Aller au contenu

darwizardX

Membres
  • Compteur de contenus

    101
  • Inscription

  • Dernière visite

Réputation sur la communauté

0 Neutral

À propos de darwizardX

  • Rang
    Power Member
  • Date de naissance 21/04/1989

Contact Methods

Profile Information

  • Sexe
    Male
  • Localisation
    Canada,Quebec,longueuil
  • Intérêts
    ma saturn sc2 2001<br />et mon ordinateur

Autres informations

  • Mes langues
    francais,quebecois

Visiteurs récents du profil

4 139 visualisations du profil
  1. désolé je vois vraiment pas ou inseré les piece jointe sur le forum zeblon mais bon sa rentre alors le voici !!! Rapport de ZHPDiag v1.27.193 par Nicolas Coolman, Update du 28/04/2011 Run by darwizardx at 2011-04-30 11:50:01 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 GCIE: Google Chrome v10.0.648.205 ---\\ System Information Windows Vista Home Premium Edition, 64-bit Service Pack 2 (Build 6002) Processor: AMD64 Family 16 Model 4 Stepping 2, AuthenticAMD Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 4094 MB (63% free) System Restore: Activé (Enable) System drive C: has 266 GB (44%) free of 596 GB ---\\ Logged in mode Computer Name: PC-DE-DARWIZARD User Name: darwizardx All Users Names: darwizardx, Administrateur, Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables %AppData%= %LocalAppData%= %StartMenu%= ---\\ DOS/Devices A:\ Floppy drive, Flash card reader, USB Key (Not Inserted) C:\ Hard drive, Flash drive, Thumb drive (Free 266 Go of 596 Go) D:\ CD-ROM drive (Free 0 Go of 8 Go) E:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK ---\\ Recherche particulière de fichiers génériques [MD5.6B08E54A451B3F95E4109DBA7E594270] - (.Microsoft Corporation - Explorateur Windows.) (.2009-04-11 02:10:17.) -- C:\Windows\Explorer.exe [3079168] [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.2008-01-20 21:48:04.) -- C:\Windows\system32\Wininit.exe [96768] [MD5.A1236375B74EA63C75657D564890C436] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.2011-04-27 18:30:49.) -- C:\Windows\system32\wininet.dll [1126912] [MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.2009-04-11 01:28:13.) -- C:\Windows\system32\Winlogon.exe [314368] ---\\ Processus lancés [MD5.7B878518590E826F1F3A5B1D61D405F8] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3396624] [MD5.E83508D9A0F0D0D8449317DC6A4C5E02] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [924632] [MD5.3B2CC09944488DB5ED5DFDC315C9AB57] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [16856] [MD5.59E2A529D9ABCFA2024153A05FE693A1] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [644608] ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) M3 - MFPP: Plugins - [darwizardx] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [darwizardx] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\bing.xml M3 - MFPP: Plugins - [darwizardx] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [darwizardx] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [darwizardx] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [darwizardx] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [darwizardx] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npdeployJava1.dll P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\NPOFFICE.DLL P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.0.0.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Users\darwizardx\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 3.1.0f4.) -- C:\Users\darwizardx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) G1 - GCS: Preference [user Data\Default] None G0 - GCSP: Preference [user Data\Default][HomePage] Google ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKUS\S-1-5-21-1178239170-2522236887-3947781437-1000\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKUS\S-1-5-21-1178239170-2522236887-3947781437-1000\Software\Microsoft\Internet Explorer\Main,Search Page = Google R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\system32\ieframe.dll ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll ---\\ ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe O4 - HKCU\..\Run: [start WingMan Profiler] Clé orpheline O4 - HKLM\..\Wow6432Node\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll O4 - HKUS\S-1-5-21-1178239170-2522236887-3947781437-1000\..\Run: [start WingMan Profiler] Clé orpheline ---\\ ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\darwizardx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\darwizardx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\darwizardx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe O4 - Global Startup: C:\Users\darwizardx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe O4 - Global Startup: C:\Users\darwizardx\Desktop\Crysis2 - Raccourci.lnk . (.Crytek GmbH.) -- C:\Program Files (x86)\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe O4 - Global Startup: C:\Users\darwizardx\Desktop\EVE.lnk . (.CCP hf..) -- C:\Program Files (x86)\CCP\EVE\eve.exe O4 - Global Startup: C:\Users\darwizardx\Desktop\FMS.lnk . (...) -- C:\Program Files (x86)\FMS\FMS.exe O4 - Global Startup: C:\Users\darwizardx\Desktop\OpenTTD.lnk . (.OpenTTD Development Team.) -- C:\Program Files\OpenTTD\openttd.exe O4 - Global Startup: C:\Users\darwizardx\Desktop\rct2 - Raccourci.lnk . (...) -- C:\Program Files (x86)\Infogrames\RollerCoaster Tycoon 2\rct2.exe O4 - Global Startup: C:\Users\darwizardx\Desktop\Stronghold2 - Raccourci.lnk . (.Firefly Studios.) -- C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe O4 - Global Startup: C:\Users\darwizardx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Users\darwizardx\AppData\Local\Google\Chrome\Application\chrome.exe O4 - Global Startup: C:\Users\darwizardx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\darwizardx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Users\darwizardx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk . (.Vuze Inc..) -- C:\Program Files (x86)\Vuze\Azureus.exe O4 - Global Startup: C:\Users\darwizardx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{B1D7BBA7-6FB6-4BEE-9930-3055BC19AA16}: DhcpNameServer = 24.201.245.77 24.200.243.189 O17 - HKLM\System\CCS\Services\Tcpip\..\{BA57F1EC-1356-4BE6-99DA-CA9A389A4144}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CS1\Services\Tcpip\..\{B1D7BBA7-6FB6-4BEE-9930-3055BC19AA16}: DhcpNameServer = 24.201.245.77 24.200.243.189 O17 - HKLM\System\CS1\Services\Tcpip\..\{BA57F1EC-1356-4BE6-99DA-CA9A389A4144}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CS2\Services\Tcpip\..\{B1D7BBA7-6FB6-4BEE-9930-3055BC19AA16}: DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189 O17 - HKLM\System\CS3\Services\Tcpip\..\{B1D7BBA7-6FB6-4BEE-9930-3055BC19AA16}: DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189 O17 - HKLM\System\CCS\Services\Tcpip\..\{B1D7BBA7-6FB6-4BEE-9930-3055BC19AA16}: DhcpDomain = domain O17 - HKLM\System\CS1\Services\Tcpip\..\{B1D7BBA7-6FB6-4BEE-9930-3055BC19AA16}: DhcpDomain = domain O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.201.245.77 24.200.243.189 ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (AMD External Events Utility) . (...) - C:\Windows\system32\atiesrxx.exe O23 - Service: (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: (gupdate) . (...) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: (Steam Client Service) . (...) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: (wlidsvc) . (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.exe O23 - Service: c:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe (WPFFontCache_v0400) . (...) - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1178239170-2522236887-3947781437-1000Core.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1178239170-2522236887-3947781437-1000UA.job [MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskMachineCore] (.Pas de propriétaire.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskMachineUA] (.Pas de propriétaire.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-1178239170-2522236887-3947781437-1000Core] (.Pas de propriétaire.) -- C:\Users\darwizardx\AppData\Local\Google\Update\GoogleUpdate.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-1178239170-2522236887-3947781437-1000UA] (.Pas de propriétaire.) -- C:\Users\darwizardx\AppData\Local\Google\Update\GoogleUpdate.exe (.not file.) ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys ---\\ Logiciels installés (O42) O42 - Logiciel: AMD USB Audio Driver Filter - (.Advanced Micro Devices, Inc..) [HKLM] -- {BD3BAF20-F7C6-4D50-9862-D24DC5A04869} O42 - Logiciel: ATI AVIVO64 Codecs - (.ATI Technologies Inc..) [HKLM] -- {D1EF69B7-7A97-40FC-9AF1-6D6656FF874F} O42 - Logiciel: ATI Catalyst Install Manager - (.ATI Technologies, Inc..) [HKLM] -- {F3FEB53B-0BD3-F481-A8F9-51BA46466A6A} O42 - Logiciel: ATI Stream SDK v2 Developer - (.ATI Technologies Inc..) [HKLM] -- {80C27FE9-C6C4-F5C8-EAD3-09E7E0102E78} O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31} O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643} O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- {8E34682C-8118-31F1-BC4C-98CD9675E1C2} O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {B6E3757B-5E77-3915-866A-CCFC4B8D194C} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM] -- {6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 - (.Microsoft Corporation.) [HKLM] -- {aac9fcc4-dd9e-4add-901c-b5496a07ab2e} O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {EE936C7A-EA40-31D5-9B65-8E3E089C3828} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {8338783A-0968-3B85-AFC7-BAAE0A63DC50} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {8220EEFE-38CD-377E-8595-13398D740ACE} O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM] -- {DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E} O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM] -- TeamSpeak 3 Client O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU] -- UnityWebPlayer O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {1B8ABA62-74F0-47ED-B18C-A43128E591B8} O42 - Logiciel: Windows Live Language Selector - (.Microsoft Corporation.) [HKLM] -- {5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0} ---\\ HKCU & HKLM Software Keys [HKCU\Software\1964emu_099] [HKCU\Software\ALWIL Software] [HKCU\Software\ASUS] [HKCU\Software\ATI Technologies Inc.] [HKCU\Software\ATI] [HKCU\Software\Adobe] [HKCU\Software\AppDataLow\Google] [HKCU\Software\AppDataLow\Software\Adobe] [HKCU\Software\AppDataLow\Software\Conduit] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software\Unity] [HKCU\Software\AppDataLow\Software\Vuze_Remote] [HKCU\Software\AppDataLow\Software\conduitEngine] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow\Toolbar] [HKCU\Software\AppDataLow] [HKCU\Software\Azureus] [HKCU\Software\Blizzard Entertainment] [HKCU\Software\Bugsplat] [HKCU\Software\CCP] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Conduit] [HKCU\Software\Crytek] [HKCU\Software\DT Soft] [HKCU\Software\DiskSoftware] [HKCU\Software\Electronic Arts] [HKCU\Software\Emulators] [HKCU\Software\Flying-Model-Simulator] [HKCU\Software\GNU] [HKCU\Software\GameSpy] [HKCU\Software\Google] [HKCU\Software\Hewlett-Packard] [HKCU\Software\IM Providers] [HKCU\Software\JaboSoft] [HKCU\Software\JavaSoft] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Logitech] [HKCU\Software\Macromedia] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Mumble] [HKCU\Software\N64 Emulation] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\PhotoInPress] [HKCU\Software\Policies] [HKCU\Software\Printers] [HKCU\Software\RICEDAEDALUS520] [HKCU\Software\Razer] [HKCU\Software\Safer Networking Limited] [HKCU\Software\SecuROM] [HKCU\Software\Software] [HKCU\Software\TeamSpeak 3 Client] [HKCU\Software\Trolltech] [HKCU\Software\Unity] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\Valve] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Wow6432Node] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\YouTube Downloader] [HKCU\Software\ej-technologies] [HKCU\Software\join.me] [HKLM\Software\AMD] [HKLM\Software\ASUS] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Hewlett-Packard] [HKLM\Software\Intel] [HKLM\Software\Khronos] [HKLM\Software\Logitech] [HKLM\Software\ODBC] [HKLM\Software\Policies] [HKLM\Software\QSound Labs, Inc.] [HKLM\Software\RegisteredApplications] [HKLM\Software\Sonic] [HKLM\Software\Wow6432Node] ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 2010-11-17 - 23:26:54 - [162307387] ----D- C:\Program Files\Alwil Software O43 - CFD: 2010-11-17 - 22:47:38 - [23463472] ----D- C:\Program Files\ATI O43 - CFD: 2010-11-19 - 22:08:20 - [28] ----D- C:\Program Files\ATI Technologies O43 - CFD: 2010-12-26 - 21:13:42 - [226923943] ----D- C:\Program Files\Common Files O43 - CFD: 2010-11-17 - 22:36:46 - [0] -SH-D- C:\Program Files\Fichiers communs O43 - CFD: 2011-04-27 - 19:44:20 - [6667792] ----D- C:\Program Files\Internet Explorer O43 - CFD: 2010-12-26 - 21:13:42 - [9689809] ----D- C:\Program Files\Logitech O43 - CFD: 2006-11-02 - 11:07:28 - [94671287] ----D- C:\Program Files\Microsoft Games O43 - CFD: 2010-11-20 - 19:15:44 - [116334702] ----D- C:\Program Files\Movie Maker O43 - CFD: 2006-11-02 - 11:07:28 - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 2011-01-23 - 21:44:06 - [30066402] ----D- C:\Program Files\OpenTTD O43 - CFD: 2006-11-02 - 11:07:28 - [36351145] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 2011-02-01 - 11:53:08 - [36741940] ----D- C:\Program Files\TeamSpeak 3 Client O43 - CFD: 2006-11-02 - 11:44:56 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 2008-01-20 - 23:09:42 - [1302528] ----D- C:\Program Files\Windows Calendar O43 - CFD: 2010-11-20 - 19:15:44 - [2963968] ----D- C:\Program Files\Windows Collaboration O43 - CFD: 2010-11-20 - 19:15:42 - [6394224] ----D- C:\Program Files\Windows Defender O43 - CFD: 2010-11-20 - 19:15:44 - [9655416] ----D- C:\Program Files\Windows Journal O43 - CFD: 2011-04-15 - 07:51:10 - [9619128] ----D- C:\Program Files\Windows Mail O43 - CFD: 2010-11-20 - 19:15:44 - [5140215] ----D- C:\Program Files\Windows Media Player O43 - CFD: 2010-11-17 - 22:36:46 - [8057896] ----D- C:\Program Files\Windows NT O43 - CFD: 2010-11-20 - 19:15:44 - [16439458] ----D- C:\Program Files\Windows Photo Gallery O43 - CFD: 2010-11-21 - 00:02:22 - [167424] ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 2010-11-20 - 19:15:44 - [6886470] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 2010-11-17 - 22:48:42 - [6089216] ----D- C:\Program Files\Common Files\ATI Technologies O43 - CFD: 2010-12-26 - 21:13:44 - [1222582] ----D- C:\Program Files\Common Files\Logitech O43 - CFD: 2010-11-20 - 23:50:08 - [209396561] ----D- C:\Program Files\Common Files\Microsoft Shared O43 - CFD: 2006-11-02 - 09:33:54 - [2702] ----D- C:\Program Files\Common Files\Services O43 - CFD: 2006-11-02 - 09:33:54 - [608256] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 2008-01-20 - 23:09:30 - [9604626] ----D- C:\Program Files\Common Files\System O43 - CFD: 2010-11-20 - 16:24:36 - [136910585] ----D- C:\ProgramData\Adobe O43 - CFD: 2010-11-17 - 23:26:54 - [6073934] ----D- C:\ProgramData\Alwil Software O43 - CFD: 2006-11-02 - 11:42:18 - [0] -SH-D- C:\ProgramData\Application Data O43 - CFD: 2010-12-28 - 13:48:10 - [1548] ----D- C:\ProgramData\Astroburn Pro O43 - CFD: 2010-11-19 - 22:11:04 - [187] ----D- C:\ProgramData\ATI O43 - CFD: 2010-11-18 - 14:12:12 - [821] ----D- C:\ProgramData\Blizzard O43 - CFD: 2011-04-15 - 19:55:44 - [376850178] ----D- C:\ProgramData\Blizzard Entertainment O43 - CFD: 2010-11-18 - 21:08:26 - [0] ----D- C:\ProgramData\Blizzard Entertainment.temp O43 - CFD: 2010-11-17 - 22:36:46 - [0] -SH-D- C:\ProgramData\Bureau O43 - CFD: 2011-04-12 - 20:23:58 - [0] ----D- C:\ProgramData\CCP O43 - CFD: 2010-12-28 - 13:37:18 - [1500] ----D- C:\ProgramData\DAEMON Tools Lite O43 - CFD: 2006-11-02 - 11:42:18 - [0] -SH-D- C:\ProgramData\Desktop O43 - CFD: 2006-11-02 - 11:42:18 - [0] -SH-D- C:\ProgramData\Documents O43 - CFD: 2011-03-22 - 21:34:44 - [0] ----D- C:\ProgramData\EA Core O43 - CFD: 2011-03-28 - 19:05:26 - [257819] ----D- C:\ProgramData\Electronic Arts O43 - CFD: 2010-11-17 - 22:36:46 - [0] -SH-D- C:\ProgramData\Favoris O43 - CFD: 2006-11-02 - 11:42:18 - [0] -SH-D- C:\ProgramData\Favorites O43 - CFD: 2011-03-20 - 19:22:00 - [209429222] ----D- C:\ProgramData\Firefly Studios O43 - CFD: 2010-12-18 - 17:05:10 - [0] ----D- C:\ProgramData\Google O43 - CFD: 2010-12-01 - 22:30:18 - [512554] ----D- C:\ProgramData\Hewlett-Packard O43 - CFD: 2010-11-20 - 16:11:44 - [178228] ----D- C:\ProgramData\McAfee O43 - CFD: 2010-11-20 - 16:11:46 - [856] ----D- C:\ProgramData\McAfee Security Scan O43 - CFD: 2010-11-17 - 22:36:46 - [0] -SH-D- C:\ProgramData\Menu Démarrer O43 - CFD: 2010-12-17 - 22:43:06 - [150524246] -S--D- C:\ProgramData\Microsoft O43 - CFD: 2010-11-17 - 22:36:46 - [0] -SH-D- C:\ProgramData\Modèles O43 - CFD: 2011-01-19 - 17:26:18 - [0] ----D- C:\ProgramData\PlayFirst O43 - CFD: 2010-12-12 - 20:03:08 - [1192698] ----D- C:\ProgramData\Screaming Bee O43 - CFD: 2011-03-19 - 15:23:06 - [61448] ----D- C:\ProgramData\Spybot - Search & Destroy O43 - CFD: 2006-11-02 - 11:42:18 - [0] -SH-D- C:\ProgramData\Start Menu O43 - CFD: 2006-11-02 - 11:42:18 - [0] -SH-D- C:\ProgramData\Templates O43 - CFD: 2011-01-17 - 23:35:52 - [528] ----D- C:\ProgramData\Trymedia O43 - CFD: 2011-01-02 - 20:18:12 - [425] ----D- C:\ProgramData\Ubisoft O43 - CFD: 2011-04-09 - 19:09:14 - [51751309] ----D- C:\Users\darwizardx\AppData\Roaming\.minecraft O43 - CFD: 2010-11-20 - 16:23:50 - [3279516] ----D- C:\Users\darwizardx\AppData\Roaming\Adobe O43 - CFD: 2010-12-28 - 13:48:06 - [0] ----D- C:\Users\darwizardx\AppData\Roaming\Astroburn Pro O43 - CFD: 2010-11-17 - 23:15:56 - [0] ----D- C:\Users\darwizardx\AppData\Roaming\ATI O43 - CFD: 2011-04-17 - 14:37:20 - [19636614] ----D- C:\Users\darwizardx\AppData\Roaming\Azureus O43 - CFD: 2010-12-28 - 13:43:34 - [640] ----D- C:\Users\darwizardx\AppData\Roaming\DAEMON Tools Lite O43 - CFD: 2011-04-17 - 12:25:56 - [8306995] ----D- C:\Users\darwizardx\AppData\Roaming\EVEMon O43 - CFD: 2010-12-18 - 17:05:42 - [396] ----D- C:\Users\darwizardx\AppData\Roaming\Google O43 - CFD: 2010-12-27 - 20:08:02 - [165] ----D- C:\Users\darwizardx\AppData\Roaming\gtk-2.0 O43 - CFD: 2010-11-17 - 22:38:22 - [0] ----D- C:\Users\darwizardx\AppData\Roaming\Identities O43 - CFD: 2011-01-02 - 19:57:54 - [0] ----D- C:\Users\darwizardx\AppData\Roaming\InstallShield O43 - CFD: 2010-11-18 - 00:05:54 - [1523067] ----D- C:\Users\darwizardx\AppData\Roaming\Macromedia O43 - CFD: 2006-11-02 - 11:07:26 - [0] ----D- C:\Users\darwizardx\AppData\Roaming\Media Center Programs O43 - CFD: 2010-12-24 - 12:16:00 - [2231345] -S--D- C:\Users\darwizardx\AppData\Roaming\Microsoft O43 - CFD: 2010-11-17 - 23:20:54 - [30620928] ----D- C:\Users\darwizardx\AppData\Roaming\Mozilla O43 - CFD: 2011-04-26 - 20:51:56 - [616129] ----D- C:\Users\darwizardx\AppData\Roaming\Mumble O43 - CFD: 2010-12-27 - 19:43:20 - [3131455] ----D- C:\Users\darwizardx\AppData\Roaming\PhotoInPress O43 - CFD: 2011-01-19 - 17:26:18 - [33119] ----D- C:\Users\darwizardx\AppData\Roaming\PlayFirst O43 - CFD: 2010-12-12 - 20:03:10 - [852060] ----D- C:\Users\darwizardx\AppData\Roaming\Screaming Bee O43 - CFD: 2011-02-13 - 11:41:32 - [3379880] ----D- C:\Users\darwizardx\AppData\Roaming\TS3Client O43 - CFD: 2011-01-02 - 20:19:00 - [178530] ----D- C:\Users\darwizardx\AppData\Roaming\Ubisoft O43 - CFD: 2010-12-24 - 17:20:40 - [2429] ----D- C:\Users\darwizardx\AppData\Roaming\Unity O43 - CFD: 2011-01-17 - 21:42:24 - [1304671] ----D- C:\Users\darwizardx\AppData\Roaming\vlc O43 - CFD: 2010-12-29 - 16:14:34 - [0] ----D- C:\Users\darwizardx\AppData\Roaming\WinRAR O43 - CFD: 2010-11-20 - 16:23:50 - [14349379] ----D- C:\Users\darwizardx\Appdata\Local\Adobe O43 - CFD: 2010-11-17 - 22:38:18 - [0] -SH-D- C:\Users\darwizardx\Appdata\Local\Application Data O43 - CFD: 2010-12-19 - 01:04:40 - [95871] ----D- C:\Users\darwizardx\Appdata\Local\Apps O43 - CFD: 2010-11-17 - 23:15:56 - [70541] ----D- C:\Users\darwizardx\Appdata\Local\ATI O43 - CFD: 2011-01-31 - 17:42:30 - [165226651] ----D- C:\Users\darwizardx\Appdata\Local\CCP O43 - CFD: 2010-12-19 - 20:08:28 - [0] ----D- C:\Users\darwizardx\Appdata\Local\Deployment O43 - CFD: 2011-03-28 - 19:34:44 - [2643319] ----D- C:\Users\darwizardx\Appdata\Local\Electronic Arts O43 - CFD: 2010-12-19 - 01:14:46 - [372380770] ----D- C:\Users\darwizardx\Appdata\Local\Google O43 - CFD: 2010-11-17 - 22:38:18 - [0] -SH-D- C:\Users\darwizardx\Appdata\Local\Historique O43 - CFD: 2011-04-13 - 21:20:08 - [401838745] ----D- C:\Users\darwizardx\Appdata\Local\Microsoft O43 - CFD: 2011-01-02 - 17:03:22 - [417262] ----D- C:\Users\darwizardx\Appdata\Local\Microsoft Games O43 - CFD: 2010-11-17 - 23:20:44 - [67871917] ----D- C:\Users\darwizardx\Appdata\Local\Mozilla O43 - CFD: 2010-12-28 - 19:36:52 - [0] ----D- C:\Users\darwizardx\Appdata\Local\My Games O43 - CFD: 2010-12-29 - 01:08:00 - [0] ----D- C:\Users\darwizardx\Appdata\Local\SKIDROW O43 - CFD: 2011-04-30 - 11:49:50 - [23304401] ----D- C:\Users\darwizardx\Appdata\Local\Temp O43 - CFD: 2010-11-17 - 22:38:18 - [0] -SH-D- C:\Users\darwizardx\Appdata\Local\Temporary Internet Files O43 - CFD: 2010-12-24 - 17:19:12 - [210158] ----D- C:\Users\darwizardx\Appdata\Local\Unity O43 - CFD: 2010-12-18 - 17:15:20 - [3256284] ----D- C:\Users\darwizardx\Appdata\Local\VirtualStore O43 - CFD: 2011-04-27 - 18:47:26 - [49152] ----D- C:\Users\darwizardx\Appdata\Local\Windows Live O43 - CFD: 2010-11-20 - 23:37:48 - [6722] ----D- C:\Users\darwizardx\Appdata\Local\WindowsUpdate O43 - CFD: 2011-01-14 - 22:47:16 - [3876512] ----D- C:\Program Files (x86)\1964 O43 - CFD: 2010-11-20 - 16:12:46 - [130540463] ----D- C:\Program Files (x86)\Adobe O43 - CFD: 2010-11-17 - 22:49:00 - [40857] ----D- C:\Program Files (x86)\AMD O43 - CFD: 2010-12-28 - 13:48:16 - [12038154] ----D- C:\Program Files (x86)\Astroburn Pro O43 - CFD: 2010-11-19 - 22:09:10 - [245030] ----D- C:\Program Files (x86)\ATI O43 - CFD: 2010-11-19 - 22:09:04 - [44815044] ----D- C:\Program Files (x86)\ATI Stream O43 - CFD: 2010-11-17 - 23:14:02 - [64334418] ----D- C:\Program Files (x86)\ATI Technologies O43 - CFD: 2010-12-12 - 19:57:34 - [4592130] ----D- C:\Program Files (x86)\AV