ordi infecter

Citation

Logfile of random's system information tool 1.08 (written by random/random)
Run by Proprietaire at 2010-08-22 10:04:25
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 109 GB (72%) free of 153 GB
Total RAM: 478 MB (24% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:04:29, on 2010-08-22
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\ZSSnp211.exe
C:\WINDOWS\Domino.exe
C:\Program Files\rkfree\rkfree.exe
C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Proprietaire\Bureau\RSIT.exe
C:\Program Files\trend micro\Proprietaire.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2535290
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ZSSnp211] C:\WINDOWS\ZSSnp211.exe
O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.exe
O4 - HKLM\..\Run: [rkfree] "C:\Program Files\rkfree\rkfree.exe" /b
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\RunOnce: [UniblueRegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x092e -f video -m logitech -d 11.90.1262.0 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x092e -f video -m logitech -d 11.90.1262.0 (User 'Default user')
O4 - S-1-5-18 Startup: PowerReg Scheduler V3.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: PowerReg Scheduler V3.exe (User 'Default user')
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1232718842984
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Service de planification Media Center (ehSched) - Unknown owner - C:\WINDOWS\eHome\ehSched.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NTRConnect (ntrconnect) - Unknown owner - C:\Program Files\NTR global\NTRconnect\NTRconnect.exe (file missing)
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

--
End of file - 10837 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Norton Security Scan for Proprietaire.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-17 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-07-17 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"SunJavaUpdateSched"=C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-05-14 248552]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"ZSSnp211"=C:\WINDOWS\ZSSnp211.exe [2008-05-01 57344]
"Domino"=C:\WINDOWS\Domino.exe [2008-05-01 49152]
"rkfree"=C:\Program Files\rkfree\rkfree.exe [2010-06-08 71168]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-06-02 1144104]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2010-07-12 74752]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-08-10 421888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-12-23 143360]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"UniblueRegistryBooster"=C:\Program Files\Uniblue\RegistryBooster\launcher.exe delay 20000 []
"FlashPlayerUpdate"=C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_Plugin.exe [2010-07-24 231888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
C:\Program Files\VIAudioi\HDADeck\HDeck.exe [2009-01-22 679936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
C:\WINDOWS\system32\VTTimer.exe [2009-01-22 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTrayp]
C:\WINDOWS\system32\VTtrayp.exe [2009-01-22 163840]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Documents and Settings\Proprietaire\Menu Démarrer\Programmes\Démarrage
PowerReg Scheduler V3.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayL oad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-13 240128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ntrconnect]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewall policy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewall policy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

