infecté par EoRezo

pierreyves258 · le 21 Déc 2010 19:59

Bonjour, j'ai reçu aujourd'hui 3 messages de postmaster@mail.hotmail.com ces messages s'envoient quand tu a envoyer un message et que l'interlocuteur n'existe pas et dans ces messages il y avait une pub ce qui veut dire que mon msn envoi des pubs a tout le monde je pense
donc je pense que j'ai le virus MSN

pouvez vous m'aider a le supprimer
voici les scans

MBAM:

Code: Tout sélectionner: Malwarebytes' Anti-Malware 1.50 www.malwarebytes.org Version de la base de données: 5366 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18999 21/12/2010 19:03:17 mbam-log-2010-12-21 (19-03-17).txt Type d'examen: Examen complet (C:\|D:\|) Elément(s) analysé(s): 421309 Temps écoulé: 1 heure(s), 33 minute(s), 46 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 1 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 3 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\Application (Hijacker.Application) -> Bad: (http://www.helpmeopen.com/?n=app&ext=%s) Good: (http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s) -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\program files\bsmaxscript[7.2]\persojeux\ecran.$$A (Joke.Stressreducer) -> Quarantined and deleted successfully. c:\Users\clairounette\AppData\Roaming\EoRezo\softwareupdate\softwareupdate.exe (Rogue.Eorezo) -> Quarantined and deleted successfully. c:\Users\clairounette\AppData\Roaming\EoRezo\softwareupdate\softwareupdatehp.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.

hijackthis

Code: Tout sélectionner: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:14:20, on 21/12/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18999) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\System32\rundll32.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\conime.exe C:\Users\Pierre-Yves\Desktop\OTL.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Pierre-Yves\Desktop\azerty.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://chickentofight.com/index.php?page=logout R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ÿþ127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [4StoryPrePatch] C:\Program Files\Gameforge4D\4Story\PrePatch.exe O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe -s O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [FileHippo.com] "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: MaxTV Recorder Manager.lnk = C:\Program Files\MaxTV\MaxTV4\task_scheduler.exe O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll O13 - Gopher Prefix: O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} (FTMediaPlayer Class) - http://webtv.guidetv.orange.fr/resources/OCS_8971.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldfr-fr.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: McAfee Application Installer Cleanup (0261471289032012) (0261471289032012mcinstcleanup) - Unknown owner - C:\Users\PIERRE~1\AppData\Local\Temp\026147~1.EXE (file missing) O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe O23 - Service: SeaPort - Unknown owner - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 13140 bytes

OLT otl.txt (première partie)

Code: Tout sélectionner: OTL logfile created on: 21/12/2010 19:08:14 - Run 1 OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\Pierre-Yves\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18999) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free Paging file location(s): c:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 144,09 Gb Total Space | 18,25 Gb Free Space | 12,66% Space Free | Partition Type: NTFS Drive D: | 117,93 Gb Total Space | 50,48 Gb Free Space | 42,81% Space Free | Partition Type: NTFS Computer Name: PYMCLAIRE | User Name: Pierre-Yves | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Users\Pierre-Yves\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\conime.exe (Microsoft Corporation) PRC - C:\Program Files\Winamp\winampa.exe () PRC - C:\Windows\System32\FsUsbExService.Exe (Teruten) PRC - C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation) PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) PRC - C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (SAMSUNG Electronics) PRC - C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.) PRC - C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe (SAMSUNG Electronics co., LTD.) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe (Samsung Electronics Co., Ltd.) PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems) [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - C:\Users\Pierre-Yves\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation) [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - (McSysmon) -- C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe File not found SRV - (McShield) -- C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe File not found SRV - (0261471289032012mcinstcleanup) McAfee Application Installer Cleanup (0261471289032012) -- C:\Users\PIERRE~1\AppData\Local\Temp\026147~1.EXE File not found SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (Futuremark SystemInfo Service) -- C:\Program Files\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation) SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation) SRV - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe () SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (FsUsbExService) -- C:\Windows\System32\FsUsbExService.Exe (Teruten) SRV - (BcmSqlStartupSvc) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation) SRV - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (Samsung Update Plus) -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe () SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (EagleXNt) -- C:\Windows\System32\drivers\EagleXNt.sys File not found DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys () DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys () DRV - (ss_bmdm) -- C:\Windows\System32\drivers\ss_bmdm.sys (MCCI Corporation) DRV - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\Windows\System32\drivers\ss_bbus.sys (MCCI) DRV - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\Windows\System32\drivers\ss_bmdfl.sys (MCCI Corporation) DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (NETw5v32) Pilote de carte Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (VMC302) -- C:\Windows\System32\drivers\vmc302.sys (Vimicro Corporation) DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.) DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell) DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.) DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia) DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.) DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.) DRV - (KMDFMEMIO) -- C:\Windows\System32\drivers\KMDFMEMIO.sys (SAMSUNG ELECTRONICS CO., LTD.) DRV - (ss_mdm) -- C:\Windows\System32\drivers\ss_mdm.sys (MCCI Corporation) DRV - (ss_mdfl) -- C:\Windows\System32\drivers\ss_mdfl.sys (MCCI Corporation) DRV - (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) -- C:\Windows\System32\drivers\ss_bus.sys (MCCI Corporation) DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (bcm4sbxp) -- C:\Windows\System32\drivers\bcm4sbxp.sys (Broadcom Corporation) DRV - (ialm) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation) DRV - (speedfan) -- C:\Windows\system32\speedfan.sys (Windows (R) 2000 DDK provider) DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys () DRV - (giveio) -- C:\Windows\system32\giveio.sys () [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://chickentofight.com/index.php?page=logout IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://chickentofight.com/index.php?page=logout|http://www.guerretribale.fr/|http://fr.ikariam.com/index.php|http://s3.kingsage.fr/game.php?village=54748&s=build_main|http://fr.grepolis.com/" FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3 FF - prefs.js..extensions.enabledItems: smarterwiki@wikiatic.com:4.1.7 FF - prefs.js..extensions.enabledItems: {4176DFF4-4698-11DE-BEEB-45DA55D89593}:0.8.2 FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.5 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: {6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}:1.4.8 FF - prefs.js..extensions.enabledItems: {4b0a905d-b508-4574-8d12-b8fe120ace09}:0.5 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/21 19:06:18 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/21 19:06:18 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Sunbird 0.9\extensions\\Components: C:\Program Files\Mozilla Sunbird\components [2010/10/31 14:03:15 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Sunbird 0.9\extensions\\Plugins: C:\Program Files\Mozilla Sunbird\plugins [2010/12/08 14:12:48 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\mozilla\Extensions [2010/12/08 14:12:48 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\mozilla\Extensions\maxtv4@labs.max-tv.be [2010/12/21 17:07:35 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\mozilla\Firefox\Profiles\1l8mi1qo.default\extensions [2010/10/31 14:07:09 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Pierre-Yves\AppData\Roaming\mozilla\Firefox\Profiles\1l8mi1qo.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} [2010/06/12 08:32:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Pierre-Yves\AppData\Roaming\mozilla\Firefox\Profiles\1l8mi1qo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/10/05 15:27:11 | 000,000,000 | ---D | M] (AniWeather) -- C:\Users\Pierre-Yves\AppData\Roaming\mozilla\Firefox\Profiles\1l8mi1qo.default\extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593} [2010/07/11 19:05:08 | 000,000,000 | ---D | M] (Faark's Grepolis Bericht 2 Image - Exporter) -- C:\Users\Pierre-Yves\AppData\Roaming\mozilla\Firefox\Profiles\1l8mi1qo.default\extensions\{4b0a905d-b508-4574-8d12-b8fe120ace09} [2010/09/11 09:04:38 | 000,000,000 | ---D | M] (Fire.fm) -- C:\Users\Pierre-Yves\AppData\Roaming\mozilla\Firefox\Profiles\1l8mi1qo.default\extensions\{6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3} [2010/09/23 16:17:04 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Users\Pierre-Yves\AppData\Roaming\mozilla\Firefox\Profiles\1l8mi1qo.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE} [2010/09/11 09:04:39 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Pierre-Yves\AppData\Roaming\mozilla\Firefox\Profiles\1l8mi1qo.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010/06/09 12:30:33 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Pierre-Yves\AppData\Roaming\mozilla\Firefox\Profiles\1l8mi1qo.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} [2010/09/11 09:05:14 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\mozilla\Firefox\Profiles\1l8mi1qo.default\extensions\smarterwiki@wikiatic.com [2010/10/31 14:03:24 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\mozilla\Sunbird\Profiles\017rpi8a.default\extensions [2010/10/31 14:12:37 | 000,001,196 | ---- | M] () -- C:\Users\Pierre-Yves\AppData\Roaming\Mozilla\FireFox\Profiles\1l8mi1qo.default\searchplugins\winamp-search.xml [2010/11/07 10:08:51 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2010/09/01 17:23:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/11/07 10:08:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010/10/22 10:52:13 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2010/10/22 10:52:13 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/10/22 10:52:13 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2010/10/22 10:52:14 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2010/10/22 10:52:14 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2010/11/06 17:56:52 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll () O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O4 - HKLM..\Run: [4StoryPrePatch] C:\Program Files\Gameforge4D\4Story\PrePatch.exe (Zamiinc) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [EoEngine] File not found O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe () O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKCU..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - Startup: C:\Users\Pierre-Yves\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MaxTV Recorder Manager.lnk = C:\Program Files\MaxTV\MaxTV4\task_scheduler.exe File not found O4 - Startup: C:\Users\Pierre-Yves\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} http://webtv.guidetv.orange.fr/resources/OCS_8971.cab (FTMediaPlayer Class) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldfr-fr.cab (Windows Live Hotmail Photo Upload Tool) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img23.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img23.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/11/21 13:28:19 | 000,000,065 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010/11/21 12:48:42 | 000,000,056 | ---- | M] () - C:\AUTOEXEC.SYD -- [ NTFS ] O33 - MountPoints2\{877f7480-5f0f-11dd-acf4-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{877f7480-5f0f-11dd-acf4-806e6f6e6963}\Shell\AutoRun\command - "" = E:\wubi.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe" ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.clmp3enc - C:\PROGRA~1\CYBERL~1\Power2Go\CLMP3Enc.ACM (CyberLink Corp.) Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.) Drivers32: VIDC.IV41 - C:\Windows\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)

