 ----D---- C:\WINDOWS\system32\Restore
2009-11-05 13:46:07 ----D---- C:\WINDOWS\system32
2009-11-05 10:40:04 ----SHD---- C:\WINDOWS\Installer
2009-11-05 10:38:46 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-11-05 10:38:45 ----D---- C:\WINDOWS\system32\drivers
2009-11-05 03:01:04 ----HD---- C:\WINDOWS\inf
2009-11-05 03:00:45 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-11-04 17:22:36 ----RSD---- C:\WINDOWS\Fonts
2009-11-04 02:36:49 ----HD---- C:\WINDOWS\$hf_mig$
2009-11-03 15:59:17 ----D---- C:\Documents and Settings\DEMANGEOT Solène\Application Data\Apple Computer
2009-11-02 23:09:46 ----D---- C:\WINDOWS\WinSxS
2009-11-02 23:01:20 ----D---- C:\Program Files\Fichiers communs
2009-11-02 22:52:32 ----D---- C:\Documents and Settings\All Users\Application Data\PlayFirst
2009-11-02 22:52:31 ----D---- C:\Documents and Settings\DEMANGEOT Solène\Application Data\PlayFirst
2009-11-02 22:52:23 ----D---- C:\Documents and Settings\DEMANGEOT Solène\Application Data\Zylom
2009-11-02 22:52:23 ----D---- C:\Documents and Settings\DEMANGEOT Solène\Application Data\Identities
2009-11-02 10:51:16 ----D---- C:\Documents and Settings\All Users\Application Data\MumboJumbo
2009-11-01 19:34:18 ----AC---- C:\WINDOWS\QTW.INI
2009-10-29 18:01:41 ----D---- C:\Documents and Settings\DEMANGEOT Solène\Application Data\Games
2009-10-23 09:24:14 ----D---- C:\WINDOWS\Debug
2009-10-21 05:07:57 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-10-20 17:12:39 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2009-10-20 00:32:07 ----D---- C:\WINDOWS\Help
2009-10-17 17:33:42 ----D---- C:\Documents and Settings\All Users\Application Data\PoBros
2009-10-15 10:54:00 ----D---- C:\WINDOWS\Microsoft.NET
2009-10-15 10:53:52 ----RSD---- C:\WINDOWS\assembly
2009-10-15 02:27:19 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-15 02:08:24 ----D---- C:\WINDOWS\system32\fr-fr
2009-10-15 02:08:24 ----D---- C:\Program Files\Internet Explorer
2009-10-15 02:07:44 ----D---- C:\WINDOWS\ie7updates
2009-10-14 19:32:23 ----D---- C:\Documents and Settings\DEMANGEOT Solène\Application Data\Friday's games
2009-10-14 18:51:32 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-14 18:31:30 ----D---- C:\Documents and Settings\DEMANGEOT Solène\Application Data\YoudaGames
2009-10-14 17:40:54 ----D---- C:\Documents and Settings\DEMANGEOT Solène\Application Data\Ubisoft
2009-10-12 11:33:32 ----D---- C:\Documents and Settings\DEMANGEOT Solène\Application Data\MysteryStudio
2009-10-11 17:57:59 ----D---- C:\WINDOWS\system32\DirectX
2009-10-11 16:50:32 ----D---- C:\Program Files\Ubisoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys []
R1 AvgAsCln;AVG Anti-Spyware Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys [2007-05-30 10872]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 cdrbsvsd;cdrbsvsd; C:\WINDOWS\system32\drivers\cdrbsvsd.sys [2003-12-03 13566]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-07-26 28520]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-01-30 271360]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-08-18 55656]
R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS []
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2006-07-02 18048]
R2 SBKUPNT;SBKUPNT; \??\C:\WINDOWS\system32\Drivers\SBKUPNT.SYS []
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2005-03-04 127872]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-11-23 1410560]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LVPr2Mon;LVPr2Mon Driver; C:\WINDOWS\system32\Drivers\LVPr2Mon.sys [2008-12-16 25624]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888]
R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2005-03-01 392704]
R3 SiSGbeXP;SiS191/SiS190 Ethernet Device NDIS 5.1 Driver; C:\WINDOWS\system32\DRIVERS\SiSGbeXP.sys [2005-04-20 124672]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-08-03 221376]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\windows\system32\drivers\NSDriver.sys []
S3 AIRPLUS;D-Link AirPlus Wireless Adapter; C:\WINDOWS\system32\DRIVERS\airplus.sys [2003-09-08 255360]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-11-22 3804416]
S3 apov17ey;apov17ey; C:\WINDOWS\system32\drivers\apov17ey.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys []
S3 fbxusb;Carte réseau virtuelle FreeBox USB; C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 21344]
S3 lac97inf;lac97inf; \??\C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\lac97inf.sys []
S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys []
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys []
S3 LVRS;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs.sys []
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys []
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2004-09-14 88960]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2004-10-29 32000]
S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys []
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS []
S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 vaxscsi;vaxscsi; C:\WINDOWS\System32\Drivers\vaxscsi.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73600]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-26 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-18 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-11-23 393216]
R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe [2007-05-30 312880]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2008-10-02 54784]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-12-16 150040]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-08-27 92008]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-10-30 1179232]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-04-16 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe []
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-12 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2004-10-29 86016]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

************************************
************************************
************************************

et le info .txt :
info.txt logfile of random's system information tool 1.06 2009-11-10 21:30:54

======Uninstall list======

-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->MsiExec /X{7104189A-C592-4A56-AC9E-7C0CA135DA3C}
-->MsiExec.exe /X{7B4AB13C-1A5C-4BC5-ABA6-762F8198444C}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->C:\Program Files\Fichiers communs\Adobe\Installers\719d6f144d0c086a0dfa7ff76bb9ac1\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}
Adobe Reader 8.1.5 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe Setup-->MsiExec.exe /I{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
AGEIA PhysX v6.10.25-->MsiExec.exe /X{7104189A-C592-4A56-AC9E-7C0CA135DA3C}
Apple Application Support-->MsiExec.exe /I{B607C354-CD79-4D22-86D1-92DC94153F42}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AVG Anti-Spyware 7.5-->C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Big Fish Games Client-->C:\Program Files\bfgclient\Uninstall.exe
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
CSI NY-->C:\Program Files\Ubisoft\Legacy Interactive\Les Experts - Manhattan\Uninstall.exe
Data Lifeguard Diagnostic for Windows-->MsiExec.exe /X{E40CE517-0D42-4198-96B4-C8232B257EB5}
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Kuros Deluxe-->"C:\Program Files\Zylom Games\Kuros Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Logitech QuickCam-->MsiExec.exe /I{937B232D-9776-471E-92BD-D424E514EF14}
Macromedia Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Mediabarre-->C:\WINDOWS\UNWISE.EXE C:\WINDOWS\INSTALL.LOG
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\windows\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\windows\ie7updates\KB929969\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\windows\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\windows\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\windows\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\windows\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\windows\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB974455)-->"C:\WINDOWS\ie7updates\KB974455-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 7 (KB976749)-->"C:\WINDOWS\ie7updates\KB976749-IE7\spuninst\spuninst.exe"
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Mozilla Firefox (3.5.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB927977)-->MsiExec.exe /I{5A710547-B58E-488B-828D-CA9A25A0533C}
Nero Suite-->C:\Program Files\Fichiers communs\Nero\Uninstall\Setupx.exe /uninstall ExtraUninstallID=""
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
SafeCast Shared Components-->C:\Program Files\Fichiers communs\Macrovision Shared\SafeCast\Install\CDAC13BA.EXE /uninstall
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Shareware.Pro-FR Toolbar-->C:\PROGRA~1\SHAREW~1.PRO\UNWISE.EXE /U C:\PROGRA~1\SHAREW~1.PRO\INSTALL.LOG
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Sony USB Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\Setup.exe" UNINSTALL
SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x40c -removeonly
Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
Super Point de Croix Deluxe-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C0C2F4B7-90D7-480D-9707-4167AD1EA3FB}\SETUP.EXE" -l0x40c
TomTom HOME 2.7.2.1825-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
USB Storage Driver-->DelUIDrv.exe
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Visual C++ CRT 9.0-->MsiExec.exe /I{9ED38F62-7A50-4145-8C5D-0FCFFBF10A7B}
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
WinPcap 3.1 beta4-->"C:\Program Files\WinPcap\Uninstall.exe" "C:\Program Files\WinPcap\install.log"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Wonderburg-->"C:\WINDOWS\Wonderburg\uninstall.exe" "/U:C:\\Uninstall\uninstall.xml"
Your Product-->"C:\WINDOWS\Your Product\uninstall.exe" "/U:C:\Program Files\Your Product\Uninstall\uninsta

   
Répondre à suhelen

3

geoffrey5, le 10 nov 2009 à 21:58:44

Bonsoir,

plusieurs infections dans ton PC...

Nous allons commencer par les infections par disques amovibles.. Tu as surement branché une clé usb infectée sur ton PC..

▶ Télécharge UsbFix et enregistre-le sur ton bureau

tutoriel recherche

▶ Double-clique sur UsbFix présent sur ton bureau, l'installation se fera automatiquement

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir

▶ Choisi l'option 1 (recherche)

▶ Laisse travailler l'outil

▶ Ensuite post le rapport UsbFix.txt qui apparaîtra

* Note : le rapport UsbFix.txt est sauvegardé a la racine du disque

* Note : Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides

* Note : "SniffC.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus. Si vous voyez une amélioration sur votre PC, ce n'est pas pour autant que la désinfection est terminée... Continuez jusqu'au bout !!

   
Répondre à geoffrey5

4

Limon8, le 10 nov 2009 à 22:05:40

Bonsoir Geoffrey5 ... je t'en prie ...

Ne pas se fier aux apparences ... 
*':._Tout petit, on nous apprend a jacter... une fois inseré­ dans la société, il faut imperativement la boucler _.:'*

   
Répondre à Limon8

5

suhelen, le 11 nov 2009 à 19:13:41

Bonsoir,

Je n'ai pas répondu plus car j'avais perdu le message !!!!

Voila le rapport :
############################## | UsbFix V6.050 |

User : DEMANGEOT Solène (Administrateurs) # DEMANGEO-F101EC
Update on 09/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 19:05:51 | 11/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) 4 CPU 3.06GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 7.0.5730.11
Windows Firewall Status : Enabled
AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]

C:\ -> Disque fixe local # 232,88 Go (170,48 Go free) # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque fixe local # 465,64 Go (248,57 Go free) [My Book] # FAT32
K:\ -> Disque amovible
L:\ -> Disque fixe local # 967,2 Mo (408,86 Mo free) [USB_OUVERT] # FAT
Z:\ -> Disque virtuel # 0,04 Mo (0,04 Mo free) [MS-RAMDRIVE] # FAT

