Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

pop-up scan en ligne après avoir ouvert lemonde.fr

mourkos

Par mourkos
dans Analyses et éradication malwares

 Partager

Messages recommandés

mourkos Extrem Member

mourkos

Posté(e)
Posté(e)

Bonjour, en ouvrant la page du monde.fr, j'ai eu un pop-up "java script" qui me disait "<scanner.antivirus-2009-pro.net>

 

ATTENTION! If your computer is infected, you could suffer data loss, erratic PC behaviour, PC freezes and crashes.

 

Detect and remove viruses before they damage your computer!

Antivirus 2009 will perform a quick and 100% FREE scan of your computer for Viruses, Spyware and Adware.

 

Do you want to install Antivirus 2009 to scan your computer for malware now? (Recommended)"

 

J'ai fermé la fenêtre mais je crains que ce ne soit le signe d'une infection.

What you think ?

Merci de votre aide et surtout bon week-end

Thanos Devil Member !

Thanos

Posté(e)
Posté(e)

salut :P

 

Tu as ce souci uniquement sur la page du Monde ?

Ca peut être le signe d'une infection navipromo par ex >>

 

Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

  • Double-clique sur RSIT.exe afin de lancer RSIT.
  • Clique Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
    ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
  • Si tu ne vois pas ces deux rapports, tu les trouveras dans le dossier C:\rsit

mourkos Extrem Member

mourkos

Posté(e)
  • Auteur
Posté(e)

hello Thanos et merci de te pencher sur mon cas, en fait pour être précis, je n'ai eu qu'une pop-up.

Je te poste ci-dessous le rapport :

Logfile of random's system information tool 1.04 (written by random/random)

Run by marco at 2008-08-03 12:21:14

Microsoft Windows XP Professional Service Pack 3

System drive C: has 14 GB (24%) free of 57 GB

Total RAM: 1023 MB (55% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:21:23, on 03/08/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Apoint\Apoint.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\Program Files\Apoint\Apntex.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Simplify Media\SimplifyMedia.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Documents and Settings\marco\Desktop\dossier\setupp\PowerMenu_1.51\PowerMenu.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe

C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\tlntsvr.exe

C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Simplify Media\SimplifyPeer.exe

C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe

C:\Program Files\Opera\opera.exe

C:\Documents and Settings\marco\Desktop\RSIT.exe

C:\Program Files\trend micro\marco.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O1 - Hosts: ÿþ#

O2 - BHO: Google Update Helper - {25D596E9-BD03-4D4A-8310-5DF3B31E8D26} - C:\Program Files\Google\Update\1.2.121.17\GoopdateBho.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [simplify Media] "C:\Program Files\Simplify Media\SimplifyMedia.exe"

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O4 - Startup: Shortcut to PowerMenu.lnk = C:\Documents and Settings\marco\Desktop\dossier\setupp\PowerMenu_1.51\PowerMenu.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {78ABDC59-D8E7-44D3-9A76-9A0918C52B4A} (DLoader Class) - http://dl.uc.sina.com/cab/downloader.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe

O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

 

--

End of file - 6407 bytes

 

======Scheduled tasks folder======

 

C:\WINDOWS\tasks\GoogleUpdateTask.job

C:\WINDOWS\tasks\GoogleUpdateTaskUser.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25D596E9-BD03-4D4A-8310-5DF3B31E8D26}]

Google Update Helper - C:\Program Files\Google\Update\1.2.121.17\GoopdateBho.dll [2008-08-02 184816]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]

Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-09-15 1562960]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Apoint"=C:\Program Files\Apoint\Apoint.exe [2004-09-14 155648]

"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-07-18 266497]

"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]

"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-09-08 289576]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Simplify Media"=C:\Program Files\Simplify Media\SimplifyMedia.exe [2008-09-02 1618952]

"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BuildBU]

c:\dell\bldbubg.exe [2006-02-11 61440]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

C:\Program Files\DAEMON Tools Lite\daemon.exe -autorun []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]

C:\Program Files\Dell\QuickSet\quickset.exe [2005-09-02 684032]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]

C:\WINDOWS\system32\dla\tfswctrl.exe [2004-12-06 127035]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]

C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPGServiceTool]

C:\PROGRA~1\WinTV\EPG Services\System\EPGClient.exe [2007-08-01 675840]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus CX3800 Series]

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE [2005-02-08 98304]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX8400 Series (Copy 1)]

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE [2007-04-12 182272]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\explorer]

C:\WINDOWS\system32\explori.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe /startup []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

C:\Documents and Settings\marco\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-02 133104]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1]

C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [2004-08-10 44032]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]

C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]

C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-06-10 81920]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

C:\Program Files\iTunes\iTunesHelper.exe [2008-09-08 289576]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

C:\WINDOWS\system32\dumprep 0 -k []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

C:\Program Files\MSN Messenger\msnmsgr.exe [2007-04-30 5674352]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]

C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-10 59392]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]

C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]

C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]

C:\Program Files\Picasa2\PicasaMediaDetector.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Simplify Media]

C:\Documents and Settings\marco\Local Settings\Application Data\Simplify Media\SimplifyMedia.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\taskmgra]

C:\WINDOWS\system32\taskmgra.com []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AutoStart IR.lnk]