OLT olt.txt (2eme partie)

Code: Tout sélectionner: [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010/12/21 17:23:52 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Pierre-Yves\Desktop\OTL.exe [2010/12/21 17:22:09 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Users\Pierre-Yves\Desktop\HiJackThis.exe [2010/12/21 16:15:08 | 000,000,000 | ---D | C] -- C:\Program Files\Astase [2010/12/21 16:14:09 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\Desktop\powerbatch [2010/12/21 12:28:42 | 000,207,664 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Windows\System32\psshutdown.exe [2010/12/21 12:24:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\PsTools [2010/12/21 12:22:54 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\Desktop\PsTools [2010/12/21 11:34:14 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\{925E4E68-1EC0-478A-BA04-5CDD9E2B3272} [2010/12/20 16:49:29 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\{142776BD-070A-4DC6-86A6-86265D34708C} [2010/12/19 14:15:06 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\{79431EC1-E6CF-4A09-A8B0-2411C47B2B48} [2010/12/18 21:46:38 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\{99F0BBF8-C307-41A0-B4DB-14D5C4CB562A} [2010/12/18 14:57:11 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\UT163 98Driver [2010/12/18 13:00:05 | 000,000,000 | ---D | C] -- C:\Program Files\FinalWire [2010/12/18 11:11:30 | 000,000,000 | ---D | C] -- C:\Ruby186 [2010/12/18 09:29:13 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\{6B0D5204-A059-4F32-AF06-7AC9A31B6B69} [2010/12/17 22:18:47 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\.idlerc [2010/12/17 22:17:30 | 000,000,000 | ---D | C] -- C:\Program Files\Python [2010/12/17 19:51:41 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\Desktop\PasPY-17^12^10$19ç25 [2010/12/17 12:00:44 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\{25AED42E-948E-4260-99F3-7F5ADDD3DED2} [2010/12/16 17:03:45 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010/12/16 17:03:45 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2010/12/16 17:03:44 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2010/12/16 17:03:44 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010/12/16 17:03:44 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010/12/16 17:03:44 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010/12/16 17:03:44 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010/12/16 17:03:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010/12/16 17:03:43 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010/12/16 17:03:43 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010/12/16 17:03:43 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010/12/16 17:03:43 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2010/12/16 17:03:43 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2010/12/16 17:03:43 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2010/12/16 17:03:43 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010/12/16 17:03:43 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2010/12/16 17:03:43 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010/12/16 17:03:37 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010/12/16 17:03:34 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll [2010/12/16 17:03:34 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll [2010/12/16 17:03:34 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll [2010/12/16 17:03:30 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2010/12/16 17:03:27 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010/12/16 17:03:27 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2010/12/16 17:03:27 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010/12/16 17:03:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010/12/16 16:49:48 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\{8824EA4F-1ABF-4D41-88CF-F7E75CDCF875} [2010/12/15 19:27:06 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\{C884B169-77F0-49BE-87E0-A8F8DF4FEA65} [2010/12/15 07:26:38 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\{BA04F037-E646-4E4E-9D5B-589FF8AD0706} [2010/12/14 13:31:18 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\{66A70A8F-F80F-4A8D-994B-2B97592D7EB4} [2010/12/13 17:08:36 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\{486813ED-DC19-4858-B672-B8E6CDC02933} [2010/12/12 16:28:13 | 000,000,000 | ---D | C] -- C:\allo [2010/12/12 12:09:27 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Roaming\Malwarebytes [2010/12/12 12:09:21 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/12/12 12:09:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010/12/12 12:09:15 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/12/12 12:09:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/12/12 11:50:35 | 000,000,000 | ---D | C] -- C:\Program Files\Dictionnaire le Littré 2.0 [2010/12/12 11:46:17 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\Desktop\Nouveau [2010/12/12 10:38:05 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\{400870C7-AD9F-45A5-9D6D-3F55E287574C} [2010/12/11 11:10:20 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\Desktop\dicoverb [2010/12/11 10:57:09 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\{B12BAFBA-CC05-4D1C-8C77-0E1E5A674745} [2010/12/10 21:37:33 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\{07638833-5437-403C-8209-D3297AB74179} [2010/12/10 20:56:52 | 000,000,000 | ---D | C] -- C:\Windows\fr [2010/12/10 20:52:27 | 000,039,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys [2010/12/10 18:33:06 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\DarkRoom [2010/12/10 18:32:25 | 000,000,000 | ---D | C] -- C:\Program Files\dark_room_0.8b [2010/12/10 17:49:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Futuremark Shared [2010/12/10 17:49:29 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll [2010/12/09 21:22:39 | 000,000,000 | ---D | C] -- C:\Program Files\lynx [2010/12/09 21:03:40 | 000,000,000 | ---D | C] -- C:\Program Files\lynx2.8.5rel.1 [2010/12/09 21:01:31 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\Deployment [2010/12/09 18:50:29 | 000,005,632 | ---- | C] (EnTech Taiwan) -- C:\Windows\System32\drivers\Entech64.sys [2010/12/09 18:50:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\Futuremark [2010/12/09 18:50:07 | 000,000,000 | ---D | C] -- C:\Program Files\Futuremark [2010/12/08 14:12:43 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\MaxTV Technologies [2010/12/08 14:12:17 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\Documents\MaxTV [2010/12/08 14:12:16 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Roaming\MaxTV Technologies [2010/12/08 14:11:36 | 000,000,000 | ---D | C] -- C:\Program Files\MaxTV [2010/12/08 14:02:59 | 000,000,000 | ---D | C] -- C:\Program Files\Virtual VCR [2010/12/07 17:37:08 | 000,000,000 | ---D | C] -- C:\Program Files\Camouflage [2010/12/07 17:36:51 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe [2010/12/07 17:29:19 | 000,000,000 | ---D | C] -- C:\Program Files\Axon Data [2010/12/04 10:36:08 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\Documents\Need for Speed World [2010/12/03 16:45:59 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Roaming\Need for Speed World [2010/12/02 22:08:05 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\Electronic_Arts_Inc [2010/12/02 22:07:35 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll [2010/12/02 22:07:35 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll [2010/12/02 22:07:34 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll [2010/12/02 22:07:33 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll [2010/12/02 22:07:33 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll [2010/12/02 22:07:33 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll [2010/12/02 22:07:33 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll [2010/12/02 22:07:33 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll [2010/12/02 22:07:04 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll [2010/12/02 22:07:04 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll [2010/12/02 22:07:03 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll [2010/12/02 22:07:03 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll [2010/12/02 22:07:03 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll [2010/12/02 22:07:03 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll [2010/12/02 22:07:02 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll [2010/12/02 22:07:02 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll [2010/12/02 22:07:02 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll [2010/12/02 22:07:02 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll [2010/12/02 22:07:01 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll [2010/12/02 22:07:01 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll [2010/12/02 22:07:01 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll [2010/12/02 22:07:01 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll [2010/12/02 22:07:01 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll [2010/12/02 22:07:00 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll [2010/12/02 22:07:00 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll [2010/12/02 22:07:00 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll [2010/12/02 22:07:00 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll [2010/12/02 22:07:00 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll [2010/12/02 22:06:59 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll [2010/12/02 22:06:58 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll [2010/12/02 22:06:58 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll [2010/12/02 22:06:58 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll [2010/12/02 22:06:58 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll [2010/12/02 22:06:58 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll [2010/12/02 22:06:58 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll [2010/12/02 22:06:57 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll [2010/12/02 22:06:57 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll [2010/12/02 22:06:54 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll [2010/12/02 22:06:54 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll [2010/12/02 22:06:54 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll [2010/12/02 22:06:54 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll [2010/12/02 22:06:53 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll [2010/12/02 22:03:12 | 000,000,000 | -H-D | C] -- C:\Windows\msdownld.tmp [2010/12/02 22:03:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx [2010/12/02 22:02:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2010/12/02 22:02:57 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts [2010/12/02 17:34:29 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\Desktop\Dossier [2010/12/02 17:34:11 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\Desktop\JeuxDOS [2010/12/01 21:23:30 | 000,000,000 | ---D | C] -- C:\Program Files\DOSBox-0.73 [2010/12/01 21:14:46 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\DOSBox [2010/12/01 21:14:39 | 000,000,000 | ---D | C] -- C:\Program Files\DOSBox-0.74 [2010/12/01 12:11:31 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Roaming\Simple Sudoku [2010/12/01 12:11:31 | 000,000,000 | ---D | C] -- C:\Program Files\Simple Sudoku [2010/11/27 18:31:14 | 002,288,640 | ---- | C] (Python Software Foundation) -- C:\Windows\System32\python27.dll [2010/11/23 22:18:23 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\fff [2010/11/21 21:43:25 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Roaming\Nikon [2010/11/21 21:43:25 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\Nikon [2006/11/24 06:14:44 | 000,139,264 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK_wiz.dll [2006/11/24 06:14:44 | 000,126,976 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK.dll [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010/12/21 19:11:00 | 000,000,432 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{708CEC71-6DE2-4120-AE0C-6149F42BD692}.job [2010/12/21 19:08:59 | 000,000,432 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{8A4587B3-F80E-4DA7-A193-5D09DFAD1F95}.job [2010/12/21 19:03:34 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\xeattdxi.sys [2010/12/21 18:59:01 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010/12/21 18:21:29 | 000,297,987 | ---- | M] () -- C:\ProgramData\nvModes.dat [2010/12/21 18:21:29 | 000,297,987 | ---- | M] () -- C:\ProgramData\nvModes.001 [2010/12/21 17:53:25 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/12/21 17:53:25 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/12/21 17:24:54 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Pierre-Yves\Desktop\OTL.exe [2010/12/21 17:22:11 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Users\Pierre-Yves\Desktop\HiJackThis.exe [2010/12/21 16:59:00 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010/12/21 16:48:20 | 000,000,898 | ---- | M] () -- C:\Windows\System32\annul.exe [2010/12/21 16:47:52 | 000,000,914 | ---- | M] () -- C:\Windows\System32\arret.exe [2010/12/21 16:15:10 | 000,000,869 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\PowerBatch.lnk [2010/12/21 15:16:19 | 000,000,068 | ---- | M] () -- C:\Windows\System32\arret.bat [2010/12/21 14:15:38 | 000,028,210 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\aaa.jpg [2010/12/21 13:58:05 | 000,728,424 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2010/12/21 13:58:05 | 000,638,028 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/12/21 13:58:05 | 000,148,478 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2010/12/21 13:58:05 | 000,120,716 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/12/21 13:53:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/12/21 13:53:19 | 3215,577,088 | -HS- | M] () -- C:\hiberfil.sys [2010/12/21 13:52:30 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010/12/21 13:41:57 | 000,000,052 | ---- | M] () -- C:\Windows\System32\annul.bat [2010/12/21 12:22:55 | 000,207,664 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Windows\System32\psshutdown.exe [2010/12/20 16:49:47 | 000,000,430 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{4F70D5BD-EAEA-4F53-A7D5-A3BC9C0897CE}.job [2010/12/19 16:41:38 | 000,000,009 | ---- | M] () -- C:\Users\Pierre-Yves\autoexec.bat [2010/12/19 16:35:39 | 000,000,191 | -H-- | M] () -- C:\Windows\System32\pas.bat [2010/12/19 15:36:53 | 000,000,087 | -H-- | M] () -- C:\Windows\System32\fir.bat [2010/12/19 15:31:53 | 000,001,724 | ---- | M] () -- C:\Users\Pierre-Yves\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (3).lnk [2010/12/18 14:46:15 | 000,001,258 | ---- | M] () -- C:\Users\Pierre-Yves\Documents\saveregistre.reg [2010/12/18 13:00:09 | 000,001,024 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\AIDA64 Extreme Edition.lnk [2010/12/18 11:00:30 | 000,001,075 | ---- | M] () -- C:\Users\Pierre-Yves\quiz.pyw [2010/12/17 23:12:31 | 000,001,899 | ---- | M] () -- C:\Users\Pierre-Yves\azerty.py [2010/12/17 22:41:58 | 000,000,151 | ---- | M] () -- C:\Users\Pierre-Yves\azeery.py [2010/12/17 16:39:59 | 000,394,896 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010/12/17 13:41:14 | 000,008,268 | ---- | M] () -- C:\Users\Pierre-Yves\AppData\Local\d3d9caps.dat [2010/12/15 16:43:36 | 000,000,000 | ---- | M] () -- C:\Users\Pierre-Yves\a.exe [2010/12/13 17:18:33 | 000,000,064 | ---- | M] () -- C:\Users\Pierre-Yves\lem.bat [2010/12/13 17:08:14 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2010/12/13 17:08:13 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2010/12/12 12:09:21 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/12/12 12:00:39 | 000,000,012 | ---- | M] () -- C:\Users\Pierre-Yves\IP.bat [2010/12/12 11:50:45 | 000,001,730 | ---- | M] () -- C:\Users\Public\Desktop\Dictionnaire le Littré.lnk [2010/12/11 18:32:07 | 000,000,586 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\Conjug.exe - Raccourci.lnk [2010/12/11 15:30:34 | 000,001,715 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\DarkRoom.exe - Raccourci.lnk [2010/12/11 12:58:22 | 000,000,718 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\eclipse - Raccourci.lnk [2010/12/10 20:33:04 | 000,052,736 | ---- | M] () -- C:\Users\Pierre-Yves\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/12/10 19:01:21 | 000,001,827 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\Command Prompt.lnk [2010/12/10 17:49:23 | 000,001,789 | ---- | M] () -- C:\Users\Public\Desktop\3DMark 11.lnk [2010/12/10 13:09:23 | 000,020,882 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\azerty.3dr [2010/12/10 12:57:36 | 000,020,780 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\a.3dr [2010/12/09 21:22:39 | 000,001,608 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\Lynx Browser.lnk [2010/12/09 18:52:26 | 000,001,833 | ---- | M] () -- C:\Users\Public\Desktop\3DMark05.lnk [2010/12/08 17:57:07 | 000,002,624 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\UNTITL~1.EXE [2010/12/08 17:56:45 | 000,000,335 | ---- | M] () -- C:\Users\Pierre-Yves\Documents\Project 2.dp [2010/12/08 17:56:45 | 000,000,063 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\Project 2.dp [2010/12/08 17:56:36 | 000,000,257 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\Untitled1.pas [2010/12/08 17:55:55 | 000,000,078 | ---- | M] () -- C:\Users\Pierre-Yves\Documents\Rsrc.rc [2010/12/08 17:55:03 | 000,002,327 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\anneed~1.ow [2010/12/08 17:49:54 | 000,000,000 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\TP11D571.$$$ [2010/12/08 16:02:37 | 000,004,512 | ---- | M] () -- C:\WirelessDiagLog.csv [2010/12/08 14:12:23 | 000,001,842 | ---- | M] () -- C:\Users\Pierre-Yves\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MaxTV Recorder Manager.lnk [2010/12/08 14:03:01 | 000,000,853 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\Virtual VCR.lnk [2010/12/06 22:18:29 | 000,013,165 | ---- | M] () -- C:\Users\Pierre-Yves\Documents\Lettre correspondant allemand.odt [2010/12/05 21:26:06 | 000,206,634 | ---- | M] () -- C:\Users\Pierre-Yves\Documents\coffre literaire.odt [2010/12/05 20:52:30 | 000,001,388 | ---- | M] () -- C:\Users\Pierre-Yves\Application Data\Microsoft\Internet Explorer\Quick Launch\Nouveau Texte OpenDocument - Raccourci.lnk [2010/12/02 22:03:10 | 000,001,998 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\Need For Speed World.lnk [2010/12/01 21:14:40 | 000,001,703 | ---- | M] () -- C:\Users\Public\Desktop\DOSBox 0.74.lnk [2010/11/30 22:00:14 | 000,015,872 | ---- | M] () -- C:\Users\Pierre-Yves\Documents\Untitled1.exe [2010/11/30 22:00:13 | 000,001,338 | ---- | M] () -- C:\Users\Pierre-Yves\Documents\untitl~1.ow [2010/11/30 22:00:13 | 000,000,107 | ---- | M] () -- C:\Users\Pierre-Yves\Documents\Untitled1.pas [2010/11/30 21:13:44 | 003,637,248 | ---- | M] () -- C:\Users\Pierre-Yves\Documents\adsl TV 2010-11-30 21-12-29 France 3.wmv [2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/11/28 00:36:25 | 000,034,106 | ---- | M] () -- C:\Users\Pierre-Yves\mmmmm.odt [2010/11/27 18:31:14 | 002,288,640 | ---- | M] (Python Software Foundation) -- C:\Windows\System32\python27.dll [2010/11/26 21:28:41 | 000,000,076 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\Nouveau-ZIP.bat [2010/11/24 20:25:42 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLet.DAT [2010/11/23 22:20:32 | 000,000,000 | ---- | M] () -- C:\Users\Pierre-Yves\Dossier.zip [2010/11/23 22:17:17 | 000,000,125 | ---- | M] () -- C:\Users\Pierre-Yves\nouveaudossier.zip [2010/11/22 16:56:07 | 000,001,695 | ---- | M] () -- C:\Windows\System32\autoexec.nt [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/12/21 19:03:34 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\xeattdxi.sys [2010/12/21 16:50:29 | 000,000,914 | ---- | C] () -- C:\Windows\System32\arret.exe [2010/12/21 16:50:29 | 000,000,898 | ---- | C] () -- C:\Windows\System32\annul.exe [2010/12/21 16:15:10 | 000,000,869 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\PowerBatch.lnk [2010/12/21 14:08:25 | 000,028,210 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\aaa.jpg [2010/12/21 13:39:11 | 000,000,052 | ---- | C] () -- C:\Windows\System32\annul.bat [2010/12/21 13:38:48 | 000,000,068 | ---- | C] () -- C:\Windows\System32\arret.bat [2010/12/20 18:14:25 | 000,000,008 | ---- | C] () -- C:\Users\Pierre-Yves\az.txt [2010/12/19 16:36:08 | 000,000,524 | ---- | C] () -- C:\Users\Pierre-Yves\menu.txt [2010/12/19 15:31:53 | 000,001,724 | ---- | C] () -- C:\Users\Pierre-Yves\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (3).lnk [2010/12/19 15:27:41 | 000,000,087 | -H-- | C] () -- C:\Windows\System32\fir.bat [2010/12/18 14:46:15 | 000,001,258 | ---- | C] () -- C:\Users\Pierre-Yves\Documents\saveregistre.reg [2010/12/18 13:00:09 | 000,001,024 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\AIDA64 Extreme Edition.lnk [2010/12/18 12:43:26 | 000,000,191 | -H-- | C] () -- C:\Windows\System32\pas.bat [2010/12/18 10:53:57 | 000,001,075 | ---- | C] () -- C:\Users\Pierre-Yves\quiz.pyw [2010/12/17 23:11:23 | 000,001,899 | ---- | C] () -- C:\Users\Pierre-Yves\azerty.py [2010/12/17 22:36:56 | 000,000,151 | ---- | C] () -- C:\Users\Pierre-Yves\azeery.py [2010/12/15 16:43:33 | 000,000,000 | ---- | C] () -- C:\Users\Pierre-Yves\a.exe [2010/12/13 17:15:36 | 000,000,064 | ---- | C] () -- C:\Users\Pierre-Yves\lem.bat [2010/12/12 12:09:21 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/12/12 12:00:39 | 000,000,012 | ---- | C] () -- C:\Users\Pierre-Yves\IP.bat [2010/12/12 11:50:45 | 000,001,730 | ---- | C] () -- C:\Users\Public\Desktop\Dictionnaire le Littré.lnk [2010/12/11 18:32:07 | 000,000,586 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\Conjug.exe - Raccourci.lnk [2010/12/11 11:12:07 | 000,001,715 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\DarkRoom.exe - Raccourci.lnk [2010/12/10 17:49:23 | 000,001,789 | ---- | C] () -- C:\Users\Public\Desktop\3DMark 11.lnk [2010/12/10 13:09:21 | 000,020,882 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\azerty.3dr [2010/12/10 12:57:34 | 000,020,780 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\a.3dr [2010/12/09 21:22:39 | 000,001,608 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\Lynx Browser.lnk [2010/12/09 18:52:26 | 000,001,833 | ---- | C] () -- C:\Users\Public\Desktop\3DMark05.lnk [2010/12/09 18:50:29 | 000,006,173 | ---- | C] () -- C:\Windows\System32\drivers\Entech.vxd [2010/12/09 18:50:29 | 000,003,972 | ---- | C] () -- C:\Windows\System32\drivers\PciBus.sys [2010/12/08 17:57:07 | 000,002,624 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\UNTITL~1.EXE [2010/12/08 17:56:16 | 000,000,257 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\Untitled1.pas [2010/12/08 17:55:55 | 000,000,335 | ---- | C] () -- C:\Users\Pierre-Yves\Documents\Project 2.dp [2010/12/08 17:55:55 | 000,000,078 | ---- | C] () -- C:\Users\Pierre-Yves\Documents\Rsrc.rc [2010/12/08 17:55:03 | 000,002,327 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\anneed~1.ow [2010/12/08 17:54:59 | 000,000,063 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\Project 2.dp [2010/12/08 17:49:54 | 000,000,000 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\TP11D571.