Il y a actuellement 403 visiteurs
Dimanche 22 Décembre 2024
accueilactualitésdossierscomparer les prixtélécharger gratuitement vos logicielsoffres d'emploiforum informatique
Connexion
Créer un compte

infecté par EoRezo

Un ordinateur qui ralentit, des écrans publicitaires qui apparaissent, des applications qui refusent de démarrer ou encore votre navigateur qui s'obstine à ouvrir une page douteuse sont autant d'éléments qui indiquent que l'intégrité de votre ordinateur est menacée par un virus. Vous trouverez dans ce forum quelques conseils et logiciels pour surfer tranquillement.
Règles du forum
Pour afficher un rapport d'analyse ou un rapport d'infection (HijackThis, OTL, AdwCleaner etc...)‎, veuillez utiliser le système de fichiers joints interne au forum. Seuls les formats les .txt et .log de moins de 1Mo sont acceptés. Pour obtenir de l'aide pour insérer vos fichiers joints, veuillez consulter ce tutoriel

infecté par EoRezo

Message le 21 Déc 2010 19:59

Bonjour, j'ai reçu aujourd'hui 3 messages de postmaster@mail.hotmail.com ces messages s'envoient quand tu a envoyer un message et que l'interlocuteur n'existe pas et dans ces messages il y avait une pub ce qui veut dire que mon msn envoi des pubs a tout le monde je pense
donc je pense que j'ai le virus MSN

pouvez vous m'aider a le supprimer
voici les scans

MBAM:
Code: Tout sélectionner
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Version de la base de données: 5366

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

21/12/2010 19:03:17
mbam-log-2010-12-21 (19-03-17).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 421309
Temps écoulé: 1 heure(s), 33 minute(s), 46 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\Application (Hijacker.Application) -> Bad: (http://www.helpmeopen.com/?n=app&ext=%s) Good: (http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\program files\bsmaxscript[7.2]\persojeux\ecran.$$A (Joke.Stressreducer) -> Quarantined and deleted successfully.
c:\Users\clairounette\AppData\Roaming\EoRezo\softwareupdate\softwareupdate.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\Users\clairounette\AppData\Roaming\EoRezo\softwareupdate\softwareupdatehp.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.


hijackthis
Code: Tout sélectionner
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:14:20, on 21/12/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Users\Pierre-Yves\Desktop\OTL.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Pierre-Yves\Desktop\azerty.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://chickentofight.com/index.php?page=logout
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ÿþ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [4StoryPrePatch] C:\Program Files\Gameforge4D\4Story\PrePatch.exe
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [FileHippo.com] "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: MaxTV Recorder Manager.lnk = C:\Program Files\MaxTV\MaxTV4\task_scheduler.exe
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} (FTMediaPlayer Class) - http://webtv.guidetv.orange.fr/resources/OCS_8971.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldfr-fr.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: McAfee Application Installer Cleanup (0261471289032012) (0261471289032012mcinstcleanup) - Unknown owner - C:\Users\PIERRE~1\AppData\Local\Temp\026147~1.EXE (file missing)
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
O23 - Service: SeaPort - Unknown owner - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 13140 bytes


OLT otl.txt (première partie)
Code: Tout sélectionner
OTL logfile created on: 21/12/2010 19:08:14 - Run 1
OTL by OldTimer - Version 3.2.18.0     Folder = C:\Users\Pierre-Yves\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,09 Gb Total Space | 18,25 Gb Free Space | 12,66% Space Free | Partition Type: NTFS
Drive D: | 117,93 Gb Total Space | 50,48 Gb Free Space | 42,81% Space Free | Partition Type: NTFS
 
Computer Name: PYMCLAIRE | User Name: Pierre-Yves | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\Pierre-Yves\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Program Files\Winamp\winampa.exe ()
PRC - C:\Windows\System32\FsUsbExService.Exe (Teruten)
PRC - C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (SAMSUNG Electronics)
PRC - C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe (SAMSUNG Electronics co., LTD.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - C:\Users\Pierre-Yves\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - (McSysmon) -- C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe File not found
SRV - (McShield) -- C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe File not found
SRV - (0261471289032012mcinstcleanup) McAfee Application Installer Cleanup (0261471289032012) -- C:\Users\PIERRE~1\AppData\Local\Temp\026147~1.EXE File not found
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Futuremark SystemInfo Service) -- C:\Program Files\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation)
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe ()
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (FsUsbExService) -- C:\Windows\System32\FsUsbExService.Exe (Teruten)
SRV - (BcmSqlStartupSvc) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
SRV - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (Samsung Update Plus) -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe ()
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - (EagleXNt) -- C:\Windows\System32\drivers\EagleXNt.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys ()
DRV - (ss_bmdm) -- C:\Windows\System32\drivers\ss_bmdm.sys (MCCI Corporation)
DRV - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\Windows\System32\drivers\ss_bbus.sys (MCCI)
DRV - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\Windows\System32\drivers\ss_bmdfl.sys (MCCI Corporation)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NETw5v32) Pilote de carte Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (VMC302) -- C:\Windows\System32\drivers\vmc302.sys (Vimicro Corporation)
DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.)
DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.)
DRV - (KMDFMEMIO) -- C:\Windows\System32\drivers\KMDFMEMIO.sys (SAMSUNG ELECTRONICS CO., LTD.)
DRV - (ss_mdm) -- C:\Windows\System32\drivers\ss_mdm.sys (MCCI Corporation)
DRV - (ss_mdfl) -- C:\Windows\System32\drivers\ss_mdfl.sys (MCCI Corporation)
DRV - (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) -- C:\Windows\System32\drivers\ss_bus.sys (MCCI Corporation)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (bcm4sbxp) -- C:\Windows\System32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (ialm) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (speedfan) -- C:\Windows\system32\speedfan.sys (Windows (R) 2000 DDK provider)
DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()
DRV - (giveio) -- C:\Windows\system32\giveio.sys ()
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://chickentofight.com/index.php?page=logout
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://chickentofight.com/index.php?page=logout|http://www.guerretribale.fr/|http://fr.ikariam.com/index.php|http://s3.kingsage.fr/game.php?village=54748&s=build_main|http://fr.grepolis.com/"
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: smarterwiki@wikiatic.com:4.1.7
FF - prefs.js..extensions.enabledItems: {4176DFF4-4698-11DE-BEEB-45DA55D89593}:0.8.2
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.5
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}:1.4.8
FF - prefs.js..extensions.enabledItems: {4b0a905d-b508-4574-8d12-b8fe120ace09}:0.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/21 19:06:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/21 19:06:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.9\extensions\\Components: C:\Program Files\Mozilla Sunbird\components [2010/10/31 14:03:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.9\extensions\\Plugins: C:\Program Files\Mozilla Sunbird\plugins
 
[2010/12/08 14:12:48 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\mozilla\Extensions
[2010/12/08 14:12:48 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\mozilla\Extensions\maxtv4@labs.max-tv.be
[2010/12/21 17:07:35 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\mozilla\Firefox\Profiles\1l8mi1qo.default\extensions
[2010/10/31 14:07:09 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Pierre-Yves\AppData\Roaming\mozilla\Firefox\Profiles\1l8mi1qo.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2010/06/12 08:32:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Pierre-Yves\AppData\Roaming\mozilla\Firefox\Profiles\1l8mi1qo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/10/05 15:27:11 | 000,000,000 | ---D | M] (AniWeather) -- C:\Users\Pierre-Yves\AppData\Roaming\mozilla\Firefox\Profiles\1l8mi1qo.default\extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}
[2010/07/11 19:05:08 | 000,000,000 | ---D | M] (Faark's Grepolis Bericht 2 Image - Exporter) -- C:\Users\Pierre-Yves\AppData\Roaming\mozilla\Firefox\Profiles\1l8mi1qo.default\extensions\{4b0a905d-b508-4574-8d12-b8fe120ace09}
[2010/09/11 09:04:38 | 000,000,000 | ---D | M] (Fire.fm) -- C:\Users\Pierre-Yves\AppData\Roaming\mozilla\Firefox\Profiles\1l8mi1qo.default\extensions\{6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}
[2010/09/23 16:17:04 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Users\Pierre-Yves\AppData\Roaming\mozilla\Firefox\Profiles\1l8mi1qo.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2010/09/11 09:04:39 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Pierre-Yves\AppData\Roaming\mozilla\Firefox\Profiles\1l8mi1qo.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/06/09 12:30:33 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Pierre-Yves\AppData\Roaming\mozilla\Firefox\Profiles\1l8mi1qo.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010/09/11 09:05:14 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\mozilla\Firefox\Profiles\1l8mi1qo.default\extensions\smarterwiki@wikiatic.com
[2010/10/31 14:03:24 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\mozilla\Sunbird\Profiles\017rpi8a.default\extensions
[2010/10/31 14:12:37 | 000,001,196 | ---- | M] () -- C:\Users\Pierre-Yves\AppData\Roaming\Mozilla\FireFox\Profiles\1l8mi1qo.default\searchplugins\winamp-search.xml
[2010/11/07 10:08:51 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2010/09/01 17:23:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/07 10:08:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/10/22 10:52:13 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2010/10/22 10:52:13 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/10/22 10:52:13 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2010/10/22 10:52:14 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2010/10/22 10:52:14 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
 
O1 HOSTS File: ([2010/11/06 17:56:52 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll ()
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [4StoryPrePatch] C:\Program Files\Gameforge4D\4Story\PrePatch.exe (Zamiinc)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EoEngine]  File not found
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Users\Pierre-Yves\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MaxTV Recorder Manager.lnk = C:\Program Files\MaxTV\MaxTV4\task_scheduler.exe File not found
O4 - Startup: C:\Users\Pierre-Yves\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} http://webtv.guidetv.orange.fr/resources/OCS_8971.cab (FTMediaPlayer Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldfr-fr.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/11/21 13:28:19 | 000,000,065 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/11/21 12:48:42 | 000,000,056 | ---- | M] () - C:\AUTOEXEC.SYD -- [ NTFS ]
O33 - MountPoints2\{877f7480-5f0f-11dd-acf4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{877f7480-5f0f-11dd-acf4-806e6f6e6963}\Shell\AutoRun\command - "" = E:\wubi.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.clmp3enc - C:\PROGRA~1\CYBERL~1\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.IV41 - C:\Windows\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)