C:\PROGRA~1\WinTV\Ir.exe /QUIET []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth Manager.lnk]

C:\PROGRA~1\Toshiba\BLUETO~1\TOSBTM~1.EXE [2005-06-16 49152]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]

C:\PROGRA~1\DIGITA~1\DLG.exe [2003-10-29 24576]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^marco^Start Menu^Programs^Startup^OpenOffice.org 2.4.lnk]

C:\PROGRA~1\OPENOF~1.4\program\QUICKS~1.EXE []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^marco^Start Menu^Programs^Startup^Signal Server.lnk]

C:\PROGRA~1\Signal\Signal.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"iPod Service"=3

"gusvc"=3

"GoogleDesktopManager"=3

"McrdSvc"=2

"SQLWriter"=2

"SQLBrowser"=2

"MSSQL$SQLEXPRESS"=2

"HauppaugeTVServer"=3

"gupdate1c8c4b690c5c512"=2

"EPGService"=2

"Bluetooth Hid Switch Service"=3

"ALG"=3

"Ati HotKey Poller"=2

"Schedule"=2

 

C:\Documents and Settings\marco\Start Menu\Programs\Startup

OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

Shortcut to PowerMenu.lnk - C:\Documents and Settings\marco\Desktop\dossier\setupp\PowerMenu_1.51\PowerMenu.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

C:\WINDOWS\system32\Ati2evxx.dll [2005-08-04 46080]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles

"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=0

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"

"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL"

"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL"

"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"

"C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe"="C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe:*:Enabled:Sunbelt Kerio Personal Firewall 4 - GUI"

"C:\Program Files\Google\Google Talk\googletalk.exe"="C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk"

"C:\Program Files\PPLive\PPLive.exe"="C:\Program Files\PPLive\PPLive.exe:*:Enabled:PPLive"

"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"

"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"

"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"

"C:\Program Files\Team MediaPortal\MediaPortal TV Server\TvService.exe"="C:\Program Files\Team MediaPortal\MediaPortal TV Server\TvService.exe:LocalSubNet:Enabled:MediaPortal TV Server"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"

"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

"C:\Program Files\sina\SAP\SAPlatform.exe"="C:\Program Files\sina\SAP\SAPlatform.exe:*:Enabled:SAPlatform.exe"

"C:\Program Files\Joost\xulrunner\tvprunner.exe"="C:\Program Files\Joost\xulrunner\tvprunner.exe:*:Enabled:tvprunner"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"

"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL"

"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{04480ac5-b7bd-11db-be55-0010c6ed7e12}]

shell\AutoRun\command - E:\start.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0b6674d2-5c98-11dd-8013-0010c6ed7e12}]

shell\Auto\command - AdobeR.exe e

shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]

shell\AutoRun\command - E:\setup.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4d053409-072c-11dd-bee6-00166f45e87b}]

shell\AutoRun\command - ie.exe

shell\explore\command - ie.exe

shell\open\command - ie.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{569a3cd5-ce23-11db-be69-0010c6ed7e12}]

shell\AutoRun\command - ie.exe

shell\explore\command - ie.exe

shell\open\command - ie.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{deeb2610-8210-11dc-bec7-0010c6ed7e12}]

shell\Auto\command - SHE.exe

shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL SHE.exe

 

 

======List of files/folders created in the last 1 months======

 

2008-09-22 10:58:54 ----D---- C:\Documents and Settings\marco\Application Data\OpenOffice.org

