Il y a actuellement 81 visiteurs
Samedi 28 Décembre 2024
accueilactualitésdossierscomparer les prixtélécharger gratuitement vos logicielsoffres d'emploiforum informatique
Connexion
Créer un compte

antimalware doctor [Résolu]

Un ordinateur qui ralentit, des écrans publicitaires qui apparaissent, des applications qui refusent de démarrer ou encore votre navigateur qui s'obstine à ouvrir une page douteuse sont autant d'éléments qui indiquent que l'intégrité de votre ordinateur est menacée par un virus. Vous trouverez dans ce forum quelques conseils et logiciels pour surfer tranquillement.
Règles du forum
Pour afficher un rapport d'analyse ou un rapport d'infection (HijackThis, OTL, AdwCleaner etc...)‎, veuillez utiliser le système de fichiers joints interne au forum. Seuls les formats les .txt et .log de moins de 1Mo sont acceptés. Pour obtenir de l'aide pour insérer vos fichiers joints, veuillez consulter ce tutoriel

antimalware doctor [Résolu]

Message le 26 Avr 2010 19:25

Bonjour, j'ai attrapé ce virus.
Sous vos conseils j'ai fait un sacn avec malwarebytes je vous met le rapport
Merci de vos réponses
Malwarebytes' Anti-Malware 1.45
http://www.malwarebytes.org

Version de la base de données: 4039

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18904

26/04/2010 20:20:41
mbam-log-2010-04-26 (20-20-41).txt

Type d'examen: Examen complet (C:\|D:\|E:\|)
Elément(s) analysé(s): 245817
Temps écoulé: 1 heure(s), 16 minute(s), 24 seconde(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 8
Valeur(s) du Registre infectée(s): 8
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 4
Fichier(s) infecté(s): 19

Processus mémoire infecté(s):
C:\Users\amugler\AppData\Roaming\827A9A0400E033807ECF63CDE5B536F6\newupdate1142C.exe (Malware.Packer.Gen) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\Users\amugler\AppData\Local\tprdsh.dll (Trojan.Hiloti) -> Delete on reboot.
C:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\AppID\{38061edc-40bb-4618-a8da-e56353347e6d} (Adware.EZlife) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{a9722a0d-365f-47d2-b70b-37d046316d99} (Adware.EZlife) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\YVIBBBHA8C (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\QZAIB7KITK (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nrakevevuko (Trojan.Hiloti) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\newupdate1142c.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\yvibbbha8c (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\canaveral (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ezlife (Adware.EZlife) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lsdefrag (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.exe\shell\open\command\(default) (Hijack.ExeFile) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\secfile\shell\open\command\(default) (Rogue.MultipleAV) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Users\amugler\AppData\Local\av.exe" /START "C:\Program Files\Internet Explorer\iexplore.exe") Good: (iexplore.exe) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Program Files\Smart-Ads-Solutions (Adware.SmartAds) -> Quarantined and deleted successfully.
C:\Program Files\Smart-Ads-Solutions\SmartAds (Adware.SmartAds) -> Quarantined and deleted successfully.
C:\Program Files\ezLife (Adware.EzLife) -> Quarantined and deleted successfully.
C:\Program Files\ezLife\ezLife (Adware.EzLife) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Users\amugler\AppData\Local\tprdsh.dll (Trojan.Hiloti) -> Delete on reboot.
C:\Users\amugler\AppData\Roaming\827A9A0400E033807ECF63CDE5B536F6\newupdate1142C.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\amugler\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3TE99JTA\newupdate1142C[1].exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\amugler\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZYR8L7F\stp04cbd[1].exe (Trojan.FraudTool) -> Quarantined and deleted successfully.
C:\Users\amugler\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IXY511UH\stp1f8ff[1].exe (Trojan.Hiloti) -> Quarantined and deleted successfully.
C:\Users\amugler\AppData\Local\Temp\Cjb.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\amugler\AppData\Local\Temp\stp04cbd.exe (Trojan.FraudTool) -> Quarantined and deleted successfully.
C:\Users\amugler\AppData\Local\Temp\stp1f8ff.exe (Trojan.Hiloti) -> Quarantined and deleted successfully.
E:\KEY CHANGER\Keyfinder v1.51.exe (Application.FindKey) -> Delete on reboot.
C:\Users\amugler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Antimalware Doctor.lnk (Rogue.AntiMalwareDoctor) -> Quarantined and deleted successfully.
C:\Users\amugler\AppData\Local\Temp\Cjd.exe (Trojan.FakeAlert) -> Delete on reboot.
C:\Users\amugler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
C:\Users\root\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
C:\Users\amugler\Desktop\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
C:\Users\root\Desktop\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
C:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.
C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\amugler\AppData\Local\Temp\orcenxsamw.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
yanke64
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 16
Inscription: 26 Avr 2010 13:56
 


Re: antimalware doctor

Message le 26 Avr 2010 19:42

Bonjour

OK déjà une partie de supprimer.

fait ceci pour contrôle.


* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Output" (en haut à droite) la case "minimal Output" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Custom scan/fixes"

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
vstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles



* Cliques sur l'icône "Run Scan" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: antimalware doctor

Message le 26 Avr 2010 20:36

voici le rapport du scan OTL
OTL logfile created on: 26/04/2010 21:15:36 - Run 1
OTL by OldTimer - Version 3.2.3.0 Folder = C:\Users\amugler\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,03 Gb Total Space | 77,37 Gb Free Space | 51,92% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 686,44 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DEG3701
Current User Name: amugler
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\amugler\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe (Canal+ Active)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe (McAfee, Inc.)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Symantec\Ghost\ngtray.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec\Ghost\ngctw32.exe (Symantec Corporation)
PRC - C:\Program Files\McAfee\Common Framework\naPrdMgr.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\Common Framework\UdaterUI.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\Common Framework\Mctray.exe (McAfee, Inc.)


========== Modules (SafeList) ==========

MOD - C:\Users\amugler\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (CanalPlus.VOD) -- C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe (Canal+ Active)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (McShield) -- C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe (McAfee, Inc.)
SRV - (McTaskManager) -- C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe (McAfee, Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (NGCLIENT) -- C:\Program Files\Symantec\Ghost\ngctw32.exe (Symantec Corporation)
SRV - (McAfeeFramework) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc.)


========== Driver Services (SafeList) ==========

DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (usbaudio) Pilote USB audio (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (RTSTOR) -- C:\Windows\System32\drivers\RTSTOR.sys (Realtek Semiconductor Corp.)
DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mfetdik) -- C:\Windows\system32\drivers\mfetdik.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell)
DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.univ-pau.fr/live/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BC 68 07 15 CF 69 CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


[2010/04/08 15:45:45 | 000,000,000 | ---D | M] -- C:\Users\amugler\AppData\Roaming\mozilla\Extensions
[2010/04/08 15:45:45 | 000,000,000 | ---D | M] -- C:\Users\amugler\AppData\Roaming\mozilla\Extensions\MediaCoder-Setup-Wizard
[2009/12/21 12:51:23 | 000,000,000 | ---D | M] -- C:\Users\amugler\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2010/04/08 17:35:02 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/07/17 10:40:12 | 000,704,512 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2010/02/09 13:17:14 | 001,933,312 | ---- | M] (Total Immersion) -- C:\Program Files\Mozilla Firefox\plugins\NPDFusionWebFirefox.dll

O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [CANAL+ CANALSAT A LA DEMANDE] C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\Launcher.exe (Canal+)
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\McAfee\Common Framework\UdaterUI.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NGTray] C:\Program Files\Symantec\Ghost\ngtray.exe (Symantec Corporation)
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found
O4 - HKCU..\Run: [SJelite3Launch] C:\Users\amugler\AppData\Roaming\Transcend\SJelite3\SJelite3Launch.exe ()
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maco ... _5_2_1.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://jeuxenligne.jeux.fr/Gameshell/Ga ... meHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {FAB2BB9D-91E9-457E-9D42-75A7FCCBBC00} http://www.fingersnow.fr/plugin/DFusion ... taller.exe (CDFusionActiveXCtl Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 86.64.145.147 84.103.237.147
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = uppa.univ-pau.fr
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/04/14 14:00:00 | 000,000,110 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{3424f9b0-d838-11de-ad01-002564401356}\Shell - "" = AutoRun
O33 - MountPoints2\{3424f9b0-d838-11de-ad01-002564401356}\Shell\AutoRun\command - "" = F:\memorybar.exe -- File not found
O33 - MountPoints2\{49e4262b-00e4-11df-b543-002564401356}\Shell - "" = AutoRun
O33 - MountPoints2\{49e4262b-00e4-11df-b543-002564401356}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\{ae758248-3052-11df-a486-002564401356}\Shell\AutoRun\command - "" = F:\STADO\\dzogani.exe -- File not found
O33 - MountPoints2\{ae758248-3052-11df-a486-002564401356}\Shell\open\command - "" = F:\STADO\\dzogani.exe -- File not found
O33 - MountPoints2\{d2fb35be-d8cc-11de-a17e-002564401356}\Shell\AutoRun\command - "" = set21\ago1opa.exe
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\STADO\\dzogani.exe -- File not found
O33 - MountPoints2\F\Shell\open\command - "" = F:\STADO\\dzogani.exe -- File not found
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\STADO\\dzogani.exe -- File not found
O33 - MountPoints2\G\Shell\open\command - "" = G:\STADO\\dzogani.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2008/06/06 15:55:22 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