$$$ [2010/12/08 14:12:23 | 000,001,842 | ---- | C] () -- C:\Users\Pierre-Yves\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MaxTV Recorder Manager.lnk [2010/12/08 14:03:01 | 000,000,853 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\Virtual VCR.lnk [2010/12/06 21:10:56 | 000,013,165 | ---- | C] () -- C:\Users\Pierre-Yves\Documents\Lettre correspondant allemand.odt [2010/12/05 21:09:30 | 000,206,634 | ---- | C] () -- C:\Users\Pierre-Yves\Documents\coffre literaire.odt [2010/12/02 22:03:10 | 000,001,998 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\Need For Speed World.lnk [2010/12/01 21:14:40 | 000,001,703 | ---- | C] () -- C:\Users\Public\Desktop\DOSBox 0.74.lnk [2010/11/30 21:58:28 | 000,015,872 | ---- | C] () -- C:\Users\Pierre-Yves\Documents\Untitled1.exe [2010/11/30 21:58:28 | 000,001,338 | ---- | C] () -- C:\Users\Pierre-Yves\Documents\untitl~1.ow [2010/11/30 21:58:07 | 000,000,107 | ---- | C] () -- C:\Users\Pierre-Yves\Documents\Untitled1.pas [2010/11/30 21:12:41 | 003,637,248 | ---- | C] () -- C:\Users\Pierre-Yves\Documents\adsl TV 2010-11-30 21-12-29 France 3.wmv [2010/11/27 21:17:10 | 000,034,106 | ---- | C] () -- C:\Users\Pierre-Yves\mmmmm.odt [2010/11/23 22:28:05 | 000,000,076 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\Nouveau-ZIP.bat [2010/11/23 22:20:30 | 000,000,000 | ---- | C] () -- C:\Users\Pierre-Yves\Dossier.zip [2010/11/23 22:16:00 | 000,000,125 | ---- | C] () -- C:\Users\Pierre-Yves\nouveaudossier.zip [2010/11/21 16:12:14 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Equalizer [2010/11/21 16:12:14 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Enhance Tuning [2010/11/21 16:12:14 | 000,000,268 | RH-- | C] () -- C:\Users\Pierre-Yves\AppData\Roaming\Electric Clav [2010/11/21 16:12:14 | 000,000,268 | RH-- | C] () -- C:\Users\Pierre-Yves\AppData\Roaming\Effects [2010/11/21 16:12:14 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT [2010/11/21 16:12:13 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Enhance Timing [2010/11/21 16:12:13 | 000,000,268 | RH-- | C] () -- C:\Users\Pierre-Yves\AppData\Roaming\Echo [2010/11/21 16:12:13 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT [2010/11/21 16:12:13 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT [2010/11/20 15:04:44 | 000,001,776 | ---- | C] () -- C:\Users\Pierre-Yves\AppData\Local\Temp3.html [2010/11/07 10:44:15 | 000,003,235 | ---- | C] () -- C:\Users\Pierre-Yves\AppData\Local\Temp11.html [2010/11/06 21:36:11 | 000,004,479 | ---- | C] () -- C:\Users\Pierre-Yves\AppData\Local\Temp12.html [2010/11/06 16:15:23 | 000,004,479 | ---- | C] () -- C:\Users\Pierre-Yves\AppData\Local\Temp21.html [2010/11/06 15:43:06 | 000,000,778 | ---- | C] () -- C:\Users\Pierre-Yves\AppData\Local\Temp1.html [2010/10/28 18:14:40 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2010/09/25 15:25:31 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2010/09/25 15:25:31 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2010/09/25 15:25:23 | 000,002,528 | ---- | C] () -- C:\Users\Pierre-Yves\AppData\Roaming\$_hpcst$.hpc [2010/08/16 17:44:34 | 000,000,040 | ---- | C] () -- C:\Windows\System32\Sx5363.ini [2010/04/04 14:36:20 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009/12/22 22:14:56 | 000,000,571 | ---- | C] () -- C:\Windows\System32\FeMakro.ini [2009/12/22 22:14:56 | 000,000,497 | ---- | C] () -- C:\Windows\System32\FeAnim.ini [2009/09/27 19:49:51 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2009/09/27 19:49:50 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2009/08/30 16:49:57 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll [2009/08/30 16:49:57 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll [2009/07/20 13:49:26 | 000,031,802 | ---- | C] () -- C:\Users\Pierre-Yves\AppData\Roaming\UserTile.png [2009/07/04 08:43:13 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/06/30 14:37:10 | 000,008,268 | ---- | C] () -- C:\Users\Pierre-Yves\AppData\Local\d3d9caps.dat [2009/06/28 14:47:08 | 000,052,736 | ---- | C] () -- C:\Users\Pierre-Yves\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008/07/21 03:56:00 | 000,000,179 | ---- | C] () -- C:\Windows\inisysupms.init [2008/07/08 13:31:31 | 000,000,684 | ---- | C] () -- C:\Windows\HotFixList.ini [2008/07/08 13:20:14 | 000,297,987 | ---- | C] () -- C:\ProgramData\nvModes.dat [2008/07/08 13:20:14 | 000,297,987 | ---- | C] () -- C:\ProgramData\nvModes.001 [2008/07/08 13:11:54 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini [2008/07/08 13:11:54 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini [2008/07/08 11:33:38 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2007/10/25 16:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2007/02/15 08:51:02 | 000,274,432 | ---- | C] () -- C:\Windows\System32\NDADLL.dll [2006/11/29 09:00:28 | 000,307,200 | ---- | C] () -- C:\Windows\System32\LDBGenWizView.dll [2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 11:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/10/09 02:01:28 | 000,061,440 | ---- | C] () -- C:\Windows\System32\AVSAudioWideStereoDMO.dll [2001/11/14 04:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll [1997/06/14 11:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll [1996/04/03 20:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys [color=#E56717]========== LOP Check ==========[/color] [2010/06/15 17:33:25 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\BitZipper [2010/03/12 17:43:18 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\eTeks [2010/04/01 19:42:20 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\FOG Downloader [2010/10/17 17:48:12 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\LolClient [2010/12/08 14:12:16 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\MaxTV Technologies [2010/12/03 16:45:59 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Need for Speed World [2010/11/21 21:43:25 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Nikon [2010/04/04 14:24:38 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\OfferBox [2009/06/28 09:11:47 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\OpenOffice.org [2010/03/19 20:03:35 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Opera [2010/09/25 16:30:47 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\PC Suite [2010/08/04 12:52:20 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\PeerNetworking [2010/09/25 15:25:18 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Samsung [2010/12/01 12:12:44 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Simple Sudoku [2010/02/06 21:13:29 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Sony [2010/02/06 21:14:24 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Sony Setup [2010/10/31 17:00:30 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Todae [2010/02/26 18:28:08 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Uniblue [2010/12/21 13:52:31 | 000,032,494 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010/12/20 16:49:47 | 000,000,430 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{4F70D5BD-EAEA-4F53-A7D5-A3BC9C0897CE}.job [2010/12/21 19:11:00 | 000,000,432 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{708CEC71-6DE2-4120-AE0C-6149F42BD692}.job [2010/12/21 19:08:59 | 000,000,432 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{8A4587B3-F80E-4DA7-A193-5D09DFAD1F95}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color] [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color] [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color] [color=#A23BEC]< %APPDATA%\*. >[/color] [2009/07/04 20:50:02 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Adobe [2010/11/14 09:25:27 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Avira [2010/06/15 17:33:25 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\BitZipper [2009/08/01 13:53:58 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\CyberLink [2010/07/06 16:59:46 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\DivX [2010/12/20 20:43:59 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\dvdcss [2010/03/12 17:43:18 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\eTeks [2010/04/01 19:42:20 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\FOG Downloader [2010/04/04 15:14:03 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Google [2009/06/27 15:55:09 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Identities [2010/08/04 12:52:57 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Intel [2010/10/17 17:48:12 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\LolClient [2009/06/27 16:31:20 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Macromedia [2010/12/12 12:09:27 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Malwarebytes [2010/12/08 14:12:16 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\MaxTV Technologies [2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Media Center Programs [2010/12/03 16:46:05 | 000,000,000 | --SD | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Microsoft [2010/07/15 20:57:40 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\mIRC [2010/10/31 14:03:21 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Mozilla [2010/12/03 16:45:59 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Need for Speed World [2010/11/21 21:43:25 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Nikon [2010/04/04 14:24:38 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\OfferBox [2009/06/28 09:11:47 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\OpenOffice.org [2010/03/19 20:03:35 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Opera [2010/09/25 16:30:47 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\PC Suite [2010/08/04 12:52:20 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\PeerNetworking [2010/09/25 15:25:18 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Samsung [2010/03/23 18:08:50 | 000,000,000 | RH-D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\SecuROM [2010/12/01 12:12:44 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Simple Sudoku [2010/12/21 17:25:47 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Skype [2010/12/21 16:06:40 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\skypePM [2010/02/06 21:13:29 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Sony [2010/02/06 21:14:24 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Sony Setup [2010/10/31 14:03:26 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Talkback [2010/10/31 17:00:30 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Todae [2010/02/26 18:28:08 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Uniblue [2010/12/20 22:24:40 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\vlc [2010/11/23 21:45:55 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Winamp [2010/10/24 15:13:11 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\WinRAR [color=#A23BEC]< %APPDATA%\*.exe /s >[/color] [2010/02/06 21:25:52 | 000,010,134 | R--- | M] () -- C:\Users\Pierre-Yves\AppData\Roaming\Microsoft\Installer\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}\ARPPRODUCTICON.exe [2010/11/21 16:13:38 | 000,057,344 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Pierre-Yves\AppData\Roaming\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe [2010/09/25 16:07:18 | 089,280,248 | ---- | M] (Samsung Electronics Co., Ltd. ) -- C:\Users\Pierre-Yves\AppData\Roaming\Samsung\New PC Studio\LiveUpdate\Setup_For_Full_Update_IH2_7.exe [2010/02/06 21:21:35 | 032,494,896 | ---- | M] (Apple Inc.) -- C:\Users\Pierre-Yves\AppData\Roaming\Sony Setup\9234765D-29DF-48d0-93FB-284B7B6009B9\QuickTimeInstaller.exe [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys [2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008/01/21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys [2008/01/21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys [2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys [2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys [2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys [2006/11/02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys [color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color] [2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll [color=#A23BEC]< MD5 for: DISK.SYS >[/color] [2009/04/11 07:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\drivers\disk.sys [2009/04/11 07:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_5c850fad\disk.sys [2009/04/11 07:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_fbb1faf0714e4ea6\disk.sys [2008/01/21 03:23:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys [2008/01/21 03:23:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys [2006/11/02 10:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe [2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe [2008/10/30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe [2008/10/28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe [2008/01/21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe [color=#A23BEC]< MD5 for: IASTORV.SYS >[/color] [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009/04/11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys [2009/04/11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys [2008/01/21 03:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll [2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008/01/21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll [color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color] [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys [color=#A23BEC]< MD5 for: RASACD.SYS >[/color] [2008/01/21 03:24:19 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\System32\drivers\rasacd.sys [2008/01/21 03:24:19 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasacd.sys [color=#A23BEC]< MD5 for: RDPWD.SYS >[/color] [2009/04/11 05:51:27 | 000,180,736 | ---- | M] (Microsoft Corporation) MD5=30BFBDFB7F95559EDE971F9DDB9A00BA -- C:\Windows\System32\drivers\rdpwd.sys [2009/04/11 05:51:27 | 000,180,736 | ---- | M] (Microsoft Corporation) MD5=30BFBDFB7F95559EDE971F9DDB9A00BA -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.0.6002.18005_none_4d610153d22453a6\rdpwd.sys [2008/01/21 03:24:49 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=E1C18F4097A5ABCEC941DC4B2F99DB7E -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.0.6001.18000_none_4b758847d502885a\rdpwd.sys [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2008/01/21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll [2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll [color=#A23BEC]< MD5 for: SFLOPPY.SYS >[/color] [2006/11/02 09:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=46ED8E91793B2E6F848015445A0AC188 -- C:\Windows\System32\drivers\sfloppy.sys [2006/11/02 09:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=46ED8E91793B2E6F848015445A0AC188 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_7a4ca8e4\sfloppy.sys [2008/01/21 03:23:20 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_36da1340\sfloppy.sys [2008/01/21 03:23:20 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\winsxs\x86_flpydisk.inf_31bf3856ad364e35_6.0.6001.18000_none_e70a102d7a7bbf43\sfloppy.sys [color=#A23BEC]< MD5 for: TCPIP.SYS >[/color] [2008/04/26 09:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys [2009/04/11 07:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys [2009/12/08 21:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys [2009/08/15 22:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys [2009/08/14 18:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys [2010/02/18 12:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys [2010/02/18 15:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys [2009/08/14 15:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys [2009/12/08 21:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys [2010/02/18 15:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys [2010/02/18 13:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys [2009/12/08 21:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys [2010/06/16 16:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys [2009/08/14 17:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys [2010/06/16 17:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys [2010/06/16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys [2008/04/26 09:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys [2009/12/08 18:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys [2009/08/14 18:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys [2008/03/27 05:05:48 | 000,890,936 | ---- | M] (Microsoft Corporation) MD5=9081EBA4184E7EB87C55E18C089283A5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22144_none_b38070957fa0b5e0\tcpip.sys [2010/02/18 18:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys [2010/06/16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\System32\drivers\tcpip.sys [2010/06/16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys [2009/12/08 18:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys [2010/02/18 15:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys [2009/12/08 21:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys [2008/01/21 03:25:03 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys [2009/08/14 17:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys [color=#A23BEC]< MD5 for: TDPIPE.SYS >[/color] [2008/01/21 03:24:08 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=5DCF5E267BE67A1AE926F2DF77FBCC56 -- C:\Windows\System32\drivers\tdpipe.sys [2008/01/21 03:24:08 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=5DCF5E267BE67A1AE926F2DF77FBCC56 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6001.18000_none_dbac376c44b742d7\tdpipe.sys [color=#A23BEC]< MD5 for: TDTCP.SYS >[/color] [2008/01/21 03:24:08 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=389C63E32B3CEFED425B61ED92D3F021 -- C:\Windows\System32\drivers\tdtcp.sys [2008/01/21 03:24:08 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=389C63E32B3CEFED425B61ED92D3F021 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6001.18000_none_dbac376c44b742d7\tdtcp.sys [color=#A23BEC]< MD5 for: USBPRINT.SYS >[/color] [2006/11/02 10:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B51E52ACF758BE00EF3A58EA452FE360 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_35521f61\usbprint.sys [2008/01/21 03:23:22 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\System32\drivers\usbprint.sys [2008/01/21 03:23:22 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_29f90369\usbprint.sys [2008/01/21 03:23:22 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\winsxs\x86_usbprint.inf_31bf3856ad364e35_6.0.6001.18000_none_32f9c26ac169fb1e\usbprint.sys [color=#A23BEC]< MD5 for: USBSCAN.SYS >[/color] [2008/01/21 03:23:27 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_0bb72b9f\usbscan.sys [2008/01/21 03:23:27 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_67b3f94c\usbscan.sys [2008/01/21 03:23:27 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6001.18000_none_59ded168e0c6a0d3\usbscan.sys [2008/01/21 03:23:27 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6002.18005_none_5bca4a74dde86c1f\usbscan.sys [2006/11/02 10:14:17 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=B1F95285C08DDFE00C0B955462637EC7 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_727905e0\usbscan.sys [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe [color=#A23BEC]< MD5 for: WININIT.EXE >[/color] [2008/01/21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe [2008/01/21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008/01/21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [2009/04/11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\rsaenh.dll [2009/04/11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\SLC.dll [2009/04/11 07:28:25 | 000,443,392 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\win32spl.dll [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:43301D1D @Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:331B76C7 @Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:9ACB70D7 < End of report >