======List of files/folders created in the last 3 months======

2010-08-21 12:46:21 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2010-08-21 12:45:25 ----SHD---- C:\Config.Msi
2010-08-17 09:21:00 ----D---- C:\Documents and Settings\Proprietaire\Application Data\Uniblue
2010-08-17 09:19:46 ----D---- C:\Documents and Settings\Proprietaire\Application Data\OpenCandy
2010-08-17 09:19:42 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2010-08-17 09:19:41 ----D---- C:\WINDOWS\LastGood
2010-08-17 09:19:39 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-08-17 09:19:21 ----D---- C:\WINDOWS\Logs
2010-08-17 09:19:02 ----D---- C:\Program Files\Winamp Detect
2010-08-17 09:18:26 ----D---- C:\Program Files\Winamp
2010-08-17 09:18:26 ----D---- C:\Documents and Settings\Proprietaire\Application Data\Winamp
2010-08-16 17:02:56 ----D---- C:\Documents and Settings\Proprietaire\Application Data\com.smashingideas.ICanBeGrandPrize.955FB31728C43225F1147BC469B6F02AA2FCF43E.1
2010-08-16 17:02:40 ----D---- C:\Program Files\Fichiers communs\Adobe AIR
2010-08-16 17:02:33 ----D---- C:\Program Files\Mattel
2010-08-12 03:10:15 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-08-12 03:10:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2010-08-12 03:09:44 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-08-12 03:09:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-08-12 03:03:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$
2010-08-12 03:03:33 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-08-12 03:01:03 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-08-12 03:00:50 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2010-08-06 18:54:15 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
2010-08-06 18:54:14 ----D---- C:\Program Files\Fichiers communs\Java
2010-08-06 18:53:35 ----A---- C:\WINDOWS\system32\javaws.exe
2010-08-06 18:53:35 ----A---- C:\WINDOWS\system32\javaw.exe
2010-08-06 18:53:35 ----A---- C:\WINDOWS\system32\java.exe
2010-08-06 18:53:35 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-08-06 18:32:45 ----D---- C:\Program Files\CCleaner
2010-08-06 18:18:11 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2010-08-03 03:00:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-07-18 08:53:18 ----D---- C:\Documents and Settings\Proprietaire\Application Data\Apple Computer
2010-07-18 07:05:04 ----D---- C:\Program Files\QuickTime
2010-07-18 07:04:20 ----D---- C:\Program Files\Fichiers communs\Apple
2010-07-18 07:03:35 ----D---- C:\Program Files\Apple Software Update
2010-07-18 07:03:35 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2010-07-15 03:12:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-07-14 09:27:33 ----D---- C:\WINDOWS\system32\drivers\NSS
2010-07-14 09:27:32 ----D---- C:\Program Files\Norton Security Scan
2010-07-14 09:27:32 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2010-07-14 09:27:32 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2010-07-14 09:27:29 ----D---- C:\Program Files\NortonInstaller
2010-07-14 09:27:29 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2010-06-26 21:11:43 ----D---- C:\Documents and Settings\Proprietaire\Application Data\DivX
2010-06-26 21:10:55 ----N---- C:\WINDOWS\system32\pxsfs.dll
2010-06-26 21:10:55 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2010-06-26 21:10:55 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2010-06-26 21:10:55 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2010-06-26 21:10:55 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2010-06-26 21:10:55 ----N---- C:\WINDOWS\system32\pxafs.dll
2010-06-26 21:09:49 ----D---- C:\Program Files\Fichiers communs\DivX Shared
2010-06-26 21:05:25 ----D---- C:\Program Files\DivX
2010-06-26 21:04:57 ----D---- C:\Documents and Settings\All Users\Application Data\DivX
2010-06-25 10:55:47 ----D---- C:\Program Files\LimeWire
2010-06-17 11:32:30 ----D---- C:\Program Files\Adobe
2010-06-13 03:16:06 ----A---- C:\WINDOWS\system32\win3_2.exe
2010-06-09 03:32:15 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-06-09 03:31:39 ----HDC---- C:\WINDOWS\$NtUninstallKB979904$
2010-06-09 03:29:34 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-06-09 03:23:41 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-06-09 03:17:31 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-06-09 03:17:21 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-06-09 03:16:57 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-06-08 09:20:18 ----D---- C:\Program Files\rkfree
2010-06-08 09:20:18 ----AD---- C:\Documents and Settings\All Users\Application Data\rkfree
2010-06-08 09:17:33 ----A---- C:\Program Files\rkfree_setup.exe
2010-06-07 17:45:28 ----D---- C:\Documents and Settings\Proprietaire\Application Data\ntr
2010-05-26 03:00:23 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$