========== Files/Folders - Created Within 30 Days ==========

[2010/04/26 21:10:12 | 000,563,712 | ---- | C] (OldTimer Tools) -- C:\Users\amugler\Desktop\OTL.exe
[2010/04/26 19:03:10 | 000,000,000 | ---D | C] -- C:\Users\amugler\AppData\Roaming\Malwarebytes
[2010/04/26 19:03:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/26 19:02:58 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/26 19:02:58 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/04/26 19:02:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/04/26 19:02:16 | 005,918,768 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\amugler\Desktop\mbam-setup.exe
[2010/04/25 23:06:00 | 000,000,000 | ---D | C] -- C:\Users\amugler\AppData\Local\avG
[2010/04/25 23:06:00 | 000,000,000 | ---D | C] -- C:\ProgramData\avG
[2010/04/25 22:52:21 | 000,000,000 | ---D | C] -- C:\Users\amugler\AppData\Roaming\827A9A0400E033807ECF63CDE5B536F6
[2010/04/19 15:51:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office Outlook Connector
[2010/04/14 08:03:06 | 003,600,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/04/14 08:03:06 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/04/14 08:03:02 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010/04/14 08:02:59 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010/04/14 08:02:59 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2010/04/08 17:09:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2010/04/08 17:09:12 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2010/04/08 16:21:28 | 000,000,000 | ---D | C] -- C:\Users\amugler\Desktop\VirtualDubMod_1_5_10_2_All_inclusive
[2010/04/08 15:45:42 | 000,000,000 | ---D | C] -- C:\Users\amugler\AppData\Local\Broad Intelligence
[2010/04/08 15:39:48 | 000,000,000 | ---D | C] -- C:\Users\amugler\AppData\Roaming\Broad Intelligence
[2010/04/08 15:36:30 | 000,000,000 | ---D | C] -- C:\Users\amugler\Desktop\sons
[2010/04/08 15:22:21 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\Windows\System32\devil.dll
[2010/04/08 15:22:21 | 000,318,976 | ---- | C] (The Public) -- C:\Windows\System32\avisynth.dll
[2010/04/08 15:22:20 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2010/04/08 15:22:20 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\i420vfw.dll
[2010/04/08 15:22:20 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5
[2010/04/08 09:57:50 | 000,164,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COMCT232.OCX
[2010/04/08 09:56:11 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudFile.dll
[2010/04/08 09:56:11 | 001,212,416 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudioInfos.dll
[2010/04/08 09:56:11 | 000,479,232 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudioVisu.dll
[2010/04/08 09:56:11 | 000,458,752 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudPlayer.dll
[2010/04/08 09:56:11 | 000,454,656 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudioRecord.dll
[2010/04/08 09:56:11 | 000,417,792 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudDisplay.dll
[2010/04/08 09:56:11 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\WMAFile.dll
[2010/04/08 09:56:10 | 002,084,864 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudDesign.dll
[2010/04/08 09:56:10 | 000,224,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TABCTL32.OCX
[2010/04/08 09:56:10 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COMDLG32.OCX
[2010/04/08 09:56:10 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCMCFR.DLL
[2010/04/08 09:56:10 | 000,115,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinet.OCX
[2010/04/08 09:56:10 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB6STKIT.DLL
[2010/04/08 09:56:10 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mscc2fr.dll
[2010/04/08 09:56:10 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CMDLGFR.DLL
[2010/04/08 09:56:10 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TABCTFR.DLL
[2010/04/08 09:56:10 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetfr.DLL
[2010/04/08 09:56:09 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.dll
[2010/04/08 09:56:09 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr70.dll
[2010/04/08 09:56:09 | 000,000,000 | ---D | C] -- C:\Users\amugler\AppData\Roaming\FreeAudioPack
[2010/04/08 09:56:09 | 000,000,000 | ---D | C] -- C:\Program Files\Free Audio Pack
[2010/04/07 21:37:32 | 000,000,000 | ---D | C] -- C:\ProgramData\QuickMediaConverter
[2010/04/07 21:37:10 | 000,000,000 | ---D | C] -- C:\Users\amugler\AppData\Roaming\CocoonSoftware
[2010/04/07 21:36:59 | 000,000,000 | ---D | C] -- C:\Program Files\QuickMediaConverter
[2010/04/07 21:36:53 | 000,000,000 | ---D | C] -- C:\Users\amugler\AppData\Local\WDSetup
[2010/04/06 17:34:00 | 000,000,000 | ---D | C] -- C:\Users\amugler\Desktop\quiz total
[2010/04/02 22:25:51 | 000,000,000 | ---D | C] -- C:\Users\amugler\Desktop\l3 anneso
[2010/04/01 17:26:12 | 000,000,000 | ---D | C] -- C:\Program Files\Canal+
[2010/04/01 17:25:30 | 000,000,000 | ---D | C] -- C:\Users\amugler\AppData\Local\Downloaded Installations
[2010/04/01 17:25:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/03/31 15:24:33 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/03/31 15:24:33 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/03/31 15:24:33 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/03/31 15:24:33 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/03/31 15:24:33 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/03/31 15:24:33 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/03/31 15:24:33 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/03/31 15:24:33 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/03/31 15:24:33 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/03/31 15:24:33 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/03/31 15:24:33 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/03/31 15:24:33 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/03/31 15:24:33 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/03/31 15:24:33 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/03/31 15:24:33 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/03/30 20:01:56 | 000,000,000 | ---D | C] -- C:\Users\amugler\Documents\CV et lettre de motivation
[2010/03/30 19:54:57 | 000,000,000 | ---D | C] -- C:\Users\amugler\Documents\M1 SLT
[2010/03/29 22:15:08 | 000,000,000 | R--D | C] -- C:\Users\amugler\Documents\Scanned Documents
[2010/03/29 22:15:08 | 000,000,000 | ---D | C] -- C:\Users\amugler\Documents\Fax
[4 C:\Users\amugler\Documents\*.tmp files -> C:\Users\amugler\Documents\*.tmp -> ]
[1 C:\Users\amugler\Desktop\*.tmp files -> C:\Users\amugler\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/04/26 21:16:26 | 000,005,024 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/04/26 21:16:26 | 000,005,024 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/04/26 21:15:43 | 004,718,592 | -HS- | M] () -- C:\Users\amugler\NTUSER.DAT
[2010/04/26 21:12:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/04/26 21:10:23 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\Users\amugler\Desktop\OTL.exe