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 680
C:\WINDOWS\system32\csrss.exe 772
C:\WINDOWS\system32\winlogon.exe 804
C:\WINDOWS\system32\services.exe 848
C:\WINDOWS\system32\lsass.exe 860
C:\WINDOWS\system32\Ati2evxx.exe 1056
C:\WINDOWS\system32\svchost.exe 1072
C:\WINDOWS\system32\svchost.exe 1148
C:\WINDOWS\System32\svchost.exe 1244
C:\WINDOWS\system32\svchost.exe 1284
C:\WINDOWS\system32\svchost.exe 1344
C:\WINDOWS\system32\svchost.exe 1476
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe 1520
C:\WINDOWS\system32\spoolsv.exe 1688
C:\Program Files\Avira\AntiVir Desktop\sched.exe 1756
C:\WINDOWS\system32\svchost.exe 1836
C:\WINDOWS\system32\Ati2evxx.exe 2020
C:\WINDOWS\Explorer.EXE 164
C:\Program Files\Avira\AntiVir Desktop\avguard.exe 380
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 392
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe 444
C:\Program Files\Bonjour\mDNSResponder.exe 480
C:\WINDOWS\system32\drivers\CDAC11BA.EXE 500
C:\Program Files\Java\jre6\bin\jqs.exe 580
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe 660
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe 696
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe 732
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe 1092
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 1104
C:\Program Files\Java\jre6\bin\jusched.exe 1184
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 1196
C:\WINDOWS\system32\ctfmon.exe 1228
C:\Program Files\Messenger\msmsgs.exe 1268
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 1896
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe 1984
C:\WINDOWS\system32\svchost.exe 328
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe 1328
C:\WINDOWS\system32\wbem\unsecapp.exe 2680
C:\WINDOWS\system32\wbem\wmiprvse.exe 2692
C:\WINDOWS\system32\wbem\wmiapsrv.exe 2984
C:\WINDOWS\System32\alg.exe 3188
C:\Program Files\Java\jre6\bin\jucheck.exe 1920
C:\Program Files\Windows Live\Contacts\wlcomm.exe 3416
C:\Program Files\eMule\emule.exe 1624
C:\PROGRA~1\GRETECH\GOMPLA~1\GOM.exe 1992
C:\Program Files\bfgclient\bfggameservices.exe 3920
C:\Program Files\Mozilla Firefox\firefox.exe 2120
C:\WINDOWS\system32\wbem\wmiprvse.exe 2460

################## | Fichiers # Dossiers infectieux |

C:\SETUP.PIF
J:\autorun.inf

################## | Registre # Clés Run infectieuses |

[HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"

################## | Registre # Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{05885f7b-d66d-11dc-8211-0015f260c369}
Shell\Auto\command =cmd /C launch.bat
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat

HKCU\..\..\Explorer\MountPoints2\{3d89ffc5-9c4d-11de-8369-0015f260c369}
Shell\AutoRun\command =E:\InstallTomTomHOME.exe

HKCU\..\..\Explorer\MountPoints2\{5cc7dbc6-1e18-11de-82f3-0015f260c369}
Shell\Auto\command =infrom.exe
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL infrom.exe

HKCU\..\..\Explorer\MountPoints2\{66ec75db-722c-11de-8333-0015f260c369}
Shell\AutoRun\command =setup.exe

HKCU\..\..\Explorer\MountPoints2\{71d3eda1-daa5-11dd-82b6-0015f260c369}
Shell\Auto\command =cmd /C launch.bat
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat

HKCU\..\..\Explorer\MountPoints2\{7428f1ef-954d-11dd-8292-0015f260c369}
Shell\Auto\command =AdobeR.exe e
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

HKCU\..\..\Explorer\MountPoints2\{7541a31c-4de9-11dd-8261-0015f260c369}
Shell\Auto\command =cmd /C launch.bat
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat

HKCU\..\..\Explorer\MountPoints2\{83be5959-d10c-11dc-8210-0015f260c369}
Shell\Auto\command =cmd /C launch.bat
Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat

################## | Suspect | http://www.virustotal.com |


################## | Cracks / Keygens / Serials |

"C:\Program Files\Jeux Rico\Mystery P.I. - The Lottery Ticket\_keygen.exe"
18/09/2007 00:18 |Size 84480 |Crc32 68ae8829 |Md5 1ea6aae38bd310d3da24646dc55f25e7

"C:\Program Files\Jeux Rico\Mystery P.I. - The Lottery Ticket\Crack\chp.exe"
28/10/2007 19:25 |Size 7168 |Crc32 fcc98a67 |Md5 aea383d349b7d5ab52fe0b969849a545

"C:\Program Files\Jeux Rico\Mystery P.I. - The Lottery Ticket\Crack\crack.exe"
22/09/2008 08:33 |Size 107232 |Crc32 04ab31b7 |Md5 dbe6e2cdd3c4d1c3b66ce8f3b5f51a89

"C:\SWORDTMP\SOLENE\VUZE\So Blonde\SO BLONDE\Crack\SoBlonde.exe"
22/06/2008 14:24 |Size 1041024 |Crc32 62ad7a18 |Md5 f25cb232843f7c0e34e1b7ef2de0312b


################## | ! Fin du rapport # UsbFix V6.050 ! |


merci

   
Répondre à suhelen

6

geoffrey5, le 12 nov 2009 à 11:44:00

Bonjour,

tutoriel nettoyage

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir

▶ Double clic sur le raccourci UsbFix présent sur ton bureau

▶ choisi l'option 2 ( Suppression )

▶ Ton bureau disparaîtra et le pc redémarrera .

▶ Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil.

▶ Ensuite post le rapport UsbFix.txt qui apparaîtra avec le bureau .

▶ Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

▶ /!\ UsbFix te proposera d'uploader un dossier compressé à cette adresse : http://forum-aide-contre-virus.be/usbfix/choix_fichier.php

▶ Ce dossier a été créé par UsbFix et est enregistré sur ton bureau.

▶ Merci de l'envoyer à l'adresse indiquée afin d'aider l'auteur de UsbFix dans ses recherches.

▶ Merci d'avance pour ta contribution !! Si vous voyez une amélioration sur votre PC, ce n'est pas pour autant que la désinfection est terminée... Continuez jusqu'au bout !!

   
Répondre à geoffrey5

7

suhelen, le 12 nov 2009 à 12:16:22

Bonjour,

voila le rapport :

############################## | UsbFix V6.050 |

User : DEMANGEOT Solène (Administrateurs) # DEMANGEO-F101EC
Update on 09/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 11:55:38 | 12/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) 4 CPU 3.06GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 7.0.5730.11
Windows Firewall Status : Enabled
AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]

C:\ -> Disque fixe local # 232,88 Go (141,66 Go free) # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque fixe local # 465,64 Go (248,28 Go free) [My Book] # FAT32
K:\ -> Disque amovible
L:\ -> Disque fixe local # 967,2 Mo (408,86 Mo free) [USB_OUVERT] # FAT
Z:\ -> Disque virtuel # 0,04 Mo (0,04 Mo free) [MS-RAMDRIVE] # FAT

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 680
C:\WINDOWS\system32\csrss.exe 772
C:\WINDOWS\system32\winlogon.exe 804
C:\WINDOWS\system32\services.exe 848
C:\WINDOWS\system32\lsass.exe 860
C:\WINDOWS\system32\Ati2evxx.exe 1056
C:\WINDOWS\system32\svchost.exe 1072
C:\WINDOWS\system32\svchost.exe 1148
C:\WINDOWS\System32\svchost.exe 1244
C:\WINDOWS\system32\svchost.exe 1284
C:\WINDOWS\system32\svchost.exe 1344
C:\WINDOWS\system32\svchost.exe 1476
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe 1520
C:\WINDOWS\system32\spoolsv.exe 1688
C:\Program Files\Avira\AntiVir Desktop\sched.exe 1756
C:\WINDOWS\system32\svchost.exe 1836
C:\WINDOWS\system32\Ati2evxx.exe 2020
C:\WINDOWS\Explorer.EXE 164
C:\Program Files\Avira\AntiVir Desktop\avguard.exe 380
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 392
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe 444
C:\Program Files\Bonjour\mDNSResponder.exe 480
C:\WINDOWS\system32\drivers\CDAC11BA.EXE 500
C:\Program Files\Java\jre6\bin\jqs.exe 580
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe 660
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe 696
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe 732
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe 1092
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 1104
C:\Program Files\Java\jre6\bin\jusched.exe 1184
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 1196
C:\WINDOWS\system32\ctfmon.exe 1228
C:\Program Files\Messenger\msmsgs.exe 1268
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 1896
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe 1984
C:\WINDOWS\system32\svchost.exe 328
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe 1328
C:\WINDOWS\system32\wbem\unsecapp.exe 2680
C:\WINDOWS\system32\wbem\wmiprvse.exe 2692
C:\WINDOWS\system32\wbem\wmiapsrv.exe 2984
C:\WINDOWS\System32\alg.exe 3188
C:\Program Files\Java\jre6\bin\jucheck.exe 1920
C:\Program Files\Windows Live\Contacts\wlcomm.exe 3416
C:\Program Files\eMule\emule.exe 12204
C:\Program Files\bfgclient\bfgclient.exe 13276
C:\Program Files\Mozilla Firefox\firefox.exe 14232
C:\WINDOWS\system32\wbem\wmiprvse.exe 2768

################## | Fichiers # Dossiers infectieux |

Supprimé ! C:\SETUP.PIF
Supprimé ! J:\autorun.inf

################## | Registre # Clés Run infectieuses |

Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"

################## | Registre # Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{05885f7b-d66d-11dc-8211-0015f260c369}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{3d89ffc5-9c4d-11de-8369-0015f260c369}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{5cc7dbc6-1e18-11de-82f3-0015f260c369}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{66ec75db-722c-11de-8333-0015f260c369}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{71d3eda1-daa5-11dd-82b6-0015f260c369}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{7428f1ef-954d-11dd-8292-0015f260c369}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{7541a31c-4de9-11dd-8261-0015f260c369}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{83be5959-d10c-11dc-8210-0015f260c369}\Shell\Auto\Command