======List of files/folders modified in the last 3 months======

2010-08-22 10:04:28 ----D---- C:\Program Files\trend micro
2010-08-22 10:01:42 ----D---- C:\WINDOWS\Prefetch
2010-08-21 20:24:51 ----D---- C:\WINDOWS\Temp
2010-08-21 12:49:00 ----SHD---- C:\WINDOWS\Installer
2010-08-21 12:46:38 ----D---- C:\WINDOWS\system32
2010-08-18 20:34:02 ----HD---- C:\WINDOWS\inf
2010-08-18 20:34:02 ----D---- C:\Program Files\Windows Live Safety Center
2010-08-18 19:12:24 ----RD---- C:\Program Files
2010-08-17 09:19:44 ----D---- C:\WINDOWS\system32\DirectX
2010-08-17 09:19:41 ----D---- C:\WINDOWS
2010-08-16 17:02:49 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-08-16 17:02:40 ----D---- C:\Program Files\Fichiers communs
2010-08-16 17:02:21 ----D---- C:\Documents and Settings\Proprietaire\Application Data\Adobe
2010-08-16 16:45:27 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2010-08-16 16:38:42 ----A---- C:\WINDOWS\win.ini
2010-08-15 11:00:06 ----D---- C:\Program Files\McAfee Security Scan
2010-08-14 11:34:40 ----A---- C:\WINDOWS\ModemLog_AOpen FM56-PX Controllerless PCI Modem.txt
2010-08-14 10:29:26 ----D---- C:\WINDOWS\Registration
2010-08-14 10:29:15 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-14 10:27:45 ----D---- C:\WINDOWS\system32\drivers
2010-08-14 10:26:55 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-13 10:30:38 ----D---- C:\WINDOWS\Debug
2010-08-12 03:20:28 ----RSD---- C:\WINDOWS\assembly
2010-08-12 03:16:16 ----D---- C:\WINDOWS\Microsoft.NET
2010-08-12 03:10:17 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-12 03:10:12 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-12 03:08:16 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-12 03:07:33 ----D---- C:\WINDOWS\WinSxS
2010-08-12 03:04:13 ----D---- C:\Program Files\Internet Explorer
2010-08-12 03:04:06 ----D---- C:\WINDOWS\ie8updates
2010-08-12 03:01:05 ----D---- C:\Program Files\Movie Maker
2010-08-06 18:53:30 ----D---- C:\Program Files\Java
2010-08-06 18:28:46 ----D---- C:\Program Files\Google
2010-08-06 18:18:07 ----SD---- C:\WINDOWS\Tasks
2010-08-06 18:11:02 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-06 18:11:02 ----A---- C:\WINDOWS\Hulabee.ini
2010-08-06 18:08:21 ----D---- C:\Program Files\Fichiers communs\InstallShield
2010-08-03 14:09:31 ----A---- C:\WINDOWS\system32\MRT.exe
2010-07-27 02:30:01 ----A---- C:\WINDOWS\system32\shell32.dll
2010-07-24 18:48:48 ----D---- C:\Program Files\Mozilla Firefox
2010-07-24 16:52:17 ----D---- C:\Program Files\Messenger Plus! Live
2010-07-10 12:01:26 ----A---- C:\WINDOWS\NeroDigital.ini
2010-06-30 08:32:14 ----A---- C:\WINDOWS\system32\schannel.dll
2010-06-24 17:55:24 ----A---- C:\WINDOWS\system32\ieframe.dll
2010-06-24 08:25:24 ----A---- C:\WINDOWS\system32\wininet.dll
2010-06-24 08:25:24 ----A---- C:\WINDOWS\system32\urlmon.dll
2010-06-24 08:25:24 ----A---- C:\WINDOWS\system32\occache.dll
2010-06-24 08:25:24 ----A---- C:\WINDOWS\system32\mstime.dll
2010-06-24 08:25:23 ----A---- C:\WINDOWS\system32\mshtml.dll
2010-06-24 08:25:23 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2010-06-24 08:25:23 ----A---- C:\WINDOWS\system32\msfeeds.dll
2010-06-24 08:25:22 ----N---- C:\WINDOWS\system32\jsproxy.dll
2010-06-24 08:25:22 ----A---- C:\WINDOWS\system32\iertutil.dll
2010-06-24 08:25:22 ----A---- C:\WINDOWS\system32\iepeers.dll
2010-06-24 08:25:21 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2010-06-23 08:08:09 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2010-06-17 11:32:55 ----D---- C:\Program Files\Fichiers communs\Adobe
2010-06-17 10:03:10 ----A---- C:\WINDOWS\system32\iccvid.dll
2010-06-14 03:42:25 ----A---- C:\WINDOWS\system32\msxml3.dll
2010-06-09 19:01:10 ----N---- C:\WINDOWS\system32\vxblock.dll
2010-06-09 19:01:10 ----N---- C:\WINDOWS\system32\pxwave.dll
2010-06-09 19:01:10 ----N---- C:\WINDOWS\system32\pxmas.dll
2010-06-09 19:01:10 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2010-06-09 19:01:10 ----N---- C:\WINDOWS\system32\pxdrv.dll
2010-06-09 19:01:10 ----N---- C:\WINDOWS\system32\px.dll
2010-06-09 09:09:20 ----D---- C:\WINDOWS\system32\LogFiles
2010-06-06 20:31:21 ----D---- C:\Program Files\Microsoft Silverlight
2010-06-06 13:50:16 ----D---- C:\Documents and Settings\Proprietaire\Application Data\dvdcss
2010-06-04 05:20:27 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-04-27 45648]
R0 uagp35;Filtre AGP version 3.5 Microsoft; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-13 44672]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-07-13 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-10 56816]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2001-10-22 9855]
R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HdAudAddService;VIA High Definition Audio Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2009-01-22 134656]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-10-27 138240]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2009-01-22 247680]
R3 Winachcf;Winachcf; C:\WINDOWS\system32\DRIVERS\winachcf.sys [2002-04-30 917988]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys []
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2008-12-17 41752]
S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2008-12-17 495640]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZSMC211;ZSMC USB PC Camera (ZS211); C:\WINDOWS\System32\Drivers\ZS211.sys [2007-06-08 1534464]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-18 185089]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-17 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S2 ntrconnect;NTRConnect; C:\Program Files\NTR global\NTRconnect\NTRconnect.exe []
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-30 182768]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Citation