[2010/04/26 20:35:48 | 001,478,524 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/04/26 20:35:48 | 000,672,322 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/04/26 20:35:48 | 000,590,082 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/04/26 20:35:48 | 000,124,434 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/04/26 20:35:48 | 000,102,094 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/04/26 20:28:52 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/04/26 20:28:06 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/04/26 20:28:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/04/26 20:28:00 | 3181,760,512 | -HS- | M] () -- C:\hiberfil.sys
[2010/04/26 20:27:01 | 000,524,288 | -HS- | M] () -- C:\Users\amugler\NTUSER.DAT{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TMContainer00000000000000000001.regtrans-ms
[2010/04/26 20:27:01 | 000,065,536 | -HS- | M] () -- C:\Users\amugler\NTUSER.DAT{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TM.blf
[2010/04/26 20:26:56 | 002,890,705 | -H-- | M] () -- C:\Users\amugler\AppData\Local\IconCache.db
[2010/04/26 19:03:04 | 000,000,785 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/26 19:02:23 | 005,918,768 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\amugler\Desktop\mbam-setup.exe
[2010/04/25 23:05:45 | 000,011,864 | -HS- | M] () -- C:\Users\amugler\AppData\Local\UJ0QRjYY
[2010/04/25 23:05:45 | 000,011,864 | -HS- | M] () -- C:\ProgramData\UJ0QRjYY
[2010/04/25 22:52:14 | 000,149,504 | ---- | M] () -- C:\Windows\Ccagua.exe
[2010/04/25 22:40:35 | 000,000,432 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{93679CCF-B1E6-4198-945D-A41756C3CE7C}.job
[2010/04/23 22:37:36 | 000,078,336 | ---- | M] () -- C:\Users\amugler\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/22 15:04:39 | 000,027,648 | ---- | M] () -- C:\Users\amugler\Documents\lettre pour les différents partenaires.doc
[2010/04/22 14:58:13 | 000,052,224 | ---- | M] () -- C:\Users\amugler\Documents\opération à vos fourneaux, quartier libre.xls
[2010/04/21 16:25:23 | 000,008,058 | ---- | M] () -- C:\Users\amugler\Documents\evolution cac 40.gif
[2010/04/21 13:55:04 | 000,319,488 | ---- | M] () -- C:\Windows\System32\dgurxzaz.dll
[2010/04/21 13:54:17 | 000,000,162 | -H-- | M] () -- C:\Users\amugler\Documents\~$ qui se fait deja.doc
[2010/04/19 17:55:43 | 000,026,112 | ---- | M] () -- C:\Users\amugler\Documents\ce qui se fait deja.doc
[2010/04/15 16:13:27 | 000,171,119 | ---- | M] () -- C:\Users\amugler\Desktop\Bilan_OJS_2008_Foires_et_Salons1.pdf
[2010/04/15 15:40:17 | 000,010,263 | ---- | M] () -- C:\Users\amugler\Desktop\Marketing magazine.dotx
[2010/04/15 14:32:23 | 000,104,155 | ---- | M] () -- C:\Users\amugler\Desktop\aidlpc091100.zip
[2010/04/09 14:28:39 | 000,306,484 | ---- | M] () -- C:\Users\amugler\Desktop\dossier grenoble.pdf
[2010/04/09 10:26:48 | 000,221,155 | ---- | M] () -- C:\Users\amugler\Desktop\09c0d4b027179319e4512fe4222ab0f5.pdf
[2010/04/09 10:15:29 | 000,049,684 | ---- | M] () -- C:\Users\amugler\Desktop\Dossier_Mkt_Sport_Master2.pdf
[2010/04/08 09:57:50 | 000,001,065 | ---- | M] () -- C:\Users\amugler\Desktop\Easy Audio Cutter.lnk
[2010/04/08 09:57:50 | 000,001,049 | ---- | M] () -- C:\Users\amugler\Desktop\Free CD Ripper.lnk
[2010/04/08 09:57:50 | 000,001,047 | ---- | M] () -- C:\Users\amugler\Desktop\Free Mp3 Wma Converter.lnk
[2010/04/07 21:37:30 | 000,000,863 | ---- | M] () -- C:\Users\Public\Desktop\QUICKMEDIACONVERTER.lnk
[2010/04/07 09:54:31 | 000,000,162 | -H-- | M] () -- C:\Users\amugler\Desktop\~$estionnaire entier.doc
[2010/04/01 17:26:21 | 000,002,078 | ---- | M] () -- C:\Users\Public\Desktop\CANAL+ CANALSAT A LA DEMANDE.lnk
[2010/04/01 16:47:16 | 005,340,035 | ---- | M] () -- C:\Users\amugler\Desktop\Offre Velouté-Billet à 19 euros.pdf
[2010/03/30 16:55:28 | 000,002,860 | RHS- | M] () -- C:\Users\amugler\ntuser.pol
[2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/03/30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[4 C:\Users\amugler\Documents\*.tmp files -> C:\Users\amugler\Documents\*.tmp -> ]
[1 C:\Users\amugler\Desktop\*.tmp files -> C:\Users\amugler\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/04/26 19:03:04 | 000,000,785 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/26 00:16:42 | 3181,760,512 | -HS- | C] () -- C:\hiberfil.sys
[2010/04/25 22:53:24 | 000,011,864 | -HS- | C] () -- C:\Users\amugler\AppData\Local\UJ0QRjYY
[2010/04/25 22:53:24 | 000,011,864 | -HS- | C] () -- C:\ProgramData\UJ0QRjYY
[2010/04/25 22:52:25 | 000,149,504 | ---- | C] () -- C:\Windows\Ccagua.exe
[2010/04/21 16:25:43 | 000,008,058 | ---- | C] () -- C:\Users\amugler\Documents\evolution cac 40.gif
[2010/04/21 13:55:04 | 000,319,488 | ---- | C] () -- C:\Windows\System32\dgurxzaz.dll
[2010/04/21 13:54:17 | 000,000,162 | -H-- | C] () -- C:\Users\amugler\Documents\~$ qui se fait deja.doc
[2010/04/20 15:42:05 | 000,027,648 | ---- | C] () -- C:\Users\amugler\Documents\lettre pour les différents partenaires.doc
[2010/04/19 16:56:39 | 000,026,112 | ---- | C] () -- C:\Users\amugler\Documents\ce qui se fait deja.doc
[2010/04/19 16:53:24 | 000,052,224 | ---- | C] () -- C:\Users\amugler\Documents\opération à vos fourneaux, quartier libre.xls
[2010/04/15 16:13:27 | 000,171,119 | ---- | C] () -- C:\Users\amugler\Desktop\Bilan_OJS_2008_Foires_et_Salons1.pdf
[2010/04/15 15:40:16 | 000,010,263 | ---- | C] () -- C:\Users\amugler\Desktop\Marketing magazine.dotx
[2010/04/15 14:32:22 | 000,104,155 | ---- | C] () -- C:\Users\amugler\Desktop\aidlpc091100.zip
[2010/04/09 14:28:37 | 000,306,484 | ---- | C] () -- C:\Users\amugler\Desktop\dossier grenoble.pdf
[2010/04/09 10:26:48 | 000,221,155 | ---- | C] () -- C:\Users\amugler\Desktop\09c0d4b027179319e4512fe4222ab0f5.pdf
[2010/04/09 10:15:29 | 000,049,684 | ---- | C] () -- C:\Users\amugler\Desktop\Dossier_Mkt_Sport_Master2.pdf
[2010/04/08 15:22:20 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2010/04/08 09:57:50 | 000,001,065 | ---- | C] () -- C:\Users\amugler\Desktop\Easy Audio Cutter.lnk
[2010/04/08 09:57:50 | 000,001,049 | ---- | C] () -- C:\Users\amugler\Desktop\Free CD Ripper.lnk
[2010/04/08 09:57:50 | 000,001,047 | ---- | C] () -- C:\Users\amugler\Desktop\Free Mp3 Wma Converter.lnk
[2010/04/08 09:56:11 | 000,116,296 | ---- | C] () -- C:\Windows\System32\NCTWMAProfiles.prx
[2010/04/08 09:56:09 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2010/04/07 21:37:27 | 000,000,863 | ---- | C] () -- C:\Users\Public\Desktop\QUICKMEDIACONVERTER.lnk
[2010/04/07 09:54:31 | 000,000,162 | -H-- | C] () -- C:\Users\amugler\Desktop\~$estionnaire entier.doc
[2010/04/01 17:26:21 | 000,002,078 | ---- | C] () -- C:\Users\Public\Desktop\CANAL+ CANALSAT A LA DEMANDE.lnk
[2010/04/01 16:46:56 | 005,340,035 | ---- | C] () -- C:\Users\amugler\Desktop\Offre Velouté-Billet à 19 euros.pdf
[2009/12/02 21:27:19 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009/09/14 10:14:06 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2008/06/09 10:54:45 | 000,000,280 | ---- | C] () -- C:\Windows\System32\epoPGPsdk.dll.sig
[2008/06/06 14:52:35 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1322.dll
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2008/01/18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/18 23:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/18 23:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: IASTOR.SYS >
[2008/08/31 20:15:54 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Drivers\Drivers\storage\R197861\IaStor.sys