################## | Listing des fichiers présent |

[14/04/2008 13:00|--a------|263504] C:\$LDR$
[11/11/2009 05:20|--a------|22562] C:\aaw7boot.log
[07/07/2008 22:30|--a------|92216] C:\bass.dll
[08/10/2008 13:31|--a------|198] C:\BOOT.BAK
[30/08/2009 19:37|-rahs----|239] C:\boot.ini
[14/04/2008 13:00|-rahs----|4952] C:\Bootfont.bin
[12/05/2007 17:22|--a------|68096] C:\diff.exe
[08/04/2008 18:37|--a------|103680] C:\grep.exe
[12/06/2006 16:37|-rahs----|0] C:\IO.SYS
[27/12/2007 13:41|--a------|125] C:\ioSpecial.ini
[02/04/2009 22:40|--a------|63454843] C:\main.pak
[12/06/2006 16:37|-rahs----|0] C:\MSDOS.SYS
[14/04/2008 13:00|-rahs----|47564] C:\NTDETECT.COM
[14/04/2008 13:00|-rahs----|252240] C:\ntldr
[?|?|?] C:\pagefile.sys
[09/12/2007 15:22|--a------|4937] C:\PERF.LOG
[26/11/2007 22:47|--a------|67448] C:\playground.log
[21/01/2008 21:12|--a------|0] C:\plx_proxy.log
[13/12/1994 06:02|--a------|25980] C:\PRSANSR.TTF
[12/05/2007 17:22|--a------|853] C:\reboot.cmd
[14/04/2008 13:00|--a------|459151] C:\txtsetup.sif
[12/11/2009 12:08|--a------|5494] C:\UsbFix.txt
[03/04/2009 17:47|--a------|3298639] C:\Wonderburg.exe
[20/06/2009 23:48|--a------|3833034] L:\2009_0628andalousie06090001.JPG
[21/06/2009 00:39|--a------|4244770] L:\2009_0628andalousie06090002.JPG
[21/06/2009 00:39|--a------|4129795] L:\2009_0628andalousie06090003.JPG
[21/06/2009 00:39|--a------|4040730] L:\2009_0628andalousie06090004.JPG
[21/06/2009 01:47|--a------|3766237] L:\2009_0628andalousie06090005.JPG
[21/06/2009 01:47|--a------|3806852] L:\2009_0628andalousie06090006.JPG
[21/06/2009 01:50|--a------|4008901] L:\2009_0628andalousie06090007.JPG
[22/06/2009 01:08|--a------|4136131] L:\2009_0628andalousie06090008.JPG
[22/06/2009 01:09|--a------|3705182] L:\2009_0628andalousie06090009.JPG
[22/06/2009 02:23|--a------|3759428] L:\2009_0628andalousie06090010.JPG
[22/06/2009 02:23|--a------|4246576] L:\2009_0628andalousie06090011.JPG
[22/06/2009 02:24|--a------|3943018] L:\2009_0628andalousie06090012.JPG
[28/06/2009 20:42|--a------|3832463] L:\2009_0628andalousie06090013.JPG
[28/06/2009 19:30|--a------|30] L:\2009_0628andalousie06090013.jpx
[22/06/2009 05:34|--a------|4095456] L:\2009_0628andalousie06090014.JPG
[22/06/2009 05:34|--a------|3902839] L:\2009_0628andalousie06090015.JPG
[22/06/2009 05:56|--a------|3886364] L:\2009_0628andalousie06090016.JPG
[22/06/2009 05:56|--a------|4303490] L:\2009_0628andalousie06090017.JPG
[22/06/2009 05:59|--a------|4024029] L:\2009_0628andalousie06090018.JPG
[22/06/2009 06:00|--a------|3950707] L:\2009_0628andalousie06090019.JPG
[22/06/2009 06:23|--a------|4276383] L:\2009_0628andalousie06090020.JPG
[22/06/2009 06:24|--a------|4603594] L:\2009_0628andalousie06090021.JPG
[22/06/2009 21:21|--a------|4409723] L:\2009_0628andalousie06090022.JPG
[23/06/2009 01:27|--a------|3932724] L:\2009_0628andalousie06090023.JPG
[23/06/2009 01:27|--a------|3969431] L:\2009_0628andalousie06090024.JPG
[23/06/2009 01:27|--a------|4265808] L:\2009_0628andalousie06090025.JPG
[23/06/2009 01:28|--a------|4125797] L:\2009_0628andalousie06090026.JPG
[28/06/2009 19:30|--a------|4004369] L:\andalousie 0609 077.jpg
[28/06/2009 19:24|--a------|4051049] L:\andalousie 0609 001.jpg
[28/06/2009 19:24|--a------|4609644] L:\andalousie 0609 002.jpg
[28/06/2009 19:24|--a------|3867099] L:\andalousie 0609 003.jpg
[28/06/2009 19:24|--a------|3869784] L:\andalousie 0609 004.jpg
[28/06/2009 19:25|--a------|3985429] L:\andalousie 0609 005.jpg
[28/06/2009 19:25|--a------|3755345] L:\andalousie 0609 006.jpg
[28/06/2009 19:25|--a------|3921136] L:\andalousie 0609 007.jpg
[28/06/2009 19:25|--a------|3159499] L:\andalousie 0609 008.jpg
[28/06/2009 19:25|--a------|3885560] L:\andalousie 0609 009.jpg
[28/06/2009 19:25|--a------|4492348] L:\andalousie 0609 010.jpg
[28/06/2009 19:25|--a------|4121788] L:\andalousie 0609 011.jpg
[28/06/2009 19:25|--a------|4098514] L:\andalousie 0609 012.jpg
[28/06/2009 19:25|--a------|4063465] L:\andalousie 0609 013.jpg
[28/06/2009 19:25|--a------|4053866] L:\andalousie 0609 014.jpg
[28/06/2009 19:25|--a------|3112873] L:\andalousie 0609 015.jpg
[28/06/2009 19:25|--a------|4036255] L:\andalousie 0609 016.jpg
[28/06/2009 19:25|--a------|4819285] L:\andalousie 0609 017.jpg
[28/06/2009 19:26|--a------|4271789] L:\andalousie 0609 018.jpg
[28/06/2009 19:26|--a------|4272127] L:\andalousie 0609 019.jpg
[28/06/2009 19:26|--a------|2946253] L:\andalousie 0609 020.jpg
[28/06/2009 19:26|--a------|2747286] L:\andalousie 0609 021.jpg
[28/06/2009 19:26|--a------|3913750] L:\andalousie 0609 022.jpg
[28/06/2009 19:26|--a------|4455126] L:\andalousie 0609 023.jpg
[28/06/2009 19:26|--a------|4259220] L:\andalousie 0609 024.jpg
[28/06/2009 19:26|--a------|3905702] L:\andalousie 0609 025.jpg
[28/06/2009 19:26|--a------|4017498] L:\andalousie 0609 026.jpg
[28/06/2009 19:26|--a------|4604869] L:\andalousie 0609 027.jpg
[28/06/2009 19:26|--a------|2917471] L:\andalousie 0609 028.jpg
[28/06/2009 19:26|--a------|3006064] L:\andalousie 0609 029.jpg
[28/06/2009 19:26|--a------|4332154] L:\andalousie 0609 030.jpg
[28/06/2009 19:26|--a------|4404196] L:\andalousie 0609 031.jpg
[28/06/2009 19:27|--a------|4114652] L:\andalousie 0609 032.jpg
[28/06/2009 19:27|--a------|4308416] L:\andalousie 0609 033.jpg
[28/06/2009 19:27|--a------|4184051] L:\andalousie 0609 034.jpg
[28/06/2009 19:27|--a------|4155224] L:\andalousie 0609 035.jpg
[28/06/2009 19:27|--a------|4056795] L:\andalousie 0609 036.jpg
[28/06/2009 19:27|--a------|4103224] L:\andalousie 0609 037.jpg
[28/06/2009 19:27|--a------|3979440] L:\andalousie 0609 038.jpg
[28/06/2009 19:27|--a------|2630513] L:\andalousie 0609 039.jpg
[28/06/2009 19:27|--a------|2411756] L:\andalousie 0609 040.jpg
[28/06/2009 19:27|--a------|4285563] L:\andalousie 0609 041.jpg
[28/06/2009 19:27|--a------|3954336] L:\andalousie 0609 042.jpg
[28/06/2009 19:27|--a------|3970928] L:\andalousie 0609 043.jpg
[28/06/2009 19:27|--a------|4096605] L:\andalousie 0609 044.jpg
[28/06/2009 19:27|--a------|3973792] L:\andalousie 0609 045.jpg
[28/06/2009 19:28|--a------|4421880] L:\andalousie 0609 046.jpg
[28/06/2009 19:28|--a------|3042871] L:\andalousie 0609 047.jpg
[28/06/2009 19:28|--a------|4331894] L:\andalousie 0609 048.jpg
[28/06/2009 19:28|--a------|4169458] L:\andalousie 0609 049.jpg
[28/06/2009 19:28|--a------|3974176] L:\andalousie 0609 050.jpg
[28/06/2009 19:28|--a------|4336392] L:\andalousie 0609 051.jpg
[28/06/2009 19:28|--a------|3972532] L:\andalousie 0609 052.jpg
[28/06/2009 19:28|--a------|4382776] L:\andalousie 0609 053.jpg
[28/06/2009 19:28|--a------|4040567] L:\andalousie 0609 054.jpg
[28/06/2009 19:28|--a------|4476878] L:\andalousie 0609 055.jpg
[28/06/2009 19:28|--a------|4233999] L:\andalousie 0609 056.jpg
[28/06/2009 19:28|--a------|4039201] L:\andalousie 0609 057.jpg
[28/06/2009 19:28|--a------|4017834] L:\andalousie 0609 058.jpg
[28/06/2009 19:28|--a------|3620136] L:\andalousie 0609 059.jpg
[28/06/2009 19:29|--a------|3771577] L:\andalousie 0609 060.jpg
[28/06/2009 19:29|--a------|3529326] L:\andalousie 0609 061.jpg
[28/06/2009 19:29|--a------|3795090] L:\andalousie 0609 062.jpg
[28/06/2009 19:29|--a------|3833475] L:\andalousie 0609 063.jpg
[28/06/2009 19:29|--a------|4458195] L:\andalousie 0609 064.jpg
[28/06/2009 19:29|--a------|4217008] L:\andalousie 0609 065.jpg
[28/06/2009 19:29|--a------|4077227] L:\andalousie 0609 066.jpg
[28/06/2009 19:29|--a------|4244088] L:\andalousie 0609 067.jpg
[28/06/2009 19:29|--a------|3782317] L:\andalousie 0609 068.jpg
[28/06/2009 19:29|--a------|3768446] L:\andalousie 0609 069.jpg
[28/06/2009 19:29|--a------|4466401] L:\andalousie 0609 070.jpg
[28/06/2009 19:29|--a------|3963802] L:\andalousie 0609 071.jpg
[28/06/2009 19:29|--a------|3919009] L:\andalousie 0609 072.jpg
[28/06/2009 19:30|--a------|3822220] L:\andalousie 0609 073.jpg
[28/06/2009 19:30|--a------|3743862] L:\andalousie 0609 074.jpg
[28/06/2009 19:30|--a------|3751003] L:\andalousie 0609 075.jpg
[28/06/2009 19:30|--a------|3811065] L:\andalousie 0609 076.jpg
[02/07/2009 00:39|--ahs----|690920] L:\Thumbs.db

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.
# J:\autorun.inf -> Dossier créé par UsbFix.
# L:\autorun.inf -> Dossier créé par UsbFix.

################## | Suspect | http://www.virustotal.com |


################## | Cracks / Keygens / Serials |

"C:\Program Files\Jeux Rico\Mystery P.I. - The Lottery Ticket\_keygen.exe"
18/09/2007 00:18 |Size 84480 |Crc32 68ae8829 |Md5 1ea6aae38bd310d3da24646dc55f25e7

"C:\Program Files\Jeux Rico\Mystery P.I. - The Lottery Ticket\Crack\chp.exe"
28/10/2007 19:25 |Size 7168 |Crc32 fcc98a67 |Md5 aea383d349b7d5ab52fe0b969849a545

"C:\Program Files\Jeux Rico\Mystery P.I. - The Lottery Ticket\Crack\crack.exe"
22/09/2008 08:33 |Size 107232 |Crc32 04ab31b7 |Md5 dbe6e2cdd3c4d1c3b66ce8f3b5f51a89

"C:\SWORDTMP\SOLENE\VUZE\So Blonde\SO BLONDE\Crack\SoBlonde.exe"
22/06/2008 14:24 |Size 1041024 |Crc32 62ad7a18 |Md5 f25cb232843f7c0e34e1b7ef2de0312b


################## | Upload |

Veuillez envoyer le fichier : C:\DOCUME~1\DEMANG~1\Bureau\UsbFix_Upload_Me_DEMANGEO-F101EC.zip : http://forum-aide-contre-virus.be/usbfix/choix_fichier.php
Merci pour votre contribution .

################## | ! Fin du rapport # UsbFix V6.050 ! |



merci

   
Répondre à suhelen

8

geoffrey5, le 12 nov 2009 à 12:32:16

Parfait !! Maintenant :

Il y a des infections LOP dans ton PC.
Elles s'installent via certains programmes, dont ceux-ci :

● Le sponsor de Messenger Plus!
● Bittorent
● BitDownload
● BitGrabber
● NetPumper
● BitRoll
● TorrentQ
● Torrent101

/!\ Fais attention de ne pas faire la même erreur, donc évite ces programmes /!\


▶ Télécharger et enregistrer lopSD sur le Bureau

▶ Double-clic Lop S&D

▶ Faire l'installation

▶ Fermer toutes les applications

▶ Le lancer par un double-clic sur le raccourci qui est sur le bureau

Avec VISTA => clic-droit et => Exécuter en tant qu'administrateur

▶ Taper F pour français , puis presser entrée

▶ Taper 1

▶ Presser Entrée

▶ Le PC va redémarrer

* Note : si l'antivirus annonce une infection dans TEMP , l'ignorer

▶ Attendre l'apparition du rapport

▶ Copier le rapport et le coller dans la réponse

* le rapport se trouve aussi à C:\lopR
Si vous voyez une amélioration sur votre PC, ce n'est pas pour autant que la désinfection est terminée... Continuez jusqu'au bout !!