2008-09-22 10:52:45 ----D---- C:\Program Files\OpenOffice.org 3

2008-09-17 20:35:55 ----SHD---- C:\CacheDir

2008-09-17 20:35:43 ----D---- C:\Program Files\sina

2008-09-11 08:48:22 ----D---- C:\Program Files\Simplify Media

2008-09-10 20:39:26 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$

2008-09-10 20:38:28 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$

2008-09-10 09:53:15 ----D---- C:\Program Files\iPod

2008-09-10 09:53:11 ----D---- C:\Program Files\iTunes

2008-09-10 09:53:11 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

2008-09-10 09:51:59 ----D---- C:\Program Files\Bonjour

2008-09-10 09:48:49 ----D---- C:\Program Files\Apple Software Update

2008-09-10 09:47:59 ----A---- C:\WINDOWS\system32\usbaaplrc.dll

2008-09-08 17:38:53 ----D---- C:\WINDOWS\system32\Adobe

2008-09-06 22:48:52 ----D---- C:\WINDOWS\system32\IOSUBSYS

2008-09-04 15:11:10 ----A---- C:\WINDOWS\uninst.exe

2008-09-04 15:10:58 ----A---- C:\WINDOWS\RAUNINST.EXE

2008-09-04 15:10:49 ----D---- C:\WESTWOOD

2008-08-29 10:18:58 ----A---- C:\WINDOWS\system32\dns-sd.exe

2008-08-29 09:53:50 ----A---- C:\WINDOWS\system32\dnssd.dll

2008-08-13 19:36:44 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$

2008-08-13 19:36:37 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$

2008-08-13 19:36:28 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$

2008-08-13 19:36:20 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$

2008-08-13 19:34:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$

2008-08-13 19:34:22 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$

2008-08-13 19:33:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$

2008-08-13 09:12:03 ----D---- C:\Inbox

2008-08-04 21:11:58 ----A---- C:\WINDOWS\system32\javaws.exe

2008-08-04 21:11:58 ----A---- C:\WINDOWS\system32\javaw.exe

2008-08-04 21:11:58 ----A---- C:\WINDOWS\system32\java.exe

2008-08-03 12:15:55 ----D---- C:\Program Files\trend micro

2008-08-03 12:15:51 ----D---- C:\rsit

2008-07-29 17:02:01 ----D---- C:\Program Files\OpenOffice.org 2.4

2008-07-26 00:38:50 ----D---- C:\fa81cfd2f53a94033449a0

2008-07-25 02:59:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$

2008-07-24 12:38:37 ----A---- C:\WINDOWS\ModemLog_LGE Mobile USB Modem.txt

2008-07-23 15:38:33 ----A---- C:\WINDOWS\ModemLog_Standard 33600 bps Modem.txt

2008-07-23 10:33:35 ----HD---- C:\LG3G

2008-07-22 17:45:01 ----D---- C:\Documents and Settings\marco\Application Data\LG Electronics

2008-07-22 17:44:38 ----D---- C:\lgupload

2008-07-22 08:49:08 ----D---- C:\divx

2008-07-22 08:33:12 ----D---- C:\Program Files\LG Electronics

2008-07-22 08:30:52 ----D---- C:\Program Files\LG PC Suite 2

2008-07-19 09:59:12 ----A---- C:\WINDOWS\system32\PICSDK2.dll

2008-07-19 09:59:12 ----A---- C:\WINDOWS\system32\PICSDK.ini

2008-07-19 09:59:12 ----A---- C:\WINDOWS\system32\PICSDK.dll

2008-07-19 09:59:12 ----A---- C:\WINDOWS\system32\PICEntry.dll

2008-07-19 09:59:12 ----A---- C:\WINDOWS\system32\EpPicPrt.dll

2008-07-19 09:59:12 ----A---- C:\WINDOWS\system32\EPPicMgr.dll

2008-07-19 09:59:09 ----D---- C:\Documents and Settings\marco\Application Data\InstallShield

2008-07-19 09:58:23 ----D---- C:\Documents and Settings\All Users\Application Data\EPSON

2008-07-19 09:58:16 ----A---- C:\WINDOWS\system32\E_DCINST.DLL

2008-07-19 09:58:15 ----A---- C:\WINDOWS\system32\E_FLBCEE.DLL

2008-07-19 09:58:15 ----A---- C:\WINDOWS\system32\E_FD4BCEE.DLL

2008-07-19 09:55:50 ----A---- C:\WINDOWS\CDE DX8400DEFGIPS.ini

2008-07-18 15:54:17 ----A---- C:\WINDOWS\imsins.BAK

2008-07-18 15:54:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$

 

======List of files/folders modified in the last 1 months======

 

2008-09-27 11:27:33 ----D---- C:\WINDOWS

2008-09-27 11:21:55 ----SHD---- C:\WINDOWS\Installer

2008-09-27 11:21:55 ----SHD---- C:\Config.Msi

2008-09-25 16:26:58 ----D---- C:\Documents and Settings\marco\Application Data\Joost

2008-09-25 16:26:29 ----D---- C:\Program Files\Joost

2008-09-24 16:04:16 ----D---- C:\WINDOWS\system32\drivers

2008-09-22 10:54:58 ----RSD---- C:\WINDOWS\assembly

2008-09-22 10:54:49 ----D---- C:\WINDOWS\WinSxS

2008-09-22 10:53:17 ----RSD---- C:\WINDOWS\Fonts

2008-09-19 16:25:46 ----D---- C:\Documents and Settings\marco\Application Data\OpenOffice.org2

2008-09-17 20:38:47 ----SD---- C:\WINDOWS\Downloaded Program Files

2008-09-17 16:44:56 ----RSHD---- C:\WINDOWS\system32\dllcache

2008-09-16 09:27:17 ----D---- C:\WINDOWS\Help

2008-09-13 18:01:23 ----D---- C:\Program Files\Mozilla Thunderbird

2008-09-11 08:46:22 ----D---- C:\Program Files\Common Files\Microsoft Shared

2008-09-10 11:59:22 ----SD---- C:\Documents and Settings\marco\Application Data\Microsoft

2008-09-10 09:53:46 ----DC---- C:\WINDOWS\system32\DRVSTORE

2008-09-10 09:51:12 ----D---- C:\Program Files\QuickTime

2008-09-10 09:50:47 ----D---- C:\Program Files\Common Files\Apple

2008-09-08 17:39:56 ----D---- C:\Documents and Settings\marco\Application Data\Adobe