OLT olt.txt (2eme partie)
Code: Tout sélectionner
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010/12/21 17:23:52 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Pierre-Yves\Desktop\OTL.exe
[2010/12/21 17:22:09 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Users\Pierre-Yves\Desktop\HiJackThis.exe
[2010/12/21 16:15:08 | 000,000,000 | ---D | C] -- C:\Program Files\Astase
[2010/12/21 16:14:09 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\Desktop\powerbatch
[2010/12/21 12:28:42 | 000,207,664 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Windows\System32\psshutdown.exe
[2010/12/21 12:24:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\PsTools
[2010/12/21 12:22:54 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\Desktop\PsTools
[2010/12/21 11:34:14 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\{925E4E68-1EC0-478A-BA04-5CDD9E2B3272}
[2010/12/20 16:49:29 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\{142776BD-070A-4DC6-86A6-86265D34708C}
[2010/12/19 14:15:06 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\{79431EC1-E6CF-4A09-A8B0-2411C47B2B48}
[2010/12/18 21:46:38 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\{99F0BBF8-C307-41A0-B4DB-14D5C4CB562A}
[2010/12/18 14:57:11 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\UT163 98Driver
[2010/12/18 13:00:05 | 000,000,000 | ---D | C] -- C:\Program Files\FinalWire
[2010/12/18 11:11:30 | 000,000,000 | ---D | C] -- C:\Ruby186
[2010/12/18 09:29:13 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\{6B0D5204-A059-4F32-AF06-7AC9A31B6B69}
[2010/12/17 22:18:47 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\.idlerc
[2010/12/17 22:17:30 | 000,000,000 | ---D | C] -- C:\Program Files\Python
[2010/12/17 19:51:41 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\Desktop\PasPY-17^12^10$19ç25
[2010/12/17 12:00:44 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\{25AED42E-948E-4260-99F3-7F5ADDD3DED2}
[2010/12/16 17:03:45 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/12/16 17:03:45 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/12/16 17:03:44 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/12/16 17:03:44 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/12/16 17:03:44 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/12/16 17:03:44 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/12/16 17:03:44 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/12/16 17:03:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/12/16 17:03:43 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/12/16 17:03:43 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/12/16 17:03:43 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/12/16 17:03:43 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/12/16 17:03:43 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/12/16 17:03:43 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/12/16 17:03:43 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/12/16 17:03:43 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010/12/16 17:03:43 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/12/16 17:03:37 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/12/16 17:03:34 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2010/12/16 17:03:34 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010/12/16 17:03:34 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010/12/16 17:03:30 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2010/12/16 17:03:27 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/12/16 17:03:27 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010/12/16 17:03:27 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/12/16 17:03:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/12/16 16:49:48 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\{8824EA4F-1ABF-4D41-88CF-F7E75CDCF875}
[2010/12/15 19:27:06 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\{C884B169-77F0-49BE-87E0-A8F8DF4FEA65}
[2010/12/15 07:26:38 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\{BA04F037-E646-4E4E-9D5B-589FF8AD0706}
[2010/12/14 13:31:18 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\{66A70A8F-F80F-4A8D-994B-2B97592D7EB4}
[2010/12/13 17:08:36 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\{486813ED-DC19-4858-B672-B8E6CDC02933}
[2010/12/12 16:28:13 | 000,000,000 | ---D | C] -- C:\allo
[2010/12/12 12:09:27 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Roaming\Malwarebytes
[2010/12/12 12:09:21 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/12/12 12:09:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/12/12 12:09:15 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/12/12 12:09:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/12/12 11:50:35 | 000,000,000 | ---D | C] -- C:\Program Files\Dictionnaire le Littré 2.0
[2010/12/12 11:46:17 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\Desktop\Nouveau
[2010/12/12 10:38:05 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\{400870C7-AD9F-45A5-9D6D-3F55E287574C}
[2010/12/11 11:10:20 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\Desktop\dicoverb
[2010/12/11 10:57:09 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\{B12BAFBA-CC05-4D1C-8C77-0E1E5A674745}
[2010/12/10 21:37:33 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\{07638833-5437-403C-8209-D3297AB74179}
[2010/12/10 20:56:52 | 000,000,000 | ---D | C] -- C:\Windows\fr
[2010/12/10 20:52:27 | 000,039,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys
[2010/12/10 18:33:06 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\DarkRoom
[2010/12/10 18:32:25 | 000,000,000 | ---D | C] -- C:\Program Files\dark_room_0.8b
[2010/12/10 17:49:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Futuremark Shared
[2010/12/10 17:49:29 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2010/12/09 21:22:39 | 000,000,000 | ---D | C] -- C:\Program Files\lynx
[2010/12/09 21:03:40 | 000,000,000 | ---D | C] -- C:\Program Files\lynx2.8.5rel.1
[2010/12/09 21:01:31 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\Deployment
[2010/12/09 18:50:29 | 000,005,632 | ---- | C] (EnTech Taiwan) -- C:\Windows\System32\drivers\Entech64.sys
[2010/12/09 18:50:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\Futuremark
[2010/12/09 18:50:07 | 000,000,000 | ---D | C] -- C:\Program Files\Futuremark
[2010/12/08 14:12:43 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\MaxTV Technologies
[2010/12/08 14:12:17 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\Documents\MaxTV
[2010/12/08 14:12:16 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Roaming\MaxTV Technologies
[2010/12/08 14:11:36 | 000,000,000 | ---D | C] -- C:\Program Files\MaxTV
[2010/12/08 14:02:59 | 000,000,000 | ---D | C] -- C:\Program Files\Virtual VCR
[2010/12/07 17:37:08 | 000,000,000 | ---D | C] -- C:\Program Files\Camouflage
[2010/12/07 17:36:51 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe
[2010/12/07 17:29:19 | 000,000,000 | ---D | C] -- C:\Program Files\Axon Data
[2010/12/04 10:36:08 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\Documents\Need for Speed World
[2010/12/03 16:45:59 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Roaming\Need for Speed World
[2010/12/02 22:08:05 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\Electronic_Arts_Inc
[2010/12/02 22:07:35 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2010/12/02 22:07:35 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2010/12/02 22:07:34 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2010/12/02 22:07:33 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2010/12/02 22:07:33 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2010/12/02 22:07:33 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2010/12/02 22:07:33 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2010/12/02 22:07:33 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2010/12/02 22:07:04 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2010/12/02 22:07:04 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2010/12/02 22:07:03 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2010/12/02 22:07:03 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2010/12/02 22:07:03 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2010/12/02 22:07:03 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2010/12/02 22:07:02 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2010/12/02 22:07:02 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2010/12/02 22:07:02 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010/12/02 22:07:02 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2010/12/02 22:07:01 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2010/12/02 22:07:01 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2010/12/02 22:07:01 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2010/12/02 22:07:01 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2010/12/02 22:07:01 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2010/12/02 22:07:00 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2010/12/02 22:07:00 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2010/12/02 22:07:00 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2010/12/02 22:07:00 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2010/12/02 22:07:00 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2010/12/02 22:06:59 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2010/12/02 22:06:58 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2010/12/02 22:06:58 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2010/12/02 22:06:58 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2010/12/02 22:06:58 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2010/12/02 22:06:58 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2010/12/02 22:06:58 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2010/12/02 22:06:57 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2010/12/02 22:06:57 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2010/12/02 22:06:54 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2010/12/02 22:06:54 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2010/12/02 22:06:54 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2010/12/02 22:06:54 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2010/12/02 22:06:53 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2010/12/02 22:03:12 | 000,000,000 | -H-D | C] -- C:\Windows\msdownld.tmp
[2010/12/02 22:03:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2010/12/02 22:02:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2010/12/02 22:02:57 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010/12/02 17:34:29 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\Desktop\Dossier
[2010/12/02 17:34:11 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\Desktop\JeuxDOS
[2010/12/01 21:23:30 | 000,000,000 | ---D | C] -- C:\Program Files\DOSBox-0.73
[2010/12/01 21:14:46 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\DOSBox
[2010/12/01 21:14:39 | 000,000,000 | ---D | C] -- C:\Program Files\DOSBox-0.74
[2010/12/01 12:11:31 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Roaming\Simple Sudoku
[2010/12/01 12:11:31 | 000,000,000 | ---D | C] -- C:\Program Files\Simple Sudoku
[2010/11/27 18:31:14 | 002,288,640 | ---- | C] (Python Software Foundation) -- C:\Windows\System32\python27.dll
[2010/11/23 22:18:23 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\fff
[2010/11/21 21:43:25 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Roaming\Nikon
[2010/11/21 21:43:25 | 000,000,000 | ---D | C] -- C:\Users\Pierre-Yves\AppData\Local\Nikon
[2006/11/24 06:14:44 | 000,139,264 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK_wiz.dll
[2006/11/24 06:14:44 | 000,126,976 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010/12/21 19:11:00 | 000,000,432 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{708CEC71-6DE2-4120-AE0C-6149F42BD692}.job
[2010/12/21 19:08:59 | 000,000,432 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{8A4587B3-F80E-4DA7-A193-5D09DFAD1F95}.job
[2010/12/21 19:03:34 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\xeattdxi.sys
[2010/12/21 18:59:01 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/21 18:21:29 | 000,297,987 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/12/21 18:21:29 | 000,297,987 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/12/21 17:53:25 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/21 17:53:25 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/21 17:24:54 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Pierre-Yves\Desktop\OTL.exe
[2010/12/21 17:22:11 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Users\Pierre-Yves\Desktop\HiJackThis.exe
[2010/12/21 16:59:00 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/21 16:48:20 | 000,000,898 | ---- | M] () -- C:\Windows\System32\annul.exe
[2010/12/21 16:47:52 | 000,000,914 | ---- | M] () -- C:\Windows\System32\arret.exe
[2010/12/21 16:15:10 | 000,000,869 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\PowerBatch.lnk
[2010/12/21 15:16:19 | 000,000,068 | ---- | M] () -- C:\Windows\System32\arret.bat
[2010/12/21 14:15:38 | 000,028,210 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\aaa.jpg
[2010/12/21 13:58:05 | 000,728,424 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/12/21 13:58:05 | 000,638,028 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/12/21 13:58:05 | 000,148,478 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/12/21 13:58:05 | 000,120,716 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/12/21 13:53:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/21 13:53:19 | 3215,577,088 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/21 13:52:30 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/12/21 13:41:57 | 000,000,052 | ---- | M] () -- C:\Windows\System32\annul.bat
[2010/12/21 12:22:55 | 000,207,664 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Windows\System32\psshutdown.exe
[2010/12/20 16:49:47 | 000,000,430 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{4F70D5BD-EAEA-4F53-A7D5-A3BC9C0897CE}.job
[2010/12/19 16:41:38 | 000,000,009 | ---- | M] () -- C:\Users\Pierre-Yves\autoexec.bat
[2010/12/19 16:35:39 | 000,000,191 | -H-- | M] () -- C:\Windows\System32\pas.bat
[2010/12/19 15:36:53 | 000,000,087 | -H-- | M] () -- C:\Windows\System32\fir.bat
[2010/12/19 15:31:53 | 000,001,724 | ---- | M] () -- C:\Users\Pierre-Yves\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (3).lnk
[2010/12/18 14:46:15 | 000,001,258 | ---- | M] () -- C:\Users\Pierre-Yves\Documents\saveregistre.reg
[2010/12/18 13:00:09 | 000,001,024 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\AIDA64 Extreme Edition.lnk
[2010/12/18 11:00:30 | 000,001,075 | ---- | M] () -- C:\Users\Pierre-Yves\quiz.pyw
[2010/12/17 23:12:31 | 000,001,899 | ---- | M] () -- C:\Users\Pierre-Yves\azerty.py
[2010/12/17 22:41:58 | 000,000,151 | ---- | M] () -- C:\Users\Pierre-Yves\azeery.py
[2010/12/17 16:39:59 | 000,394,896 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/12/17 13:41:14 | 000,008,268 | ---- | M] () -- C:\Users\Pierre-Yves\AppData\Local\d3d9caps.dat