   
Répondre à geoffrey5

9

suhelen, le 12 nov 2009 à 12:47:49

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
BIOS : BIOS Date: 01/03/06 16:40:56 Ver: 08.00.10
USER : DEMANGEOT Solène ( Administrator )
BOOT : Normal boot
Antivirus : AntiVir Desktop 9.0.1.32 (Activated)
C:\ (Local Disk) - NTFS - Total:232 Go (Free:141 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (Local Disk) - FAT32 - Total:465 Go (Free:248 Go)
K:\ (USB)
L:\ (Local Disk) - FAT - Total:0 Go (Free:0 Go)
Z:\ (RAM) - FAT - Total:0 Go (Free:0 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 12/11/2009|12:36 )

--------------------\\ Listing des dossiers dans APPLIC~1

[02/11/2009|23:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[30/10/2009|18:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
[07/11/2008|13:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[16/04/2007|12:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[05/07/2009|22:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AdventureChronicles1
[14/08/2008|22:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[27/02/2009|21:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Alawar Stargaze
[27/03/2009|21:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AlawarWrapper
[06/02/2008|13:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Aliasworlds
[04/04/2009|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ApeZone
[02/11/2009|22:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[25/04/2007|13:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[14/12/2008|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Astar Games
[25/07/2009|13:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[05/02/2009|20:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[10/04/2008|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Awem
[02/06/2009|20:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[07/10/2009|19:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Becky Brogan
[20/07/2007|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\beepflawatompoke
[12/11/2009|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFishGamesCache
[01/08/2009|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFishSavedGames
[07/04/2009|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFishv1005fr
[30/04/2009|17:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\blg
[19/07/2006|19:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[09/12/2007|15:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BufferZone
[15/09/2009|11:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CasualForge
[01/12/2007|19:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Christmasville
[23/01/2007|22:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ciel
[12/05/2009|20:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DAEMON Tools Lite
[21/03/2009|19:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DivoGames
[27/02/2009|19:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EA
[12/01/2009|21:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\eGames
[01/07/2009|22:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ERS G-Studio
[05/02/2009|19:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EscapeTheMuseum
[09/05/2009|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Far Mills
[08/03/2008|19:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Farm Frenzy
[06/11/2008|20:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FarmFrenzy2
[13/08/2009|23:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FarmFrenzyPizzaParty
[25/03/2009|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FarmFrenzy-PizzaParty
[12/11/2009|10:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fashion Solitaire 1.2
[12/01/2009|21:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[01/04/2009|19:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Flood Light Games
[26/09/2007|16:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FloodLightGames
[09/02/2009|00:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FlyWheelGames
[07/01/2008|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Forge of Games
[25/09/2008|11:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreshGames
[21/02/2009|00:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fugazo
[14/09/2008|14:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GameHouse
[28/07/2009|22:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gamers Digital
[22/08/2009|10:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GAMESHASTRA
[22/04/2009|22:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gogii
[17/02/2009|18:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gogii Games
[04/01/2009|21:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gold Casual Games
[07/05/2009|18:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[07/11/2007|14:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[04/01/2009|16:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HiddenSecretsNightmare
[14/10/2009|11:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HideAndSecret3
[17/01/2009|00:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft
[25/09/2008|18:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hot Lava Games
[09/08/2009|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HoverBee Studios
[19/07/2009|21:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[06/10/2009|13:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IntDreams
[10/05/2009|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intenium
[11/01/2009|17:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iWin
[29/04/2008|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear
[14/07/2009|22:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[26/07/2009|12:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Little Games Company
[31/01/2009|01:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[05/02/2007|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[11/10/2007|16:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[28/10/2008|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[05/05/2009|18:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mandragora
[16/09/2009|10:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mean Hamster
[13/04/2009|20:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[03/01/2009|22:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MonteCristo
[02/11/2009|10:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MumboJumbo
[30/12/2008|18:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mushroom Age
[03/03/2008|13:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\My Games
[29/12/2008|12:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MysteryChronicles
[02/01/2009|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MythPeople
[13/10/2007|17:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\n7-89-o9-3r-4t-r9
[24/04/2008|11:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NannyMania
[11/11/2009|19:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NeptunesAdve
[05/03/2009|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Games
[02/11/2009|22:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[19/02/2009|20:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayPond
[22/02/2009|22:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Playrix Entertainment
[17/10/2009|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PoBros
[03/10/2009|12:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Princess Isabella
[09/05/2009|16:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickClick
[04/04/2009|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Redrum
[17/02/2009|23:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Rumbic Studio
[27/07/2009|19:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
[11/01/2009|18:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Shockwave
[20/10/2009|17:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[30/12/2008|20:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Slapdash Games
[18/05/2009|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sortasoft
[03/03/2009|19:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpecialBit
[09/06/2008|12:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpinTop Games
[14/07/2009|22:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[04/04/2009|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SugarGames
[10/10/2009|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SulusGames
[12/11/2009|11:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[15/12/2008|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TheRace_dev
[17/05/2009|21:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TikGames
[09/09/2009|17:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
[11/07/2009|20:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[17/05/2009|20:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UClick
[03/01/2009|01:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Valusoft
[25/09/2008|20:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VirtualFarm
[19/08/2009|19:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WildWestQuest2
[02/10/2006|18:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[08/11/2007|12:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[16/01/2007|21:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[26/05/2009|22:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ZEMNOTT
[02/08/2007|20:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[12/06/2006|16:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[14/02/2009|17:20] C:\DOCUME~1\DEMANG~1\APPLIC~1\Adobe
[30/01/2007|22:34] C:\DOCUME~1\DEMANG~1\APPLIC~1\AdobeUM
[08/05/2009|16:56] C:\DOCUME~1\DEMANG~1\APPLIC~1\Alawar