2008-09-08 17:26:20 ----D---- C:\WINDOWS\system32\Macromed

2008-09-07 10:36:31 ----ASH---- C:\boot.ini

2008-09-07 10:36:31 ----A---- C:\WINDOWS\win.ini

2008-09-07 10:36:31 ----A---- C:\WINDOWS\system.ini

2008-09-07 10:36:15 ----D---- C:\WINDOWS\pss

2008-09-06 22:48:34 ----D---- C:\Program Files\Google

2008-08-26 22:28:12 ----A---- C:\WINDOWS\system32\MRT.exe

2008-08-20 12:06:36 ----A---- C:\WINDOWS\SchedLgU.Txt

2008-08-20 12:01:29 ----D---- C:\WINDOWS\Prefetch

2008-08-20 10:17:14 ----D---- C:\WINDOWS\Registration

2008-08-19 13:38:59 ----D---- C:\WINDOWS\system32\ias

2008-08-17 14:25:50 ----D---- C:\WINDOWS\system32\FxsTmp

2008-08-13 19:36:39 ----D---- C:\Program Files\Messenger

2008-08-13 19:36:36 ----HD---- C:\WINDOWS\$hf_mig$

2008-08-13 19:34:05 ----D---- C:\Program Files\Internet Explorer

2008-08-11 20:52:08 ----D---- C:\WINDOWS\system32\ReinstallBackups

2008-08-05 19:22:00 ----D---- C:\Documents and Settings\marco\Application Data\Skype

2008-08-04 21:11:57 ----D---- C:\Program Files\Java

2008-08-03 12:15:55 ----D---- C:\Program Files

2008-08-03 11:29:40 ----D---- C:\Program Files\Spybot - Search & Destroy

2008-08-03 11:29:36 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

2008-08-03 11:28:01 ----D---- C:\WINDOWS\Temp

2008-08-02 21:08:21 ----D---- C:\Program Files\adslTV

2008-08-02 18:37:52 ----D---- C:\Program Files\Mozilla Firefox

2008-08-02 13:43:20 ----D---- C:\Program Files\TrackMania Nations ESWC

2008-07-31 10:47:28 ----D---- C:\MyVideos

2008-07-30 22:39:30 ----D---- C:\Program Files\WinTV

2008-07-30 20:44:08 ----A---- C:\WINDOWS\HCWPNP.INI

2008-07-30 20:41:33 ----D---- C:\WINDOWS\system32

2008-07-30 20:41:32 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2008-07-30 20:41:28 ----D---- C:\WINDOWS\system32\CatRoot2

2008-07-30 10:09:44 ----D---- C:\Program Files\Sony Ericsson

2008-07-30 10:05:03 ----D---- C:\Documents and Settings\marco\Application Data\StarOffice8

2008-07-28 13:26:31 ----HD---- C:\WINDOWS\inf

2008-07-27 14:55:45 ----D---- C:\Program Files\Amazon

2008-07-27 14:55:45 ----D---- C:\Documents and Settings\marco\Application Data\Amazon

2008-07-26 12:51:51 ----SHD---- C:\WINDOWS\CSC

2008-07-26 11:07:28 ----D---- C:\Program Files\Winamp Remote

2008-07-26 00:39:05 ----D---- C:\WINDOWS\Debug

2008-07-23 18:33:17 ----AC---- C:\WINDOWS\WirelessFTP.INI

2008-07-22 09:42:25 ----D---- C:\Documents and Settings\marco\Application Data\DivX

2008-07-22 08:35:35 ----D---- C:\Program Files\DivX

2008-07-22 08:33:12 ----HD---- C:\Program Files\InstallShield Installation Information

2008-07-19 10:00:40 ----D---- C:\Program Files\EPSON

2008-07-18 22:10:48 ----A---- C:\WINDOWS\system32\cdm.dll

2008-07-18 22:10:42 ----A---- C:\WINDOWS\system32\wuauclt.exe

2008-07-18 22:10:40 ----A---- C:\WINDOWS\system32\wups2.dll

2008-07-18 22:10:24 ----A---- C:\WINDOWS\system32\wucltui.dll.mui

2008-07-18 22:10:20 ----A---- C:\WINDOWS\system32\wups.dll

2008-07-18 22:09:46 ----A---- C:\WINDOWS\system32\wucltui.dll

2008-07-18 22:09:44 ----A---- C:\WINDOWS\system32\wuweb.dll

2008-07-18 22:09:44 ----A---- C:\WINDOWS\system32\wuapi.dll

2008-07-18 22:09:42 ----A---- C:\WINDOWS\system32\wuaueng.dll

2008-07-18 22:09:42 ----A---- C:\WINDOWS\system32\wuapi.dll.mui

2008-07-18 22:08:34 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui

2008-07-18 18:40:58 ----D---- C:\Program Files\MSN Messenger

2008-07-18 15:01:27 ----SD---- C:\WINDOWS\Tasks

2008-07-11 14:42:28 ----N---- C:\WINDOWS\system32\tzchange.exe

2008-07-07 22:26:58 ----A---- C:\WINDOWS\system32\es.dll

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2005-08-03 16128]

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []

R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-07-18 75072]

R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2005-12-15 274432]

R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]

R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2005-12-15 81920]

R1 omci;OMCI WDM Device Driver; C:\WINDOWS\system32\DRIVERS\omci.sys [2004-02-14 17153]

R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2004-07-14 5627]

R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]

R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2004-07-14 23545]

R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]

R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2004-11-23 40480]

R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-18 13059]

R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2004-12-06 25883]

R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2004-12-06 34843]

R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2004-12-06 4123]

R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2004-12-06 2239]

R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2004-12-06 86586]

R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2004-12-06 15227]

R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2004-12-06 6363]

R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2004-12-06 98714]

R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2004-12-06 100603]

R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2004-11-17 108791]

R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]

R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-04 1273344]