[2010/12/15 16:43:36 | 000,000,000 | ---- | M] () -- C:\Users\Pierre-Yves\a.exe
[2010/12/13 17:18:33 | 000,000,064 | ---- | M] () -- C:\Users\Pierre-Yves\lem.bat
[2010/12/13 17:08:14 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010/12/13 17:08:13 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/12/12 12:09:21 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/12 12:00:39 | 000,000,012 | ---- | M] () -- C:\Users\Pierre-Yves\IP.bat
[2010/12/12 11:50:45 | 000,001,730 | ---- | M] () -- C:\Users\Public\Desktop\Dictionnaire le Littré.lnk
[2010/12/11 18:32:07 | 000,000,586 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\Conjug.exe - Raccourci.lnk
[2010/12/11 15:30:34 | 000,001,715 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\DarkRoom.exe - Raccourci.lnk
[2010/12/11 12:58:22 | 000,000,718 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\eclipse - Raccourci.lnk
[2010/12/10 20:33:04 | 000,052,736 | ---- | M] () -- C:\Users\Pierre-Yves\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/10 19:01:21 | 000,001,827 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\Command Prompt.lnk
[2010/12/10 17:49:23 | 000,001,789 | ---- | M] () -- C:\Users\Public\Desktop\3DMark 11.lnk
[2010/12/10 13:09:23 | 000,020,882 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\azerty.3dr
[2010/12/10 12:57:36 | 000,020,780 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\a.3dr
[2010/12/09 21:22:39 | 000,001,608 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\Lynx Browser.lnk
[2010/12/09 18:52:26 | 000,001,833 | ---- | M] () -- C:\Users\Public\Desktop\3DMark05.lnk
[2010/12/08 17:57:07 | 000,002,624 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\UNTITL~1.EXE
[2010/12/08 17:56:45 | 000,000,335 | ---- | M] () -- C:\Users\Pierre-Yves\Documents\Project 2.dp
[2010/12/08 17:56:45 | 000,000,063 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\Project 2.dp
[2010/12/08 17:56:36 | 000,000,257 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\Untitled1.pas
[2010/12/08 17:55:55 | 000,000,078 | ---- | M] () -- C:\Users\Pierre-Yves\Documents\Rsrc.rc
[2010/12/08 17:55:03 | 000,002,327 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\anneed~1.ow
[2010/12/08 17:49:54 | 000,000,000 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\TP11D571.$$$
[2010/12/08 16:02:37 | 000,004,512 | ---- | M] () -- C:\WirelessDiagLog.csv
[2010/12/08 14:12:23 | 000,001,842 | ---- | M] () -- C:\Users\Pierre-Yves\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MaxTV Recorder Manager.lnk
[2010/12/08 14:03:01 | 000,000,853 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\Virtual VCR.lnk
[2010/12/06 22:18:29 | 000,013,165 | ---- | M] () -- C:\Users\Pierre-Yves\Documents\Lettre correspondant allemand.odt
[2010/12/05 21:26:06 | 000,206,634 | ---- | M] () -- C:\Users\Pierre-Yves\Documents\coffre literaire.odt
[2010/12/05 20:52:30 | 000,001,388 | ---- | M] () -- C:\Users\Pierre-Yves\Application Data\Microsoft\Internet Explorer\Quick Launch\Nouveau Texte OpenDocument - Raccourci.lnk
[2010/12/02 22:03:10 | 000,001,998 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\Need For Speed World.lnk
[2010/12/01 21:14:40 | 000,001,703 | ---- | M] () -- C:\Users\Public\Desktop\DOSBox 0.74.lnk
[2010/11/30 22:00:14 | 000,015,872 | ---- | M] () -- C:\Users\Pierre-Yves\Documents\Untitled1.exe
[2010/11/30 22:00:13 | 000,001,338 | ---- | M] () -- C:\Users\Pierre-Yves\Documents\untitl~1.ow
[2010/11/30 22:00:13 | 000,000,107 | ---- | M] () -- C:\Users\Pierre-Yves\Documents\Untitled1.pas
[2010/11/30 21:13:44 | 003,637,248 | ---- | M] () -- C:\Users\Pierre-Yves\Documents\adsl TV 2010-11-30 21-12-29 France 3.wmv
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/11/28 00:36:25 | 000,034,106 | ---- | M] () -- C:\Users\Pierre-Yves\mmmmm.odt
[2010/11/27 18:31:14 | 002,288,640 | ---- | M] (Python Software Foundation) -- C:\Windows\System32\python27.dll
[2010/11/26 21:28:41 | 000,000,076 | ---- | M] () -- C:\Users\Pierre-Yves\Desktop\Nouveau-ZIP.bat
[2010/11/24 20:25:42 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLet.DAT
[2010/11/23 22:20:32 | 000,000,000 | ---- | M] () -- C:\Users\Pierre-Yves\Dossier.zip
[2010/11/23 22:17:17 | 000,000,125 | ---- | M] () -- C:\Users\Pierre-Yves\nouveaudossier.zip
[2010/11/22 16:56:07 | 000,001,695 | ---- | M] () -- C:\Windows\System32\autoexec.nt
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/12/21 19:03:34 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\xeattdxi.sys
[2010/12/21 16:50:29 | 000,000,914 | ---- | C] () -- C:\Windows\System32\arret.exe
[2010/12/21 16:50:29 | 000,000,898 | ---- | C] () -- C:\Windows\System32\annul.exe
[2010/12/21 16:15:10 | 000,000,869 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\PowerBatch.lnk
[2010/12/21 14:08:25 | 000,028,210 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\aaa.jpg
[2010/12/21 13:39:11 | 000,000,052 | ---- | C] () -- C:\Windows\System32\annul.bat
[2010/12/21 13:38:48 | 000,000,068 | ---- | C] () -- C:\Windows\System32\arret.bat
[2010/12/20 18:14:25 | 000,000,008 | ---- | C] () -- C:\Users\Pierre-Yves\az.txt
[2010/12/19 16:36:08 | 000,000,524 | ---- | C] () -- C:\Users\Pierre-Yves\menu.txt
[2010/12/19 15:31:53 | 000,001,724 | ---- | C] () -- C:\Users\Pierre-Yves\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (3).lnk
[2010/12/19 15:27:41 | 000,000,087 | -H-- | C] () -- C:\Windows\System32\fir.bat
[2010/12/18 14:46:15 | 000,001,258 | ---- | C] () -- C:\Users\Pierre-Yves\Documents\saveregistre.reg
[2010/12/18 13:00:09 | 000,001,024 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\AIDA64 Extreme Edition.lnk
[2010/12/18 12:43:26 | 000,000,191 | -H-- | C] () -- C:\Windows\System32\pas.bat
[2010/12/18 10:53:57 | 000,001,075 | ---- | C] () -- C:\Users\Pierre-Yves\quiz.pyw
[2010/12/17 23:11:23 | 000,001,899 | ---- | C] () -- C:\Users\Pierre-Yves\azerty.py
[2010/12/17 22:36:56 | 000,000,151 | ---- | C] () -- C:\Users\Pierre-Yves\azeery.py
[2010/12/15 16:43:33 | 000,000,000 | ---- | C] () -- C:\Users\Pierre-Yves\a.exe
[2010/12/13 17:15:36 | 000,000,064 | ---- | C] () -- C:\Users\Pierre-Yves\lem.bat
[2010/12/12 12:09:21 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/12 12:00:39 | 000,000,012 | ---- | C] () -- C:\Users\Pierre-Yves\IP.bat
[2010/12/12 11:50:45 | 000,001,730 | ---- | C] () -- C:\Users\Public\Desktop\Dictionnaire le Littré.lnk
[2010/12/11 18:32:07 | 000,000,586 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\Conjug.exe - Raccourci.lnk
[2010/12/11 11:12:07 | 000,001,715 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\DarkRoom.exe - Raccourci.lnk
[2010/12/10 17:49:23 | 000,001,789 | ---- | C] () -- C:\Users\Public\Desktop\3DMark 11.lnk
[2010/12/10 13:09:21 | 000,020,882 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\azerty.3dr
[2010/12/10 12:57:34 | 000,020,780 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\a.3dr
[2010/12/09 21:22:39 | 000,001,608 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\Lynx Browser.lnk
[2010/12/09 18:52:26 | 000,001,833 | ---- | C] () -- C:\Users\Public\Desktop\3DMark05.lnk
[2010/12/09 18:50:29 | 000,006,173 | ---- | C] () -- C:\Windows\System32\drivers\Entech.vxd
[2010/12/09 18:50:29 | 000,003,972 | ---- | C] () -- C:\Windows\System32\drivers\PciBus.sys
[2010/12/08 17:57:07 | 000,002,624 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\UNTITL~1.EXE
[2010/12/08 17:56:16 | 000,000,257 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\Untitled1.pas
[2010/12/08 17:55:55 | 000,000,335 | ---- | C] () -- C:\Users\Pierre-Yves\Documents\Project 2.dp
[2010/12/08 17:55:55 | 000,000,078 | ---- | C] () -- C:\Users\Pierre-Yves\Documents\Rsrc.rc
[2010/12/08 17:55:03 | 000,002,327 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\anneed~1.ow
[2010/12/08 17:54:59 | 000,000,063 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\Project 2.dp
[2010/12/08 17:49:54 | 000,000,000 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\TP11D571.$$$
[2010/12/08 14:12:23 | 000,001,842 | ---- | C] () -- C:\Users\Pierre-Yves\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MaxTV Recorder Manager.lnk
[2010/12/08 14:03:01 | 000,000,853 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\Virtual VCR.lnk
[2010/12/06 21:10:56 | 000,013,165 | ---- | C] () -- C:\Users\Pierre-Yves\Documents\Lettre correspondant allemand.odt
[2010/12/05 21:09:30 | 000,206,634 | ---- | C] () -- C:\Users\Pierre-Yves\Documents\coffre literaire.odt
[2010/12/02 22:03:10 | 000,001,998 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\Need For Speed World.lnk
[2010/12/01 21:14:40 | 000,001,703 | ---- | C] () -- C:\Users\Public\Desktop\DOSBox 0.74.lnk
[2010/11/30 21:58:28 | 000,015,872 | ---- | C] () -- C:\Users\Pierre-Yves\Documents\Untitled1.exe
[2010/11/30 21:58:28 | 000,001,338 | ---- | C] () -- C:\Users\Pierre-Yves\Documents\untitl~1.ow
[2010/11/30 21:58:07 | 000,000,107 | ---- | C] () -- C:\Users\Pierre-Yves\Documents\Untitled1.pas
[2010/11/30 21:12:41 | 003,637,248 | ---- | C] () -- C:\Users\Pierre-Yves\Documents\adsl TV 2010-11-30 21-12-29 France 3.wmv
[2010/11/27 21:17:10 | 000,034,106 | ---- | C] () -- C:\Users\Pierre-Yves\mmmmm.odt
[2010/11/23 22:28:05 | 000,000,076 | ---- | C] () -- C:\Users\Pierre-Yves\Desktop\Nouveau-ZIP.bat
[2010/11/23 22:20:30 | 000,000,000 | ---- | C] () -- C:\Users\Pierre-Yves\Dossier.zip
[2010/11/23 22:16:00 | 000,000,125 | ---- | C] () -- C:\Users\Pierre-Yves\nouveaudossier.zip
[2010/11/21 16:12:14 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Equalizer
[2010/11/21 16:12:14 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Enhance Tuning
[2010/11/21 16:12:14 | 000,000,268 | RH-- | C] () -- C:\Users\Pierre-Yves\AppData\Roaming\Electric Clav
[2010/11/21 16:12:14 | 000,000,268 | RH-- | C] () -- C:\Users\Pierre-Yves\AppData\Roaming\Effects
[2010/11/21 16:12:14 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2010/11/21 16:12:13 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Enhance Timing
[2010/11/21 16:12:13 | 000,000,268 | RH-- | C] () -- C:\Users\Pierre-Yves\AppData\Roaming\Echo
[2010/11/21 16:12:13 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2010/11/21 16:12:13 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2010/11/20 15:04:44 | 000,001,776 | ---- | C] () -- C:\Users\Pierre-Yves\AppData\Local\Temp3.html
[2010/11/07 10:44:15 | 000,003,235 | ---- | C] () -- C:\Users\Pierre-Yves\AppData\Local\Temp11.html
[2010/11/06 21:36:11 | 000,004,479 | ---- | C] () -- C:\Users\Pierre-Yves\AppData\Local\Temp12.html
[2010/11/06 16:15:23 | 000,004,479 | ---- | C] () -- C:\Users\Pierre-Yves\AppData\Local\Temp21.html
[2010/11/06 15:43:06 | 000,000,778 | ---- | C] () -- C:\Users\Pierre-Yves\AppData\Local\Temp1.html
[2010/10/28 18:14:40 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2010/09/25 15:25:31 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010/09/25 15:25:31 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010/09/25 15:25:23 | 000,002,528 | ---- | C] () -- C:\Users\Pierre-Yves\AppData\Roaming\$_hpcst$.hpc
[2010/08/16 17:44:34 | 000,000,040 | ---- | C] () -- C:\Windows\System32\Sx5363.ini
[2010/04/04 14:36:20 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/12/22 22:14:56 | 000,000,571 | ---- | C] () -- C:\Windows\System32\FeMakro.ini
[2009/12/22 22:14:56 | 000,000,497 | ---- | C] () -- C:\Windows\System32\FeAnim.ini
[2009/09/27 19:49:51 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009/09/27 19:49:50 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009/08/30 16:49:57 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2009/08/30 16:49:57 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2009/07/20 13:49:26 | 000,031,802 | ---- | C] () -- C:\Users\Pierre-Yves\AppData\Roaming\UserTile.png
[2009/07/04 08:43:13 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/06/30 14:37:10 | 000,008,268 | ---- | C] () -- C:\Users\Pierre-Yves\AppData\Local\d3d9caps.dat
[2009/06/28 14:47:08 | 000,052,736 | ---- | C] () -- C:\Users\Pierre-Yves\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/07/21 03:56:00 | 000,000,179 | ---- | C] () -- C:\Windows\inisysupms.init
[2008/07/08 13:31:31 | 000,000,684 | ---- | C] () -- C:\Windows\HotFixList.ini
[2008/07/08 13:20:14 | 000,297,987 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008/07/08 13:20:14 | 000,297,987 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008/07/08 13:11:54 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini
[2008/07/08 13:11:54 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini
[2008/07/08 11:33:38 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/10/25 16:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007/02/15 08:51:02 | 000,274,432 | ---- | C] () -- C:\Windows\System32\NDADLL.dll
[2006/11/29 09:00:28 | 000,307,200 | ---- | C] () -- C:\Windows\System32\LDBGenWizView.dll
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/10/09 02:01:28 | 000,061,440 | ---- | C] () -- C:\Windows\System32\AVSAudioWideStereoDMO.dll
[2001/11/14 04:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[1997/06/14 11:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
[1996/04/03 20:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010/06/15 17:33:25 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\BitZipper
[2010/03/12 17:43:18 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\eTeks
[2010/04/01 19:42:20 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\FOG Downloader
[2010/10/17 17:48:12 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\LolClient
[2010/12/08 14:12:16 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\MaxTV Technologies
[2010/12/03 16:45:59 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Need for Speed World
[2010/11/21 21:43:25 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Nikon
[2010/04/04 14:24:38 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\OfferBox
[2009/06/28 09:11:47 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\OpenOffice.org
[2010/03/19 20:03:35 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Opera
[2010/09/25 16:30:47 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\PC Suite
[2010/08/04 12:52:20 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\PeerNetworking
[2010/09/25 15:25:18 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Samsung
[2010/12/01 12:12:44 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Simple Sudoku
[2010/02/06 21:13:29 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Sony
[2010/02/06 21:14:24 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Sony Setup
[2010/10/31 17:00:30 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Todae
[2010/02/26 18:28:08 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Uniblue
[2010/12/21 13:52:31 | 000,032,494 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/12/20 16:49:47 | 000,000,430 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{4F70D5BD-EAEA-4F53-A7D5-A3BC9C0897CE}.job
[2010/12/21 19:11:00 | 000,000,432 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{708CEC71-6DE2-4120-AE0C-6149F42BD692}.job
[2010/12/21 19:08:59 | 000,000,432 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{8A4587B3-F80E-4DA7-A193-5D09DFAD1F95}.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
 