OLT extras.txt

Code: Tout sélectionner: OTL Extras logfile created on: 21/12/2010 19:08:14 - Run 1 OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\Pierre-Yves\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18999) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free Paging file location(s): c:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 144,09 Gb Total Space | 18,25 Gb Free Space | 12,66% Space Free | Partition Type: NTFS Drive D: | 117,93 Gb Total Space | 50,48 Gb Free Space | 42,81% Space Free | Partition Type: NTFS Computer Name: PYMCLAIRE | User Name: Pierre-Yves | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software) https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{13630788-923C-403D-AD4F-29AC0721338E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{14D5EE85-EC1A-4D6F-B3E9-25548AD40E2D}" = lport=139 | protocol=6 | dir=in | app=system | "{1BD49863-63DE-4B01-9FFF-CCA3CC4E7855}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2B38025E-E4F0-4FF9-BCE5-8382E29ACB92}" = lport=2869 | protocol=6 | dir=in | app=system | "{3CAF69F3-2ED1-4E60-B55B-96D9A86649C2}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{4004A6BE-251E-4B49-989E-2258F440F621}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{43138E82-AE0F-4544-A48B-77137033A9A4}" = lport=2869 | protocol=6 | dir=in | app=system | "{4469362E-EFC8-411F-ADAB-0826F1C4A239}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{4D261FE9-E60E-4756-B855-C67B43DCFD74}" = lport=8395 | protocol=17 | dir=in | name=league of legends launcher | "{4F254E62-45AA-469B-9A89-E1284C806EFB}" = lport=6894 | protocol=17 | dir=in | name=league of legends launcher | "{59DF9288-E437-4FD0-A0C4-17417A48E674}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{5B3CAAE9-9306-41DF-BC16-228FAFA36469}" = lport=6940 | protocol=6 | dir=in | name=league of legends launcher | "{6627C15A-5853-4FD5-AD71-1B28CCE55328}" = lport=6940 | protocol=17 | dir=in | name=league of legends launcher | "{70998740-3922-4187-8CCF-F1122681F79C}" = rport=10243 | protocol=6 | dir=out | app=system | "{70F04CFA-219C-4137-AC93-2B233B2D9906}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{7298CA56-9251-4611-B0E0-5C48070AEAF8}" = rport=139 | protocol=6 | dir=out | app=system | "{74BD62B5-9310-4E03-93E7-6F3C2D19A4CA}" = rport=137 | protocol=17 | dir=out | app=system | "{7749DF98-DFFC-4E53-92D5-E904E0CE0282}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{7EA46487-517F-41EF-8DE9-CCEFAE2F54C6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{804166D5-8ED3-4D49-8F3D-2CF3BDB87D09}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{829F27E7-AC85-411C-BAEF-4996CB4EC131}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{84420DB6-F7EA-4A38-A2FE-2FBDCB73DC7E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{8666462C-1764-443D-BBBA-24A1099BD94D}" = lport=8395 | protocol=6 | dir=in | name=league of legends launcher | "{8817E1B5-5515-41CF-AC23-D53A41E4E906}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher | "{8E82E181-38AE-454D-8883-F641A497FFE7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{9E95F55A-39FD-4A95-938C-3EC8CD3E2017}" = rport=445 | protocol=6 | dir=out | app=system | "{A0F6F97C-BAA3-4E86-B360-6A8D407257D9}" = lport=2869 | protocol=6 | dir=in | app=system | "{A3C57225-6FF2-44A1-B057-56073F374C7A}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{A5400236-90D0-4EF3-A3B2-4A329DD67EDA}" = lport=445 | protocol=6 | dir=in | app=system | "{A7965BB2-8BC7-48FD-8047-F1B438236580}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher | "{B00E8748-5CFF-45C2-BCBA-4C414197C9C9}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{B3B7144E-253B-4264-B694-DC2F6CFFB37C}" = lport=138 | protocol=17 | dir=in | app=system | "{BA5DCC5E-E351-4995-B1F2-7E1363218B6F}" = lport=137 | protocol=17 | dir=in | app=system | "{BC8953A8-2165-4A47-B80C-FD1DBB8E10F9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{C276ED55-D1EE-49F3-916A-947B0F9A6180}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C5F6553F-A6F5-4584-98F9-9D62E3C29DEB}" = lport=6894 | protocol=6 | dir=in | name=league of legends launcher | "{C9057E04-AB44-42AD-BC82-E1EFD5E2E1BC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{CD261958-FE38-4DD7-9F6B-9C3D58F98E34}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{D5721C96-15CA-4119-84F8-F8C171DD5B56}" = lport=10243 | protocol=6 | dir=in | app=system | "{D7C39578-D345-49B0-AB99-166C260D9700}" = rport=138 | protocol=17 | dir=out | app=system | "{D84B8947-5A44-4185-83FC-350F651A8615}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{D9A42A8C-DC4B-4219-93DF-7F38DF483576}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{DDA77806-92A5-44F6-A3E3-AC30F9475E74}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{DF0E3E51-BD50-4992-9F12-4345983AAEDE}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{E08617E5-93D7-4A47-A2A2-852818D17051}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{F06F494D-5301-49C0-BB7D-7ABD8661C24D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{F4C62A30-F8C2-4D61-99A9-3B9E05336351}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{FEF7235C-EA63-4C76-B38F-73628EB505C6}" = rport=2869 | protocol=6 | dir=out | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{04D11DD4-07E8-4728-BE7A-96B8C0E7113D}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{060649F5-F42C-4A68-9E03-78AA0FD03B31}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{09A18D68-8FBA-467C-8468-6403D28A2239}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{0A4A3A01-4741-46B4-884E-D24DCA546B4B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{154FCB29-798D-4CBA-8279-36799699BCD9}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{23D0C1FD-200C-41E0-B758-14F98C9829A4}" = protocol=17 | dir=in | app=c:\program files\adsltv\adsltv.exe | "{2C36FD30-2201-4511-8409-99F660E4F098}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{2CB899C3-3136-4F28-B42C-A235BB4F3C5C}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe | "{31D3D098-C380-4F0C-A125-256D2785DBFB}" = protocol=6 | dir=in | app=c:\program files\adsltv\vlc\vlc.exe | "{321DCBEA-90FF-41AE-BD32-7BE3B1131DCE}" = protocol=17 | dir=in | app=c:\program files\maxtv\maxtv4\core\maxtv_xul.exe | "{3664CC36-F04D-4F0F-8DCD-3E3F3710414D}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 | "{3B5C5157-7A71-4EF2-8EC3-7908A1DC263F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{3C086FBB-AEFF-4A09-B7F3-D6AB39DB6731}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{41B05393-AE6C-4F48-9A88-4662AEBB8BB5}" = protocol=6 | dir=in | app=c:\program files\maxtv\maxtv4\maxtv.exe | "{44BDA698-A52C-4C66-85AD-CF6F6586E4BE}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe | "{47757899-1962-4A0F-858F-B803D2EB2D03}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | "{48D588DC-77AE-4882-BC44-DD9DC97E8DE9}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe | "{4F5B0205-F72D-4C95-B4D1-9A8F7B7CE748}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe | "{52B5B516-B0F8-42C1-8C0E-FC097770F24C}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{57A900F1-A965-4731-BB4F-D9DB049683ED}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe | "{5965CE03-B970-457A-B3DA-C85588873A99}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{5A80A44F-CE30-4AA9-B371-7B46F6882604}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{5C51EE88-20B3-4992-96F5-1A2283C625F2}" = protocol=6 | dir=out | app=system | "{5D59CE29-DCD0-43D7-814C-9016ECFC60E8}" = protocol=17 | dir=in | app=c:\program files\maxtv\maxtv4\maxtv.exe | "{616D75E0-75F4-4045-9B54-1DAE7662C7B9}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | "{67CD8D06-2AF0-4553-9BC5-3B9BBBEC87C9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{6A7AB50F-BCF6-4144-A59F-952E6411F880}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{6BC02F2C-B33E-4514-B76F-4F517EFE3CB6}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{747EAB6E-FB9D-48E4-8129-0A9684A0E0B8}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{77FF85E9-B5FF-4165-B271-CE48948DA79A}" = protocol=6 | dir=in | app=c:\program files\maxtv\maxtv4\recorder.exe | "{7921E7CD-A2B2-49A4-9729-64EF3542B6FC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{7C5F7AC6-84F8-4822-BE3A-3A7D786C2CA0}" = protocol=17 | dir=in | app=c:\program files\maxtv\maxtv4\recorder.exe | "{7DBC6A84-A4B8-42E6-AFBA-E0180DE915FF}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{808EF7EF-EB27-42FA-8FB9-36BDAB0361EB}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{838226E1-F9C9-4AEF-AD49-77A1EEEE22F8}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | "{88DB47CF-EE82-4CDF-A55F-625104CFBF3D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{8FE6D008-D229-4DF6-A61C-FF1D88CE425A}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | "{9368E11C-7040-4D7E-9139-3E115EE8FA7E}" = protocol=6 | dir=in | app=c:\program files\maxtv\maxtv4\core\maxtv_xul.exe | "{9B24059C-E11C-48FA-A1C7-934E5DC23C02}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A2927B7C-B403-4063-8CE8-1CC89806C377}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{A2A12E64-6D85-477B-9A60-B952EC4A3903}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{B6B8F6C4-81C4-4280-AFA8-B7FEC8C7429F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{B6CA2C60-94C9-47B0-9FD9-034786973BE7}" = protocol=17 | dir=in | app=c:\program files\adsltv\vlc\vlc.exe | "{B8D3D99E-0EBB-4E97-A2C2-3418A91C2AB9}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | "{BE34FF96-DF25-456C-9665-65E22D011EEB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{C245357F-1418-447E-94DB-05CC9877ED9D}" = protocol=6 | dir=in | app=c:\program files\adsltv\adsltv.exe | "{C4001D6D-7821-4174-9298-6771E877160C}" = protocol=17 | dir=in | app=c:\program files\maxtv\maxtv4\task_scheduler.exe | "{C931BA47-755F-4762-8EF6-B58BC7D5D545}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{CE3423C0-C0A4-4AF5-A89B-BD9F117C1E34}" = protocol=6 | dir=in | app=c:\program files\maxtv\maxtv4\task_scheduler.exe | "{D2A21CA6-E33B-42FE-B335-DA599952DA43}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | "{D56B6846-F860-413E-8E60-EB8A6CE94623}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | "{E1093584-14B6-4FC1-9CCC-4D6E362BFDB6}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{E998A3BA-2376-4802-9C9C-10B44A673D62}" = dir=in | app=c:\program files\windows live\mesh\moe.exe | "{F7A29537-BC48-4F73-BE8A-4AC0726E0A4C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "TCP Query User{1D985AD0-0550-4C1D-8EDB-CA4BA4894F23}C:\riot games\league of legends\lol.launcher.exe" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe | "TCP Query User{28DCCC24-80BC-40EA-88CA-B9C32E10CEEE}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | "TCP Query User{2AFA02F2-A108-4C21-812D-FCDB2374C9CD}C:\program files\adsltv\adsltv.exe" = protocol=6 | dir=in | app=c:\program files\adsltv\adsltv.exe | "TCP Query User{2C44B5A6-B44B-4CFE-9B5D-744C983EFBDD}C:\program files\bsmaxscript[7.2]\mirc.exe" = protocol=6 | dir=in | app=c:\program files\bsmaxscript[7.2]\mirc.exe | "TCP Query User{2E5F8F06-82F5-4D23-B49F-EF674877EA18}C:\program files\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\program files\metin2\metin2client.bin | "TCP Query User{4783A54E-50E5-40BA-8A93-64F565F831EF}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{6EB9DBC5-81D3-4E62-AB21-71F4D2499826}C:\program files\microsoft games\age of empires ii\empires2.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.exe | "TCP Query User{DCF2E731-0D7D-46FE-8DD4-E2B67D13286F}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | "TCP Query User{E12EF66E-EB48-4E23-82B8-5898CBAD6F9E}C:\program files\metin2\metin2.bin" = protocol=6 | dir=in | app=c:\program files\metin2\metin2.bin | "TCP Query User{EF3F72A3-725E-4299-AB27-8A8F7ED3F816}C:\users\pierre-yves\desktop\fogdownloader-rom_2_1_6_2049.exe" = protocol=6 | dir=in | app=c:\users\pierre-yves\desktop\fogdownloader-rom_2_1_6_2049.exe | "TCP Query User{FECFBB1D-43D9-4927-AE62-C4A07DB63B45}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | "UDP Query User{11289CE4-CEB9-4CB4-BB39-8E55D7C4FF2C}C:\program files\bsmaxscript[7.2]\mirc.exe" = protocol=17 | dir=in | app=c:\program files\bsmaxscript[7.2]\mirc.exe | "UDP Query User{39C6F757-321B-4044-BB7D-4671D6D5ADF0}C:\program files\microsoft games\age of empires ii\empires2.