< MD5 for: IASTORV.SYS >
[2008/01/18 23:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/18 23:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2006/11/02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009/04/10 23:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/10 23:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/18 23:35:38 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/18 23:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/18 23:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/18 23:36:20 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009/04/10 23:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/10 23:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/04/10 23:28:20 | 000,130,560 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dhcpcsvc6.dll
[2009/03/08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009/03/08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2009/04/10 23:28:22 | 000,091,648 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\IPHLPAPI.DLL
[2006/11/02 11:46:12 | 000,010,240 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rasadhlp.dll
[2009/04/10 23:27:48 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009/04/10 23:28:24 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
[2009/04/10 23:28:26 | 000,443,392 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\win32spl.dll
[2008/01/18 23:36:56 | 000,014,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\winnsi.dll
[2008/01/18 23:37:12 | 000,009,216 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\wship6.dll
[2008/01/18 23:37:12 | 000,009,216 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\WSHTCPIP.DLL

< %systemroot%\Tasks\*.job /lockedfiles >
< End of report >


et voici le rapport extra :

OTL Extras logfile created on: 26/04/2010 21:15:36 - Run 1
OTL by OldTimer - Version 3.2.3.0 Folder = C:\Users\amugler\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,03 Gb Total Space | 77,37 Gb Free Space | 51,92% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 686,44 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DEG3701
Current User Name: amugler
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A7D95C3-B3A3-4A17-A843-AAC21A351C8A}" = lport=137 | protocol=17 | dir=in | app=system |
"{0ECA1278-D0AA-4E09-B7D1-FB2B5149467B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{2BA9EC70-EAEC-412C-8DAF-FD715A9D153A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{433B6C49-C05A-4502-A09E-6619122465D6}" = lport=15007 | protocol=6 | dir=in | name=bitcomet 15007 tcp |
"{48F2E1D5-705B-43B1-A18C-CB1405E7C64B}" = rport=139 | protocol=6 | dir=out | app=system |
"{49FBCE0A-634C-44C6-AFE7-EC7D267ED2A8}" = lport=15007 | protocol=17 | dir=in | name=bitcomet 15007 udp |
"{5A3128FA-09A8-4EFF-AFD5-268A4554DFAB}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{5E5C7948-13AC-4024-B44C-CC9088621360}" = lport=15007 | protocol=6 | dir=in | name=bitcomet 15007 tcp |
"{5F401090-2418-4BBA-B181-F27E7362169D}" = lport=139 | protocol=6 | dir=in | app=system |
"{6EED4D9A-6040-4A68-80E5-67C980E1A043}" = lport=445 | protocol=6 | dir=in | app=system |
"{7F49565D-B453-42B2-A9A8-2CD4CAED269A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{81280402-83AF-443B-A045-A309BDC7EEC6}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{842B2C86-7437-43C4-8F70-2CB57403E73B}" = lport=15007 | protocol=17 | dir=in | name=bitcomet 15007 udp |
"{9705AAA5-94F5-4FE3-BC26-7A21D9260A08}" = lport=15007 | protocol=6 | dir=in | name=bitcomet 15007 tcp |
"{A094207F-5918-4950-93BF-51B2D378166A}" = lport=15007 | protocol=17 | dir=in | name=bitcomet 15007 udp |
"{A7254F8E-7FCC-4F4C-BF29-685D5F973F5F}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp |
"{B8C80864-6294-4F5A-9563-BBC45F20BD91}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CEABE862-2FC8-4727-B8F7-7E735E4890DC}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D0E3E761-1286-4F51-91F9-15EA2BFCEFEB}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |
"{D1F46DDA-6220-4015-96B1-F28D763CB2DC}" = rport=137 | protocol=17 | dir=out | app=system |
"{D447FF3B-BB13-4098-8B3C-2CF47EFD6D38}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D527C898-4368-4D4C-978F-9AF3D7FDE78E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D9DC16D3-3B96-42EE-96B9-87B49E7CE157}" = lport=138 | protocol=17 | dir=in | app=system |
"{E1F19E34-C160-493A-8AD9-D15AB2EC868B}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E8C685B6-DBC1-411C-9EF8-BA02F8F5E423}" = rport=445 | protocol=6 | dir=out | app=system |
"{EB52E772-F0E1-487F-AA20-E6C99BAEC5A1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F1B09704-B607-475A-95D6-CF67CD686C44}" = rport=138 | protocol=17 | dir=out | app=system |
"{FE8EDA94-A45B-4406-B36B-D29B23B6321A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FE91C4B8-A1E3-4E9B-A666-C2578F677913}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02A83B19-1CC7-4E00-A44E-B5020FEC52B7}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{03E00F91-3B60-48AD-8A43-DD83DF7FA64A}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{063B048C-92B8-495F-9F78-00B53B9BD235}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{099D2E8F-38E0-41C4-A4AA-A822A9BBBD3D}" = protocol=6 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe |
"{1688B61C-9A78-4630-A481-C7E407B2221D}" = protocol=17 | dir=in | app=c:\program files\cyanide\pro cycling manager - season 2009\autorun\exe\autorun.exe |
"{16F734E1-7A7C-4C3F-8803-C74D1F047E8A}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{193A7C60-5C6B-42B8-9675-A8639147E22A}" = protocol=6 | dir=in | app=c:\program files\cyanide\pro cycling manager - season 2009\autorun\exe\autorun.exe |
"{20097FB7-E650-484F-9656-A03B793F8AA0}" = protocol=17 | dir=in | app=c:\program files\symantec\ghost\ngctw32.exe |
"{240225FC-9E29-43C4-9F25-AFD1D681D3E5}" = protocol=6 | dir=in | app=c:\program files\cyanide\pro cycling manager - season 2009\pcm.exe |
"{2CF7D792-B0EC-4C08-9525-0B3F39D61BC7}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{309D4937-D301-4792-9EFD-0A484E2A5501}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{328A283D-DF4B-4AE2-A7E2-C69E3C1EF54B}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{36445F59-F13A-4AFE-B9D1-64ECBFB3CFB8}" = protocol=17 | dir=in | app=c:\program files\cyanide\gamecenter\gamecenter.exe |
"{388B111F-B9CC-45D7-B541-EC02EEC33E22}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4231EED8-F404-40A0-B5E6-35FE530126EA}" = protocol=6 | dir=in | app=c:\program files\cyanide\gamecenter\gamecenter.exe |
"{4442C51D-B6A7-41F8-AC1A-A36D78A230AC}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{470EBB5F-82F1-44D5-9E2F-7C1CD04FADE0}" = protocol=6 | dir=in | app=c:\program files\mcafee\common framework\frameworkservice.exe |
"{47DB9F29-4ED8-4D2B-8584-1B987DFFDE69}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{484F2704-D297-4239-9A9B-2FB849C370B0}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{4C3DAF9A-D5E6-4C7E-B216-ABDFB96BE3D1}" = protocol=17 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe |
"{4EB3D60E-6A19-4CF8-822E-57362918AD91}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{6360F6F8-0D97-4EC2-9C5D-011C48282410}" = protocol=6 | dir=in | app=c:\program files\konami\pro evolution soccer 2010\pes2010.exe |
"{675690F0-D9D2-4211-A839-23199DFAD12F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{710F2748-2240-4B60-9D0C-C5B32903DB85}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{72524024-8A4A-4E9A-A717-705BF615D369}" = protocol=17 | dir=in | app=c:\program files\cyanide\pro cycling manager - season 2009\pcm.exe |
"{7AA251A2-EF39-4517-AC04-876232538D8E}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{7EAC6929-14CC-41CB-8140-D6131C7372AE}" = protocol=6 | dir=in | app=c:\program files\konami\pro evolution soccer 2010\pes2010.exe |
"{88671673-C48B-4E91-90A3-B654D8225827}" = protocol=6 | dir=in | app=c:\program files\symantec\ghost\ngctw32.exe |
"{8CE6DAB8-AC3E-4149-AA19-2C544AF0296A}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{A08E5200-F83E-47A2-8F40-76A81AF59258}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A7385ADA-8E0B-4F72-9545-E4A9CCD31724}" = protocol=6 | dir=in | app=c:\program files\konami\pro evolution soccer 2010\pes2010.exe |
"{A741065F-0278-4532-B6CC-114E9AA9BB30}" = protocol=17 | dir=in | app=c:\program files\symantec\ghost\ngctw32.exe |
"{A967F337-F12E-45D1-B4E5-9ECC77BA0876}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{B3827C49-72EE-4914-B322-A4886A8C5808}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B67860ED-C0BF-462A-9F2C-F96095819463}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{B92916F2-1C96-49F6-9C7D-85C18033EAA7}" = protocol=6 | dir=in | app=c:\program files\mcafee\common framework\frameworkservice.exe |
"{BE56160D-6425-4479-A3D1-1D7ECCD313B6}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{C058FD4A-FEDF-437F-B6CC-8156B10085D3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C4376A24-FF93-4610-B52B-E34595780610}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{C4DBD781-0807-4B96-AE9E-B45C2B5D72FF}" = protocol=17 | dir=in | app=c:\program files\konami\pro evolution soccer 2010\pes2010.exe |
"{CB977BFF-EE48-4FA6-8073-EA34DF4400B5}" = protocol=6 | dir=in | app=c:\program files\symantec\ghost\ngctw32.exe |
"{DF3F8049-1C58-4FE4-8111-74FB0D686226}" = protocol=17 | dir=in | app=c:\program files\konami\pro evolution soccer 2010\pes2010.exe |
"{E715B1E1-3701-4E7C-A584-59CC53884BBF}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{E84B50E5-EFF5-46CB-B54E-63706FF12F48}" = protocol=17 | dir=in | app=c:\program files\konami\pro evolution soccer 2010\pes2010.exe |
"{EB80A52B-9B7C-40B8-91A7-723019A00E46}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{F26660EB-6038-4C11-8D15-4E1F4F249C95}" = protocol=17 | dir=in | app=c:\program files\mcafee\common framework\frameworkservice.exe |
"{FBDC19CA-3E60-43E0-BE50-BB2C102F187B}" = protocol=17 | dir=in | app=c:\program files\mcafee\common framework\frameworkservice.exe |
"TCP Query User{5D8259D8-3C08-4967-9A31-A01A4024306A}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{90A5BA94-7EA7-4C5B-AEDC-F11CCAB53C99}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{D164ED65-A048-4439-AD7C-C2E17D895043}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{FBE5BBA5-8DEA-4A80-AE86-8543A905A23F}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{2E98A7E6-FE53-4E15-AEC3-5C94C5F6B554}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{339B68FA-E300-4C2D-86F6-791878D405A0}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{35DD01EA-6FA1-489C-B2E4-7604C70EF801}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{E9CFA7CE-42F9-4C0F-9D60-EA82DD04C051}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04DA096D-6236-4A5D-8FB6-3081E67009BA}" = CANAL+ CANALSAT A LA DEMANDE
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160" = Canon MP160
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010
"{2FB77281-4FBC-49B5-0BEF-8D63B7666080}" = Symantec Ghost Console Client
"{35C03C04-3F1F-42C2-A989-A757EE691F65}" = McAfee VirusScan Enterprise
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0017-0000-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer 2007
"{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{E1C33B03-3FE9-45BF-91E4-0266F38618C6}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0017-040C-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (French) 2007
"{90120000-0017-040C-0000-0000000FF1CE}_SharePointDesigner_{CCDA3DD6-E33D-4D75-B7C9-FF585580CE83}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}_SharePointDesigner_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_SharePointDesigner_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_SharePointDesigner_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_SharePointDesigner_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}_SharePointDesigner_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_SharePointDesigner_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}_SharePointDesigner_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B2-040C-0000-0000000FF1CE}" = Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1036-7B44-A90000000001}" = Adobe Reader 9 - Français
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Les Sims™ 3
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Audacity_is1" = Audacity 1.2.6
"BetClic Poker" = BetClic Poker
"D'Fusion @Home Web Plug-In" = Total Immersion D'Fusion @Home Web Plug-In
"eMule" = eMule
"FileZilla" = FileZilla (remove only)
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.9
"Free Video Dub_is1" = Free Video Dub version 1.5
"GameCenter" = GameCenter
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"LimeWire" = LimeWire PRO 5.0.11
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"PROPLUS" = Microsoft Office Professional Plus 2007
"PROSet" = Intel(R) PRO Network Connections Drivers
"SharePointDesigner" = Microsoft Office SharePoint Designer 2007
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"VLC media player" = VLC media player 0.9.6
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = Logiciel d'archivage WinRAR