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]
 
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]
 
[color=#A23BEC]< %APPDATA%\*. >[/color]
[2009/07/04 20:50:02 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Adobe
[2010/11/14 09:25:27 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Avira
[2010/06/15 17:33:25 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\BitZipper
[2009/08/01 13:53:58 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\CyberLink
[2010/07/06 16:59:46 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\DivX
[2010/12/20 20:43:59 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\dvdcss
[2010/03/12 17:43:18 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\eTeks
[2010/04/01 19:42:20 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\FOG Downloader
[2010/04/04 15:14:03 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Google
[2009/06/27 15:55:09 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Identities
[2010/08/04 12:52:57 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Intel
[2010/10/17 17:48:12 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\LolClient
[2009/06/27 16:31:20 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Macromedia
[2010/12/12 12:09:27 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Malwarebytes
[2010/12/08 14:12:16 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\MaxTV Technologies
[2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Media Center Programs
[2010/12/03 16:46:05 | 000,000,000 | --SD | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Microsoft
[2010/07/15 20:57:40 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\mIRC
[2010/10/31 14:03:21 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Mozilla
[2010/12/03 16:45:59 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Need for Speed World
[2010/11/21 21:43:25 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Nikon
[2010/04/04 14:24:38 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\OfferBox
[2009/06/28 09:11:47 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\OpenOffice.org
[2010/03/19 20:03:35 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Opera
[2010/09/25 16:30:47 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\PC Suite
[2010/08/04 12:52:20 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\PeerNetworking
[2010/09/25 15:25:18 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Samsung
[2010/03/23 18:08:50 | 000,000,000 | RH-D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\SecuROM
[2010/12/01 12:12:44 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Simple Sudoku
[2010/12/21 17:25:47 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Skype
[2010/12/21 16:06:40 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\skypePM
[2010/02/06 21:13:29 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Sony
[2010/02/06 21:14:24 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Sony Setup
[2010/10/31 14:03:26 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Talkback
[2010/10/31 17:00:30 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Todae
[2010/02/26 18:28:08 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Uniblue
[2010/12/20 22:24:40 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\vlc
[2010/11/23 21:45:55 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\Winamp
[2010/10/24 15:13:11 | 000,000,000 | ---D | M] -- C:\Users\Pierre-Yves\AppData\Roaming\WinRAR
 
[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2010/02/06 21:25:52 | 000,010,134 | R--- | M] () -- C:\Users\Pierre-Yves\AppData\Roaming\Microsoft\Installer\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}\ARPPRODUCTICON.exe
[2010/11/21 16:13:38 | 000,057,344 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Pierre-Yves\AppData\Roaming\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
[2010/09/25 16:07:18 | 089,280,248 | ---- | M] (Samsung Electronics Co., Ltd.                                ) -- C:\Users\Pierre-Yves\AppData\Roaming\Samsung\New PC Studio\LiveUpdate\Setup_For_Full_Update_IH2_7.exe
[2010/02/06 21:21:35 | 032,494,896 | ---- | M] (Apple Inc.) -- C:\Users\Pierre-Yves\AppData\Roaming\Sony Setup\9234765D-29DF-48d0-93FB-284B7B6009B9\QuickTimeInstaller.exe
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
[color=#A23BEC]< MD5 for: CDROM.SYS  >[/color]
[2008/01/21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008/01/21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006/11/02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
 
[color=#A23BEC]< MD5 for: CNGAUDIT.DLL  >[/color]
[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
[color=#A23BEC]< MD5 for: DISK.SYS  >[/color]
[2009/04/11 07:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\drivers\disk.sys
[2009/04/11 07:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_5c850fad\disk.sys
[2009/04/11 07:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_fbb1faf0714e4ea6\disk.sys
[2008/01/21 03:23:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys
[2008/01/21 03:23:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
[2006/11/02 10:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys
 
[color=#A23BEC]< MD5 for: EXPLORER.EXE  >[/color]
[2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
 