[03/11/2009|15:59] C:\DOCUME~1\DEMANG~1\APPLIC~1\Apple Computer
[26/02/2007|15:24] C:\DOCUME~1\DEMANG~1\APPLIC~1\ArcSoft
[08/11/2009|11:21] C:\DOCUME~1\DEMANG~1\APPLIC~1\Artogon
[09/07/2009|18:40] C:\DOCUME~1\DEMANG~1\APPLIC~1\AVS4YOU
[09/05/2009|15:37] C:\DOCUME~1\DEMANG~1\APPLIC~1\Azuaz Games
[15/07/2009|22:15] C:\DOCUME~1\DEMANG~1\APPLIC~1\Azureus
[17/05/2009|21:09] C:\DOCUME~1\DEMANG~1\APPLIC~1\Be a King
[19/01/2009|21:44] C:\DOCUME~1\DEMANG~1\APPLIC~1\BeachPartyCraze
[06/07/2009|21:33] C:\DOCUME~1\DEMANG~1\APPLIC~1\BFG_JanesRealty
[04/10/2009|20:02] C:\DOCUME~1\DEMANG~1\APPLIC~1\Big Fish Games
[08/05/2009|22:32] C:\DOCUME~1\DEMANG~1\APPLIC~1\BigFishv1002
[30/03/2009|12:20] C:\DOCUME~1\DEMANG~1\APPLIC~1\BigFishv1002fr
[05/06/2009|21:56] C:\DOCUME~1\DEMANG~1\APPLIC~1\BigFishv1005
[14/04/2007|11:08] C:\DOCUME~1\DEMANG~1\APPLIC~1\BitDownload
[11/12/2007|10:56] C:\DOCUME~1\DEMANG~1\APPLIC~1\BitTorrent
[30/04/2009|17:11] C:\DOCUME~1\DEMANG~1\APPLIC~1\blg
[19/07/2009|17:21] C:\DOCUME~1\DEMANG~1\APPLIC~1\BloodTies
[15/05/2009|22:13] C:\DOCUME~1\DEMANG~1\APPLIC~1\Boolat Games
[30/05/2009|23:04] C:\DOCUME~1\DEMANG~1\APPLIC~1\Boomzap
[10/07/2009|19:05] C:\DOCUME~1\DEMANG~1\APPLIC~1\Boontyv1002
[15/07/2009|15:00] C:\DOCUME~1\DEMANG~1\APPLIC~1\BrandX Games
[15/09/2009|11:56] C:\DOCUME~1\DEMANG~1\APPLIC~1\CasualForge
[16/03/2009|20:34] C:\DOCUME~1\DEMANG~1\APPLIC~1\cerasus.media
[25/04/2009|22:49] C:\DOCUME~1\DEMANG~1\APPLIC~1\Chicken Chase
[18/03/2009|19:46] C:\DOCUME~1\DEMANG~1\APPLIC~1\Coyotes Tale
[12/05/2009|20:55] C:\DOCUME~1\DEMANG~1\APPLIC~1\DAEMON Tools Lite
[02/11/2006|13:23] C:\DOCUME~1\DEMANG~1\APPLIC~1\DivX
[08/02/2008|20:17] C:\DOCUME~1\DEMANG~1\APPLIC~1\D-Jix Media
[21/02/2009|20:03] C:\DOCUME~1\DEMANG~1\APPLIC~1\Dragon Altar Games
[01/05/2009|19:20] C:\DOCUME~1\DEMANG~1\APPLIC~1\Dreamsdwell Stories
[12/01/2009|21:54] C:\DOCUME~1\DEMANG~1\APPLIC~1\eGames
[01/05/2009|20:47] C:\DOCUME~1\DEMANG~1\APPLIC~1\EleFun Games
[15/05/2009|19:46] C:\DOCUME~1\DEMANG~1\APPLIC~1\Enchanted Katya
[28/06/2006|16:58] C:\DOCUME~1\DEMANG~1\APPLIC~1\EoRezo
[06/11/2009|11:56] C:\DOCUME~1\DEMANG~1\APPLIC~1\ERS G-Studio
[14/09/2008|22:24] C:\DOCUME~1\DEMANG~1\APPLIC~1\Eyeblaster
[11/01/2009|18:21] C:\DOCUME~1\DEMANG~1\APPLIC~1\Fabulous Finds
[27/03/2009|21:49] C:\DOCUME~1\DEMANG~1\APPLIC~1\FarmerJane
[01/04/2009|19:03] C:\DOCUME~1\DEMANG~1\APPLIC~1\Flood Light Games
[26/09/2007|16:17] C:\DOCUME~1\DEMANG~1\APPLIC~1\FloodLightGames
[14/10/2009|19:32] C:\DOCUME~1\DEMANG~1\APPLIC~1\Friday's games
[16/11/2008|17:56] C:\DOCUME~1\DEMANG~1\APPLIC~1\funkitron
[16/02/2008|12:07] C:\DOCUME~1\DEMANG~1\APPLIC~1\Fuzzy Games
[26/09/2008|13:57] C:\DOCUME~1\DEMANG~1\APPLIC~1\Gaijin Ent
[13/10/2007|17:29] C:\DOCUME~1\DEMANG~1\APPLIC~1\GameHouse
[27/02/2009|20:51] C:\DOCUME~1\DEMANG~1\APPLIC~1\GameInvest
[03/03/2009|13:16] C:\DOCUME~1\DEMANG~1\APPLIC~1\Gamelab
[28/07/2009|22:49] C:\DOCUME~1\DEMANG~1\APPLIC~1\Gamers Digital
[29/10/2009|18:01] C:\DOCUME~1\DEMANG~1\APPLIC~1\Games
[19/10/2008|19:45] C:\DOCUME~1\DEMANG~1\APPLIC~1\GamesCafe
[22/08/2009|10:48] C:\DOCUME~1\DEMANG~1\APPLIC~1\GAMESHASTRA
[17/12/2008|20:44] C:\DOCUME~1\DEMANG~1\APPLIC~1\GARMIN
[14/06/2008|15:40] C:\DOCUME~1\DEMANG~1\APPLIC~1\GibbHill Properties Ltd
[30/12/2008|21:22] C:\DOCUME~1\DEMANG~1\APPLIC~1\Go Go Gourmet
[17/02/2009|18:08] C:\DOCUME~1\DEMANG~1\APPLIC~1\Gogii Games
[03/07/2009|20:16] C:\DOCUME~1\DEMANG~1\APPLIC~1\Gold Casual Games
[29/10/2007|23:07] C:\DOCUME~1\DEMANG~1\APPLIC~1\Google
[13/06/2008|20:27] C:\DOCUME~1\DEMANG~1\APPLIC~1\GRETECH
[05/08/2008|19:59] C:\DOCUME~1\DEMANG~1\APPLIC~1\Grisoft
[14/04/2007|13:52] C:\DOCUME~1\DEMANG~1\APPLIC~1\gtk-2.0
[16/06/2006|13:29] C:\DOCUME~1\DEMANG~1\APPLIC~1\Help
[10/05/2009|18:29] C:\DOCUME~1\DEMANG~1\APPLIC~1\HiT-MM
[13/05/2009|19:18] C:\DOCUME~1\DEMANG~1\APPLIC~1\Home Sweet Home 2
[01/08/2009|21:59] C:\DOCUME~1\DEMANG~1\APPLIC~1\HouseCall 6.6
[05/08/2009|21:30] C:\DOCUME~1\DEMANG~1\APPLIC~1\HuruBeachParty
[02/11/2009|22:52] C:\DOCUME~1\DEMANG~1\APPLIC~1\Identities
[14/04/2007|12:26] C:\DOCUME~1\DEMANG~1\APPLIC~1\Inkscape
[15/09/2009|20:44] C:\DOCUME~1\DEMANG~1\APPLIC~1\IronCode
[04/11/2009|12:34] C:\DOCUME~1\DEMANG~1\APPLIC~1\Island
[26/04/2009|20:10] C:\DOCUME~1\DEMANG~1\APPLIC~1\ITTNord
[09/02/2009|22:13] C:\DOCUME~1\DEMANG~1\APPLIC~1\iWin
[08/02/2008|18:51] C:\DOCUME~1\DEMANG~1\APPLIC~1\Jane s Hotel
[03/09/2008|16:37] C:\DOCUME~1\DEMANG~1\APPLIC~1\Jane s Hotel Family Hero
[05/07/2009|21:01] C:\DOCUME~1\DEMANG~1\APPLIC~1\Janes_Realty
[03/01/2009|00:17] C:\DOCUME~1\DEMANG~1\APPLIC~1\JewelMatch2
[16/02/2009|20:06] C:\DOCUME~1\DEMANG~1\APPLIC~1\JoyBits
[28/06/2007|23:39] C:\DOCUME~1\DEMANG~1\APPLIC~1\Lavasoft
[31/01/2007|11:04] C:\DOCUME~1\DEMANG~1\APPLIC~1\Leadertech
[26/07/2009|12:17] C:\DOCUME~1\DEMANG~1\APPLIC~1\Little Games Company
[19/07/2009|21:26] C:\DOCUME~1\DEMANG~1\APPLIC~1\Lost in the City
[15/02/2008|13:00] C:\DOCUME~1\DEMANG~1\APPLIC~1\Macromedia
[29/09/2007|20:07] C:\DOCUME~1\DEMANG~1\APPLIC~1\Magic Academy
[22/04/2008|12:31] C:\DOCUME~1\DEMANG~1\APPLIC~1\Magic Seeds
[28/10/2008|15:39] C:\DOCUME~1\DEMANG~1\APPLIC~1\Malwarebytes
[16/09/2009|10:42] C:\DOCUME~1\DEMANG~1\APPLIC~1\Mean Hamster
[02/07/2009|00:03] C:\DOCUME~1\DEMANG~1\APPLIC~1\Media Player Classic
[08/06/2009|10:56] C:\DOCUME~1\DEMANG~1\APPLIC~1\Meridian93
[20/07/2007|18:45] C:\DOCUME~1\DEMANG~1\APPLIC~1\Mfcd Joy
[26/07/2007|16:37] C:\DOCUME~1\DEMANG~1\APPLIC~1\Microgaming
[30/08/2009|19:02] C:\DOCUME~1\DEMANG~1\APPLIC~1\Microsoft
[12/11/2009|10:48] C:\DOCUME~1\DEMANG~1\APPLIC~1\MissTeriTale3
[30/08/2008|15:51] C:\DOCUME~1\DEMANG~1\APPLIC~1\Mozilla
[02/08/2007|19:10] C:\DOCUME~1\DEMANG~1\APPLIC~1\My Games
[12/10/2009|11:33] C:\DOCUME~1\DEMANG~1\APPLIC~1\MysteryStudio
[29/09/2007|11:45] C:\DOCUME~1\DEMANG~1\APPLIC~1\Mysteryville2
[10/07/2009|19:01] C:\DOCUME~1\DEMANG~1\APPLIC~1\NevoSoft Games
[05/03/2009|21:10] C:\DOCUME~1\DEMANG~1\APPLIC~1\Oberon Games
[03/07/2009|20:10] C:\DOCUME~1\DEMANG~1\APPLIC~1\panoramik
[04/05/2009|18:51] C:\DOCUME~1\DEMANG~1\APPLIC~1\Pharaohs Secret
[16/03/2008|20:06] C:\DOCUME~1\DEMANG~1\APPLIC~1\Pirateville
[02/11/2009|22:52] C:\DOCUME~1\DEMANG~1\APPLIC~1\PlayFirst
[09/05/2009|14:05] C:\DOCUME~1\DEMANG~1\APPLIC~1\Playrix Entertainment
[23/04/2009|18:34] C:\DOCUME~1\DEMANG~1\APPLIC~1\PoBros
[31/07/2008|11:31] C:\DOCUME~1\DEMANG~1\APPLIC~1\Real
[28/11/2008|23:45] C:\DOCUME~1\DEMANG~1\APPLIC~1\RealArcade
[10/07/2009|17:43] C:\DOCUME~1\DEMANG~1\APPLIC~1\Reflexive_Janes_Realty
[05/01/2009|20:24] C:\DOCUME~1\DEMANG~1\APPLIC~1\Righteous Kill
[01/04/2009|19:32] C:\DOCUME~1\DEMANG~1\APPLIC~1\RobinsonCrusoeBFGFR
[03/06/2009|21:32] C:\DOCUME~1\DEMANG~1\APPLIC~1\Sahmon Games
[30/10/2007|21:49] C:\DOCUME~1\DEMANG~1\APPLIC~1\Sandlot Games
[02/02/2009|20:29] C:\DOCUME~1\DEMANG~1\APPLIC~1\SecretIslandEng
[17/02/2009|21:38] C:\DOCUME~1\DEMANG~1\APPLIC~1\SecretIslandFraBF
[21/09/2007|13:12] C:\DOCUME~1\DEMANG~1\APPLIC~1\SecuROM
[25/05/2009|21:39] C:\DOCUME~1\DEMANG~1\APPLIC~1\SerpentOfIsis
[16/05/2009|15:11] C:\DOCUME~1\DEMANG~1\APPLIC~1\Shape games
[08/11/2009|12:59] C:\DOCUME~1\DEMANG~1\APPLIC~1\she_is_a_shadow
[03/10/2009|10:45] C:\DOCUME~1\DEMANG~1\APPLIC~1\ShinyTales
[19/10/2008|20:15] C:\DOCUME~1\DEMANG~1\APPLIC~1\Shopping Blocks
[11/11/2009|10:15] C:\DOCUME~1\DEMANG~1\APPLIC~1\Skype
[11/11/2009|08:02] C:\DOCUME~1\DEMANG~1\APPLIC~1\skypePM
[07/07/2009|16:23] C:\DOCUME~1\DEMANG~1\APPLIC~1\Softonic_JanesRealty
[18/05/2009|19:00] C:\DOCUME~1\DEMANG~1\APPLIC~1\Sortasoft
[12/08/2008|17:18] C:\DOCUME~1\DEMANG~1\APPLIC~1\Spamihilator
[09/12/2007|14:47] C:\DOCUME~1\DEMANG~1\APPLIC~1\SpinTop
[16/04/2009|21:58] C:\DOCUME~1\DEMANG~1\APPLIC~1\SpinTop Games
[05/07/2008|12:05] C:\DOCUME~1\DEMANG~1\APPLIC~1\SprillBermudeEng
[02/10/2008|15:23] C:\DOCUME~1\DEMANG~1\APPLIC~1\SprillBermudeFr
[29/10/2009|13:51] C:\DOCUME~1\DEMANG~1\APPLIC~1\SprillRichiEng
[03/10/2006|17:14] C:\DOCUME~1\DEMANG~1\APPLIC~1\StoneTrip
[23/12/2008|18:56] C:\DOCUME~1\DEMANG~1\APPLIC~1\SultansLabyrinth
[10/10/2009|17:50] C:\DOCUME~1\DEMANG~1\APPLIC~1\SulusGames
[12/06/2006|18:17] C:\DOCUME~1\DEMANG~1\APPLIC~1\Sun
[18/07/2009|13:05] C:\DOCUME~1\DEMANG~1\APPLIC~1\SunRay Games
[05/02/2008|19:06] C:\DOCUME~1\DEMANG~1\APPLIC~1\Super-Cow
[12/06/2006|20:05] C:\DOCUME~1\DEMANG~1\APPLIC~1\Talkback
[14/06/2006|13:51] C:\DOCUME~1\DEMANG~1\APPLIC~1\Template
[07/04/2008|11:42] C:\DOCUME~1\DEMANG~1\APPLIC~1\TheScruffs
[17/05/2009|21:18] C:\DOCUME~1\DEMANG~1\APPLIC~1\TikGames
[22/04/2009|19:34] C:\DOCUME~1\DEMANG~1\APPLIC~1\TMInc
[09/09/2009|17:06] C:\DOCUME~1\DEMANG~1\APPLIC~1\TomTom
[12/11/2009|10:39] C:\DOCUME~1\DEMANG~1\APPLIC~1\Total Eclipse
[08/05/2009|22:36] C:\DOCUME~1\DEMANG~1\APPLIC~1\Twintale Entertainment
[16/12/2007|18:55] C:\DOCUME~1\DEMANG~1\APPLIC~1\U3
[14/10/2009|17:40] C:\DOCUME~1\DEMANG~1\APPLIC~1\Ubisoft
[17/05/2009|20:55] C:\DOCUME~1\DEMANG~1\APPLIC~1\UClick
[13/10/2008|10:47] C:\DOCUME~1\DEMANG~1\APPLIC~1\Uniblue
[21/02/2009|00:39] C:\DOCUME~1\DEMANG~1\APPLIC~1\URSE Games
[11/11/2009|02:30] C:\DOCUME~1\DEMANG~1\APPLIC~1\uTorrent
[03/01/2009|01:08] C:\DOCUME~1\DEMANG~1\APPLIC~1\Valusoft
[26/07/2009|14:48] C:\DOCUME~1\DEMANG~1\APPLIC~1\V-Games
[09/10/2009|10:30] C:\DOCUME~1\DEMANG~1\APPLIC~1\ViquaSoft
[29/11/2008|01:24] C:\DOCUME~1\DEMANG~1\APPLIC~1\Wildfire
[09/12/2007|14:36] C:\DOCUME~1\DEMANG~1\APPLIC~1\WinRAR
[19/06/2006|09:55] C:\DOCUME~1\DEMANG~1\APPLIC~1\Yahoo!
[14/10/2009|18:31] C:\DOCUME~1\DEMANG~1\APPLIC~1\YoudaGames
[14/09/2008|17:15] C:\DOCUME~1\DEMANG~1\APPLIC~1\YTHE
[26/05/2009|22:16] C:\DOCUME~1\DEMANG~1\APPLIC~1\ZEMNOTT
[02/11/2009|22:52] C:\DOCUME~1\DEMANG~1\APPLIC~1\Zylom
[02/11/2009|22:54] C:\DOCUME~1\DEMANG~1\APPLIC~1\Zylom 3 Days Zoo Mystery
[01/05/2009|22:17] C:\DOCUME~1\DEMANG~1\APPLIC~1\Zylom DressUpRush