======= RAPPORT D'AD-REMOVER 2.0.0.1,D | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par C_XX le 26/07/10 à 12:00
Contact: AdRemover.contact[AT]gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html

C:\Program Files\Ad-Remover\main.exe (CLEAN [2]) -> Lancé à 08:51:17 le 26/09/2010, Mode normal

Microsoft Windows XP Professionnel Service Pack 3 (X86)
Proprietaire@PROPRIET-A08C1A ( )

============== ACTION(S) ==============



(!) -- Fichiers temporaires supprimés.



============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.6.8 (fr)] **

-- C:\Documents and Settings\Proprietaire\Application Data\Mozilla\FireFox\Profiles\s9w9tdgk.default\Prefs.js --
browser.download.dir, C:\\Documents and Settings\\Proprietaire\\Mes documents\\Téléchargement
browser.search.selectedEngine, Wikipédia (fr)
browser.startup.homepage, hxxp://www.facebook.com/
browser.startup.homepage_override.mstone, rv:1.9.2.8

========================================

** Internet Explorer Version [8.0.6001.18702] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 6 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 16 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 26/09/2010 (4807 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 26/09/2010 (506 Octet(s))
C:\Ad-Report-SCAN[1].txt - 26/09/2010 (4659 Octet(s))

Fin à: 08:53:31, 26/09/2010

============== E.O.F ==============

Citation

======= RAPPORT D'AD-REMOVER 2.0.0.1,D | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par C_XX le 26/07/10 à 12:00
Contact: AdRemover.contact[AT]gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 08:42:27 le 26/09/2010, Mode normal

Microsoft Windows XP Professionnel Service Pack 3 (X86)
Proprietaire@PROPRIET-A08C1A ( )

============== ACTION(S) ==============


0,Fichier supprimé: C:\Documents and Settings\Proprietaire\Application Data\Mozilla\FireFox\Profiles\s9w9tdgk.default\prefs.js.ask.bak
0,Fichier supprimé: C:\Documents and Settings\Proprietaire\Application Data\Mozilla\FireFox\Profiles\s9w9tdgk.default\searchplugins\mywebsearch.xml
0,Fichier supprimé: C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\ASKSUTBLOG
0,Dossier supprimé: C:\Documents and Settings\All Users\Application Data\AGI
0,Dossier supprimé: C:\Documents and Settings\Proprietaire\Local Settings\Application Data\Conduit
0,Dossier supprimé: C:\Program Files\Conduit

(!) -- Fichiers temporaires supprimés.


-- Fichier ouvert: C:\Documents and Settings\Proprietaire\Application Data\Mozilla\FireFox\Profiles\s9w9tdgk.default\Prefs.js --
Ligne supprimée: user_pref("browser.search.defaultthis.engineName", "Messenger Plus Live CA-EN Customized Web Search"...
Ligne supprimée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2535290&Sea...
Ligne supprimée: user_pref("extensions.mywebsearch.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensea...
Ligne supprimée: user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Ligne supprimée: user_pref("extensions.mywebsearch.prevKwdURL", "chrome://browser-region/locale/region.properties");
-- Fichier Fermé --


1,Clé supprimée: HKLM\Software\Classes\CLSID\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
0,Clé supprimée: HKCU\Software\Conduit
0,Clé supprimée: HKCU\Software\FunWebProducts
3,Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
0,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D}
0,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
0,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
0,Clé supprimée: HKLM\Software\Microsoft\Code Store Database\Distribution Units\CabBuilder

0,Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.6.8 (fr)] **

-- C:\Documents and Settings\Proprietaire\Application Data\Mozilla\FireFox\Profiles\s9w9tdgk.default\Prefs.js --
browser.download.dir, C:\\Documents and Settings\\Proprietaire\\Mes documents\\Téléchargement
browser.search.selectedEngine, Wikipédia (fr)
browser.startup.homepage, hxxp://www.facebook.com/
browser.startup.homepage_override.mstone, rv:1.9.2.8

========================================

** Internet Explorer Version [8.0.6001.18702] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 6 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 26/09/2010 (1803 Octet(s))
C:\Ad-Report-SCAN[1].txt - 26/09/2010 (4659 Octet(s))

Fin à: 08:44:41, 26/09/2010

============== E.O.F ==============