[color=#A23BEC]< MD5 for: IASTORV.SYS  >[/color]
[2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
[color=#A23BEC]< MD5 for: NDIS.SYS  >[/color]
[2009/04/11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009/04/11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008/01/21 03:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
 
[color=#A23BEC]< MD5 for: NETLOGON.DLL  >[/color]
[2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
[color=#A23BEC]< MD5 for: NVSTOR.SYS  >[/color]
[2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
[color=#A23BEC]< MD5 for: RASACD.SYS  >[/color]
[2008/01/21 03:24:19 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\System32\drivers\rasacd.sys
[2008/01/21 03:24:19 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasacd.sys
 
[color=#A23BEC]< MD5 for: RDPWD.SYS  >[/color]
[2009/04/11 05:51:27 | 000,180,736 | ---- | M] (Microsoft Corporation) MD5=30BFBDFB7F95559EDE971F9DDB9A00BA -- C:\Windows\System32\drivers\rdpwd.sys
[2009/04/11 05:51:27 | 000,180,736 | ---- | M] (Microsoft Corporation) MD5=30BFBDFB7F95559EDE971F9DDB9A00BA -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.0.6002.18005_none_4d610153d22453a6\rdpwd.sys
[2008/01/21 03:24:49 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=E1C18F4097A5ABCEC941DC4B2F99DB7E -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.0.6001.18000_none_4b758847d502885a\rdpwd.sys
 
[color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
[2008/01/21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
[color=#A23BEC]< MD5 for: SFLOPPY.SYS  >[/color]
[2006/11/02 09:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=46ED8E91793B2E6F848015445A0AC188 -- C:\Windows\System32\drivers\sfloppy.sys
[2006/11/02 09:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=46ED8E91793B2E6F848015445A0AC188 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_7a4ca8e4\sfloppy.sys
[2008/01/21 03:23:20 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_36da1340\sfloppy.sys
[2008/01/21 03:23:20 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\winsxs\x86_flpydisk.inf_31bf3856ad364e35_6.0.6001.18000_none_e70a102d7a7bbf43\sfloppy.sys
 
[color=#A23BEC]< MD5 for: TCPIP.SYS  >[/color]
[2008/04/26 09:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009/04/11 07:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2009/12/08 21:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009/08/15 22:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009/08/14 18:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2010/02/18 12:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010/02/18 15:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009/08/14 15:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009/12/08 21:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010/02/18 15:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010/02/18 13:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2009/12/08 21:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2010/06/16 16:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009/08/14 17:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2010/06/16 17:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010/06/16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2008/04/26 09:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009/12/08 18:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009/08/14 18:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2008/03/27 05:05:48 | 000,890,936 | ---- | M] (Microsoft Corporation) MD5=9081EBA4184E7EB87C55E18C089283A5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22144_none_b38070957fa0b5e0\tcpip.sys
[2010/02/18 18:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010/06/16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\System32\drivers\tcpip.sys
[2010/06/16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2009/12/08 18:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2010/02/18 15:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009/12/08 21:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008/01/21 03:25:03 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009/08/14 17:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
 
[color=#A23BEC]< MD5 for: TDPIPE.SYS  >[/color]
[2008/01/21 03:24:08 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=5DCF5E267BE67A1AE926F2DF77FBCC56 -- C:\Windows\System32\drivers\tdpipe.sys
[2008/01/21 03:24:08 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=5DCF5E267BE67A1AE926F2DF77FBCC56 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6001.18000_none_dbac376c44b742d7\tdpipe.sys
 
[color=#A23BEC]< MD5 for: TDTCP.SYS  >[/color]
[2008/01/21 03:24:08 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=389C63E32B3CEFED425B61ED92D3F021 -- C:\Windows\System32\drivers\tdtcp.sys
[2008/01/21 03:24:08 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=389C63E32B3CEFED425B61ED92D3F021 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6001.18000_none_dbac376c44b742d7\tdtcp.sys
 
[color=#A23BEC]< MD5 for: USBPRINT.SYS  >[/color]
[2006/11/02 10:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B51E52ACF758BE00EF3A58EA452FE360 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_35521f61\usbprint.sys
[2008/01/21 03:23:22 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\System32\drivers\usbprint.sys
[2008/01/21 03:23:22 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_29f90369\usbprint.sys
[2008/01/21 03:23:22 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\winsxs\x86_usbprint.inf_31bf3856ad364e35_6.0.6001.18000_none_32f9c26ac169fb1e\usbprint.sys
 
[color=#A23BEC]< MD5 for: USBSCAN.SYS  >[/color]
[2008/01/21 03:23:27 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_0bb72b9f\usbscan.sys
[2008/01/21 03:23:27 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_67b3f94c\usbscan.sys
[2008/01/21 03:23:27 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6001.18000_none_59ded168e0c6a0d3\usbscan.sys
[2008/01/21 03:23:27 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6002.18005_none_5bca4a74dde86c1f\usbscan.sys
[2006/11/02 10:14:17 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=B1F95285C08DDFE00C0B955462637EC7 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_727905e0\usbscan.sys
 
[color=#A23BEC]< MD5 for: USERINIT.EXE  >[/color]
[2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
[color=#A23BEC]< MD5 for: WININIT.EXE  >[/color]
[2008/01/21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008/01/21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
 
[color=#A23BEC]< MD5 for: WINLOGON.EXE  >[/color]
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2009/04/11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\rsaenh.dll
[2009/04/11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\SLC.dll
[2009/04/11 07:28:25 | 000,443,392 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\win32spl.dll
 
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles  >[/color]
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:43301D1D
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:331B76C7
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:9ACB70D7

< End of report >


OLT extras.txt
Code: Tout sélectionner
OTL Extras logfile created on: 21/12/2010 19:08:14 - Run 1
OTL by OldTimer - Version 3.2.18.0     Folder = C:\Users\Pierre-Yves\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,09 Gb Total Space | 18,25 Gb Free Space | 12,66% Space Free | Partition Type: NTFS
Drive D: | 117,93 Gb Total Space | 50,48 Gb Free Space | 42,81% Space Free | Partition Type: NTFS
 