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QUICKMEDIACONVERTER" = QMC

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 19/04/2010 09:46:53 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = VSS | ID = 8193
Description =

Error - 19/04/2010 09:51:12 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = VSS | ID = 8193
Description =

Error - 19/04/2010 09:54:09 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = Windows Search Service | ID = 3024
Description =

Error - 19/04/2010 10:57:34 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = Application Hang | ID = 1002
Description = Le programme OUTLOOK.EXE version 12.0.6514.5000 a cessé d’interagir
avec Windows et a été fermé. Pour déterminer si des informations supplémentaires
sont disponibles, consultez l’historique du problème dans l’application Rapports
et solutions aux problèmes du Panneau de configuration. ID de processus : 3a8 Heure
de début : 01cadfd060e90e7e Heure de fin : 107

Error - 19/04/2010 14:16:27 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = Google Update | ID = 20
Description =

Error - 20/04/2010 03:08:47 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = VSS | ID = 8193
Description =

Error - 20/04/2010 05:10:40 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = Application Error | ID = 1000
Description = Application défaillante WINWORD.EXE, version 12.0.6514.5000, horodatage
0x4a89d533, module défaillant oart.dll, version 12.0.6425.1000, horodatage 0x49d64f6c,
code d’exception 0xc0000005, décalage d’erreur 0x0000849d, ID du processus 0x14bc,
heure de début de l’application 0x01cae069019a5b28.

Error - 21/04/2010 05:47:30 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = Application Error | ID = 1000
Description = Application défaillante WINWORD.EXE, version 12.0.6514.5000, horodatage
0x4a89d533, module défaillant unknown, version 0.0.0.0, horodatage 0x00000000,
code d’exception 0xc0000005, décalage d’erreur 0x57b42dcb, ID du processus 0x156c,
heure de début de l’application 0x01cae1379106020e.

Error - 21/04/2010 08:00:31 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = Application Hang | ID = 1002
Description = Le programme WINWORD.EXE version 12.0.6514.5000 a cessé d’interagir
avec Windows et a été fermé. Pour déterminer si des informations supplémentaires
sont disponibles, consultez l’historique du problème dans l’application Rapports
et solutions aux problèmes du Panneau de configuration. ID de processus : 3ec Heure
de début : 01cae1495c505070 Heure de fin : 65

Error - 21/04/2010 10:26:34 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = Application Error | ID = 1000
Description = Application défaillante WINWORD.EXE, version 12.0.6514.5000, horodatage
0x4a89d533, module défaillant mso.dll, version 12.0.6529.5000, horodatage 0x4b6a5a0c,
code d’exception 0xc0000005, décalage d’erreur 0x000c5c5a, ID du processus 0xdc4,
heure de début de l’application 0x01cae15b3e6461c0.

[ Canal+ Events ]
Error - 25/04/2010 16:25:26 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = VideoOnDemand | ID = 0
Description = Application.UpdateCore : Balisage DTD attendu introuvable. Ligne 2,
position 3.

Error - 25/04/2010 16:25:27 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = VideoOnDemand | ID = 0
Description = Application.UpdateWidget : Balisage DTD attendu introuvable. Ligne
2, position 3.

Error - 26/04/2010 06:29:35 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = VideoOnDemand | ID = 0
Description = Application.UpdateCore : Balisage DTD attendu introuvable. Ligne 2,
position 3.

Error - 26/04/2010 06:29:36 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = VideoOnDemand | ID = 0
Description = Application.UpdateWidget : Balisage DTD attendu introuvable. Ligne
2, position 3.

Error - 26/04/2010 07:24:26 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = VideoOnDemand | ID = 0
Description = Application.UpdateCore : Balisage DTD attendu introuvable. Ligne 2,
position 3.

Error - 26/04/2010 07:24:26 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = VideoOnDemand | ID = 0
Description = Application.UpdateWidget : Balisage DTD attendu introuvable. Ligne
2, position 3.

Error - 26/04/2010 12:36:58 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = VideoOnDemand | ID = 0
Description = Application.UpdateWidget : Balisage DTD attendu introuvable. Ligne
2, position 3.

Error - 26/04/2010 12:47:06 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = VideoOnDemand | ID = 0
Description = Application.UpdateCore : Balisage DTD attendu introuvable. Ligne 2,
position 3.

Error - 26/04/2010 12:47:07 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = VideoOnDemand | ID = 0
Description = Application.UpdateWidget : Balisage DTD attendu introuvable. Ligne
2, position 3.

Error - 26/04/2010 12:47:37 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = VideoOnDemand | ID = 0
Description = CustomerManager.Authenticate : Le délai d'attente de l'opération a
expiré.

[ OSession Events ]
Error - 07/04/2010 08:40:41 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10072
seconds with 840 seconds of active time. This session ended with a crash.

Error - 07/04/2010 08:41:11 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 18
seconds with 0 seconds of active time. This session ended with a crash.

Error - 08/04/2010 03:08:49 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 129
seconds with 120 seconds of active time. This session ended with a crash.

Error - 08/04/2010 03:09:42 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 48
seconds with 0 seconds of active time. This session ended with a crash.

Error - 13/04/2010 09:10:50 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10
seconds with 0 seconds of active time. This session ended with a crash.

Error - 13/04/2010 09:11:27 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14
seconds with 0 seconds of active time. This session ended with a crash.

Error - 13/04/2010 09:12:10 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 24
seconds with 0 seconds of active time. This session ended with a crash.

Error - 20/04/2010 05:10:38 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 145
seconds with 120 seconds of active time. This session ended with a crash.

Error - 21/04/2010 05:47:29 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 39
seconds with 0 seconds of active time. This session ended with a crash.

Error - 21/04/2010 10:26:33 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1460
seconds with 240 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 26/04/2010 12:46:28 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = Service Control Manager | ID = 7000
Description =

Error - 26/04/2010 12:46:28 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = Service Control Manager | ID = 7026
Description =

Error - 26/04/2010 14:26:46 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = Service Control Manager | ID = 7034
Description =

Error - 26/04/2010 14:28:07 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = NETLOGON | ID = 5719
Description = Cet ordinateur n'a pas pu configurer une session sécurisée avec un
contrôleur de domaine dans le domaine UPPA pour la raison suivante : %%1311 Cela
peut entraîner des problèmes d'authentification. Vérifiez que cet ordinateur est
connecté au réseau. Si le problème persiste, contactez votre administrateur de domaine.



INFORMATIONS
SUPPLÉMENTAIRES Si cet ordinateur est un contrôleur de domaine pour le domaine spécifié,
il installe la session sécurisée sur l'émulateur de contrôleur de domaine principal
dans le domaine spécifié. Sinon, cet ordinateur installe la session sécurisée sur
n'importe quel contrôleur de domaine du domaine spécifié.