VoizGame O43 - CFD: 2011-01-19 - 17:26:08 - [131790030] ----D- C:\Program Files (x86)\bigup16 O43 - CFD: 2011-01-31 - 14:58:56 - [8258289913] ----D- C:\Program Files (x86)\CCP O43 - CFD: 2011-03-13 - 19:15:12 - [490804008] ----D- C:\Program Files (x86)\Common Files O43 - CFD: 2010-12-28 - 00:29:54 - [532064] ----D- C:\Program Files (x86)\Conduit O43 - CFD: 2011-04-28 - 21:06:12 - [76049] ----D- C:\Program Files (x86)\ConduitEngine O43 - CFD: 2011-04-29 - 21:54:34 - [11729242] ----D- C:\Program Files (x86)\DAEMON Tools Lite O43 - CFD: 2010-12-31 - 15:53:20 - [6763244337] ----D- C:\Program Files (x86)\Eidos O43 - CFD: 2011-03-28 - 19:05:20 - [13710634359] ----D- C:\Program Files (x86)\Electronic Arts O43 - CFD: 2011-02-09 - 16:24:14 - [11696964] ----D- C:\Program Files (x86)\EVEMon O43 - CFD: 2010-12-28 - 00:42:02 - [16295101] ----D- C:\Program Files (x86)\ffdshow O43 - CFD: 2011-03-20 - 19:00:20 - [995990407] ----D- C:\Program Files (x86)\Firefly Studios O43 - CFD: 2011-01-19 - 14:12:48 - [12777723] ----D- C:\Program Files (x86)\FMS O43 - CFD: 2010-12-27 - 19:44:30 - [113140842] ----D- C:\Program Files (x86)\GIMP-2.0 O43 - CFD: 2010-12-18 - 21:20:12 - [118521241] ----D- C:\Program Files (x86)\Google O43 - CFD: 2011-01-17 - 20:33:14 - [37145070] ----D- C:\Program Files (x86)\Hotel Dash Suite Success O43 - CFD: 2011-03-09 - 16:02:42 - [580081229] ----D- C:\Program Files (x86)\Infogrames O43 - CFD: 2011-03-22 - 21:07:20 - [312857750] --H-D- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 2011-04-27 - 19:44:20 - [5551112] ----D- C:\Program Files (x86)\Internet Explorer O43 - CFD: 2011-03-15 - 16:09:58 - [88407535] ----D- C:\Program Files (x86)\Java O43 - CFD: 2010-12-24 - 12:45:08 - [126976] ----D- C:\Program Files (x86)\Linksys O43 - CFD: 2011-01-20 - 20:46:56 - [1484003451] ----D- C:\Program Files (x86)\Maxis O43 - CFD: 2010-11-23 - 20:17:08 - [9227693] ----D- C:\Program Files (x86)\McAfee Security Scan O43 - CFD: 2010-12-31 - 15:28:28 - [6832967] ----D- C:\Program Files (x86)\Microsoft Games for Windows - LIVE O43 - CFD: 2011-02-10 - 12:45:50 - [305015167] ----D- C:\Program Files (x86)\Microsoft Office O43 - CFD: 2011-04-22 - 09:43:14 - [38388859] ----D- C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 2011-03-22 - 21:17:06 - [979309] ----D- C:\Program Files (x86)\Microsoft WSE O43 - CFD: 2010-12-17 - 22:43:06 - [339327] ----D- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 2011-04-29 - 22:25:48 - [33314494] ----D- C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 2006-11-02 - 11:07:28 - [25757] ----D- C:\Program Files (x86)\MSBuild O43 - CFD: 2011-02-10 - 12:45:20 - [39944647] ----D- C:\Program Files (x86)\MSECache O43 - CFD: 2010-11-17 - 23:33:12 - [37736965] ----D- C:\Program Files (x86)\Mumble O43 - CFD: 2010-12-27 - 19:43:20 - [2950964] ----D- C:\Program Files (x86)\PhotoInPress O43 - CFD: 2011-01-14 - 22:53:54 - [3528508] ----D- C:\Program Files (x86)\Project64 1.6 O43 - CFD: 2006-11-02 - 11:07:28 - [38690561] ----D- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 2010-12-12 - 20:02:10 - [13630606] ----D- C:\Program Files (x86)\Screaming Bee O43 - CFD: 2010-12-28 - 19:36:20 - [5920677455] ----D- C:\Program Files (x86)\Sid Meier's Civilization V O43 - CFD: 2011-04-29 - 21:58:00 - [64910767] ----D- C:\Program Files (x86)\Spybot - Search & Destroy O43 - CFD: 2011-03-05 - 20:05:36 - [9780280756] ----D- C:\Program Files (x86)\StarCraft II O43 - CFD: 2010-11-18 - 21:08:26 - [1824902591] ----D- C:\Program Files (x86)\StarCraft II.temp O43 - CFD: 2011-04-29 - 21:54:52 - [148639271] ----D- C:\Program Files (x86)\Steam O43 - CFD: 2011-01-17 - 23:34:46 - [9770] ----D- C:\Program Files (x86)\Trymedia O43 - CFD: 2011-01-02 - 19:58:34 - [7138627592] ----D- C:\Program Files (x86)\Ubisoft O43 - CFD: 2006-11-02 - 11:36:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information O43 - CFD: 2011-01-17 - 23:34:12 - [255180407] ----D- C:\Program Files (x86)\Valusoft O43 - CFD: 2010-11-17 - 22:57:12 - [10331006] ----D- C:\Program Files (x86)\VIA O43 - CFD: 2010-12-26 - 20:43:58 - [83580374] ----D- C:\Program Files (x86)\VideoLAN O43 - CFD: 2011-02-07 - 19:43:10 - [111077995] ----D- C:\Program Files (x86)\Vuze O43 - CFD: 2011-04-28 - 21:06:12 - [217018] ----D- C:\Program Files (x86)\Vuze_Remote O43 - CFD: 2010-11-20 - 19:15:42 - [1016832] ----D- C:\Program Files (x86)\Windows Calendar O43 - CFD: 2008-01-20 - 23:09:48 - [53248] ----D- C:\Program Files (x86)\Windows Collaboration O43 - CFD: 2008-01-20 - 23:09:42 - [504128] ----D- C:\Program Files (x86)\Windows Defender O43 - CFD: 2011-03-31 - 11:42:40 - [56371412] ----D- C:\Program Files (x86)\Windows Live O43 - CFD: 2011-04-15 - 07:51:10 - [8935608] ----D- C:\Program Files (x86)\Windows Mail O43 - CFD: 2010-11-20 - 19:15:42 - [3013093] ----D- C:\Program Files (x86)\Windows Media Player O43 - CFD: 2006-11-02 - 11:07:28 - [7957544] ----D- C:\Program Files (x86)\Windows NT O43 - CFD: 2010-11-20 - 19:15:42 - [13528738] ----D- C:\Program Files (x86)\Windows Photo Gallery O43 - CFD: 2010-11-21 - 00:02:22 - [134144] ----D- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 2010-11-20 - 19:15:42 - [6527558] ----D- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 2010-12-29 - 16:14:22 - [3525683] ----D- C:\Program Files (x86)\WinRAR O43 - CFD: 2011-03-17 - 21:11:46 - [7169630] ----D- C:\Program Files (x86)\YouTube Downloader O43 - CFD: 2011-04-30 - 11:50:12 - [3782781] ----D- C:\Program Files (x86)\ZHPDiag O43 - CFD: 2011-04-29 - 22:22:38 - [74832871] ----D- C:\Program Files (x86)\ZHPFix O43 - CFD: 2011-04-17 - 14:27:14 - [53372129280] ----D- C:\Program Files (x86)\zot O43 - CFD: 2010-11-20 - 16:13:14 - [2583085] ----D- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 2010-11-20 - 00:06:36 - [3854957] ----D- C:\Program Files (x86)\Common Files\Blizzard Entertainment O43 - CFD: 2010-12-17 - 22:43:32 - [86016] ----D- C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 2011-03-20 - 18:58:56 - [8017994] ----D- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 2011-02-10 - 12:45:50 - [330257464] ----D- C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 2006-11-02 - 09:33:54 - [2702] ----D- C:\Program Files (x86)\Common Files\Services O43 - CFD: 2006-11-02 - 09:33:54 - [41101735] ----D- C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 2011-04-29 - 21:58:44 - [0] ----D- C:\Program Files (x86)\Common Files\Steam O43 - CFD: 2010-12-17 - 22:43:12 - [22782564] ----D- C:\Program Files (x86)\Common Files\System O43 - CFD: 2010-11-17 - 23:48:28 - [82117491] ----D- C:\Program Files (x86)\Common Files\Windows Live ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.BF1CDBA98B4705B9764F082CBC2A7C67] - 2011-04-11 - 17:36:45 ---A- . (...) -- C:\Windows\MEMORY.DMP [379755183] O44 - LFC:[MD5.222A888A2BD6B93EF198EAC82358A9FE] - 2011-04-14 - 21:13:30 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\SysNative\atmlib.dll [48128] O44 - LFC:[MD5.222A888A2BD6B93EF198EAC82358A9FE] - 2011-04-14 - 21:13:30 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll [34304] O44 - LFC:[MD5.49199261D4E9474B3E3BCD8B3605E917] - 2011-04-14 - 21:13:30 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\SysNative\atmfd.dll [367616] O44 - LFC:[MD5.49199261D4E9474B3E3BCD8B3605E917] - 2011-04-14 - 21:13:30 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll [292864] O44 - LFC:[MD5.FBB3FB8272B66E4233BE2453F3A56325] - 2011-04-15 - 06:35:26 ---A- . (...) -- C:\Windows\win.ini [240] O44 - LFC:[MD5.59993E644E618B323C8C36FBC170C62C] - 2011-04-15 - 06:52:59 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [321544] O44 - LFC:[MD5.5587F43C82181792C7A2482DE250B671] - 2011-04-27 - 17:51:39 ---A- . (.Microsoft - Legacy GDF resource DLL.) -- C:\Windows\SysNative\GameUXLegacyGDFs.dll [4240384] O44 - LFC:[MD5.5587F43C82181792C7A2482DE250B671] - 2011-04-27 - 17:51:39 ---A- . (.Microsoft - Legacy GDF resource DLL.) -- C:\Windows\System32\GameUXLegacyGDFs.dll [4240384] O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 2011-04-27 - 18:30:46 ---A- . (...) -- C:\Windows\SysNative\ieuinit.inf [72822] O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 2011-04-27 - 18:30:48 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [72822] O44 - LFC:[MD5.ECD81B99477AB4A93D7838EB40B870D0] - 2011-04-27 - 18:30:58 ---A- . (...) -- C:\Windows\SysNative\icrav03.rat [8798] O44 - LFC:[MD5.6D21D0A95286DCD09E354B612F592EB7] - 2011-04-27 - 18:30:58 ---A- . (...) -- C:\Windows\SysNative\ticrf.rat [1988] O44 - LFC:[MD5.ECD81B99477AB4A93D7838EB40B870D0] - 2011-04-27 - 18:30:58 ---A- . (...) -- C:\Windows\System32\icrav03.rat [8798] O44 - LFC:[MD5.6D21D0A95286DCD09E354B612F592EB7] - 2011-04-27 - 18:30:58 ---A- . (...) -- C:\Windows\System32\ticrf.rat [1988] O44 - LFC:[MD5.98B894AE314173C3AE1952FBFB8A6205] - 2011-04-27 - 18:31:07 ---A- . (...) -- C:\Windows\IE9_main.log [3133] O44 - LFC:[MD5.5BD404FECCB9DA0A146D3C91F4E8F088] - 2011-04-28 - 21:21:18 ---A- . (...) -- C:\Windows\dd_vcredistMSI68C5.txt [461654] O44 - LFC:[MD5.541D1301E786485A44E556C00AAFD239] - 2011-04-28 - 21:21:18 ---A- . (...) -- C:\Windows\dd_vcredistUI68C5.txt [11646] O44 - LFC:[MD5.35FE64CA0642FF66D08F639555BAEA79] - 2011-04-28 - 21:21:53 ---A- . (...) -- C:\Windows\dd_vcredistMSI697F.txt [464080] O44 - LFC:[MD5.A1F3A20F91AF356DF70F3A65CC012C7C] - 2011-04-28 - 21:21:53 ---A- . (...) -- C:\Windows\dd_vcredistUI697F.txt [11614] O44 - LFC:[MD5.3C4128824694D6DF3226FAC5BD297C79] - 2011-04-29 - 20:58:21 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [4576] O44 - LFC:[MD5.3C4128824694D6DF3226FAC5BD297C79] - 2011-04-29 - 20:58:21 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [4576] O44 - LFC:[MD5.E0123AF44CE8BB0C30ECF04468F979E4] - 2011-04-29 - 21:00:40 ---A- . (...) -- C:\ZHPExportRegistry-2011-04-29-22-00-40.txt [1656912] O44 - LFC:[MD5.DE752DCBD640DA22D415FEE37C627BB2] - 2011-04-29 - 21:03:27 ---A- . (...) -- C:\Windows\PFRO.log [13706] O44 - LFC:[MD5.4D4A430CA655CA0060B6F6216372EB02] - 2011-04-29 - 21:22:51 ---A- . (...) -- C:\ZHPRegY0.zhp [1714] O44 - LFC:[MD5.59A60F0952AC6AE7D8CC15A559EBFA3B] - 2011-04-30 - 08:10:43 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.77D60CA892F1D29C984D933B461749EE] - 2011-04-30 - 08:16:09 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [6606] O44 - LFC:[MD5.26583113F54E8FF2ADF8736BBD9133AB] - 2011-04-30 - 08:16:09 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [1434224] O44 - LFC:[MD5.F2C79F5368B8F2B88A35A24EDD279596] - 2011-04-30 - 08:16:09 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [1632192] O44 - LFC:[MD5.E1FD0787DCA641FEEF30648C69AE00BE] - 2011-04-30 - 08:16:09 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [2033164] O44 - LFC:[MD5.D0F5B97A18211D5100625AAAA23E2CFF] - 2011-04-30 - 08:16:09 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [5129406] O44 - LFC:[MD5.D0EE1700D64DFB7500DCFD7EA4EF1700] - 2011-04-30 - 09:53:03 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1823410] ---\\ MountPoints2 Shell Key (O51) O51 - MPSK:{c0c75b4f-f2bb-11df-abd4-806e6f6e6963}\AutoRun\command. (.Pas de propriétaire - Blizzard Installer.) -- D:\Installer.exe ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0 ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.F14215E37CF124104575073F782111D2] - 2008-01-20 - 21:46:53 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [486456] O58 - SDL:[MD5.7D05A75E3066861A6610F7EE04FF085C] - 2008-01-20 - 21:46:54 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [342584] O58 - SDL:[MD5.820A201FE08A0C345B3BEDBC30E1A77C] - 2008-01-20 - 21:46:54 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (X64).) -- C:\Windows\system32\drivers\adpu160m.sys [126520] O58 - SDL:[MD5.9B4AB6854559DC168FBB4C24FC52E794] - 2008-01-20 - 21:47:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [185912] O58 - SDL:[MD5.157D0898D4B73F075CE9FA26B482DF98] - 2008-01-20 - 21:46:50 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15976] O58 - SDL:[MD5.D52A2E98C5EEFF88CED28793B6B04D84] - 2007-10-11 - 20:40:14 ---A- . (.Advanced Micro Devices - AMD PCI SATA/IDE Bus Driver.) -- C:\Windows\system32\drivers\amdide64.sys [10632] O58 - SDL:[MD5.BA8417D4765F3988FF921F30F630E303] - 2008-01-20 - 21:46:52 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [90680] O58 - SDL:[MD5.9D41C435619733B34CC16A511E644B11] - 2008-01-20 - 21:47:00 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [91192] O58 - SDL:[MD5.6936198F2CC25B39CF5262436C80DF46] - 2006-10-31 - 17:23:42 ---A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\Windows\system32\drivers\ASACPI.sys [15680] O58 - SDL:[MD5.6923740DB573B46FDDA13E1DF412C577] - 2011-01-13 - 03:37:12 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [20560] O58 - SDL:[MD5.DE001B988B58BFD453F667842655B22E] - 2011-01-13 - 03:37:23 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [62032] O58 - SDL:[MD5.E0D1002D7FA65DD023788B17F714E682] - 2011-01-13 - 03:37:34 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [29264] O58 - SDL:[MD5.C3EAFDC0F533425614430A112BA71E9A] - 2011-01-13 - 03:41:44 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [273488] O58 - SDL:[MD5.0226FFBC420D8FB67BA3B9DBDD1F2DCA] - 2011-01-13 - 03:40:20 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [51792] O58 - SDL:[MD5.BC873A64C71209313C97ECB7D02F7AE8] - 2010-09-24 - 07:46:18 ---A- . (.ATI Technologies, Inc. - ATI High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\AtihdLH6.sys [115216] O58 - SDL:[MD5.E9C0C72EFEABB3995E1E15E77B032E62] - 2008-10-15 - 01:05:04 ---A- . (.ATI Research Inc. - Ati High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\AtiHdmi.sys [178176] O58 - SDL:[MD5.522A8BD1414CC7517FAEC907F138DB9C] - 2010-10-27 - 23:00:14 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [8012288] O58 - SDL:[MD5.F712C26D40BF3CD2C020BB518E8150B1] - 2010-10-26 - 21:14:22 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\system32\drivers\atikmpag.sys [287232] O58 - SDL:[MD5.DB0D3DE15EDC96E7529FC0D3F7760894] - 2008-04-27 - 19:25:06 ---A- . (.ATI Technologies Inc. - ATI PCIE Driver for ATI PCIE chipset.) -- C:\Windows\system32\drivers\AtiPcie.sys [16400] O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 2006-09-18 - 16:30:15 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432] O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 2006-09-18 - 16:30:15 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704] O58 - SDL:[MD5.F0F0BA4D815BE446AA6A4583CA3BCA9B] - 2006-11-02 - 03:43:25 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [86528] O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 2006-09-18 - 16:30:18 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104] O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 2006-09-18 - 16:30:18 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976] O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 2006-09-19 - 