Computer Name: PYMCLAIRE | User Name: Pierre-Yves | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13630788-923C-403D-AD4F-29AC0721338E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{14D5EE85-EC1A-4D6F-B3E9-25548AD40E2D}" = lport=139 | protocol=6 | dir=in | app=system |
"{1BD49863-63DE-4B01-9FFF-CCA3CC4E7855}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2B38025E-E4F0-4FF9-BCE5-8382E29ACB92}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3CAF69F3-2ED1-4E60-B55B-96D9A86649C2}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4004A6BE-251E-4B49-989E-2258F440F621}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{43138E82-AE0F-4544-A48B-77137033A9A4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4469362E-EFC8-411F-ADAB-0826F1C4A239}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4D261FE9-E60E-4756-B855-C67B43DCFD74}" = lport=8395 | protocol=17 | dir=in | name=league of legends launcher |
"{4F254E62-45AA-469B-9A89-E1284C806EFB}" = lport=6894 | protocol=17 | dir=in | name=league of legends launcher |
"{59DF9288-E437-4FD0-A0C4-17417A48E674}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5B3CAAE9-9306-41DF-BC16-228FAFA36469}" = lport=6940 | protocol=6 | dir=in | name=league of legends launcher |
"{6627C15A-5853-4FD5-AD71-1B28CCE55328}" = lport=6940 | protocol=17 | dir=in | name=league of legends launcher |
"{70998740-3922-4187-8CCF-F1122681F79C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{70F04CFA-219C-4137-AC93-2B233B2D9906}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{7298CA56-9251-4611-B0E0-5C48070AEAF8}" = rport=139 | protocol=6 | dir=out | app=system |
"{74BD62B5-9310-4E03-93E7-6F3C2D19A4CA}" = rport=137 | protocol=17 | dir=out | app=system |
"{7749DF98-DFFC-4E53-92D5-E904E0CE0282}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7EA46487-517F-41EF-8DE9-CCEFAE2F54C6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{804166D5-8ED3-4D49-8F3D-2CF3BDB87D09}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{829F27E7-AC85-411C-BAEF-4996CB4EC131}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{84420DB6-F7EA-4A38-A2FE-2FBDCB73DC7E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8666462C-1764-443D-BBBA-24A1099BD94D}" = lport=8395 | protocol=6 | dir=in | name=league of legends launcher |
"{8817E1B5-5515-41CF-AC23-D53A41E4E906}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
"{8E82E181-38AE-454D-8883-F641A497FFE7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9E95F55A-39FD-4A95-938C-3EC8CD3E2017}" = rport=445 | protocol=6 | dir=out | app=system |
"{A0F6F97C-BAA3-4E86-B360-6A8D407257D9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A3C57225-6FF2-44A1-B057-56073F374C7A}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A5400236-90D0-4EF3-A3B2-4A329DD67EDA}" = lport=445 | protocol=6 | dir=in | app=system |
"{A7965BB2-8BC7-48FD-8047-F1B438236580}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{B00E8748-5CFF-45C2-BCBA-4C414197C9C9}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{B3B7144E-253B-4264-B694-DC2F6CFFB37C}" = lport=138 | protocol=17 | dir=in | app=system |
"{BA5DCC5E-E351-4995-B1F2-7E1363218B6F}" = lport=137 | protocol=17 | dir=in | app=system |
"{BC8953A8-2165-4A47-B80C-FD1DBB8E10F9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{C276ED55-D1EE-49F3-916A-947B0F9A6180}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C5F6553F-A6F5-4584-98F9-9D62E3C29DEB}" = lport=6894 | protocol=6 | dir=in | name=league of legends launcher |
"{C9057E04-AB44-42AD-BC82-E1EFD5E2E1BC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{CD261958-FE38-4DD7-9F6B-9C3D58F98E34}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D5721C96-15CA-4119-84F8-F8C171DD5B56}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D7C39578-D345-49B0-AB99-166C260D9700}" = rport=138 | protocol=17 | dir=out | app=system |
"{D84B8947-5A44-4185-83FC-350F651A8615}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D9A42A8C-DC4B-4219-93DF-7F38DF483576}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DDA77806-92A5-44F6-A3E3-AC30F9475E74}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DF0E3E51-BD50-4992-9F12-4345983AAEDE}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{E08617E5-93D7-4A47-A2A2-852818D17051}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{F06F494D-5301-49C0-BB7D-7ABD8661C24D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{F4C62A30-F8C2-4D61-99A9-3B9E05336351}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FEF7235C-EA63-4C76-B38F-73628EB505C6}" = rport=2869 | protocol=6 | dir=out | app=system |
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04D11DD4-07E8-4728-BE7A-96B8C0E7113D}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{060649F5-F42C-4A68-9E03-78AA0FD03B31}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{09A18D68-8FBA-467C-8468-6403D28A2239}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{0A4A3A01-4741-46B4-884E-D24DCA546B4B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{154FCB29-798D-4CBA-8279-36799699BCD9}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{23D0C1FD-200C-41E0-B758-14F98C9829A4}" = protocol=17 | dir=in | app=c:\program files\adsltv\adsltv.exe |
"{2C36FD30-2201-4511-8409-99F660E4F098}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2CB899C3-3136-4F28-B42C-A235BB4F3C5C}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe |
"{31D3D098-C380-4F0C-A125-256D2785DBFB}" = protocol=6 | dir=in | app=c:\program files\adsltv\vlc\vlc.exe |
"{321DCBEA-90FF-41AE-BD32-7BE3B1131DCE}" = protocol=17 | dir=in | app=c:\program files\maxtv\maxtv4\core\maxtv_xul.exe |
"{3664CC36-F04D-4F0F-8DCD-3E3F3710414D}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{3B5C5157-7A71-4EF2-8EC3-7908A1DC263F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3C086FBB-AEFF-4A09-B7F3-D6AB39DB6731}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{41B05393-AE6C-4F48-9A88-4662AEBB8BB5}" = protocol=6 | dir=in | app=c:\program files\maxtv\maxtv4\maxtv.exe |
"{44BDA698-A52C-4C66-85AD-CF6F6586E4BE}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{47757899-1962-4A0F-858F-B803D2EB2D03}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{48D588DC-77AE-4882-BC44-DD9DC97E8DE9}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{4F5B0205-F72D-4C95-B4D1-9A8F7B7CE748}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{52B5B516-B0F8-42C1-8C0E-FC097770F24C}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{57A900F1-A965-4731-BB4F-D9DB049683ED}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{5965CE03-B970-457A-B3DA-C85588873A99}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5A80A44F-CE30-4AA9-B371-7B46F6882604}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5C51EE88-20B3-4992-96F5-1A2283C625F2}" = protocol=6 | dir=out | app=system |
"{5D59CE29-DCD0-43D7-814C-9016ECFC60E8}" = protocol=17 | dir=in | app=c:\program files\maxtv\maxtv4\maxtv.exe |
"{616D75E0-75F4-4045-9B54-1DAE7662C7B9}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{67CD8D06-2AF0-4553-9BC5-3B9BBBEC87C9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6A7AB50F-BCF6-4144-A59F-952E6411F880}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{6BC02F2C-B33E-4514-B76F-4F517EFE3CB6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{747EAB6E-FB9D-48E4-8129-0A9684A0E0B8}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{77FF85E9-B5FF-4165-B271-CE48948DA79A}" = protocol=6 | dir=in | app=c:\program files\maxtv\maxtv4\recorder.exe |
"{7921E7CD-A2B2-49A4-9729-64EF3542B6FC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7C5F7AC6-84F8-4822-BE3A-3A7D786C2CA0}" = protocol=17 | dir=in | app=c:\program files\maxtv\maxtv4\recorder.exe |
"{7DBC6A84-A4B8-42E6-AFBA-E0180DE915FF}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{808EF7EF-EB27-42FA-8FB9-36BDAB0361EB}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{838226E1-F9C9-4AEF-AD49-77A1EEEE22F8}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{88DB47CF-EE82-4CDF-A55F-625104CFBF3D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8FE6D008-D229-4DF6-A61C-FF1D88CE425A}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{9368E11C-7040-4D7E-9139-3E115EE8FA7E}" = protocol=6 | dir=in | app=c:\program files\maxtv\maxtv4\core\maxtv_xul.exe |
"{9B24059C-E11C-48FA-A1C7-934E5DC23C02}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A2927B7C-B403-4063-8CE8-1CC89806C377}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A2A12E64-6D85-477B-9A60-B952EC4A3903}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B6B8F6C4-81C4-4280-AFA8-B7FEC8C7429F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B6CA2C60-94C9-47B0-9FD9-034786973BE7}" = protocol=17 | dir=in | app=c:\program files\adsltv\vlc\vlc.exe |
"{B8D3D99E-0EBB-4E97-A2C2-3418A91C2AB9}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{BE34FF96-DF25-456C-9665-65E22D011EEB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C245357F-1418-447E-94DB-05CC9877ED9D}" = protocol=6 | dir=in | app=c:\program files\adsltv\adsltv.exe |
"{C4001D6D-7821-4174-9298-6771E877160C}" = protocol=17 | dir=in | app=c:\program files\maxtv\maxtv4\task_scheduler.exe |
"{C931BA47-755F-4762-8EF6-B58BC7D5D545}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CE3423C0-C0A4-4AF5-A89B-BD9F117C1E34}" = protocol=6 | dir=in | app=c:\program files\maxtv\maxtv4\task_scheduler.exe |
"{D2A21CA6-E33B-42FE-B335-DA599952DA43}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{D56B6846-F860-413E-8E60-EB8A6CE94623}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{E1093584-14B6-4FC1-9CCC-4D6E362BFDB6}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{E998A3BA-2376-4802-9C9C-10B44A673D62}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{F7A29537-BC48-4F73-BE8A-4AC0726E0A4C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{1D985AD0-0550-4C1D-8EDB-CA4BA4894F23}C:\riot games\league of legends\lol.launcher.exe" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"TCP Query User{28DCCC24-80BC-40EA-88CA-B9C32E10CEEE}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{2AFA02F2-A108-4C21-812D-FCDB2374C9CD}C:\program files\adsltv\adsltv.exe" = protocol=6 | dir=in | app=c:\program files\adsltv\adsltv.exe |
"TCP Query User{2C44B5A6-B44B-4CFE-9B5D-744C983EFBDD}C:\program files\bsmaxscript[7.2]\mirc.exe" = protocol=6 | dir=in | app=c:\program files\bsmaxscript[7.2]\mirc.exe |
"TCP Query User{2E5F8F06-82F5-4D23-B49F-EF674877EA18}C:\program files\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\program files\metin2\metin2client.bin |
"TCP Query User{4783A54E-50E5-40BA-8A93-64F565F831EF}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{6EB9DBC5-81D3-4E62-AB21-71F4D2499826}C:\program files\microsoft games\age of empires ii\empires2.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.exe |
"TCP Query User{DCF2E731-0D7D-46FE-8DD4-E2B67D13286F}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{E12EF66E-EB48-4E23-82B8-5898CBAD6F9E}C:\program files\metin2\metin2.bin" = protocol=6 | dir=in | app=c:\program files\metin2\metin2.bin |
"TCP Query User{EF3F72A3-725E-4299-AB27-8A8F7ED3F816}C:\users\pierre-yves\desktop\fogdownloader-rom_2_1_6_2049.exe" = protocol=6 | dir=in | app=c:\users\pierre-yves\desktop\fogdownloader-rom_2_1_6_2049.exe |
"TCP Query User{FECFBB1D-43D9-4927-AE62-C4A07DB63B45}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{11289CE4-CEB9-4CB4-BB39-8E55D7C4FF2C}C:\program files\bsmaxscript[7.2]\mirc.exe" = protocol=17 | dir=in | app=c:\program files\bsmaxscript[7.2]\mirc.exe |
"UDP Query User{39C6F757-321B-4044-BB7D-4671D6D5ADF0}C:\program files\microsoft games\age of empires ii\empires2.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.exe |
"UDP Query User{508F80DD-D1E8-4B12-BBF1-906E2F4A990E}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{65B89BB8-B82C-45E8-B8D0-E0DFA83295F9}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{7431E217-C548-40FA-9B6D-EFD0E6B8B8C3}C:\users\pierre-yves\desktop\fogdownloader-rom_2_1_6_2049.exe" = protocol=17 | dir=in | app=c:\users\pierre-yves\desktop\fogdownloader-rom_2_1_6_2049.exe |
"UDP Query User{8B07CE08-8BCF-448B-A446-1C4A5F0DBE51}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{8F2BA9D0-EC32-4716-B2D0-A81C650D1F71}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{97681A33-B750-4E16-BF58-19BC38BF8A2A}C:\program files\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\program files\metin2\metin2client.bin |
"UDP Query User{A3B11DEC-40EC-4868-BA7F-762AAB61B11F}C:\program files\adsltv\adsltv.exe" = protocol=17 | dir=in | app=c:\program files\adsltv\adsltv.exe |
"UDP Query User{C6D05139-C364-4E71-90D5-F43D9899C76A}C:\riot games\league of legends\lol.launcher.exe" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"UDP Query User{D759CFEF-3075-466E-A8A3-9696B909AEEC}C:\program files\metin2\metin2.bin" = protocol=17 | dir=in | app=c:\program files\metin2\metin2.bin |
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software  1.12.37.1
"{00AF10C1-44BD-4862-9D7F-24E6BA3E87FD}" = imagine digital freedom - Samsung
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6300
"{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client
"{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Barre d'outils Bing
"{0A138994-04B3-4AE2-AB89-74B818AFB1B3}" = Samsung PC Studio 3
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{0EE11800-A1BD-11D3-BFEB-005004AF2D32}" = Risk II
"{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}" = OpenOffice.org 3.1
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III
"{14F06853-8A15-4731-BBDC-C9B40A866A63}" = Virtual VCR
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1A7F8DF6-5A3E-4CDF-BC82-BE26B407E21B}" = Les Sims Superstar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F24E48F-7692-4E89-8784-68DD4D2712A0}" = Microsoft SQL Server Native Client
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2575CF76-C88A-4B97-AC0F-62FFA453FD08}_is1" = Dictionnaire le Littré 2.0
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 22
"{2DF7B278-D3B6-40A4-B25C-0E7149F439EA}" = 3DMark05
"{32939827-d8e5-470a-b126-870db3c69fdf}" = Python 2.7.1
"{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor
"{3310CCF2-AC56-11D5-9D5E-0050DA688E3B}" = Lucky Luke - Mini-Jeu
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3380F354-C5F7-4E71-8F51-EEE6C3F06C62}" = Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français)
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{36BEAD11-8577-49AD-9250-E06A50AE87B0}" = Microsoft SOAP Toolkit 2.0 SP2
"{3AFDD2C6-8663-46B5-B195-6CEB00D44768}" = adsl TV
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}" = 3DMark 11
"{480DBB60-F0B6-45F2-B26F-1A2E11197791}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66E9FF7E-E2A3-47F0-BB00-521071AF4C07}" = Micro Application - 3D Architecte Classic
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69ca8988-1c6c-4285-b8af-db780a6e42af}" = Gestionnaire de contacts professionnels pour Outlook 2007 SP2
"{6AEE3DB1-9356-4E04-9171-5E85E51E6A35}_is1" = TribalSync 3.0
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager
"{71A51B09-E7D3-11DB-A386-005056C00008}" = Vimicro UVC Camera
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{7FD14A8A-FBCC-4442-ACAC-A0E9EC223AED}" = Europa Universalis - Rome
"{804F1285-8CBF-408D-8CDC-D4D40003B2E4}" = PlayCamera
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D42CBBC-2089-44AB-8021-369DDB962816}" = Photo Collage 3.0
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{9085040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{90A4040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A30179B7-997A-4D47-AA43-57AE59A9C78B}" = Microsoft SQL Server VSS Writer
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB93C51F-71F9-4A28-8134-FE1B5B9373E9}" = Windows Live Remote Service Resources
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1036-7B44-A82000000003}" = Adobe Reader 8.2.5 - Français
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BA5F3E0E-8F3E-47BD-88E4-AD3EB5225F51}" = Logiciel Intel(R) PROSet/Wireless WiFi
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1E7142C-6BC3-49EB-A71A-E5D7ADAC7599}" = Nikon File Uploader 2
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDD62492-32A7-412B-8AF1-2CF032AD42E3}" = ViewNX 2
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}" = Windows Live Remote Client Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Codeur Windows Media Série 9
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{FBE5AA96-22F0-4C4A-8E92-4BE3498D4CCB}" = Media Go
"{FCFBA290-CB48-4AF1-A241-2685AEDEDD66}" = Windows Live Family Safety
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Package de pilotes Windows - Nokia pccsmcfd  (10/12/2007 6.85.4.0)
"4StoryFR_is1" = 4Story 1.5
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Age of Empires 2.0" = Microsoft Age of Empires II
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v1.20
"AirRivals_FR_is1" = AirRivals_FR 1.0.0.1
"Alexandra Ledermann 5" = Alexandra Ledermann 5
"Asterix at the Olympic Games" = Astérix aux Jeux Olympiques
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AxCrypt" = AxCrypt (Désinstaller uniquement)
"BFG-Big City Adventure - San Francisco" = Big City Adventure - San Francisco
"BFG-Big City Adventure - Sydney Australia" = Big City Adventure: Sydney, Australia
"BFGC" = Big Fish Games: Game Manager
"BFG-Dream Day Wedding" = Dream Day Wedding
"Business Contact Manager" = Gestionnaire de contacts professionnels pour Outlook 2007 SP2
"Camouflage" = Camouflage
"CamStudio" = CamStudio
"CCleaner" = CCleaner
"DivX Setup.divx.com" = Configuration DivX
"DJ Mix Pro" = DJ Mix Pro
"Dofus 1.28.0" = Dofus 1.28.0
"Enjoy 5e" = Enjoy 5e
"FileHippo.com" = FileHippo.com Update Checker
"Google Chrome" = Google Chrome
"HijackThis" = HijackThis 2.0.2
"InstallShield_{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0
"InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"InstallShield_{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Live Media" = Todae - Live Media
"Lynx Web Browser_is1" = Lynx 2.8.5rel.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Metin2_is1" = Metin2
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Mozilla Sunbird (0.9)" = Mozilla Sunbird (0.9)
"NVIDIA Drivers" = NVIDIA Drivers
"Orange WebTV Player_is1" = Orange WebTV Player 1.28971
"PowerBatch_is1" = PowerBatch 6
"PROHYBRIDR" = 2007 Microsoft Office system
"ProInst" = Intel PROSet Wireless
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"Scratch" = Scratch
"Simple Sudoku_is1" = Simple Sudoku 4.2
"SoftwareUpdate_is1" = SoftwareUpdate 1.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 1.0.5
"WhoCrashed_is1" = WhoCrashed 2.10
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Encoder 9" = Codeur Windows Media Série 9
"WinLiveSuite" = Windows Live
"wxPython2.8-ansi-py27_is1" = wxPython 2.8.11.0 (ansi) for Python 2.7
 