Error - 26/04/2010 14:28:36 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = Microsoft-Windows-GroupPolicy | ID = 1129
Description = Échec du traitement de la stratégie de groupe en raison d’une absence
de connectivité réseau vers un contrôleur de domaine. Il peut s’agir d’un problème
temporaire. Un message de réussite est généré une fois que l’ordinateur est connecté
au contrôleur de domaine et que la stratégie de groupe est correctement traitée.
Si aucun message de réussite ne s’affiche pendant plusieurs heures, contactez votre
administrateur.

Error - 26/04/2010 14:28:50 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = Microsoft-Windows-GroupPolicy | ID = 1129
Description = Échec du traitement de la stratégie de groupe en raison d’une absence
de connectivité réseau vers un contrôleur de domaine. Il peut s’agir d’un problème
temporaire. Un message de réussite est généré une fois que l’ordinateur est connecté
au contrôleur de domaine et que la stratégie de groupe est correctement traitée.
Si aucun message de réussite ne s’affiche pendant plusieurs heures, contactez votre
administrateur.

Error - 26/04/2010 14:29:43 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = Service Control Manager | ID = 7000
Description =

Error - 26/04/2010 14:29:43 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = Service Control Manager | ID = 7000
Description =

Error - 26/04/2010 14:29:43 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = Service Control Manager | ID = 7000
Description =

Error - 26/04/2010 14:29:43 | Computer Name = DEG3701.uppa.univ-pau.fr | Source = Service Control Manager | ID = 7026
Description =


< End of report >


Voila
Merci beaucoup pour votre aide
yanke64
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 16
Inscription: 26 Avr 2010 13:56
 

Re: antimalware doctor

Message le 26 Avr 2010 20:58

Ok deux choses pas trop net donc a vérifier1

Télécharger LopS&D.exe sur ton Bureau
Tuto

• Double-clique dessus pour lancer l'installation

• Puis double-clique sur le raccourci Lop S&D présent sur ton bureau Image

• Sélectionne la langue souhaitée, puis choisis l'Option 2

• Patiente jusqu'à la fin du scan

• Poste le rapport généré (C:\lopR.txt)


Ensuite ceci.

Télécharge USBFix depuis ce lien : <<ICI>>

Place l'icône d'installation sur le bureau

Double-cliquez sur l'icône USBFix.exe pour le lancer.

Branche tes lecteurs externes

Choisi option 2
Une fois l'analyse terminée, un rapport de scan vous est proposé... appuyez sur une touche pour ouvrir ce rapport.
CTRL+A pour tout sélectionner
CTRL+C pour copier
CTRL+V pour coller dans la réponse


Remets ici le rapport qui s'affichera.
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: antimalware doctor

Message le 27 Avr 2010 12:39

Voici le rapport Lopr


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Professionnel ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Pentium(R) Dual-Core CPU T4200 @ 2.00GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A07
USER : amugler ( Administrator )
BOOT : Normal boot
Antivirus : McAfee VirusScan Enterprise 8.5.0.781 (Activated)
C:\ (Local Disk) - NTFS - Total:149 Go (Free:77 Go)
D:\ (CD or DVD)
E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 27/04/2010|13:22 )

[ UAC => 0 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\Users\amugler\AppData\Roaming\MICROS~1\Windows\Cookies\amugler@advertstream[1].txt
Supprime! - C:\Users\amugler\AppData\Roaming\MICROS~1\Windows\Cookies\amugler@advertstream[3].txt
Supprime! - C:\Users\amugler\AppData\Roaming\MICROS~1\Windows\Cookies\amugler@d2.advertserve[1].txt
Supprime! - C:\Users\amugler\AppData\Roaming\MICROS~1\Windows\Cookies\amugler@advertising[1].txt
Supprime! - C:\Users\amugler\AppData\Roaming\MICROS~1\Windows\Cookies\amugler@advertising[2].txt
Supprime! - C:\Users\amugler\AppData\Roaming\MICROS~1\Windows\Cookies\amugler@advertising[3].txt
Supprime! - C:\Users\amugler\AppData\Roaming\MICROS~1\Windows\Cookies\amugler@ero-advertising[1].txt
Supprime! - C:\Users\amugler\AppData\Roaming\MICROS~1\Windows\Cookies\amugler@bigpoint[2].txt
Supprime! - C:\Users\amugler\AppData\Roaming\MICROS~1\Windows\Cookies\amugler@fr.farmerama.bigpoint[1].txt
Supprime! - C:\Users\amugler\AppData\Roaming\MICROS~1\Windows\Cookies\amugler@fr.partypoker[1].txt
Supprime! - C:\Users\amugler\AppData\Roaming\MICROS~1\Windows\Cookies\amugler@partypoker[2].txt
Supprime! - C:\Users\amugler\AppData\Roaming\MICROS~1\Windows\Cookies\amugler@2xmoinscher[4].txt
Supprime! - C:\Users\amugler\AppData\Roaming\MICROS~1\Windows\Cookies\amugler@www.2xmoinscher[2].txt
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans Local

[21/11/2009|10:57] C:\Users\amugler\AppData\Local\Adobe
[19/12/2009|01:44] C:\Users\amugler\AppData\Local\Apple
[19/12/2009|01:49] C:\Users\amugler\AppData\Local\Apple Computer
[20/11/2009|12:41] C:\Users\amugler\AppData\Local\Application Data
[25/04/2010|23:06] C:\Users\amugler\AppData\Local\avG
[05/01/2010|11:09] C:\Users\amugler\AppData\Local\Boss Media
[08/04/2010|15:45] C:\Users\amugler\AppData\Local\Broad Intelligence
[23/04/2010|22:37] C:\Users\amugler\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[01/04/2010|17:25] C:\Users\amugler\AppData\Local\Downloaded Installations
[28/11/2009|12:48] C:\Users\amugler\AppData\Local\eMule
[24/02/2010|11:57] C:\Users\amugler\AppData\Local\GDIPFONTCACHEV1.DAT
[10/02/2010|11:28] C:\Users\amugler\AppData\Local\Google
[20/11/2009|12:41] C:\Users\amugler\AppData\Local\Historique
[27/04/2010|08:38] C:\Users\amugler\AppData\Local\IconCache.db
[19/04/2010|15:49] C:\Users\amugler\AppData\Local\Microsoft
[11/12/2009|20:46] C:\Users\amugler\AppData\Local\Microsoft Help
[27/04/2010|13:22] C:\Users\amugler\AppData\Local\Temp
[20/11/2009|12:41] C:\Users\amugler\AppData\Local\Temporary Internet Files
[25/04/2010|23:05] C:\Users\amugler\AppData\Local\UJ0QRjYY
[07/04/2010|21:36] C:\Users\amugler\AppData\Local\WDSetup

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[27/04/2010 13:18][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[27/04/2010 13:17][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[27/04/2010 08:37][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{93679CCF-B1E6-4198-945D-A41756C3CE7C}.job
[27/04/2010 12:51][--ah-----] C:\Windows\tasks\SA.DAT
[27/04/2010 10:42][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[19/12/2009|01:47] C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[01/04/2010|17:25] C:\ProgramData\Adobe
[19/12/2009|01:42] C:\ProgramData\Apple
[19/12/2009|01:46] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[25/04/2010|23:06] C:\ProgramData\avG
[05/01/2010|11:09] C:\ProgramData\Boss Media
[06/06/2008|14:38] C:\ProgramData\Bureau
[08/03/2010|09:37] C:\ProgramData\CanonBJ
[02/12/2009|21:25] C:\ProgramData\DAEMON Tools Lite
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[21/12/2009|12:45] C:\ProgramData\Electronic Arts
[28/11/2009|12:48] C:\ProgramData\eMule
[06/06/2008|14:38] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[21/11/2009|01:27] C:\ProgramData\Google
[02/12/2009|22:50] C:\ProgramData\KONAMI
[14/09/2009|11:20] C:\ProgramData\ma-config.com
[26/04/2010|19:02] C:\ProgramData\Malwarebytes
[09/06/2008|10:55] C:\ProgramData\McAfee
[06/06/2008|14:38] C:\ProgramData\Menu D‚marrer
[23/11/2009|19:15] C:\ProgramData\Microsoft
[15/04/2010|08:30] C:\ProgramData\Microsoft Help
[06/06/2008|14:38] C:\ProgramData\ModŠles
[15/03/2010|10:19] C:\ProgramData\ntuser.pol
[07/04/2010|21:37] C:\ProgramData\QuickMediaConverter
[02/11/2006|15:02] C:\ProgramData\Start Menu
[02/11/2006|15:02] C:\ProgramData\Templates
[25/04/2010|23:05] C:\ProgramData\UJ0QRjYY
[25/01/2010|20:20] C:\ProgramData\Zylom