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.exe | "UDP Query User{508F80DD-D1E8-4B12-BBF1-906E2F4A990E}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | "UDP Query User{65B89BB8-B82C-45E8-B8D0-E0DFA83295F9}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | "UDP Query User{7431E217-C548-40FA-9B6D-EFD0E6B8B8C3}C:\users\pierre-yves\desktop\fogdownloader-rom_2_1_6_2049.exe" = protocol=17 | dir=in | app=c:\users\pierre-yves\desktop\fogdownloader-rom_2_1_6_2049.exe | "UDP Query User{8B07CE08-8BCF-448B-A446-1C4A5F0DBE51}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{8F2BA9D0-EC32-4716-B2D0-A81C650D1F71}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | "UDP Query User{97681A33-B750-4E16-BF58-19BC38BF8A2A}C:\program files\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\program files\metin2\metin2client.bin | "UDP Query User{A3B11DEC-40EC-4868-BA7F-762AAB61B11F}C:\program files\adsltv\adsltv.exe" = protocol=17 | dir=in | app=c:\program files\adsltv\adsltv.exe | "UDP Query User{C6D05139-C364-4E71-90D5-F43D9899C76A}C:\riot games\league of legends\lol.launcher.exe" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe | "UDP Query User{D759CFEF-3075-466E-A8A3-9696B909AEEC}C:\program files\metin2\metin2.bin" = protocol=17 | dir=in | app=c:\program files\metin2\metin2.bin | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software 1.12.37.1 "{00AF10C1-44BD-4862-9D7F-24E6BA3E87FD}" = imagine digital freedom - Samsung "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6300 "{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client "{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51 "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack "{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Barre d'outils Bing "{0A138994-04B3-4AE2-AB89-74B818AFB1B3}" = Samsung PC Studio 3 "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store "{0EE11800-A1BD-11D3-BFEB-005004AF2D32}" = Risk II "{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}" = OpenOffice.org 3.1 "{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime "{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III "{14F06853-8A15-4731-BBDC-C9B40A866A63}" = Virtual VCR "{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client "{1A7F8DF6-5A3E-4CDF-BC82-BE26B407E21B}" = Les Sims Superstar "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F24E48F-7692-4E89-8784-68DD4D2712A0}" = Microsoft SQL Server Native Client "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare "{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{2575CF76-C88A-4B97-AC0F-62FFA453FD08}_is1" = Dictionnaire le Littré 2.0 "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 22 "{2DF7B278-D3B6-40A4-B25C-0E7149F439EA}" = 3DMark05 "{32939827-d8e5-470a-b126-870db3c69fdf}" = Python 2.7.1 "{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor "{3310CCF2-AC56-11D5-9D5E-0050DA688E3B}" = Lucky Luke - Mini-Jeu "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{3380F354-C5F7-4E71-8F51-EEE6C3F06C62}" = Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français) "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{36BEAD11-8577-49AD-9250-E06A50AE87B0}" = Microsoft SOAP Toolkit 2.0 SP2 "{3AFDD2C6-8663-46B5-B195-6CEB00D44768}" = adsl TV "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth "{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}" = 3DMark 11 "{480DBB60-F0B6-45F2-B26F-1A2E11197791}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack "{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0 "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies "{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{66E9FF7E-E2A3-47F0-BB00-521071AF4C07}" = Micro Application - 3D Architecte Classic "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69ca8988-1c6c-4285-b8af-db780a6e42af}" = Gestionnaire de contacts professionnels pour Outlook 2007 SP2 "{6AEE3DB1-9356-4E04-9171-5E85E51E6A35}_is1" = TribalSync 3.0 "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger "{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager "{71A51B09-E7D3-11DB-A386-005056C00008}" = Vimicro UVC Camera "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World "{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver "{7FD14A8A-FBCC-4442-ACAC-A0E9EC223AED}" = Europa Universalis - Rome "{804F1285-8CBF-408D-8CDC-D4D40003B2E4}" = PlayCamera "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh "{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8D42CBBC-2089-44AB-8021-369DDB962816}" = Photo Collage 3.0 "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{9085040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003 "{90A4040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007 "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95140000-007A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A30179B7-997A-4D47-AA43-57AE59A9C78B}" = Microsoft SQL Server VSS Writer "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AB93C51F-71F9-4A28-8134-FE1B5B9373E9}" = Windows Live Remote Service Resources "{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution "{AC76BA86-7AD7-1036-7B44-A82000000003}" = Adobe Reader 8.2.5 - Français "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2 "{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer "{BA5F3E0E-8F3E-47BD-88E4-AD3EB5225F51}" = Logiciel Intel(R) PROSet/Wireless WiFi "{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide "{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo "{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3 "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D1E7142C-6BC3-49EB-A71A-E5D7ADAC7599}" = Nikon File Uploader 2 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DDD62492-32A7-412B-8AF1-2CF032AD42E3}" = ViewNX 2 "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}" = Windows Live Remote Client Resources "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Codeur Windows Media Série 9 "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer "{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety "{FBE5AA96-22F0-4C4A-8E92-4BE3498D4CCB}" = Media Go "{FCFBA290-CB48-4AF1-A241-2685AEDEDD66}" = Windows Live Family Safety "{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0) "4StoryFR_is1" = 4Story 1.5 "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Age of Empires 2.0" = Microsoft Age of Empires II "Agere Systems Soft Modem" = Agere Systems HDA Modem "AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v1.20 "AirRivals_FR_is1" = AirRivals_FR 1.0.0.1 "Alexandra Ledermann 5" = Alexandra Ledermann 5 "Asterix at the Olympic Games" = Astérix aux Jeux Olympiques "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "AxCrypt" = AxCrypt (Désinstaller uniquement) "BFG-Big City Adventure - San Francisco" = Big City Adventure - San Francisco "BFG-Big City Adventure - Sydney Australia" = Big City Adventure: Sydney, Australia "BFGC" = Big Fish Games: Game Manager "BFG-Dream Day Wedding" = Dream Day Wedding "Business Contact Manager" = Gestionnaire de contacts professionnels pour Outlook 2007 SP2 "Camouflage" = Camouflage "CamStudio" = CamStudio "CCleaner" = CCleaner "DivX Setup.divx.com" = Configuration DivX "DJ Mix Pro" = DJ Mix Pro "Dofus 1.28.0" = Dofus 1.28.0 "Enjoy 5e" = Enjoy 5e "FileHippo.com" = FileHippo.com Update Checker "Google Chrome" = Google Chrome "HijackThis" = HijackThis 2.0.2 "InstallShield_{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0 "InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus "InstallShield_{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation "InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "Live Media" = Todae - Live Media "Lynx Web Browser_is1" = Lynx 2.8.5rel.1 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Metin2_is1" = Metin2 "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft SQL Server 2005" = Microsoft SQL Server 2005 "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "Mozilla Sunbird (0.9)" = Mozilla Sunbird (0.9) "NVIDIA Drivers" = NVIDIA Drivers "Orange WebTV Player_is1" = Orange WebTV Player 1.28971 "PowerBatch_is1" = PowerBatch 6 "PROHYBRIDR" = 2007 Microsoft Office system "ProInst" = Intel PROSet Wireless "SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software "SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set "Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software "Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software "SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software "Scratch" = Scratch "Simple Sudoku_is1" = Simple Sudoku 4.2 "SoftwareUpdate_is1" = SoftwareUpdate 1.0 "SynTPDeinstKey" = Synaptics Pointing Device Driver "VLC media player" = VLC media player 1.0.5 "WhoCrashed_is1" = WhoCrashed 2.10 "Winamp" = Winamp "Winamp Toolbar" = Winamp Toolbar "Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner "Windows Media Encoder 9" = Codeur Windows Media Série 9 "WinLiveSuite" = Windows Live "wxPython2.8-ansi-py27_is1" = wxPython 2.8.11.0 (ansi) for Python 2.7 [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{CE65B110-8786-47EA-A4A0-05742F29C221}_is1" = Ruby 1.8.6-p398 "NRJ Master Mix" = NRJ Master Mix "Sweet Home 3D" = Sweet Home 3D [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 06/11/2010 04:52:33 | Computer Name = PymClaire | Source = Windows Search Service | ID = 3013 Description = Error - 06/11/2010 04:52:33 | Computer Name = PymClaire | Source = Windows Search Service | ID = 3013 Description = Error - 06/11/2010 04:52:33 | Computer Name = PymClaire | Source = Windows Search Service | ID = 3013 Description = Error - 06/11/2010 04:52:33 | Computer Name = PymClaire | Source = Windows Search Service | ID = 3013 Description = Error - 06/11/2010 04:52:33 | Computer Name = PymClaire | Source = Windows Search Service | ID = 3013 Description = Error - 06/11/2010 04:59:09 | Computer Name = PymClaire | Source = EventSystem | ID = 4609 Description = Error - 06/11/2010 05:00:08 | Computer Name = PymClaire | Source = WinMgmt | ID = 10 Description = Error - 06/11/2010 10:38:44 | Computer Name = PymClaire | Source = EventSystem | ID = 4609 Description = Error - 06/11/2010 10:39:40 | Computer Name = PymClaire | Source = WinMgmt | ID = 10 Description = Error - 06/11/2010 12:11:57 | Computer Name = PymClaire | Source = EventSystem | ID = 4609 Description = [ System Events ] Error - 21/12/2010 06:32:00 | Computer Name = PymClaire | Source = Service Control Manager | ID = 7000 Description = Error - 21/12/2010 06:32:00 | Computer Name = PymClaire | Source = Service Control Manager | ID = 7000 Description = Error - 21/12/2010 06:32:00 | Computer Name = PymClaire | Source = Service Control Manager | ID = 7000 Description = Error - 21/12/2010 06:35:16 | Computer Name = PymClaire | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 21/12/2010 08:53:37 | Computer Name = PymClaire | Source = Service Control Manager | ID = 7000 Description = Error - 21/12/2010 08:53:37 | Computer Name = PymClaire | Source = Service Control Manager | ID = 7000 Description = Error - 21/12/2010 08:53:37 | Computer Name = PymClaire | Source = Service Control Manager | ID = 7000 Description = Error - 21/12/2010 08:56:49 | Computer Name = PymClaire | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 21/12/2010 11:09:43 | Computer Name = PymClaire | Source = DCOM | ID = 10005 Description = Error - 21/12/2010 11:09:43 | Computer Name = PymClaire | Source = Service Control Manager | ID = 7000 Description = < End of report >