06:42:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720] O58 - SDL:[MD5.E5D5499A1C50A54B5161296B6AFE6192] - 2008-01-20 - 21:46:50 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [18024] O58 - SDL:[MD5.222CB641B4B8A1D1126F8033F9FD6A00] - 2006-11-02 - 06:50:06 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [88168] O58 - SDL:[MD5.264CEE7B031A9D6C827F3D0CB031F2FE] - 2008-01-20 - 21:46:56 ---A- . (.Intel Corporation - Intel® PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\E1G6032E.sys [146176] O58 - SDL:[MD5.C4636D6E10469404AB5308D9FD45ED07] - 2008-01-20 - 21:46:59 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [397368] O58 - SDL:[MD5.D7109A1E6BD2DFDBCBA72A6BC626A13B] - 2008-01-20 - 21:46:59 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [47672] O58 - SDL:[MD5.3E3BF3627D886736D0B4E90054F929F6] - 2008-01-20 - 21:46:59 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [290872] O58 - SDL:[MD5.8C3951AD2FE886EF76C7B5027C3125D3] - 2006-11-02 - 07:02:39 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44648] O58 - SDL:[MD5.63C766CDC609FF8206CB447A65ABBA4A] - 2006-11-02 - 07:02:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [37480] O58 - SDL:[MD5.1281FE73B17664631D12F643CBEA3F59] - 2006-11-02 - 07:02:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [37480] O58 - SDL:[MD5.073508533E422CE8BCEE234EB35CEEBF] - 2009-08-05 - 06:18:34 ---A- . (.Atheros Communications, Inc. - Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller.) -- C:\Windows\system32\drivers\L1E60x64.sys [57856] O58 - SDL:[MD5.ACBE1AF32D3123E330A07BFBC5EC4A9B] - 2008-01-20 - 21:46:51 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [113720] O58 - SDL:[MD5.799FFB2FC4729FA46D2157C0065B3525] - 2008-01-20 - 21:46:56 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [105016] O58 - SDL:[MD5.F445FF1DAAD8A226366BFAF42551226B] - 2008-01-20 - 21:47:01 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [113720] O58 - SDL:[MD5.5C5CD6AACED32FB26C3FB34B3DCF972F] - 2008-01-20 - 21:46:59 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [35896] O58 - SDL:[MD5.859BC2436B076C77C159ED694ACFE8F8] - 2008-01-20 - 21:46:56 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [438328] O58 - SDL:[MD5.3C200630A89EF2C0864D515B7A75802E] - 2006-11-02 - 07:02:24 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [39016] O58 - SDL:[MD5.4AC08BD6AF2DF42E0C3196D826C8AEA7] - 2006-11-02 - 07:03:03 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51816] O58 - SDL:[MD5.2C040B7ADA5B06F6FACADAC8514AA034] - 2008-01-20 - 21:46:54 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [128056] O58 - SDL:[MD5.F7EA0FE82842D05EDA3EFDD376DBFDBA] - 2008-01-20 - 21:46:54 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [54328] O58 - SDL:[MD5.0B83F4E681062F3839BE2EC1D98FD94A] - 2008-01-20 - 21:46:52 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1221176] O58 - SDL:[MD5.E1C80F8D4D1E39EF9595809C1369BF2A] - 2006-11-02 - 06:50:27 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [124008] O58 - SDL:[MD5.8B56BDCE6A303DDE63D63440D1CF9AD1] - 2010-07-01 - 14:21:50 ---A- . (.Screaming Bee LLC - Screaming Bee Audio Driver.) -- C:\Windows\system32\drivers\ScreamingBAudio64.sys [38992] O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 2006-09-29 - 18:51:44 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040] O58 - SDL:[MD5.3A2F769FAB9582BC720E11EA1DFB184D] - 2008-01-20 - 21:47:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [78392] O58 - SDL:[MD5.D0EE1700D64DFB7500DCFD7EA4EF1700] - 2010-12-28 - 00:00:00 ---A- . (...) -- C:\Windows\system32\drivers\sptd.sys [834544] O58 - SDL:[MD5.2F26A2C6FC96B29BEFF5D8ED74E6625B] - 2006-11-02 - 07:02:52 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [49256] O58 - SDL:[MD5.A909667976D3BCCD1DF813FED517D837] - 2006-11-02 - 07:02:37 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [44648] O58 - SDL:[MD5.36887B56EC2D98B9C362F6AE4DE5B7B0] - 2006-11-02 - 07:02:47 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [48232] O58 - SDL:[MD5.697F0446134CDC8F99E69306184FBBB4] - 2008-01-20 - 21:46:56 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [284728] O58 - SDL:[MD5.31707F09846056651EA2C37858F5DDB0] - 2006-11-02 - 06:50:54 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [148072] O58 - SDL:[MD5.85E5E43ED5B48C8376281BAB519271B7] - 2008-01-20 - 21:46:52 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series x64 Windows Driver.) -- C:\Windows\system32\drivers\ulsata2.sys [174696] O58 - SDL:[MD5.DB07F39CB6F36B46EA681E754A0EC588] - 2008-03-19 - 18:28:52 ---A- . (.Advanced Micro Devices Inc. - AMD USB Filter Driver.) -- C:\Windows\system32\drivers\usbfilter.sys [26168] O58 - SDL:[MD5.4A441CEF86DD95692984FCE11D8FD530] - 2008-12-18 - 22:43:18 ---A- . (.VIA Technologies, Inc. - VIA High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\viahduaa.sys [1048064] O58 - SDL:[MD5.8294B6C3FDB6C33F24E150DE647ECDAA] - 2008-01-20 - 21:46:50 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [18024] O58 - SDL:[MD5.A68F455ED2673835209318DD61BFBB0E] - 2008-01-20 - 21:47:25 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [149048] O58 - SDL:[MD5.CDA299EC031613957C97F758D9B732CB] - 2005-04-12 - 07:21:52 ---A- . (.Logitech Inc. - Logitech WingMan Hid Filter Driver.) -- C:\Windows\system32\drivers\WmFilter.sys [29568] O58 - SDL:[MD5.19166026A93206F9C6A8CD3A1F010AE4] - 2007-12-28 - 02:22:02 ---A- . (...) -- C:\Windows\SysWOW64\drivers\ASUSHWIO.SYS [10296] ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 1899-12-30 - C:\Windows\System32\DRIVERS\amdide64.sys - amdide64(amdide64) .(.Advanced Micro Devices - AMD PCI SATA/IDE Bus Driver.) - LEGACY_AMDIDE64 O64 - Services: CurCS - 1899-12-30 - C:\Windows\System32\DRIVERS\atikmdag.sys - amdkmdag(amdkmdag) .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWFSBLK.sys - (.not file.) - aswFsBlk (aswFsBlk) .(...) - LEGACY_ASWFSBLK O64 - Services: CurCS - 1899-12-30 - C:\Windows\system32\drivers\aswMonFlt.sys - aswMonFlt(aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWRDR.sys - (.not file.) - aswRdr (aswRdr) .(...) - LEGACY_ASWRDR O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWSP.sys - (.not file.) - aswSP (aswSP) .(...) - LEGACY_ASWSP O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWTDI.sys - (.not file.) - avast! Network Shield Support (aswTdi) .(...) - LEGACY_ASWTDI O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(...) - LEGACY_FASTFAT O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(...) - LEGACY_NTFS O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(...) - LEGACY_SECDRV O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(...) - LEGACY_SPLDR O64 - Services: CurCS - C:\Windows\System32\Drivers\sptd.sys - sptd (sptd) .