R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []

R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]

R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]

R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]

R3 STAC97;SigmaTel C-Major Audio; C:\WINDOWS\system32\drivers\STAC97.sys [2005-03-11 273168]

R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2005-06-20 44288]

R3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2005-09-15 108672]

R3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2005-09-15 36480]

R3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2005-09-03 62592]

R3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]

R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2005-08-30 36608]

R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

R3 w29n51;Pilote de carte de connexion réseau Intel® PRO/Wireless 2915ABG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-10-22 3210496]

S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]

S3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2004-05-27 44928]

S3 BCOREUSB;BCOREUSB.Sys CSR test driver; C:\WINDOWS\System32\Drivers\BCOREUSB.sys [2005-10-03 86867]

S3 bvrp_pci;bvrp_pci; C:\WINDOWS\system32\drivers\bvrp_pci.sys []

S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 DSDrv4;DSDrv4; \??\C:\PROGRA~1\K!TV\Plugins\S_Bt8x8\DSDrv4.sys []

S3 E100B;Intel® PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-17 117760]

S3 hcw95bda;Hauppauge MOD7700 Tuner Driver; C:\WINDOWS\System32\Drivers\hcw95bda.sys [2007-10-25 487424]

S3 hcw95rc;Hauppauge MOD7700 IR Driver; C:\WINDOWS\system32\DRIVERS\hcw95rc.sys [2007-10-25 15488]

S3 HidIr;Microsoft Infrared HID Driver; C:\WINDOWS\system32\DRIVERS\hidir.sys [2008-04-13 19200]

S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-06-18 1041536]

S3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-06-18 200064]

S3 IrBus;Infrared bus filter driver for eHome remote controls; C:\WINDOWS\system32\DRIVERS\IrBus.sys [2008-04-13 46592]

S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]

S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]

S3 MPE;BDA MPE Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 nm;Network Monitor Driver; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]

S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2005-08-02 32512]

S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]

S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-10 5888]

S3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]

S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]

S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20050901.036\symidsco.sys []

S3 tapvpn;TAP VPN Adapter; C:\WINDOWS\system32\DRIVERS\tapvpn.sys [2008-01-23 27136]

S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]

S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2005-04-06 50048]

S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-09-05 36864]

S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2007-07-11 12416]

S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2007-07-11 19840]

S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2007-07-11 21632]

S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []

S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-06-18 685056]

S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]

S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]

S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]

S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]

S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]

S4 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys []

S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]

S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AntiVirScheduler;AntiVir PersonalEdition Classic Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-07-18 68865]

R2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-08-15 149761]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-05 116040]

R2 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]

R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]

R2 KPF4;Sunbelt Kerio Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe [2005-12-19 1368064]

R2 NICCONFIGSVC;NICCONFIGSVC; C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe [2005-06-09 356352]

R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-09-08 536872]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]

S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]

S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2005-08-02 86016]

S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]

S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]

S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-04 380928]

S4 Bluetooth Hid Switch Service;Bluetooth Hid Switch Service; C:\Program Files\BlueTooth\HidSwitchService\HidSw.exe [2005-08-30 188416]

S4 EPGService;EPGService; C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe [2007-11-05 431104]

S4 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 267776]

S4 gupdate1c8c4b690c5c512;Google Update Service (gupdate1c8c4b690c5c512); C:\Program Files\Google\Update\GoogleUpdate.exe [2008-07-18 119280]

S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-08-17 138680]

S4 HauppaugeTVServer;HauppaugeTVServer; C:\PROGRA~1\WinTV\HCWTVS~1.EXE [2007-11-07 815104]

S4 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]

 

-----------------EOF-----------------

 

et voici le suivant

info.txt logfile of random's system information tool 1.04 2008-08-03 12:17:06

 

======Uninstall list======

 

-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}

-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}

-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}

-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}

Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Reader 8.1.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}

Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log

adsl TV-->C:\Program Files\adslTV\Uninstal.exe

AFPL Ghostscript 8.54-->C:\Program Files\gs\uninstgs.exe "C:\Program Files\gs\gs8.54\uninstal.txt"

AFPL Ghostscript Fonts-->C:\Program Files\gs\uninstgs.exe "C:\Program Files\gs\fonts\uninstal.txt"

Album Cover Art Downloader 1.6.0-->"C:\Program Files\Album Cover Art Downloader\unins000.exe"

ALPS Touch Pad Driver-->C:\Program Files\Apoint\Uninstap.exe ADDREMOVE

Apple Mobile Device Support-->MsiExec.exe /I{C7C895CA-331B-4D7D-A0FB-D3BC637949F9}

Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}

Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe

Aspell French Dictionary-0.50-3-->"C:\Program Files\Aspell\unins001.exe"

ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe

ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x9

ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean

Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"

Autopano-SIFT 2.3-->"C:\Program Files\Autopano-SIFT-2.3\uninstall.exe"

Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE

AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"

Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}

Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}

Canon i320-->C:\WINDOWS\system32\CNMCP47.exe "-PRINTERNAMECanon i320" "-HELPERDLLC:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon i320 Installer\Inst2\cnmis.dll" "-RCDLLcnmi0409.dll"

CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"

CDex extraction audio-->"C:\Program Files\CDex_170b2\uninstall.exe"