--------------------\\ Listing des dossiers dans C:\Program Files

[09/09/2009|09:39] C:\Program Files\Adobe
[19/12/2009|01:44] C:\Program Files\Apple Software Update
[24/03/2010|17:27] C:\Program Files\Audacity
[08/04/2010|15:22] C:\Program Files\AviSynth 2.5
[30/03/2010|21:18] C:\Program Files\BetClic Poker
[19/12/2009|01:45] C:\Program Files\Bonjour
[01/04/2010|17:26] C:\Program Files\Canal+
[08/03/2010|09:35] C:\Program Files\CanonBJ
[08/04/2010|17:09] C:\Program Files\Common Files
[04/01/2010|22:54] C:\Program Files\Cyanide
[02/12/2009|21:27] C:\Program Files\DAEMON Tools Lite
[08/04/2010|17:09] C:\Program Files\DVDVideoSoft
[19/12/2009|11:17] C:\Program Files\Electronic Arts
[28/11/2009|12:48] C:\Program Files\eMule
[06/06/2008|14:38] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[09/06/2008|11:01] C:\Program Files\FileZilla
[08/04/2010|09:57] C:\Program Files\Free Audio Pack
[31/01/2010|00:56] C:\Program Files\Google
[19/12/2009|11:06] C:\Program Files\InstallShield Installation Information
[16/06/2008|11:04] C:\Program Files\Intel
[01/04/2010|07:23] C:\Program Files\Internet Explorer
[19/12/2009|01:46] C:\Program Files\iPod
[19/12/2009|01:47] C:\Program Files\iTunes
[21/12/2009|12:50] C:\Program Files\Java
[02/12/2009|22:50] C:\Program Files\KONAMI
[21/12/2009|12:50] C:\Program Files\LimeWire
[14/09/2009|11:20] C:\Program Files\ma-config.com
[26/04/2010|19:03] C:\Program Files\Malwarebytes' Anti-Malware
[09/06/2008|10:54] C:\Program Files\McAfee
[23/11/2009|19:22] C:\Program Files\Microsoft
[20/11/2009|17:08] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[09/06/2008|11:12] C:\Program Files\Microsoft Office
[19/04/2010|15:51] C:\Program Files\Microsoft Office Outlook Connector
[21/01/2010|12:08] C:\Program Files\Microsoft Silverlight
[06/06/2008|17:01] C:\Program Files\Microsoft Visual Studio
[06/06/2008|16:58] C:\Program Files\Microsoft Visual Studio 8
[21/11/2009|01:38] C:\Program Files\Microsoft Works
[19/12/2009|11:15] C:\Program Files\Microsoft WSE
[06/06/2008|17:00] C:\Program Files\Microsoft.NET
[11/03/2010|13:42] C:\Program Files\Movie Maker
[08/04/2010|17:35] C:\Program Files\Mozilla Firefox
[06/06/2008|17:01] C:\Program Files\MSBuild
[19/04/2010|15:46] C:\Program Files\MSECache
[07/04/2010|21:50] C:\Program Files\QuickMediaConverter
[19/12/2009|01:45] C:\Program Files\QuickTime
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[18/09/2009|11:12] C:\Program Files\Symantec
[10/03/2010|15:19] C:\Program Files\Total Immersion
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[16/03/2010|16:21] C:\Program Files\uTorrent
[09/09/2009|09:47] C:\Program Files\VideoLAN
[14/09/2009|10:25] C:\Program Files\Windows Calendar
[14/09/2009|10:24] C:\Program Files\Windows Collaboration
[14/09/2009|10:24] C:\Program Files\Windows Defender
[14/09/2009|10:24] C:\Program Files\Windows Journal
[23/11/2009|19:22] C:\Program Files\Windows Live
[23/11/2009|19:22] C:\Program Files\Windows Live SkyDrive
[15/04/2010|08:32] C:\Program Files\Windows Mail
[20/11/2009|12:53] C:\Program Files\Windows Media Player
[06/06/2008|14:38] C:\Program Files\Windows NT
[14/09/2009|10:24] C:\Program Files\Windows Photo Gallery
[20/11/2009|13:11] C:\Program Files\Windows Portable Devices
[14/09/2009|10:24] C:\Program Files\Windows Sidebar
[21/11/2009|00:48] C:\Program Files\WinRAR

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[09/09/2009|09:39] C:\Program Files\Common Files\Adobe
[01/04/2010|17:25] C:\Program Files\Common Files\Adobe AIR
[19/12/2009|01:46] C:\Program Files\Common Files\Apple
[09/06/2008|10:54] C:\Program Files\Common Files\Cisco Systems
[06/06/2008|17:01] C:\Program Files\Common Files\DESIGNER
[08/04/2010|17:09] C:\Program Files\Common Files\DVDVideoSoft
[20/11/2009|23:16] C:\Program Files\Common Files\InstallShield
[09/06/2008|10:52] C:\Program Files\Common Files\McAfee
[19/12/2009|11:14] C:\Program Files\Common Files\microsoft shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[18/09/2009|11:12] C:\Program Files\Common Files\Symantec Shared
[19/04/2010|15:51] C:\Program Files\Common Files\System
[23/11/2009|19:15] C:\Program Files\Common Files\Windows Live

--------------------\\ Process

( 64 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-27 13:22:47
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:676][D:28]-> C:\Users\amugler\AppData\Local\Temp
[F:1876][D:1]-> C:\Users\amugler\AppData\Roaming\MICROS~1\Windows\Cookies
[F:3584][D:23]-> C:\Users\amugler\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:162][D:25]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 27/04/2010|13:24 - Option : [2]

Je ferais l'autre rapport ce soir car je part au travail
Merci beaucoup pour votre aide
yanke64
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 16
Inscription: 26 Avr 2010 13:56
 

Re: antimalware doctor

Message le 27 Avr 2010 18:10

Pour usbfix, je ne trouve pas le rapport j'ai fait le choix 2 et à la fin il a redémarré l'ordinateur et aucun rapport n'est aparru
Comment je dois faire pour avoir le rapport
Merci
yanke64
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 16
Inscription: 26 Avr 2010 13:56
 

Re: antimalware doctor

Message le 27 Avr 2010 18:36

yanke64 a écrit:Pour usbfix, je ne trouve pas le rapport j'ai fait le choix 2 et à la fin il a redémarré l'ordinateur et aucun rapport n'est aparru
Comment je dois faire pour avoir le rapport
Merci



Tu as regardé a la racine de c: ! c'est a dire un rapport .txt appelé usbfix.txt
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: antimalware doctor

Message le 27 Avr 2010 18:41

Dis moi tu peux regarder ce que contiens ce dossier.

C:\ProgramData\UJ0QRjYY

Il est possible que se soit un fichier caché donc pour le faire apparaitre.

Ouvrir un dossier, n'importe lequel. Aller dans :
Outils/Options des dossiers/Affichage et
- cocher "afficher les dossiers et fichiers cachés",
- décocher "masquer les extensions des fichiers dont le type est connu".
- décocher masquer les fichiers protégés du système d'exploitation (recommandé)"
"appliquer" et "ok"
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: antimalware doctor

Message le 27 Avr 2010 18:43

non je ne trouve aucun fichier .txt
yanke64
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 16
Inscription: 26 Avr 2010 13:56
 

Re: antimalware doctor

Message le 27 Avr 2010 18:49

Je dois l'ouvrir avec quel logiciel ? Car ils me le demandent et je ne sais pas
yanke64
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 16
Inscription: 26 Avr 2010 13:56
 

Re: antimalware doctor

Message le 27 Avr 2010 18:51

yanke64 a écrit:Je dois l'ouvrir avec quel logiciel ? Car ils me le demandent et je ne sais pas



J'ai un doute sur ce dossier donc fait le analyser ici.

vas ici : http://www.virustotal.com/fr/

Clique sur Parcourir et choisi le dossier concerné.
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: antimalware doctor

Message le 27 Avr 2010 20:34

Srpski | Македонски | العربية | Suomi | ihMdI | | עברית | | Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español | English
Virustotal est un service qui analyse les fichiers suspects et facilite la détection rapide des virus, vers, chevaux de Troie et toutes sortes de malwares détectés par les moteurs antivirus. Plus d'informations...