[14/02/2009|17:20] C:\DOCUME~1\DEMANG~1\APPLIC~1\Adobe
[30/01/2007|22:34] C:\DOCUME~1\DEMANG~1\APPLIC~1\AdobeUM
[08/05/2009|16:56] C:\DOCUME~1\DEMANG~1\APPLIC~1\Alawar
[03/11/2009|15:59] C:\DOCUME~1\DEMANG~1\APPLIC~1\Apple Computer
[26/02/2007|15:24] C:\DOCUME~1\DEMANG~1\APPLIC~1\ArcSoft
[08/11/2009|11:21] C:\DOCUME~1\DEMANG~1\APPLIC~1\Artogon
[09/07/2009|18:40] C:\DOCUME~1\DEMANG~1\APPLIC~1\AVS4YOU
[09/05/2009|15:37] C:\DOCUME~1\DEMANG~1\APPLIC~1\Azuaz Games
[15/07/2009|22:15] C:\DOCUME~1\DEMANG~1\APPLIC~1\Azureus
[17/05/2009|21:09] C:\DOCUME~1\DEMANG~1\APPLIC~1\Be a King
[19/01/2009|21:44] C:\DOCUME~1\DEMANG~1\APPLIC~1\BeachPartyCraze
[06/07/2009|21:33] C:\DOCUME~1\DEMANG~1\APPLIC~1\BFG_JanesRealty
[04/10/2009|20:02] C:\DOCUME~1\DEMANG~1\APPLIC~1\Big Fish Games
[08/05/2009|22:32] C:\DOCUME~1\DEMANG~1\APPLIC~1\BigFishv1002
[30/03/2009|12:20] C:\DOCUME~1\DEMANG~1\APPLIC~1\BigFishv1002fr
[05/06/2009|21:56] C:\DOCUME~1\DEMANG~1\APPLIC~1\BigFishv1005
[14/04/2007|11:08] C:\DOCUME~1\DEMANG~1\APPLIC~1\BitDownload
[11/12/2007|10:56] C:\DOCUME~1\DEMANG~1\APPLIC~1\BitTorrent
[30/04/2009|17:11] C:\DOCUME~1\DEMANG~1\APPLIC~1\blg
[19/07/2009|17:21] C:\DOCUME~1\DEMANG~1\APPLIC~1\BloodTies
[15/05/2009|22:13] C:\DOCUME~1\DEMANG~1\APPLIC~1\Boolat Games
[30/05/2009|23:04] C:\DOCUME~1\DEMANG~1\APPLIC~1\Boomzap
[10/07/2009|19:05] C:\DOCUME~1\DEMANG~1\APPLIC~1\Boontyv1002
[15/07/2009|15:00] C:\DOCUME~1\DEMANG~1\APPLIC~1\BrandX Games
[15/09/2009|11:56] C:\DOCUME~1\DEMANG~1\APPLIC~1\CasualForge
[16/03/2009|20:34] C:\DOCUME~1\DEMANG~1\APPLIC~1\cerasus.media
[25/04/2009|22:49] C:\DOCUME~1\DEMANG~1\APPLIC~1\Chicken Chase
[18/03/2009|19:46] C:\DOCUME~1\DEMANG~1\APPLIC~1\Coyotes Tale
[12/05/2009|20:55] C:\DOCUME~1\DEMANG~1\APPLIC~1\DAEMON Tools Lite
[02/11/2006|13:23] C:\DOCUME~1\DEMANG~1\APPLIC~1\DivX
[08/02/2008|20:17] C:\DOCUME~1\DEMANG~1\APPLIC~1\D-Jix Media
[21/02/2009|20:03] C:\DOCUME~1\DEMANG~1\APPLIC~1\Dragon Altar Games
[01/05/2009|19:20] C:\DOCUME~1\DEMANG~1\APPLIC~1\Dreamsdwell Stories
[12/01/2009|21:54] C:\DOCUME~1\DEMANG~1\APPLIC~1\eGames
[01/05/2009|20:47] C:\DOCUME~1\DEMANG~1\APPLIC~1\EleFun Games
[15/05/2009|19:46] C:\DOCUME~1\DEMANG~1\APPLIC~1\Enchanted Katya
[28/06/2006|16:58] C:\DOCUME~1\DEMANG~1\APPLIC~1\EoRezo
[06/11/2009|11:56] C:\DOCUME~1\DEMANG~1\APPLIC~1\ERS G-Studio
[14/09/2008|22:24] C:\DOCUME~1\DEMANG~1\APPLIC~1\Eyeblaster
[11/01/2009|18:21] C:\DOCUME~1\DEMANG~1\APPLIC~1\Fabulous Finds
[27/03/2009|21:49] C:\DOCUME~1\DEMANG~1\APPLIC~1\FarmerJane
[01/04/2009|19:03] C:\DOCUME~1\DEMANG~1\APPLIC~1\Flood Light Games
[26/09/2007|16:17] C:\DOCUME~1\DEMANG~1\APPLIC~1\FloodLightGames
[14/10/2009|19:32] C:\DOCUME~1\DEMANG~1\APPLIC~1\Friday's games
[16/11/2008|17:56] C:\DOCUME~1\DEMANG~1\APPLIC~1\funkitron
[16/02/2008|12:07] C:\DOCUME~1\DEMANG~1\APPLIC~1\Fuzzy Games
[26/09/2008|13:57] C:\DOCUME~1\DEMANG~1\APPLIC~1\Gaijin Ent
[13/10/2007|17:29] C:\DOCUME~1\DEMANG~1\APPLIC~1\GameHouse
[27/02/2009|20:51] C:\DOCUME~1\DEMANG~1\APPLIC~1\GameInvest
[03/03/2009|13:16] C:\DOCUME~1\DEMANG~1\APPLIC~1\Gamelab
[28/07/2009|22:49] C:\DOCUME~1\DEMANG~1\APPLIC~1\Gamers Digital
[29/10/2009|18:01] C:\DOCUME~1\DEMANG~1\APPLIC~1\Games
[19/10/2008|19:45] C:\DOCUME~1\DEMANG~1\APPLIC~1\GamesCafe
[22/08/2009|10:48] C:\DOCUME~1\DEMANG~1\APPLIC~1\GAMESHASTRA
[17/12/2008|20:44] C:\DOCUME~1\DEMANG~1\APPLIC~1\GARMIN
[14/06/2008|15:40] C:\DOCUME~1\DEMANG~1\APPLIC~1\GibbHill Properties Ltd
[30/12/2008|21:22] C:\DOCUME~1\DEMANG~1\APPLIC~1\Go Go Gourmet
[17/02/2009|18:08] C:\DOCUME~1\DEMANG~1\APPLIC~1\Gogii Games
[03/07/2009|20:16] C:\DOCUME~1\DEMANG~1\APPLIC~1\Gold Casual Games
[29/10/2007|23:07] C:\DOCUME~1\DEMANG~1\APPLIC~1\Google
[13/06/2008|20:27] C:\DOCUME~1\DEMANG~1\APPLIC~1\GRETECH
[05/08/2008|19:59] C:\DOCUME~1\DEMANG~1\APPLIC~1\Grisoft
[14/04/2007|13:52] C:\DOCUME~1\DEMANG~1\APPLIC~1\gtk-2.0
[16/06/2006|13:29] C:\DOCUME~1\DEMANG~1\APPLIC~1\Help
[10/05/2009|18:29] C:\DOCUME~1\DEMANG~1\APPLIC~1\HiT-MM
[13/05/2009|19:18] C:\DOCUME~1\DEMANG~1\APPLIC~1\Home Sweet Home 2
[01/08/2009|21:59] C:\DOCUME~1\DEMANG~1\APPLIC~1\HouseCall 6.6
[05/08/2009|21:30] C:\DOCUME~1\DEMANG~1\APPLIC~1\HuruBeachParty
[02/11/2009|22:52] C:\DOCUME~1\DEMANG~1\APPLIC~1\Identities
[14/04/2007|12:26] C:\DOCUME~1\DEMANG~1\APPLIC~1\Inkscape
[15/09/2009|20:44] C:\DOCUME~1\DEMANG~1\APPLIC~1\IronCode
[04/11/2009|12:34] C:\DOCUME~1\DEMANG~1\APPLIC~1\Island
[26/04/2009|20:10] C:\DOCUME~1\DEMANG~1\APPLIC~1\ITTNord
[09/02/2009|22:13] C:\DOCUME~1\DEMANG~1\APPLIC~1\iWin
[08/02/2008|18:51] C:\DOCUME~1\DEMANG~1\APPLIC~1\Jane s Hotel
[03/09/2008|16:37] C:\DOCUME~1\DEMANG~1\APPLIC~1\Jane s Hotel Family Hero
[05/07/2009|21:01] C:\DOCUME~1\DEMANG~1\APPLIC~1\Janes_Realty
[03/01/2009|00:17] C:\DOCUME~1\DEMANG~1\APPLIC~1\JewelMatch2
[16/02/2009|20:06] C:\DOCUME~1\DEMANG~1\APPLIC~1\JoyBits
[28/06/2007|23:39] C:\DOCUME~1\DEMANG~1\APPLIC~1\Lavasoft
[31/01/2007|11:04] C:\DOCUME~1\DEMANG~1\APPLIC~1\Leadertech
[26/07/2009|12:17] C:\DOCUME~1\DEMANG~1\APPLIC~1\Little Games Company
[19/07/2009|21:26] C:\DOCUME~1\DEMANG~1\APPLIC~1\Lost in the City
[15/02/2008|13:00] C:\DOCUME~1\DEMANG~1\APPLIC~1\Macromedia
[29/09/2007|20:07] C:\DOCUME~1\DEMANG~1\APPLIC~1\Magic Academy
[22/04/2008|12:31] C:\DOCUME~1\DEMANG~1\APPLIC~1\Magic Seeds
[28/10/2008|15:39] C:\DOCUME~1\DEMANG~1\APPLIC~1\Malwarebytes
[16/09/2009|10:42] C:\DOCUME~1\DEMANG~1\APPLIC~1\Mean Hamster
[02/07/2009|00:03] C:\DOCUME~1\DEMANG~1\APPLIC~1\Media Player Classic
[08/06/2009|10:56] C:\DOCUME~1\DEMANG~1\APPLIC~1\Meridian93
[20/07/2007|18:45] C:\DOCUME~1\DEMANG~1\APPLIC~1\Mfcd Joy
[26/07/2007|16:37] C:\DOCUME~1\DEMANG~1\APPLIC~1\Microgaming
[30/08/2009|19:02] C:\DOCUME~1\DEMANG~1\APPLIC~1\Microsoft
[12/11/2009|10:48] C:\DOCUME~1\DEMANG~1\APPLIC~1\MissTeriTale3
[30/08/2008|15:51] C:\DOCUME~1\DEMANG~1\APPLIC~1\Mozilla
[02/08/2007|19:10] C:\DOCUME~1\DEMANG~1\APPLIC~1\My Games
[12/10/2009|11:33] C:\DOCUME~1\DEMANG~1\APPLIC~1\MysteryStudio
[29/09/2007|11:45] C:\DOCUME~1\DEMANG~1\APPLIC~1\Mysteryville2
[10/07/2009|19:01] C:\DOCUME~1\DEMANG~1\APPLIC~1\NevoSoft Games
[05/03/2009|21:10] C:\DOCUME~1\DEMANG~1\APPLIC~1\Oberon Games
[03/07/2009|20:10] C:\DOCUME~1\DEMANG~1\APPLIC~1\panoramik
[04/05/2009|18:51] C:\DOCUME~1\DEMANG~1\APPLIC~1\Pharaohs Secret
[16/03/2008|20:06] C:\DOCUME~1\DEMANG~1\APPLIC~1\Pirateville
[02/11/2009|22:52] C:\DOCUME~1\DEMANG~1\APPLIC~1\PlayFirst
[09/05/2009|14:05] C:\DOCUME~1\DEMANG~1\APPLIC~1\Playrix Entertainment
[23/04/2009|18:34] C:\DOCUME~1\DEMANG~1\APPLIC~1\PoBros
[31/07/2008|11:31] C:\DOCUME~1\DEMANG~1\APPLIC~1\Real
[28/11/2008|23:45] C:\DOCUME~1\DEMANG~1\APPLIC~1\RealArcade
[10/07/2009|17:43] C:\DOCUME~1\DEMANG~1\APPLIC~1\Reflexive_Janes_Realty
[05/01/2009|20:24] C:\DOCUME~1\DEMANG~1\APPLIC~1\Righteous Kill
[01/04/2009|19:32] C:\DOCUME~1\DEMANG~1\APPLIC~1\RobinsonCrusoeBFGFR
[03/06/2009|21:32] C:\DOCUME~1\DEMANG~1\APPLIC~1\Sahmon Games
[30/10/2007|21:49] C:\DOCUME~1\DEMANG~1\APPLIC~1\Sandlot Games
[02/02/2009|20:29] C:\DOCUME~1\DEMANG~1\APPLIC~1\SecretIslandEng
[17/02/2009|21:38] C:\DOCUME~1\DEMANG~1\APPLIC~1\SecretIslandFraBF
[21/09/2007|13:12] C:\DOCUME~1\DEMANG~1\APPLIC~1\SecuROM
[25/05/2009|21:39] C:\DOCUME~1\DEMANG~1\APPLIC~1\SerpentOfIsis
[16/05/2009|15:11] C:\DOCUME~1\DEMANG~1\APPLIC~1\Shape games
[08/11/2009|12:59] C:\DOCUME~1\DEMANG~1\APPLIC~1\she_is_a_shadow
[03/10/2009|10:45] C:\DOCUME~1\DEMANG~1\APPLIC~1\ShinyTales
[19/10/2008|20:15] C:\DOCUME~1\DEMANG~1\APPLIC~1\Shopping Blocks
[11/11/2009|10:15] C:\DOCUME~1\DEMANG~1\APPLIC~1\Skype
[11/11/2009|08:02] C:\DOCUME~1\DEMANG~1\APPLIC~1\skypePM
[07/07/2009|16:23] C:\DOCUME~1\DEMANG~1\APPLIC~1\Softonic_JanesRealty
[18/05/2009|19:00] C:\DOCUME~1\DEMANG~1\APPLIC~1\Sortasoft
[12/08/2008|17:18] C:\DOCUME~1\DEMANG~1\APPLIC~1\Spamihilator
[09/12/2007|14:47] C:\DOCUME~1\DEMANG~1\APPLIC~1\SpinTop
[16/04/2009|21:58] C:\DOCUME~1\DEMANG~1\APPLIC~1\SpinTop Games
[05/07/2008|12:05] C:\DOCUME~1\DEMANG~1\APPLIC~1\SprillBermudeEng
[02/10/2008|15:23] C:\DOCUME~1\DEMANG~1\APPLIC~1\SprillBermudeFr
[29/10/2009|13:51] C:\DOCUME~1\DEMANG~1\APPLIC~1\SprillRichiEng
[03/10/2006|17:14] C:\DOCUME~1\DEMANG~1\APPLIC~1\StoneTrip
[23/12/2008|18:56] C:\DOCUME~1\DEMANG~1\APPLIC~1\SultansLabyrinth
[10/10/2009|17:50] C:\DOCUME~1\DEMANG~1\APPLIC~1\SulusGames
[12/06/2006|18:17] C:\DOCUME~1\DEMANG~1\APPLIC~1\Sun
[18/07/2009|13:05] C:\DOCUME~1\DEMANG~1\APPLIC~1\SunRay Games
[05/02/2008|19:06] C:\DOCUME~1\DEMANG~1\APPLIC~1\Super-Cow
[12/06/2006|20:05] C:\DOCUME~1\DEMANG~1\APPLIC~1\Talkback
[14/06/2006|13:51] C:\DOCUME~1\DEMANG~1\APPLIC~1\Template
[07/04/2008|11:42] C:\DOCUME~1\DEMANG~1\APPLIC~1\TheScruffs
[17/05/2009|21:18] C:\DOCUME~1\DEMANG~1\APPLIC~1\TikGames
[22/04/2009|19:34] C:\DOCUME~1\DEMANG~1\APPLIC~1\TMInc
[09/09/2009|17:06] C:\DOCUME~1\DEMANG~1\APPLIC~1\TomTom
[12/11/2009|10:39] C:\DOCUME~1\DEMANG~1\APPLIC~1\Total Eclipse
[08/05/2009|22:36] C:\DOCUME~1\DEMANG~1\APPLIC~1\Twintale Entertainment
[16/12/2007|18:55] C:\DOCUME~1\DEMANG~1\APPLIC~1\U3
[14/10/2009|17:40] C:\DOCUME~1\DEMANG~1\APPLIC~1\Ubisoft
[17/05/2009|20:55] C:\DOCUME~1\DEMANG~1\APPLIC~1\UClick
[13/10/2008|10:47] C:\DOCUME~1\DEMANG~1\APPLIC~1\Uniblue
[21/02/2009|00:39] C:\DOCUME~1\DEMANG~1\APPLIC~1\URSE Games
[11/11/2009|02:30] C:\DOCUME~1\DEMANG~1\APPLIC~1\uTorrent
[03/01/2009|01:08] C:\DOCUME~1\DEMANG~1\APPLIC~1\Valusoft
[26/07/2009|14:48] C:\DOCUME~1\DEMANG~1\APPLIC~1\V-Games
[09/10/2009|10:30] C:\DOCUME~1\DEMANG~1\APPLIC~1\ViquaSoft
[29/11/2008|01:24] C:\DOCUME~1\DEMANG~1\APPLIC~1\Wildfire
[09/12/2007|14:36] C:\DOCUME~1\DEMANG~1\APPLIC~1\WinRAR
[19/06/2006|09:55] C:\DOCUME~1\DEMANG~1\APPLIC~1\Yahoo!
[14/10/2009|18:31] C:\DOCUME~1\DEMANG~1\APPLIC~1\YoudaGames
[14/09/2008|17:15] C:\DOCUME~1\DEMANG~1\APPLIC~1\YTHE
[26/05/2009|22:16] C:\DOCUME~1\DEMANG~1\APPLIC~1\ZEMNOTT
[02/11/2009|22:52] C:\DOCUME~1\DEMANG~1\APPLIC~1\Zylom
[02/11/2009|22:54] C:\DOCUME~1\DEMANG~1\APPLIC~1\Zylom 3 Days Zoo Mystery
[01/05/2009|22:17] C:\DOCUME~1\DEMANG~1\APPLIC~1\Zylom DressUpRush