Merci

Del-crosseur · le 21 Déc 2010 20:22

Hello , je m'occupe de toi se soir pierreyves258 ((Jamais 2 sans 3 )) ^^

On ne ta jamais dit de ne pas cliquer n'importe ou ? !!
Pleins de virus / vers / chevaux de troie (....) circulent sur MSN !

Donc quand tu vois se message ou autre , surtout ne pas cliquer !!

Bonne soirée

pierreyves258 · le 21 Déc 2010 20:23

^^ Merci Del-crosseur

edit:

je ne clique pas n'importe ou je fais même attention !!
Surtout sur msn je ne clique sur les messages de personne quand c'est des lien que je ne connais pas ou autre

Del-crosseur · le 21 Déc 2010 22:36

Bonsoir !!

• Télécharge AD-Remover (de C_XX) sur ton Bureau.
:!: Déconnecte toi et ferme toutes les applications en cours :!:
• Double-clique sur l'icône AD-Remover
• Au menu principal, clique sur "SCAN"
• Confirme le lancement de l'analyse et laisse l'outil travailler
• Poste le rapport qui apparait à la fin (il est aussi sauvegardé sous C:\Ad-report-Scan.txt )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

pierreyves258 · le 21 Déc 2010 22:44

Voila: (ooups je em suis pas deco d'internet ni désactiver l'antivirus c'est pas grave ?)

Code: Tout sélectionner: ======= RAPPORT D'AD-REMOVER 2.0.0.2,C | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 08/12/10 à 10:40 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 22:43:21 le 21/12/2010, Mode normal Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) Pierre-Yves@PYMCLAIRE (SAMSUNG ELECTRONICS CO., LTD. R510) ============== RECHERCHE ============== Dossier trouvé: C:\Users\Pierre-Yves\AppData\LocalLow\Conduit Dossier trouvé: C:\Program Files\Conduit Dossier trouvé: C:\Users\admimam\AppData\Roaming\EoRezo Dossier trouvé: C:\Users\Clairounette\AppData\Roaming\EoRezo Dossier trouvé: C:\Users\Invité\AppData\Roaming\EoRezo Dossier trouvé: C:\Users\Pierre-Yves\AppData\Roaming\OfferBox Clé trouvée: HKLM\Software\Classes\Toolbar.CT2095689 Clé trouvée: HKLM\Software\Classes\Toolbar.CT2297721 Clé trouvée: HKLM\Software\ASKInstaller Clé trouvée: HKLM\Software\Conduit Clé trouvée: HKCU\Software\OfferBox Clé trouvée: HKCU\Software\AppDataLow\Toolbar Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1 Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eoengine ============== SCAN ADDITIONNEL ============== ** Mozilla Firefox Version [3.6.13 (fr)] ** -- C:\Users\Pierre-Yves\AppData\Roaming\Mozilla\FireFox\Profiles\1l8mi1qo.default\Prefs.js -- browser.download.lastDir, C:\\Users\\Pierre-Yves\\Downloads browser.startup.homepage, hxxp://chickentofight.com/index.php?page=logout|hxxp://www.guerretribale.fr/|hxxp://fr.ikariam... browser.startup.homepage_override.mstone, rv:1.9.2.13 ======================================== ** Internet Explorer Version [8.0.6001.18999] ** [HKCU\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp:\\www.samsungcomputer.com Do404Search: 0x01000000 Local Page: C:\Windows\system32\blank.htm Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Show_ToolBar: yes Start Page: hxxp://chickentofight.com/index.php?page=logout Use Search Asst: no [HKLM\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp:\\www.samsungcomputer.com Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Delete_Temp_Files_On_Exit: yes Enable Browser Extensions: yes Local Page: C:\Windows\System32\blank.htm Search Page: ${URL_SEARCHPAGE} Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157 Use Search Asst: no [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: hxxp://toolbar.aol.com/browserpages/newtab-winamp-ie-en-us.html Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s) C:\Program Files\Ad-Remover\Backup: 1 Fichier(s) C:\Ad-Report-SCAN[1].txt - 21/12/2010 (3146 Octet(s)) Fin à: 22:44:11, 21/12/2010 ============== E.O.F ==============

Del-crosseur · le 21 Déc 2010 22:46

Yéép

Relance AD-REMOVER en choisissant l'option "Nettoyer"

pierreyves258 · le 21 Déc 2010 22:53

voila

Code: Tout sélectionner: ======= RAPPORT D'AD-REMOVER 2.0.0.2,C | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 08/12/10 à 10:40 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 22:47:06 le 21/12/2010, Mode normal Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) Pierre-Yves@PYMCLAIRE (SAMSUNG ELECTRONICS CO., LTD. R510) ============== ACTION(S) ============== Dossier supprimé: C:\Users\Pierre-Yves\AppData\LocalLow\Conduit Dossier supprimé: C:\Program Files\Conduit Dossier supprimé: C:\Users\admimam\AppData\Roaming\EoRezo Dossier supprimé: C:\Users\Clairounette\AppData\Roaming\EoRezo Dossier supprimé: C:\Users\Invité\AppData\Roaming\EoRezo Dossier supprimé: C:\Users\Pierre-Yves\AppData\Roaming\OfferBox (!) -- Fichiers temporaires supprimés. Clé supprimée: HKLM\Software\Classes\Toolbar.CT2095689 Clé supprimée: HKLM\Software\Classes\Toolbar.CT2297721 Clé supprimée: HKLM\Software\ASKInstaller Clé supprimée: HKLM\Software\Conduit Clé supprimée: HKCU\Software\OfferBox Clé supprimée: HKCU\Software\AppDataLow\Toolbar Clé supprimée: HKCU\Software\AppDataLow\Software\Conduit Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1 Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eoengine ============== SCAN ADDITIONNEL ============== ** Mozilla Firefox Version [3.6.13 (fr)] ** -- C:\Users\Pierre-Yves\AppData\Roaming\Mozilla\FireFox\Profiles\1l8mi1qo.default\Prefs.js -- browser.download.lastDir, C:\\Users\\Pierre-Yves\\Downloads browser.startup.homepage, hxxp://chickentofight.com/index.php?page=logout|hxxp://www.guerretribale.fr/|hxxp://fr.ikariam... browser.startup.homepage_override.mstone, rv:1.9.2.13 ======================================== ** Internet Explorer Version [8.0.6001.18999] ** [HKCU\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Do404Search: 0x01000000 Local Page: C:\Windows\system32\blank.htm Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ Use Search Asst: no [HKLM\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Enable Browser Extensions: yes Local Page: C:\Windows\System32\blank.htm Search bar: hxxp://search.msn.com/spbasic.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://fr.msn.com/ Use Search Asst: no [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files\Ad-Remover\Quarantine: 34 Fichier(s) C:\Program Files\Ad-Remover\Backup: 16 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 21/12/2010 (3375 Octet(s)) C:\Ad-Report-SCAN[1].txt - 21/12/2010 (3275 Octet(s)) Fin à: 22:48:06, 21/12/2010 ============== E.O.F ==============

Del-crosseur · le 21 Déc 2010 22:58

Très bien .

Relance AD-REMOVER en choisissant l'option "Désinstaller"

Puis ::

Mets à jours Java !!

Et enfin :

Peux-tu stp te rendre sur le premier message que tu as poster afin de modifier le titre de ton topic (sujet).
Pour cela clique sur l'icône "EDITER", tape ce nouveau titre "Infection Eorezo".
Valide en cliquant sur "Envoyer"

Sujet Réglé/Résolu

Bonne soirée

pierreyves258 · le 21 Déc 2010 23:00

Deja désinfecté ????? tu est sur ?
car EoRézo je l'ai supprimer depuis longtemps !!! il etait revenu ?

et eoréso n'envoi pas de pub au contact msn !

Del-crosseur · le 21 Déc 2010 23:07

pierreyves258 a écrit::o Deja désinfecté ????? tu est sur ?
car EoRézo je l'ai supprimer depuis longtemps !!! il etait revenu ?

et eoréso n'envoi pas de pub au contact msn !

Je connais mon boulot , je sait se que je fait et quelle(s) décision(s) prendre .

Merci .

pierreyves258 · le 21 Déc 2010 23:08

oui d'accord mais sa m'etone quand meme je l'avais deja suprimer errezo
et qu'est qui a envoyer ces pub a mes contact ?

Del-crosseur · le 21 Déc 2010 23:27

pierreyves258 a écrit:oui d'accord mais sa m'etone quand meme je l'avais deja suprimer errezo
et qu'est qui a envoyer ces pub a mes contact ?

Sa peut être une cause oui

Tu me diras si ton msn envoie toujours des PUBS à tes contacts !!

Tu peut , en complémentaire faire ceci .

Télécharge CCleaner ->ici<-

Suit se ->TUTO<-(de Jypalou)

Attention,ne pas cocher la case Yahoo

Fait le nettoyage comme cela :

Décoche la case dans Options –avancé- Effacer uniquement les fichiers, du dossier temp de Windows : plus vieux que 24 Heures

Recoche cette case une fois le premier nettoyage effectué

@ ++

pierreyves258 · le 21 Déc 2010 23:33

pierreyves258 · le 23 Déc 2010 10:39

mon pc envoi encore des pub !!!

Del-crosseur · le 23 Déc 2010 12:42

Peut tu m'expliqué clairement ton problème de PUB stp ...
A tu passer Ccleaner ?

Télécharge ZHPDiag par Nicolas Coolman et sauvegarde-le sur le Bureau.

* Double-clique sur ZHPDiag.exe.
* clique sur le bouton Lancer le diagnostic
* Lorsque l'analyse sera terminée, un fichier au format texte s'affiche dans la zone résultat du bas.
* Clique sur le bouton Copier dans le presse papier
* Colle le résultat de l'analyse dans ta réponse en faisant un copier/coller.

-Si le rapport est trop long tu peut l'heberger >>>ici<<<

@ ++

infecté par EoRezo

infecté par EoRezo

Re: Infection MSN

Re: Infection MSN

Re: Infection MSN

Re: Infection MSN

Re: Infection MSN

Re: Infection MSN

Re: Infection MSN

Re: Infection MSN

Re: Infection MSN

Re: [Réglé]infecté par EoRezo

Re: [Réglé]infecté par EoRezo

Re: [Réglé]infecté par EoRezo

Re: infecté par EoRezo

Re: infecté par EoRezo

Sujets similaires

Qui est en ligne