Conexant D110 MDC V.9x Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1\HXFSETUP.EXE -U -Idel5422k.inf

Dell Driver Reset Tool-->MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}

Dell ResourceCD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D78653C3-A8FF-415F-92E6-D774E634FF2D}\setup.exe"

Digital Content Portal-->MsiExec.exe /I{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}

Digital Line Detect-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel

DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC

DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER

DivX Converter Mobile-->C:\Program Files\DivX\DivXConverterMeUninstall.exe /CONVERTERME

DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER

DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN

ELIcon-->MsiExec.exe /I{4667B940-BB01-428B-986E-A0CC46497BF7}

EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R

EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r

FileZilla (remove only)-->"C:\Program Files\FileZilla\uninstall.exe"

gen_tbar (Winamp 2)-->"C:\Program Files\Winamp\Plugins\un_gen_tbar_2.exe"

GNU Aspell 0.50-3-->"C:\Program Files\Aspell\unins000.exe"

Google AFE-->regsvr32 /u /s "c:\Program Files\GoogleAFE\GoogleAE.dll"

Google Earth Plugin-->MsiExec.exe /I{2798F1E1-544E-11DD-98EB-005056806466}

Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}

Google Talk (remove only)-->"C:\Program Files\Google\Google Talk\uninstall.exe"

Google Update-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

GTK+ 2.8.9 runtime environment-->"C:\Program Files\Common Files\GTK\2.0\unins000.exe"

Hauppauge French Help Files and Resources-->C:\PROGRA~1\WinTV\UNHLPfra.EXE C:\PROGRA~1\WinTV\WTV2Kfra.LOG

Hauppauge WinTV DVB-T EPG Service-->C:\WINDOWS\system32\UNWISE.EXE C:\WINDOWS\system32\UnEPGService.LOG

Hauppauge WinTV Scheduler-->C:\PROGRA~1\WinTV\\SCHEDU~1\uniSCHED.exe C:\PROGRA~1\WinTV\\SCHEDU~1\uniSCHED.log

Hauppauge WinTV TV Services-->C:\PROGRA~1\WinTV\uniTvSrv.exe C:\PROGRA~1\WinTV\UniTVSrv.LOG

Hauppauge WinTV-->C:\PROGRA~1\WinTV\UNTV6.EXE C:\PROGRA~1\WinTV\WINTV6.LOG

HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall

Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"

Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

Hugin 0.6.1-->"C:\Program Files\hugin\uninstall.exe"

IconTweaker-->"C:\Program Files\IconTweaker\Uninstall.exe"

Internal Network Card Power Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F528948-0E80-4C96-B455-DE4167CB1DF7}\setup.exe" -l0x9 UNINSTALL APPDRVNT4

InterVideo FilterSDK for Hauppauge-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2227E1FA-01F5-483C-AB0E-2A308E900B3D}\setup.exe" REMOVEALL

IsoBuster 2.0-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"

iTunes-->MsiExec.exe /I{EA418519-2160-43A0-AABD-6608DDD8D87F}

Java 2 Runtime Environment, SE v1.4.2_03-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}

Java 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}

Java 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}

Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}

Java SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}

Joost Beta 1.0.3-->C:\Program Files\Joost\uninst.exe

K-Lite Codec Pack 2.86 Full BETA-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"

LG PC Suite-->C:\Program Files\InstallShield Installation Information\{993960EE-CA4D-443F-8F88-E24260DD5FD2}\setup.exe -runfromtemp -l0x040c -removeonly

LG USB Modem driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\setup.exe" -l0x40c LG -removeonly

Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"

Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}

Microsoft Plus! Photo Story 2 LE-->MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}

Modem Helper-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel

Mozilla Firefox (3.0.2)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

Mozilla Thunderbird (2.0.0.16)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe

Mp3tag v2.39-->C:\Program Files\Mp3tag\Mp3tagUninstall.EXE

MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0-->MsiExec.exe /I{428102E6-8A39-48B9-8389-847F5A44A600}

MSXML 4.0-->MsiExec.exe /I{54BB0384-1C33-488F-A95B-877E480D3EDC}

MyPhoneExplorer-->C:\Program Files\MyPhoneExplorer\uninstall.exe

NetWaiting-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText

Noiseware Community Edition-->MsiExec.exe /I{92CA58DD-4475-461C-828B-4A832B1EC080}

OpenOffice.org 3.0-->MsiExec.exe /I{DC7A430A-B3B2-43D5-B663-7DBC51B68FD7}

Opera 9.50-->MsiExec.exe /X{7472B5B4-3FB7-446F-BC78-6BBA506EC473}

Paint.NET v3.31-->MsiExec.exe /X{51AFB69C-1C54-4C77-A888-2860F8CD3E7D}

Panneau de configuration MobileMe-->MsiExec.exe /I{6DA9102E-199F-43A0-A36B-6EF48081A658}

Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"

QuickSet-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C5074CC4-0E26-4716-A307-960272A90040}\setup.exe" -l0x9 UNINSTALL APPDRVNT4 - ALL

QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}

Real Alternative 1.51-->"C:\Program Files\Real Alternative\unins000.exe"

Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"

Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"

Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"

Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"