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{CE65B110-8786-47EA-A4A0-05742F29C221}_is1" = Ruby 1.8.6-p398
"NRJ Master Mix" = NRJ Master Mix
"Sweet Home 3D" = Sweet Home 3D
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 06/11/2010 04:52:33 | Computer Name = PymClaire | Source = Windows Search Service | ID = 3013
Description =
 
Error - 06/11/2010 04:52:33 | Computer Name = PymClaire | Source = Windows Search Service | ID = 3013
Description =
 
Error - 06/11/2010 04:52:33 | Computer Name = PymClaire | Source = Windows Search Service | ID = 3013
Description =
 
Error - 06/11/2010 04:52:33 | Computer Name = PymClaire | Source = Windows Search Service | ID = 3013
Description =
 
Error - 06/11/2010 04:52:33 | Computer Name = PymClaire | Source = Windows Search Service | ID = 3013
Description =
 
Error - 06/11/2010 04:59:09 | Computer Name = PymClaire | Source = EventSystem | ID = 4609
Description =
 
Error - 06/11/2010 05:00:08 | Computer Name = PymClaire | Source = WinMgmt | ID = 10
Description =
 
Error - 06/11/2010 10:38:44 | Computer Name = PymClaire | Source = EventSystem | ID = 4609
Description =
 
Error - 06/11/2010 10:39:40 | Computer Name = PymClaire | Source = WinMgmt | ID = 10
Description =
 
Error - 06/11/2010 12:11:57 | Computer Name = PymClaire | Source = EventSystem | ID = 4609
Description =
 
[ System Events ]
Error - 21/12/2010 06:32:00 | Computer Name = PymClaire | Source = Service Control Manager | ID = 7000
Description =
 
Error - 21/12/2010 06:32:00 | Computer Name = PymClaire | Source = Service Control Manager | ID = 7000
Description =
 
Error - 21/12/2010 06:32:00 | Computer Name = PymClaire | Source = Service Control Manager | ID = 7000
Description =
 
Error - 21/12/2010 06:35:16 | Computer Name = PymClaire | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
 
Error - 21/12/2010 08:53:37 | Computer Name = PymClaire | Source = Service Control Manager | ID = 7000
Description =
 
Error - 21/12/2010 08:53:37 | Computer Name = PymClaire | Source = Service Control Manager | ID = 7000
Description =
 
Error - 21/12/2010 08:53:37 | Computer Name = PymClaire | Source = Service Control Manager | ID = 7000
Description =
 
Error - 21/12/2010 08:56:49 | Computer Name = PymClaire | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
 
Error - 21/12/2010 11:09:43 | Computer Name = PymClaire | Source = DCOM | ID = 10005
Description =
 
Error - 21/12/2010 11:09:43 | Computer Name = PymClaire | Source = Service Control Manager | ID = 7000
Description =
 
 
< End of report >


Merci
Avatar de l'utilisateur
pierreyves258
Expert(e)
Expert(e)
 
Messages: 1139
Inscription: 30 Oct 2010 18:29
 


Re: Infection MSN

Message le 21 Déc 2010 20:22

Hello , je m'occupe de toi se soir pierreyves258 ((Jamais 2 sans 3 )) ^^

On ne ta jamais dit de ne pas cliquer n'importe ou ? !!
Pleins de virus / vers / chevaux de troie (....) circulent sur MSN !

Donc quand tu vois se message ou autre , surtout ne pas cliquer !!

Bonne soirée ;)
Avatar de l'utilisateur
Del-crosseur
Expert(e)
Expert(e)
 
Messages: 1833
Inscription: 08 Juin 2009 06:46
Localisation: Nord-(59)
 

Re: Infection MSN

Message le 21 Déc 2010 20:23

^^ Merci Del-crosseur

edit:

je ne clique pas n'importe ou je fais même attention !!
Surtout sur msn je ne clique sur les messages de personne quand c'est des lien que je ne connais pas ou autre
Avatar de l'utilisateur
pierreyves258
Expert(e)
Expert(e)
 
Messages: 1139
Inscription: 30 Oct 2010 18:29
 

Re: Infection MSN

Message le 21 Déc 2010 22:36

Bonsoir !!

Image • Télécharge AD-Remover (de C_XX) sur ton Bureau.
:!: Déconnecte toi et ferme toutes les applications en cours :!:
• Double-clique sur l'icône AD-Remover
• Au menu principal, clique sur "SCAN"
• Confirme le lancement de l'analyse et laisse l'outil travailler
• Poste le rapport qui apparait à la fin (il est aussi sauvegardé sous C:\Ad-report-Scan.txt )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Avatar de l'utilisateur
Del-crosseur
Expert(e)
Expert(e)
 
Messages: 1833
Inscription: 08 Juin 2009 06:46
Localisation: Nord-(59)
 

Re: Infection MSN

Message le 21 Déc 2010 22:44

Voila: (ooups je em suis pas deco d'internet ni désactiver l'antivirus c'est pas grave ?)
Code: Tout sélectionner
======= RAPPORT D'AD-REMOVER 2.0.0.2,C | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 08/12/10 à 10:40
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 22:43:21 le 21/12/2010, Mode normal

Microsoft® Windows Vista™ Édition Familiale Premium  Service Pack 2 (X86)
Pierre-Yves@PYMCLAIRE (SAMSUNG ELECTRONICS CO., LTD. R510)
 
============== RECHERCHE ==============


Dossier trouvé: C:\Users\Pierre-Yves\AppData\LocalLow\Conduit
Dossier trouvé: C:\Program Files\Conduit
Dossier trouvé: C:\Users\admimam\AppData\Roaming\EoRezo
Dossier trouvé: C:\Users\Clairounette\AppData\Roaming\EoRezo
Dossier trouvé: C:\Users\Invité\AppData\Roaming\EoRezo
Dossier trouvé: C:\Users\Pierre-Yves\AppData\Roaming\OfferBox

Clé trouvée: HKLM\Software\Classes\Toolbar.CT2095689
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2297721
Clé trouvée: HKLM\Software\ASKInstaller
Clé trouvée: HKLM\Software\Conduit
Clé trouvée: HKCU\Software\OfferBox
Clé trouvée: HKCU\Software\AppDataLow\Toolbar
Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1

Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eoengine


============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.6.13 (fr)] **

-- C:\Users\Pierre-Yves\AppData\Roaming\Mozilla\FireFox\Profiles\1l8mi1qo.default\Prefs.js --
browser.download.lastDir, C:\\Users\\Pierre-Yves\\Downloads
browser.startup.homepage, hxxp://chickentofight.com/index.php?page=logout|hxxp://www.guerretribale.fr/|hxxp://fr.ikariam...
browser.startup.homepage_override.mstone, rv:1.9.2.13