(...) - LEGACY_SPTD ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} [DefaultScope] - (DAEMON Search) - DAEMON-Search.com :: EXPLORE ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.C1574878D1310230982E6D0176073EB4] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\darwizardx\AppData\Local\Temp\NuruMassage.Pack1[www.allotracker.com].torrent [21945] [MD5.A3C897570ADF1D27D18042F18AFAC15E] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\darwizardx\AppData\Local\Temp\NuruMassage.Pack2[www.allotracker.com].torrent [27500] [MD5.AE331E1956DCAFB4748EE5EF4E83473E] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\darwizardx\AppData\Local\Temp\NuruMassage.Pack3[www.allotracker.com].torrent [27449] [MD5.E40261CE2056F7BB4DD5F690C665C49C] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\darwizardx\AppData\Local\Temp\NuruMassage.Pack4[www.allotracker.com].torrent [25651] [MD5.EC5795997D077AA972EC3CD44A39A60F] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\darwizardx\AppData\Local\Temp\NuruMassage.Pack5[www.allotracker.com].torrent [25787] [MD5.49F076C069F5B825BA5BFD78E9C22A49] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\darwizardx\AppData\Local\Temp\NuruMassage.Pack6[www.allotracker.com].torrent [24460] [MD5.71EA857B02F778B3D54BA59444A9F802] [sPRF] (.Microsoft Corporation - Win32 Cabinet Self-Extractor.) -- C:\Users\darwizardx\AppData\Local\Temp\rootsupd.exe [336280] [MD5.D2D7AD244F109B757CD4F9F44A75CB9F] [sPRF] (.Macrovision Corporation - Setup.exe.) -- C:\Users\darwizardx\AppData\Local\Temp\_isA4DF.exe [459400] ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "FPS-SpoolSvc-In-TCP" |In - Private - P6 - TRUE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.) O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.) O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" |Out - Domain - P6 - TRUE | .(...) -- C:\Windows\system32\lsass.exe (.not file.) O87 - FAEL: "WinCollab-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe O87 - FAEL: "WinCollab-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe O87 - FAEL: "WinCollab-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe O87 - FAEL: "WinCollab-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe O87 - FAEL: "WinCollab-DFSR-Out-TCP" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\dfsr.exe (.not file.) O87 - FAEL: "WinCollab-DFSR-In-TCP" |In - Domain - P6 - TRUE | .(...) -- C:\Windows\system32\dfsr.exe (.not file.) O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-WSD-In-UDP" |In - Domain - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "{F05B569B-9DF0-4A56-A9DD-169ED9C47BD8}" | In - Public - P6 - TRUE | .(.Blizzard Entertainment - Blizzard Launcher.) -- C:\Users\Public\Games\World of Warcraft\Launcher.exe O87 - FAEL: "{79591F24-6E0D-4F77-B5D0-3B0B1ADF03C2}" | In - Public - P17 - TRUE | .(.Blizzard Entertainment - Blizzard Launcher.) -- C:\Users\Public\Games\World of Warcraft\Launcher.exe O87 - FAEL: "{E3F3E972-9AEB-4099-8FD6-24CF56527763}" | In - Public - P6 - TRUE | .(.Blizzard Entertainment - Blizzard Downloader.) -- C:\Users\Public\Games\World of Warcraft\WoW-3.3.5.12340-x86-Win-frFR-BKGND-downloader.exe O87 - FAEL: "{D6536DD6-6BA1-4C09-A636-781AACDEF7A8}" | In - Public - P17 - TRUE | .(.Blizzard Entertainment - Blizzard Downloader.) -- C:\Users\Public\Games\World of Warcraft\WoW-3.3.5.12340-x86-Win-frFR-BKGND-downloader.exe O87 - FAEL: "{BF091B97-45C8-4B0B-979D-058E5A3913C0}" | In - Public - P6 - TRUE | .(.Blizzard Entertainment - Blizzard Launcher.) -- C:\Program Files (x86)\StarCraft II\StarCraft II.exe O87 - FAEL: "{573EF456-5743-45F6-9FD1-6FFD18B2DED3}" | In - Public - P17 - TRUE | .(.Blizzard Entertainment - Blizzard Launcher.) -- C:\Program Files (x86)\StarCraft II\StarCraft II.exe O87 - FAEL: "TCP Query User{82C8FEC6-5F3E-48E4-9806-FB2E356D270F}C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe" | In - Public - P6 - TRUE | .(.Blizzard Entertainment, Inc..) -- C:\program files (x86)\starcraft ii\versions\base16939\sc2.e O87 - FAEL: "UDP Query User{340C86D8-23E6-4009-94CC-7B4F7979DF8F}C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe" | In - Public - P17 - TRUE | .(.Blizzard Entertainment, Inc..) -- C:\program files (x86)\starcraft ii\versions\base16939\sc2. O87 - FAEL: "{59B1FFAF-CA10-4B0C-AA13-42825FF6B6FA}" |In - Public - P6 - TRUE | .(...) -- C:\Users\Public\Games\World of Warcraft\Launcher.patch.exe (.not file.) O87 - FAEL: "{CDAD9456-07C8-40DE-8284-FD528F5A510D}" |In - Public - P17 - TRUE | .(...) -- C:\Users\Public\Games\World of Warcraft\Launcher.patch.exe (.not file.) O87 - FAEL: "{FD2DAE45-CD07-4BA4-A99A-CAC4028831C3}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.) O87 - FAEL: "{F20F41D8-9881-4EB8-A75F-DA3715AF5578}" |In - Public - P6 - TRUE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.) O87 - FAEL: "{B7D43BD1-E4E3-4C31-BF61-E9A5EA858BA9}" |In - Public - P6 - TRUE | .(...) -- C:\Users\Public\Games\World of Warcraft\Blizzard Downloader.exe (.not file.) O87 - FAEL: "{8030A402-9A90-4AFE-8B76-D2A0EFCA6E6A}" |In - Public - P17 - TRUE | .(...) -- C:\Users\Public\Games\World of Warcraft\Blizzard Downloader.exe (.not file.) O87 - FAEL: "TCP Query User{9FE3DCA6-CC66-472A-A0A5-6F69A1FBEF32}C:\program files (x86)\google\google earth\plugin\geplugin.exe" | In - Public - P6 - TRUE | .(.Google - Google Earth.) -- C:\program files (x86)\google\google earth\plugin\geplugin.exe O87 - FAEL: "UDP Query User{170A86F4-C3AB-4967-B24B-7E61EC7766C6}C:\program files (x86)\google\google earth\plugin\geplugin.exe" | In - Public - P17 - TRUE | .(.Google.) -- C:\program files (x86)\google\google earth\plugin\geplugin.exe O87 - FAEL: "TCP Query User{87521235-A214-408C-BCD9-5D9DAA605661}C:\program files (x86)\linksys\logviewer\logviewer.exe" | In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\linksys\logviewer\logviewer.exe O87 - FAEL: "UDP Query User{54A7F5CB-D760-4178-824E-3B4A981754E3}C:\program files (x86)\linksys\logviewer\logviewer.exe" | In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\linksys\logviewer\logviewer.exe O87 - FAEL: "TCP Query User{8B5C84C1-76C0-4BB5-A59A-43E5B69B2798}C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe" | In - Private - P6 - TRUE | .(.Blizzard Entertainment, Inc..) -- C:\program files (x86)\starcraft ii\versions\base16939\sc2. O87 - FAEL: "UDP Query User{2731C62D-B059-44C2-8ED9-C750C0C81762}C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe" | In - Private - P17 - TRUE | .(.Blizzard Entertainment, Inc..) -- C:\program files (x86)\starcraft ii\versions\base16939\sc2 O87 - FAEL: "TCP Query User{697D326C-A7D3-4669-A1B5-8C45A2C05C66}C:\program files (x86)\vuze\azureus.exe" | In - Public - P6 - TRUE | .(.Vuze Inc. - Pas de description.) -- C:\program files (x86)\vuze\azureus.exe O87 - FAEL: "UDP Query User{3DBBF9FF-8C94-4D66-8520-EA851E1BED66}C:\program files (x86)\vuze\azureus.exe" | In - Public - P17 - TRUE | .(.Vuze Inc. - Pas de description.) -- C:\program files (x86)\vuze\azureus.exe O87 - FAEL: "TCP Query User{B7D981E9-96CC-4A25-AAEB-F1AC083EE344}C:\program files (x86)\mozilla firefox\firefox.exe" | In - Private - P6 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files (x86)\mozilla firefox\firefox.exe O87 - FAEL: "UDP Query User{C49CDEA6-D066-464B-A023-8D2992398D99}C:\program files (x86)\mozilla firefox\firefox.exe" | In - Private - P17 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files (x86)\mozilla firefox\firefox.exe O87 - FAEL: "TCP Query User{1FA05B66-5444-42AF-9684-BED3C1BD2990}C:\program files (x86)\eidos\battlestations pacific\bsp.exe" | In - Private - P6 - TRUE | .(.EIDOS.) -- C:\program files (x86)\eidos\battlestations pacific\bsp.exe O87 - FAEL: "UDP Query User{600B3166-2100-4456-B48A-67C4BF9F14C8}C:\program files (x86)\eidos\battlestations pacific\bsp.exe" | In - Private - P17 - TRUE | .(.EIDOS.) -- C:\program files (x86)\eidos\battlestations pacific\bsp.exe O87 - FAEL: "{93D29B9C-8D27-47B0-A8F2-CE8689DB1178}" | In - Private - P6 - TRUE | .(.Ubisoft - Assassin's Creed Game.) -- C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe O87 - FAEL: "{9489E1E7-45B7-45A8-A80D-658E0F1FDDEC}" | In - Private - P17 - TRUE | .