Simplify Media-->MsiExec.exe /X{7CFDD3EC-9A86-456B-B457-55A935E5E583}

Sina Web TV-->C:\PROGRA~1\sina\SINAWE~1\302~1.9BE\UNWISE.EXE C:\PROGRA~1\sina\SINAWE~1\302~1.9BE\Install.LOG

Skype 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}

Sonic DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}

Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}

Sonic MyDVD LE-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}

Sonic RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}

Sonic RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}

Sonic RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}

Spybot - Search & Destroy 1.5.2.20-->"C:\WINDOWS\unins000.exe"

Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"

Sunbelt Kerio Personal Firewall-->MsiExec.exe /X{A990EAA7-8941-4621-BC27-4F16261D3180}

The GIMP 2.2.13-->"C:\Program Files\GIMP-2.0\unins000.exe"

TrackMania Nations ESWC 1.7.9-->"C:\Program Files\TrackMania Nations ESWC\unins000.exe"

TuxGuitar-->C:/Program Files/tuxguitar-0.9.1-update1/uninstall.exe

Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"

Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"

VideoLAN VLC media player 0.8.6h-->C:\Program Files\VideoLAN\VLC\uninstall.exe

Videora iPod touch Converter 3.07-->C:\Program Files\Red Kawa\Video Converter 3\uninstaller.exe

Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u

VTPlus32 pour WinTV (French)-->C:\PROGRA~1\vtplus\UNVTplus.exe C:\PROGRA~1\vtplus\VTPlus.LOG

Winamp Remote-->"C:\Program Files\Winamp Remote\uninstall.exe"

Winamp-->"C:\Program Files\Winamp\UninstWA.exe"

Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}

Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

Windows Media Player 10-->MsiExec.exe /I{33BB4982-DC52-4886-A03B-F4C5C80BEE89}

Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

WinPcap 3.1-->"C:\Program Files\WinPcap\Uninstall.exe" "C:\Program Files\WinPcap\install.log"

WinSCP 4.0.6-->"C:\Program Files\WinSCP\unins000.exe"

 

======Hosts File======

 

127.0.0.1 localhost

127.0.0.1 0.gohip.com

127.0.0.1 0000000.free.fr

127.0.0.1 0000-sex-pics.com

127.0.0.1 0001abbottspics.com

127.0.0.1 0007dildosnvibrators.com

127.0.0.1 000babes.com

127.0.0.1 000bondage.com

127.0.0.1 000buy.com #site parasite de e-commerce

127.0.0.1 000domains.com

 

======Security center information======

 

AV: Avira AntiVir PersonalEdition

FW: Kerio Personal Firewall

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"GS_LIB"=C:\Program Files\gs\gs8.54\lib

"GS_PROG"=C:\Program Files\gs\gs8.54\bin\gswin32.exe

"NUMBER_OF_PROCESSORS"=1

"OS"=Windows_NT

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\GTK\2.0\bin;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel

"PROCESSOR_LEVEL"=6

"PROCESSOR_REVISION"=0d08

"SonicCentral"=C:\Program Files\Common Files\Sonic Shared\Sonic Central\

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"windir"=%SystemRoot%

"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

 

-----------------EOF-----------------

 

Merci encore et bon week-end

Thanos Devil Member !

Thanos

Posté(e)
Posté(e)

Il y a des dignes d'infection sur ce rapport: nous allons faire un scan rapide du pc à l'aide d'un programme efficace que tu pourras conserver par la suite >>

 

Télécharge Malwarebytes' Anti-Malware (MBAM)

 

Branche tous les supports amovibles que tu possèdes avant de faire ce scan (clé usb/disque dur externe etc)

  • Double clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
  • Sélectionne "Exécuter un examen rapide"
  • Clique sur "Rechercher"
  • L'analyse démarre, le scan est relativement long, c'est normal.
  • A la fin de l'analyse, un message s'affiche :
    L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.
    Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
    Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.

mourkos Extrem Member

mourkos

Posté(e)
  • Auteur
Posté(e)

Malwarebytes' Anti-Malware 1.28

Database version: 1227

Windows 5.1.2600 Service Pack 3

 

03/08/2008 12:57:39

mbam-log-2008-08-03 (12-57-39).txt

 

Scan type: Quick Scan

Objects scanned: 47321

Time elapsed: 8 minute(s), 7 second(s)

 

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

 

Memory Processes Infected:

(No malicious items detected)

 

Memory Modules Infected:

(No malicious items detected)

 

Registry Keys Infected:

(No malicious items detected)

 

Registry Values Infected:

(No malicious items detected)

 

Registry Data Items Infected:

(No malicious items detected)

 

Folders Infected:

(No malicious items detected)

 

Files Infected:

C:\Documents and Settings\marco\results.txt (Malware.Trace) -> Quarantined and deleted successfully.

 

voici le rapport.

Si tu m'as demandé de vérifié mes périphériques, c'est que tu penses que le virus peut venir de l'un d'eux ? car dans ce cas ne devrais-je pas faire un scan du pc de ma copine ? Elle a aussi un mac, cela peut venir de celui-ci -via- une clef usb ? J'utilise le disque dur de ma freebox en ftp local, faut-il la scanner aussi ?

Merci encore de ton aide

mourkos Extrem Member

mourkos

Posté(e)
  • Auteur
Posté(e)

up ^^

Thanos Devil Member !