Fichier UJ0QRjYY reçu le 2010.04.27 19:32:36 (UTC)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE


Résultat: 0/41 (0%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: 1.
L'heure estimée de démarrage est entre 43 et 62 secondes.
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Impression des résultats Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.
Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée. Email:


Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.50 2010.04.27 -
AhnLab-V3 5.0.0.2 2010.04.27 -
AntiVir 8.2.1.224 2010.04.27 -
Antiy-AVL 2.0.3.7 2010.04.27 -
Authentium 5.2.0.5 2010.04.27 -
Avast 4.8.1351.0 2010.04.27 -
Avast5 5.0.332.0 2010.04.27 -
AVG 9.0.0.787 2010.04.27 -
BitDefender 7.2 2010.04.27 -
CAT-QuickHeal 10.00 2010.04.27 -
ClamAV 0.96.0.3-git 2010.04.27 -
Comodo 4691 2010.04.27 -
DrWeb 5.0.2.03300 2010.04.27 -
eSafe 7.0.17.0 2010.04.26 -
eTrust-Vet 35.2.7453 2010.04.27 -
F-Prot 4.5.1.85 2010.04.27 -
F-Secure 9.0.15370.0 2010.04.27 -
Fortinet 4.0.14.0 2010.04.27 -
GData 21 2010.04.27 -
Ikarus T3.1.1.80.0 2010.04.27 -
Jiangmin 13.0.900 2010.04.27 -
Kaspersky 7.0.0.125 2010.04.27 -
McAfee 5.400.0.1158 2010.04.27 -
McAfee-GW-Edition 6.8.5 2010.04.27 -
Microsoft 1.5703 2010.04.27 -
NOD32 5066 2010.04.27 -
Norman 6.04.11 2010.04.27 -
nProtect 2010-04-27.01 2010.04.27 -
Panda 10.0.2.7 2010.04.27 -
PCTools 7.0.3.5 2010.04.27 -
Prevx 3.0 2010.04.27 -
Rising 22.45.01.04 2010.04.27 -
Sophos 4.53.0 2010.04.27 -
Sunbelt 6228 2010.04.27 -
Symantec 20091.2.0.41 2010.04.27 -
TheHacker 6.5.2.0.271 2010.04.27 -
TrendMicro 9.120.0.1004 2010.04.27 -
TrendMicro-HouseCall 9.120.0.1004 2010.04.27 -
VBA32 3.12.12.4 2010.04.27 -
ViRobot 2010.4.26.2294 2010.04.26 -
VirusBuster 5.0.27.0 2010.04.27 -
Information additionnelle
File size: 11864 bytes
MD5...: ad9dddbba56220022b4d7aeb18277140
SHA1..: 3466e9f2fc3d3c1f27798a17a4a33f81e5d76569
SHA256: 525918f6d0bad3541f65515eb55400ce14a0252f2a0ca2affca6701aa86db014
ssdeep: 192:4d27GkNtwP/CGWax0ZK9clA3/b2eiAqs4o+lbtkEOePvKHM+nLnmd6tqnyMo
q:SaG2twNCQKW4oYhP9HwM6m7yA

PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Unknown!
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned



ATTENTION: VirusTotal est un service gratuit offert par Hispasec Sistemas. Il n'y a aucune garantie quant à la disponibilité et la continuité de ce service. Bien que le taux de détection permis par l'utilisation de multiples moteurs antivirus soit bien supérieur à celui offert par seulement un produit, ces résultats NE garantissent PAS qu'un fichier est sans danger. Il n'y a actuellement aucune solution qui offre un taux d'efficacité de 100% pour la détection des virus et malwares.

VirusTotal © Hispasec Sistemas - Blog - Contact: info@virustotal.com - Terms of Service & Privacy Policy


Voila je pense qu'il y a un virus dans ce fichier car il a été modifié le jour et l'heure ou j'ai attrapé ce virus
Merci
yanke64
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 16
Inscription: 26 Avr 2010 13:56
 

Re: antimalware doctor

Message le 27 Avr 2010 20:48

OK on va donc supprimer ce fichier.

Télécharge >>OTM<< (de Old_Timer) sur ton Bureau.


>> Pour VISTA : Clic-droit et choisis "Exécuter en tant qu'administrateur".

>> AVAST reconnait ce logiciel comme un intrus, donc le désactiver le temps des manipulations.

Double-clique sur OTM pour le lancer. Image

Copie la liste qui se trouve en citation ci-dessous:


:Files
C:\Users\amugler\AppData\Local\UJ0QRjYY
C:\ProgramData\UJ0QRjYY
:Commands
[emptytemp]
[Reboot]


et colle-la dans le cadre de gauche de OTM sous ceci:

Image

Clique sur Image pour lancer la suppression.
attendre la fin du travail de l'outil puis fermer OTM

Le résultat apparaitra dans le cadre Results.
Clique sur Exit pour fermer.
Poste le rapport situé dans C:\_OTM\MovedFiles\06092009_130526.log "Exemple"

NB: Il te sera peut-être demandé de redémarrer le pc pour achever la suppression.
si c'est le cas accepte par Oui/Yes.
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: antimalware doctor

Message le 27 Avr 2010 21:33

Voici le rapport d'OTM

All processes killed
========== FILES ==========
C:\Users\amugler\AppData\Local\UJ0QRjYY moved successfully.
C:\ProgramData\UJ0QRjYY moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: amugler
->Temp folder emptied: 144715526 bytes
->Temporary Internet Files folder emptied: 82961215 bytes
->Java cache emptied: 6709988 bytes
->Flash cache emptied: 135773 bytes

User: cieutat

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: jmingam2
->Temp folder emptied: 33301 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Public

User: root
->Temp folder emptied: 20504001 bytes
->Temporary Internet Files folder emptied: 11996052 bytes
->FireFox cache emptied: 11448406 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 71066440 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 3218239 bytes
RecycleBin emptied: 276618147 bytes

Total Files Cleaned = 600,00 mb


OTM by OldTimer - Version 3.1.11.0 log created on 04272010_222430

Files moved on Reboot...
File C:\Users\amugler\AppData\Local\Temp\~DF7B06.tmp not found!
File C:\Users\amugler\AppData\Local\Temp\~DF7B12.tmp not found!
File C:\Users\amugler\AppData\Local\Temp\~DF7B6A.tmp not found!
File C:\Users\amugler\AppData\Local\Temp\~DF7B88.tmp not found!
File C:\Users\amugler\AppData\Local\Temp\~DF7D13.tmp not found!
File C:\Users\amugler\AppData\Local\Temp\~DF7D21.tmp not found!
C:\Users\amugler\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KIE58ZF8\ads[1].htm moved successfully.
C:\Users\amugler\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7WY2OXLP\antimalware-doctor-vt-50864[1].html moved successfully.
C:\Users\amugler\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3E16Q1GP\ads[1].htm moved successfully.
C:\Users\amugler\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
File C:\Windows\temp\WFVAB7A.tmp not found!

Registry entries deleted on Reboot...
yanke64
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 16
Inscription: 26 Avr 2010 13:56
 

Re: antimalware doctor

Message le 28 Avr 2010 11:26

Très bien, comment va ton pc maintenant!
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Suivante


Sujets similaires

Message [Résolu] infection probable
Bonjour à tousalors voila, je pense être infecter par virus et ou malware, ou quelqu'un, depuis un bon moment j'ai des bannières qui viennent ce glisser et entrer sur mon écran à droite, elles apparaissent par 3 l'une sur l'autre, je peut les fermer, mais elles reviennent,principalement ca concerne ...
Réponses: 22

Message [résolu] Appels indésirables
Bonsoir? J'ai besoin d'aide, je n'en peux plus, mon portable est sur liste rouge, j'ai plusieurs appels par jour, d'un cabinet de santé, "santénéa", ils demandent à parler à ma femme, qui est décédée en octobre 2022, je ne comprends pas le lien entre mon numéro de portable et ma femme. ? J ...
Réponses: 27

Message [Résolu] Récupération du dual boot
Bonjour,Pourriez-vous m'aider à remettre le dual boot" sur un pc portable HP modèle G7 1235 SF" qui a Windows 10 et Ubuntu 24.04 que j'ai installé dans " l'espace libre" du disque dur mais au démarrage c'est Ubuntu qui est démarre directement, comment faire ?J'aurai voulu garder ...
Réponses: 13

Message [résolu] Inscris à l'insu de mon plein gré
Bonjour J'ai un souci, qui m'énerve vraiment, ma fille m'a réglé une smart TV, pour que le Chromecast intégré fonctionne elle m'a créé un compte sur google. Presque sur chaque site, j'ai ceci :Sur le site TV loisir, je n'ai pas fait exprès, j'ai cliqué sur ok, au lieu de la croix, ça m'a créé un com ...
Réponses: 3

Message Partition inutilisée [Résolu]
Bonjour à tous !J'ai encore des lacunes (normal vu mon âge....):Après avoir fait du ménage sur mon disque SSD, il y reste Win 8 et Ubuntu 22.04 plus une partition de 6 Go que je voudrais utiliser pour y stocker des sauvegardes non critiques.Elle est nommée "Lost+found"Je ne peux pas avoir ...
Réponses: 3

Message [résolu] C'est le bazar sur mon bureau
Bonjour Quand je veux héberger une image ou autre chose de mon bureau, j'ai ça, maisquescequecestdoncquetoutcestmachins? Merci
Réponses: 8


Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 2 invités


.: Nous contacter :: Flux RSS :: Données personnelles :.
cron