[02/01/2007|17:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[12/06/2006|16:42] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[07/11/2009 23:11][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[12/11/2009 12:19][--a------] C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[12/11/2009 12:00][--ah-----] C:\WINDOWS\tasks\BA7D9D6D943207C1.job
[11/11/2009 05:20][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

( BA7D9D6D943207C1.job )=( c:\docume~1\demang~1\applic~1\mfcdjo~1\DATATRAYNOUN.exe )

--------------------\\ Listing des dossiers dans C:\Program Files

[04/05/2009|21:53] C:\Program Files\Adobe
[30/01/2007|17:43] C:\Program Files\AGEIA Technologies
[14/08/2008|22:51] C:\Program Files\Ahead
[12/08/2006|19:17] C:\Program Files\Analog Devices
[02/11/2009|22:55] C:\Program Files\Apple Software Update
[25/07/2009|13:20] C:\Program Files\Avira
[02/10/2009|22:06] C:\Program Files\bfgclient
[02/11/2009|23:11] C:\Program Files\Bonjour
[23/10/2009|09:42] C:\Program Files\CCleaner
[28/07/2009|19:50] C:\Program Files\Conduit
[07/10/2009|17:16] C:\Program Files\DAEMON Tools Lite
[09/10/2009|19:38] C:\Program Files\DAEMON Tools Toolbar
[11/11/2009|17:54] C:\Program Files\Danger Next Door - Miss Teri Tale's Adventure
[12/05/2009|21:03] C:\Program Files\directx
[11/12/2008|17:46] C:\Program Files\DivX
[28/07/2009|19:56] C:\Program Files\eMule
[02/11/2009|23:01] C:\Program Files\Fichiers communs
[28/06/2006|16:54] C:\Program Files\FileZilla
[26/07/2009|14:01] C:\Program Files\GamesBar
[07/07/2009|10:15] C:\Program Files\Google
[13/06/2008|20:26] C:\Program Files\GRETECH
[05/08/2008|19:58] C:\Program Files\Grisoft
[16/09/2009|14:21] C:\Program Files\Hotel Mogul
[14/10/2009|18:51] C:\Program Files\InstallShield Installation Information
[15/10/2009|02:08] C:\Program Files\Internet Explorer
[08/10/2009|20:06] C:\Program Files\Java
[12/11/2009|10:38] C:\Program Files\Jeux Rico
[14/07/2009|22:08] C:\Program Files\Lavasoft
[03/06/2009|12:33] C:\Program Files\Logitech
[06/10/2009|23:36] C:\Program Files\Malwarebytes' Anti-Malware
[25/09/2008|09:08] C:\Program Files\Messenger
[06/10/2009|13:10] C:\Program Files\Micro Application
[17/12/2008|17:02] C:\Program Files\Microsoft
[08/11/2007|15:38] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[12/06/2006|16:40] C:\Program Files\microsoft frontpage
[11/01/2009|18:31] C:\Program Files\Microsoft Office
[05/10/2009|15:30] C:\Program Files\Microsoft Silverlight
[08/11/2007|12:49] C:\Program Files\Microsoft SQL Server Compact Edition
[17/12/2008|17:00] C:\Program Files\Microsoft Sync Framework
[24/09/2008|13:39] C:\Program Files\Movie Maker
[12/11/2009|12:13] C:\Program Files\Mozilla Firefox
[09/08/2009|20:59] C:\Program Files\MSBuild
[22/07/2009|21:22] C:\Program Files\MSECache
[12/06/2006|16:33] C:\Program Files\MSN
[12/06/2006|16:34] C:\Program Files\MSN Gaming Zone
[24/01/2007|22:35] C:\Program Files\MSXML 4.0
[24/09/2008|13:31] C:\Program Files\NetMeeting
[14/08/2009|02:04] C:\Program Files\Outlook Express
[25/07/2009|13:04] C:\Program Files\QUAD Utilities
[30/07/2008|20:14] C:\Program Files\Real
[08/07/2009|20:41] C:\Program Files\Realore
[09/08/2009|20:58] C:\Program Files\Reference Assemblies
[25/07/2009|18:35] C:\Program Files\ReflexiveArcade
[12/11/2009|10:55] C:\Program Files\Season of Mystery - The Cherry Blossom Murders
[12/11/2009|12:14] C:\Program Files\Shareware.Pro-FR
[20/10/2009|17:13] C:\Program Files\Skype
[16/11/2008|20:11] C:\Program Files\Sun
[20/05/2009|17:02] C:\Program Files\Techcity
[09/09/2009|17:03] C:\Program Files\TomTom DesktopSuite
[09/09/2009|17:04] C:\Program Files\TomTom HOME 2
[09/09/2009|17:04] C:\Program Files\TomTom International B.V
[05/08/2008|21:36] C:\Program Files\Trend Micro
[11/10/2009|16:50] C:\Program Files\Ubisoft
[12/06/2006|16:44] C:\Program Files\Uninstall Information
[15/07/2009|22:39] C:\Program Files\uTorrent
[06/08/2008|10:48] C:\Program Files\VideoLAN
[17/07/2009|18:29] C:\Program Files\Western Digital
[17/07/2009|18:01] C:\Program Files\Western Digital Corporation
[02/10/2009|22:03] C:\Program Files\Windows Live
[17/12/2008|16:55] C:\Program Files\Windows Live SkyDrive
[25/10/2007|18:28] C:\Program Files\Windows Media Connect 2
[08/10/2009|20:22] C:\Program Files\Windows Media Player
[24/09/2008|13:31] C:\Program Files\Windows NT
[12/06/2006|16:36] C:\Program Files\WindowsUpdate
[13/08/2008|12:50] C:\Program Files\WinPcap
[09/12/2007|15:15] C:\Program Files\WinRAR
[12/06/2006|16:40] C:\Program Files\xerox
[16/09/2009|14:18] C:\Program Files\Your Product
[08/11/2009|21:16] C:\Program Files\Zylom Games