========================================

** Internet Explorer Version [8.0.6001.18999] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp:\\www.samsungcomputer.com
Do404Search: 0x01000000
Local Page: C:\Windows\system32\blank.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Show_ToolBar: yes
Start Page: hxxp://chickentofight.com/index.php?page=logout
Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp:\\www.samsungcomputer.com
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Enable Browser Extensions: yes
Local Page: C:\Windows\System32\blank.htm
Search Page: ${URL_SEARCHPAGE}
Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: hxxp://toolbar.aol.com/browserpages/newtab-winamp-ie-en-us.html
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 21/12/2010 (3146 Octet(s))

Fin à: 22:44:11, 21/12/2010
 
============== E.O.F ==============
Avatar de l'utilisateur
pierreyves258
Expert(e)
Expert(e)
 
Messages: 1139
Inscription: 30 Oct 2010 18:29
 

Re: Infection MSN

Message le 21 Déc 2010 22:46

Yéép :)

Relance AD-REMOVER en choisissant l'option "Nettoyer"
Avatar de l'utilisateur
Del-crosseur
Expert(e)
Expert(e)
 
Messages: 1833
Inscription: 08 Juin 2009 06:46
Localisation: Nord-(59)
 

Re: Infection MSN

Message le 21 Déc 2010 22:53

voila

Code: Tout sélectionner
======= RAPPORT D'AD-REMOVER 2.0.0.2,C | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 08/12/10 à 10:40
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 22:47:06 le 21/12/2010, Mode normal

Microsoft® Windows Vista™ Édition Familiale Premium  Service Pack 2 (X86)
Pierre-Yves@PYMCLAIRE (SAMSUNG ELECTRONICS CO., LTD. R510)
 
============== ACTION(S) ==============


Dossier supprimé: C:\Users\Pierre-Yves\AppData\LocalLow\Conduit
Dossier supprimé: C:\Program Files\Conduit
Dossier supprimé: C:\Users\admimam\AppData\Roaming\EoRezo
Dossier supprimé: C:\Users\Clairounette\AppData\Roaming\EoRezo
Dossier supprimé: C:\Users\Invité\AppData\Roaming\EoRezo
Dossier supprimé: C:\Users\Pierre-Yves\AppData\Roaming\OfferBox

(!) -- Fichiers temporaires supprimés.


Clé supprimée: HKLM\Software\Classes\Toolbar.CT2095689
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2297721
Clé supprimée: HKLM\Software\ASKInstaller
Clé supprimée: HKLM\Software\Conduit
Clé supprimée: HKCU\Software\OfferBox
Clé supprimée: HKCU\Software\AppDataLow\Toolbar
Clé supprimée: HKCU\Software\AppDataLow\Software\Conduit
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1

Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eoengine


============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.6.13 (fr)] **

-- C:\Users\Pierre-Yves\AppData\Roaming\Mozilla\FireFox\Profiles\1l8mi1qo.default\Prefs.js --
browser.download.lastDir, C:\\Users\\Pierre-Yves\\Downloads
browser.startup.homepage, hxxp://chickentofight.com/index.php?page=logout|hxxp://www.guerretribale.fr/|hxxp://fr.ikariam...
browser.startup.homepage_override.mstone, rv:1.9.2.13

========================================

** Internet Explorer Version [8.0.6001.18999] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Local Page: C:\Windows\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Enable Browser Extensions: yes
Local Page: C:\Windows\System32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 34 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 16 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 21/12/2010 (3375 Octet(s))
C:\Ad-Report-SCAN[1].txt - 21/12/2010 (3275 Octet(s))

Fin à: 22:48:06, 21/12/2010
 
============== E.O.F ==============
Avatar de l'utilisateur
pierreyves258
Expert(e)
Expert(e)
 
Messages: 1139
Inscription: 30 Oct 2010 18:29
 

Re: Infection MSN

Message le 21 Déc 2010 22:58

Très bien .

Relance AD-REMOVER en choisissant l'option "Désinstaller"

Puis ::

Mets à jours Java !!

Et enfin :

  • Peux-tu stp te rendre sur le premier message que tu as poster afin de modifier le titre de ton topic (sujet).
  • Pour cela clique sur l'icône "EDITER", tape ce nouveau titre "Infection Eorezo".
  • Valide en cliquant sur "Envoyer"

Sujet Réglé/Résolu

Bonne soirée
Avatar de l'utilisateur
Del-crosseur
Expert(e)
Expert(e)
 
Messages: 1833
Inscription: 08 Juin 2009 06:46
Localisation: Nord-(59)
 

Re: Infection MSN

Message le 21 Déc 2010 23:00

:o Deja désinfecté ????? tu est sur ?
car EoRézo je l'ai supprimer depuis longtemps !!! il etait revenu ?

et eoréso n'envoi pas de pub au contact msn !
Avatar de l'utilisateur
pierreyves258
Expert(e)
Expert(e)
 
Messages: 1139
Inscription: 30 Oct 2010 18:29
 

Re: Infection MSN

Message le 21 Déc 2010 23:07

pierreyves258 a écrit::o Deja désinfecté ????? tu est sur ?
car EoRézo je l'ai supprimer depuis longtemps !!! il etait revenu ?

et eoréso n'envoi pas de pub au contact msn !


Je connais mon boulot , je sait se que je fait et quelle(s) décision(s) prendre .

Merci .
Avatar de l'utilisateur
Del-crosseur
Expert(e)
Expert(e)
 
Messages: 1833
Inscription: 08 Juin 2009 06:46
Localisation: Nord-(59)
 

Re: [Réglé]infecté par EoRezo

Message le 21 Déc 2010 23:08

oui d'accord mais sa m'etone quand meme je l'avais deja suprimer errezo
et qu'est qui a envoyer ces pub a mes contact ?
Avatar de l'utilisateur
pierreyves258
Expert(e)
Expert(e)
 
Messages: 1139
Inscription: 30 Oct 2010 18:29
 

Re: [Réglé]infecté par EoRezo

Message le 21 Déc 2010 23:27

pierreyves258 a écrit:oui d'accord mais sa m'etone quand meme je l'avais deja suprimer errezo
et qu'est qui a envoyer ces pub a mes contact ?


Sa peut être une cause oui ;)

Tu me diras si ton msn envoie toujours des PUBS à tes contacts !!

Tu peut , en complémentaire faire ceci .

Télécharge CCleaner ->ici<-

Suit se ->TUTO<-(de Jypalou)

Attention,ne pas cocher la case Yahoo

Fait le nettoyage comme cela :

Décoche la case dans Options –avancé- Effacer uniquement les fichiers, du dossier temp de Windows : plus vieux que 24 Heures

Recoche cette case une fois le premier nettoyage effectué

@ ++
Avatar de l'utilisateur
Del-crosseur
Expert(e)
Expert(e)
 
Messages: 1833
Inscription: 08 Juin 2009 06:46
Localisation: Nord-(59)
 

Re: [Réglé]infecté par EoRezo

Message le 21 Déc 2010 23:33

Ok
Avatar de l'utilisateur
pierreyves258
Expert(e)
Expert(e)
 
Messages: 1139
Inscription: 30 Oct 2010 18:29
 

Re: infecté par EoRezo

Message le 23 Déc 2010 10:39

mon pc envoi encore des pub !!!
Avatar de l'utilisateur
pierreyves258
Expert(e)
Expert(e)
 
Messages: 1139
Inscription: 30 Oct 2010 18:29
 

Re: infecté par EoRezo

Message le 23 Déc 2010 12:42

Peut tu m'expliqué clairement ton problème de PUB stp ...
A tu passer Ccleaner ?

Image Télécharge ZHPDiag par Nicolas Coolman et sauvegarde-le sur le Bureau.

* Double-clique sur ZHPDiag.exe.
* clique sur le bouton Lancer le diagnostic
* Lorsque l'analyse sera terminée, un fichier au format texte s'affiche dans la zone résultat du bas.
* Clique sur le bouton Copier dans le presse papier
* Colle le résultat de l'analyse dans ta réponse en faisant un copier/coller.

Image -Si le rapport est trop long tu peut l'heberger >>>ici<<<

@ ++
Avatar de l'utilisateur
Del-crosseur
Expert(e)
Expert(e)
 
Messages: 1833
Inscription: 08 Juin 2009 06:46
Localisation: Nord-(59)
 

Suivante


Sujets similaires

Message [Résolu] Ordinateur infecté par : Program:Win32/Uwasson.A!ml
Bonjour, Je me permet de vous contacter car je n'arrive pas à me débarrasser d'un virus sur mon ordinateur, je n'arrive pas à la supprimer ou mettre en quarantaine.Si j'ai bien compris le fichier porteur n'est plus sur l'ordinateur mais la menace est toujours là.Merci de votre aide.
Réponses: 7

Message [Réglé] Ordinateur Infecté par chainthorn.com
Bonsoir, je me suis apercu que l'ordinateur de mon père était affecter via le navigateur google chrome d'un logiciel malveillant nomé chainthorn.comCelui controle si j'ai bien compris ce que mon père fait sur le navigateur et peut etre en dehors , il lui fait aussi apparaitre des pop-ups et à fait p ...
Réponses: 24

Message infecté par bing bar, et plein d'autres problèmes
bonjour à tous,je m'appelles jonathan, 27 ans,en plus des trois ou quatre problèmes usb sur les deux pc depuis des mois,je suis depuis cette nuit infecté par la barre d'outils "bing bar", etwondershare filmora s'est mal installé, je l'ai désinstallé par revo, puis en reinstallant filmora v ...
Réponses: 26

Message [Résolu] Infecté?
Bonjour a tous !Voila j'ai un collègue qui m'a passé son ordi et je voulais voir avec vous si il est infecté enfin si il reste encore des bestioles.J'ai passé Malwarebyte et Zhpcleaner qui ont trouvé plein de chose..ZhpDiagZHPDiag.txtMerci pour votre aide !
Réponses: 35

Message Samsung galaxy book infecté + périphériques non reconnus + 2
Shortcut.txtAddition.txtFRST.txtadlice diag clean rapport 22_01_2019.txtBonjour à tous,Mon Samsung Galaxy Book (PC Tablette) est lent depuis l'installation de Adlice Diag, DriverFighter & iObit Software Updater,-2 Go d'espace libre sur 107 Go sur C:/-Plein d'infections-Périphériques non-reconnus ...
Réponses: 2

Message Pc portable infecté?
Bonjour à tousPour suivre en attente des rapports.Bonne journée
Réponses: 6

Message Virus ayant infecté mon ordinateur
Bonjour, j'ai actuellement de nombreuses publicités s'affichant lorsque je suis sur internet. De plus lorsque je clique, des pages supplémentaires s'affichent. Par exemple des informations, tel que de commentaires sur youtube, ne s'affiche plus. J'ai aussi une version de bitdefender qui a expirée. C ...
Réponses: 12


Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 6 invités


.: Nous contacter :: Flux RSS :: Données personnelles :.