Thanos

Posté(e)
Posté(e)

salut :P

 

Si tu m'as demandé de vérifié mes périphériques, c'est que tu penses que le virus peut venir de l'un d'eux ? car dans ce cas ne devrais-je pas faire un scan du pc de ma copine ? Elle a aussi un mac, cela peut venir de celui-ci -via- une clef usb ? J'utilise le disque dur de ma freebox en ftp local, faut-il la scanner aussi ?

Oui, si je t'ai demandé de brancher tes supports amovibles avant de faire le scan MBAM, c'est parce qu'il y a des traces d'infection qui utilisent ce moyen de propagation. De quoi s'agit il exactement ? Lis ce très bon tutoriel de Gof pour comprendre comment les pc sont infecté par clé usb >> http://forum.zebulon.fr/infections-par-sup...es-t131959.html

 

MBAM n'a rien trouvé, il s'agit donc de traces dans le registre que l'on va éliminer comme ceci >>

 

1°) Désactive le teatimer de Spybot en passant par les options de Spybot: une fois dans le logiciel, il faut aller dans le menu "Mode" => coche "Mode avancé" => "Outils"(en bas de page)=> "Résident" => et tu décoches cette case: "Résident Teatimer" . Tu ne doit plus voir l'icône du Teatimer dans la barre de tâches!

 

2°) Rend toi sur cette page afin de télécharger le fichier fix.reg sur ton Bureau => http://www.sendspace.com/file/lwp1cn

pour cela, clique sur le lien en bas de page > pointright.gifDownload Link: fix.reg

Double-clique sur le fichier: au message qui s'affiche, clique sur OK pour faire fusionner le fichier avec le registre.

Elimine le fichier une fois l'opération effectuée.

 

3°) Un nettoyage dans les différentes versions Java installées sur ton pc >>

 

Télécharge JavaRa.zip de Paul McLain et Fred de Vries.

  • Décompresse le fichier sur ton bureau (clic droit > Extraire tout)
  • Double-clique sur le répertoire JavaRa obtenu
  • Puis double-clique sur le fichier JavaRa.exe (le exe peut ne pas s'afficher)
  • Une boite va s'ouvrir te demandant de sélectionner le langage, fais ton choix puis clique sur Select.
  • Clique sur Search For Updates
  • Sélectionne Update Using jucheck.exe puis clique sur Search
  • Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
  • Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions
  • Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
  • Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
    Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log (c:\JavaRa.log)
  • Ferme l'application

Poste le rapport stp.

Tu peux scanner le disque dur de ta freebox avec Antivir: si tu le fais, poste moi le rapport :P

mourkos Extrem Member

mourkos

Posté(e)
  • Auteur
Posté(e)

JavaRa 1.11 Removal Log.

 

Report follows after line.

 

------------------------------------

 

The JavaRa removal process was started on Mon Aug 04 14:52:22 2008

 

Found and removed: C:\Program Files\Java\j2re1.4.2_03

 

Found and removed: C:\Program Files\Java\jre1.6.0_01

 

Found and removed: C:\Program Files\Java\jre1.6.0_02

 

Found and removed: C:\Program Files\Java\jre1.6.0_04

 

Found and removed: C:\Program Files\Common Files\Java\Update\Base Images\j2re1.4.2-b28

 

Found and removed: C:\Windows\Installer\{7148F0A8-6813-11D6-A77B-00B0D0142030}

 

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.4

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}

 

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610001

 

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610002

 

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610004

 

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610001

 

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610002

 

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610004

 

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001

 

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002

 

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610004

 

Found and removed: SOFTWARE\Classes\JavaPlugin.160_01

 

Found and removed: SOFTWARE\Classes\JavaPlugin.160_02

 

Found and removed: SOFTWARE\Classes\JavaPlugin.160_04

 

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_01

 

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_02

 

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_04

 

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_01

 

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_02

 

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_04

 

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610004

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610001

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610002

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610004

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610001

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610002

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610004

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160010}

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160020}

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160040}

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7148F0A8-6813-11D6-A77B-00B0D0142030}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}

 

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F841731866D117AB7000B0D410203

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F841731866D117AB7000B0D410203

 

Found and removed: SOFTWARE\Classes\JavaPlugin.142_03

 

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.4.2_03

 

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.4.2_03

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.4.2_03

 

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\JavaPlugin.142_03

 

Found and removed: Software\Classes\JavaPlugin.160_01

 

Found and removed: Software\Classes\JavaPlugin.160_02

 

Found and removed: Software\Classes\JavaPlugin.160_04

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_04\

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\bin\

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\bin\

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_04\bin\

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_01.b06\

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_04.b12\

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_01

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_02

 

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_04

 

Found and removed: Software\JavaSoft\Java2D\1.6.0_01

 

Found and removed: Software\JavaSoft\Java2D\1.6.0_02

 

Found and removed: Software\JavaSoft\Java2D\1.6.0_04

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

 

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

 

------------------------------------

 

Finished reporting.

 

 

 

voilà déjà le rapport

Thanos Devil Member !

Thanos

Posté(e)
Posté(e) (modifié)

salut :P

 

Désolé pour l'attente!! Ok pour le rapport de JavaRa qui a fait son nettoyage.

As tu fait le scan à l'aide d'Antivir? a t'il trouvé quelque chose ?

Modifié par Thanos

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...