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[12/01/2009|20:42] C:\Program Files\Fichiers communs\Adobe
[16/04/2007|12:02] C:\Program Files\Fichiers communs\Adobe Systems Shared
[14/08/2008|22:48] C:\Program Files\Fichiers communs\Ahead
[05/11/2009|10:39] C:\Program Files\Fichiers communs\Apple
[09/07/2009|18:47] C:\Program Files\Fichiers communs\AVSMedia
[03/08/2008|21:06] C:\Program Files\Fichiers communs\BOONTY Shared
[06/01/2007|10:56] C:\Program Files\Fichiers communs\Designer
[12/08/2006|18:40] C:\Program Files\Fichiers communs\EPSON
[19/07/2009|21:24] C:\Program Files\Fichiers communs\InstallShield
[03/06/2009|12:32] C:\Program Files\Fichiers communs\LogiShrd
[15/10/2007|09:22] C:\Program Files\Fichiers communs\Macromedia
[12/01/2009|20:10] C:\Program Files\Fichiers communs\Macrovision Shared
[02/10/2009|21:53] C:\Program Files\Fichiers communs\Microsoft Shared
[12/06/2006|16:35] C:\Program Files\Fichiers communs\MSSoap
[07/07/2006|10:45] C:\Program Files\Fichiers communs\Nero
[29/07/2009|22:40] C:\Program Files\Fichiers communs\Oberon Media
[12/06/2006|18:28] C:\Program Files\Fichiers communs\ODBC
[31/07/2008|11:31] C:\Program Files\Fichiers communs\Real
[05/05/2009|20:48] C:\Program Files\Fichiers communs\Sandlot Shared
[12/06/2006|16:35] C:\Program Files\Fichiers communs\Services
[20/10/2009|17:12] C:\Program Files\Fichiers communs\Skype
[12/06/2006|18:28] C:\Program Files\Fichiers communs\SpeechEngines
[19/10/2009|10:23] C:\Program Files\Fichiers communs\SWF Studio
[24/09/2008|13:31] C:\Program Files\Fichiers communs\System
[14/04/2007|10:12] C:\Program Files\Fichiers communs\Vbox
[17/12/2008|16:34] C:\Program Files\Fichiers communs\Windows Live
[08/11/2007|12:24] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[24/10/2007|16:23] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 42 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\DEMANG~1\APPLIC~1\mfcdjo~1
C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\NSISPromotion.dll
C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\NSISPromotion.ini
C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\nsk24F.tmp
C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\nsm28D.tmp
C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\nsq514.tmp
C:\DOCUME~1\DEMANG~1\APPLIC~1\Bitdownload
C:\DOCUME~1\DEMANG~1\APPLIC~1\BitDownload
C:\DOCUME~1\DEMANG~1\APPLIC~1\BitDownload\Data
C:\WINDOWS\Tasks\BA7D9D6D943207C1.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-12 12:38:03
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:442][D:38]-> C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp
[F:26][D:0]-> C:\DOCUME~1\DEMANG~1\Cookies
[F:176][D:4]-> C:\DOCUME~1\DEMANG~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 12/11/2009|12:39 - Option : [1]

--------------------\\ Fin du rapport a 12:39:16


merci

   
Répondre à suhelen

10

geoffrey5, le 12 nov 2009 à 12:59:16

▶ Relance Lop S&D

▶ Choisis cette fois-ci l'option 2 (Suppression)

▶ Ne ferme pas la fenêtre lors de la suppression !

▶ Poste le rapport généré (C:\lopR.txt)

* (Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide) Si vous voyez une amélioration sur votre PC, ce n'est pas pour autant que la désinfection est terminée... Continuez jusqu'au bout !!

   
Répondre à geoffrey5

11

suhelen, le 12 nov 2009 à 15:44:02

Bonjour
je n'arrive pas à poster le rapport

   
Répondre à suhelen

12

geoffrey5, le 12 nov 2009 à 16:28:24

Que se passe-t-il que tu n'y arrives pas ?? Si vous voyez une amélioration sur votre PC, ce n'est pas po­ur autant que la désinfection est terminée... Continuez jusq­u'au bout !!

   
Répondre à geoffrey5

13

suhelen, le 12 nov 2009 à 17:45:52

Je copie et colle le texte

et j'ai un message "erreur" vous avez déjà posté ce message

   
Répondre à suhelen

14

geoffrey5, le 12 nov 2009 à 19:46:39

Essaye de l'héberger comme expliqué dans ce tutoriel :

Comment héberger un rapports ?? Si vous voyez une amélioration sur votre PC, ce n'est pas po­ur autant que la désinfection est terminée... Continuez jusq­u'au bout !!

   
Répondre à geoffrey5

15

suhelen, le 12 nov 2009 à 22:13:04
   
Répondre à suhelen

16

geoffrey5, le 13 nov 2009 à 15:30:52

Bonjour,

tout s'est bien passé ;)

Maintenant fais ceci stp :

Nous allons maintenant nous occuper de EoRezo

Ne télécharge plus sur ce site car il infectera ton PC à chaque fois que tu téléchargeras un logiciel.

A lire : Ce qu'il faut savoir sur les programmes EoRezo

▶ Rends-toi à cette adresse afin de télécharger AD-Remover (créé par C_XX) : http://forum-aide-contre-virus.be/download/AD-Remover.html

▶ Clique sur TÉLÉCHARGER et enregistre-le sur ton bureau.

tutoriel recherche

/!\ Ne fait pas le nettoyage tout dessuite /!\

▶ Double clique sur le fichier d'installation de AD-Remover, le programme s'installera automatiquement.

Sous Vista : clic droit sur AD-Remover et sélectionner "Exécuter en tant qu'administrateur"

▶ Au menu principal choisi l'option "S"

▶ Poste le rapport qui apparait à la fin.

( le rapport est sauvegardé aussi sous C:\Ad-report.log )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note :

Process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus. Si vous voyez une amélioration sur votre PC, ce n'est pas pour autant que la désinfection est terminée... Continuez jusqu'au bout !!

   
Répondre à geoffrey5

17

suhelen, le 13 nov 2009 à 18:22:04

.
======= RAPPORT D'AD-REMOVER 1.1.4.6_C | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 12.11.2009 à 22:02
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 16:29:16, 13/11/2009 | Mode Normal | Option: SCAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Nom du PC: DEMANGEO-F101EC | Utilisateur actuel: DEMANGEOT SolŠne
.
============== ÉLÉMENT(S) TROUVÉ(S) ==============
.

HKCU\Software\EoRezo
HKCU\Software\MGS\Thumper\Casino\prime
HKCU\Software\MicroGaming\Thumper\Casino\prime
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A­0AADCD-3A72-4B5F-900F-E3BB5A838E2A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64­F56FC1-1272-44CD-BA6E-39723696E350}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC­4FFE41-DE9F-46fa-B455-AAD49B9F9938}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE­E6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE­E6C35C-6118-11DC-9C72-001320C79847}
HKCU\Software\Poker 770
HKCU\Software\Titan Poker
HKCU\Software\VB and VBA Program Settings\eurobarre
HKLM\Software\Classes\Interface\{B0D071A1-36B3-4757-A126-14C­89C56013A}
HKLM\Software\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF­2BD778F}
HKLM\Software\GamesBarSetup
HKLM\Software\Microsoft\ESENT\Process\SweetIM
HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM
HKLM\Software\Poker 770
HKLM\Software\Titan Poker
HKLM\Software\Trymedia Systems
HKU\S-1-5-21-854245398-527237240-1801674531-1005\Software\Eo­rezo
HKU\S-1-5-21-854245398-527237240-1801674531-1005\Software\Ti­tan Poker
HKCU\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}­
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BC4FFE41-DE9F-46FA-B455-AAD49B­9F9938}
HKLM\software\microsoft\windows\currentversion\installer\use­rdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\software\microsoft\windows\currentversion\installer\use­rdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
.
C:\DOCUME~1\DEMANG~1\APPLIC~1\EoRezo
C:\Program Files\GamesBar
C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp\AskToolbarInstaller.exe
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.5.5 [fr] *
.
Nom du profil: 9ond8t8j.default (DEMANGEOT SolŠne)
.
(DEMANG~1, prefs.js) Browser.download.lastDir, C:\Documents and Settings\DEMANGEOT Solène\Bureau
(DEMANG~1, prefs.js) Browser.search.selectedEngine, DAEMON Search
(DEMANG~1, prefs.js) Browser.startup.homepage, hxxp://www.google.com/ig?source=gama&hl=fr
.
.
* Internet Explorer Version 7.0.5730.11 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Search Page:
Search Bar:
SearchAssistant:
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://fr.msn.com/
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials, ...) ==============
.
C:\Documents and Settings\DEMANGEOT SolŠne\Application Data\HouseCall 6.6\patch.exe
C:\Documents and Settings\DEMANGEOT SolŠne\Application Data\uTorrent\Big Fish Games - Wonderburg + Adnan_Boy 2008 + Precracked.torrent
C:\Documents and Settings\DEMANGEOT SolŠne\Application Data\uTorrent\BIGFISH universal patch (new patch working).torrent
C:\Documents and Settings\DEMANGEOT SolŠne\Application Data\uTorrent\BIGFISH universal patch (new patch working)_AMiNE.torrent
C:\Documents and Settings\DEMANGEOT SolŠne\Application Data\uTorrent\BigFish.Games.Plan.It.Green-PRECRACKED[DuTY].torrent
C:\Documents and Settings\DEMANGEOT SolŠne\Application Data\uTorrent\Farm Frenzy 2 cracked.torrent
C:\Documents and Settings\DEMANGEOT SolŠne\Local Settings\Application Data\piratrax\data_patch.tmp.doc.zip
.
===================================
.
4258 Octet(s) - C:\Ad-Report-SCAN[1].log
.
451 Fichier(s) - C:\DOCUME~1\DEMANG~1\LOCALS~1\Temp
5 Fichier(s) - C:\WINDOWS\Temp
.
1 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
0 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 16:44:38 | 13/11/2009 - SCAN[1]
.
============== E.O.F ==============
.

merci

   
Répondre à suhelen

18

geoffrey5, le 14 nov 2009 à 02:01:32

! Déconnectes toi et fermes toutes applications en cours !

tutoriel nettoyage

● Relances "Ad-remover" : au menu principal choisi l'option "L" .

● Laisse travailler l'outil et ne touche plus à rien

● Postes le rapport qui apparait à la fin.

( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

/!\ Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides)
Si vous voyez une amélioration sur votre PC, ce n'est pas pour autant que la désinfection est terminée... Continuez jusqu'au bout !!

   
Répondre à geoffrey5

19

suhelen, le 14 nov 2009 à 14:23:46

Bonjour,

Il faut que je me déconnecte completement d'internet ?
et que je ferme tous meme antivirus ...?

merci

   
Répondre à suhelen

20

geoffrey5, le 14 nov 2009 à 18:33:23

Bonsoir,

oui ;) Si vous voyez une amélioration sur votre PC, ce n'est pas po­ur autant que la désinfection est terminée... Continuez jusq­u'au bout !!

   
Répondre à geoffrey5
42 réponses 123 Suivant
Posez votre question Répondre
Ils ont besoin de votre aide
Collection CommentÇaMarche.net