(.Ubisoft - Assassin's Creed Game.) -- C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe O87 - FAEL: "{375C6C03-235E-4F4E-AE8F-3DB3D02A73CE}" | In - Private - P6 - TRUE | .(.Ubisoft - Assassin's Creed Game.) -- C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe O87 - FAEL: "{9E74A1DE-6A45-4F31-9B93-A8577D490081}" | In - Private - P17 - TRUE | .(.Ubisoft - Assassin's Creed Game.) -- C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe O87 - FAEL: "{986B2115-A0F3-4080-89BF-3BC8A309733A}" | In - Private - P6 - TRUE | .(.Ubisoft - Autopatch system.) -- C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe O87 - FAEL: "{F8272176-17ED-4538-BA1E-CDEB8AA1B67A}" | In - Private - P17 - TRUE | .(.Ubisoft - Autopatch system.) -- C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe O87 - FAEL: "TCP Query User{A621F84A-3E6A-4572-9E3E-7EB004509EBB}C:\program files (x86)\google\google earth\plugin\geplugin.exe" | In - Private - P6 - TRUE | .(.Google.) -- C:\program files (x86)\google\google earth\plugin\geplugin.exe O87 - FAEL: "UDP Query User{15EEF726-9A79-4EB4-B405-C5EF0D22BD30}C:\program files (x86)\google\google earth\plugin\geplugin.exe" | In - Private - P17 - TRUE | .(.Google.) -- C:\program files (x86)\google\google earth\plugin\geplugin.exe O87 - FAEL: "{6677F8E0-A764-4942-BEC8-86F4F5C05758}" | In - Private - P6 - TRUE | .(.Vuze Inc. - Pas de description.) -- C:\Program Files (x86)\Vuze\Azureus.exe O87 - FAEL: "{D1ADEE95-4D33-48E6-A182-3FA83FA427C8}" | In - Private - P17 - TRUE | .(.Vuze Inc. - Pas de description.) -- C:\Program Files (x86)\Vuze\Azureus.exe O87 - FAEL: "TCP Query User{F41D5746-4BC6-40CC-95EB-F328AE816B17}C:\program files (x86)\videolan\vlc\vlc.exe" | In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\videolan\vlc\vlc.exe O87 - FAEL: "UDP Query User{9BA889F1-7BA0-41A1-A79B-79EA0E6AF488}C:\program files (x86)\videolan\vlc\vlc.exe" | In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\videolan\vlc\vlc.exe O87 - FAEL: "TCP Query User{89E353A2-E1D8-41D5-A613-43FF70A50D30}C:\program files (x86)\starcraft ii\starcraft ii.exe" | In - Private - P6 - TRUE | .(.Blizzard Entertainment.) -- C:\program files (x86)\starcraft ii\starcraft ii.exe O87 - FAEL: "UDP Query User{E34F3380-4370-4447-8B85-7531FC710AEE}C:\program files (x86)\starcraft ii\starcraft ii.exe" | In - Private - P17 - TRUE | .(.Blizzard Entertainment.) -- C:\program files (x86)\starcraft ii\starcraft ii.exe O87 - FAEL: "TCP Query User{C841BC19-1E45-440D-8242-C5CD2133DC79}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" | In - Private - P6 - TRUE | .(.Blizzard Entertainment.) -- C:\program files (x86)\starcraft ii\support\blizzarddownloade O87 - FAEL: "UDP Query User{0C7684B0-97DE-4A73-BACB-9BCB52E1990C}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" | In - Private - P17 - TRUE | .(.Blizzard Entertainment.) -- C:\program files (x86)\starcraft ii\support\blizzarddownload O87 - FAEL: "TCP Query User{F26F2581-501A-4516-8140-B26597733D45}C:\program files (x86)\starcraft ii\versions\base17326\sc2.exe" | In - Private - P6 - TRUE | .(.Blizzard Entertainment, Inc..) -- C:\program files (x86)\starcraft ii\versions\base17326\sc2. O87 - FAEL: "UDP Query User{A26E1332-0D38-45A7-A717-2675FF046B21}C:\program files (x86)\starcraft ii\versions\base17326\sc2.exe" | In - Private - P17 - TRUE | .(.Blizzard Entertainment, Inc..) -- C:\program files (x86)\starcraft ii\versions\base17326\sc2 O87 - FAEL: "TCP Query User{90B37B7D-1EC8-4C78-BA30-FB473AD244F0}C:\program files (x86)\ccp\eve\bin\exefile.exe" | In - Private - P6 - TRUE | .(.CCP hf. - CCP ExeFile.) -- C:\program files (x86)\ccp\eve\bin\exefile.exe O87 - FAEL: "UDP Query User{9AAB2855-62A0-4EC9-9E75-07953132F17D}C:\program files (x86)\ccp\eve\bin\exefile.exe" | In - Private - P17 - TRUE | .(.CCP hf. - CCP ExeFile.) -- C:\program files (x86)\ccp\eve\bin\exefile.exe O87 - FAEL: "TCP Query User{9DA0D456-52A9-427B-A67E-DAE22AE29C47}C:\users\public\games\world of warcraft\launcher.patch.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\public\games\world of warcraft\launcher.patch.exe (.not file.) O87 - FAEL: "UDP Query User{7E96D1C6-2B1D-4D30-9373-DB4F6A80F9B5}C:\users\public\games\world of warcraft\launcher.patch.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\public\games\world of warcraft\launcher.patch.exe (.not file.) O87 - FAEL: "TCP Query User{CA22D630-187F-4768-A7C3-DA8E0CA3D61F}C:\users\public\games\world of warcraft\temp\wow-4.0.1.2120-enus-tools-downloader.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\public\games\world of warcraft\temp\wow-4.0.1.2120-enus O87 - FAEL: "UDP Query User{7989F59B-4230-4C4E-9FC4-6E200D372539}C:\users\public\games\world of warcraft\temp\wow-4.0.1.2120-enus-tools-downloader.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\public\games\world of warcraft\temp\wow-4.0.1.2120-enu O87 - FAEL: "{64AAAB4A-B9BA-4CC3-A50A-E3C9682BD8C3}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Steam\Steam.exe (.not file.) O87 - FAEL: "{842F4556-D899-41C1-A02C-CBC4F5527797}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Steam\Steam.exe (.not file.) O87 - FAEL: "{B76C3187-9A03-4B03-8DA5-C1F53F499EA8}" | In - Private - P6 - TRUE | .(.Firefly Studios - Stronghold 2.) -- C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe O87 - FAEL: "{075943BA-8F23-430E-AD9B-8D1D84BC6F99}" | In - Private - P17 - TRUE | .(.Firefly Studios - Stronghold 2.) -- C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe O87 - FAEL: "TCP Query User{9D73C0FD-1B88-41C3-99B7-4D600EDD1256}C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe" | In - Private - P6 - TRUE | .(.Crytek GmbH.) -- C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysi O87 - FAEL: "UDP Query User{8EB529D5-6695-42BB-A48A-CDDEA81D6C5E}C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe" | In - Private - P17 - TRUE | .(.Crytek GmbH.) -- C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crys O87 - FAEL: "{98AF3ACD-58E2-4075-A8E2-60BA24E86CB8}" | In - Private - P6 - TRUE | .(.Blizzard Entertainment - Blizzard Launcher.) -- C:\Users\Public\Games\World of Warcraft\Launcher.exe O87 - FAEL: "{97DE6089-F850-4183-8E0D-E37C4942B3F4}" | In - Private - P17 - TRUE | .(.Blizzard Entertainment - Blizzard Launcher.) -- C:\Users\Public\Games\World of Warcraft\Launcher.exe ---\\ Scan Additionnel (O88) Database Version : 6367 - (28/04/2011) Number of Keys Founds (Clés trouvées) : 15 Number of Directories Founds (Dossiers trouvés) : 4 [HKLM\Software\Classes\Conduit.Engine] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\Classes\Conduit.Engine] =>Toolbar.Conduit [HKLM\Software\Classes\Toolbar.ct2504091] =>Adware.Agent [HKLM\Software\Wow6432Node\Classes\Toolbar.ct2504091] =>Adware.Agent [HKCU\Software\Conduit] =>Toolbar.Conduit [HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit [HKLM\Software\Conduit] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit [HKCU\Software\AppDataLow\Software\conduitEngine] =>Toolbar.Conduit [HKLM\Software\conduitEngine] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\conduitEngine] =>Toolbar.Conduit [HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit [HKLM\Software\Trymedia Systems] =>Adware.Trymedia [HKLM\Software\Wow6432Node\Trymedia Systems] =>Adware.Trymedia [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine] =>Toolbar.Conduit C:\ProgramData\Trymedia =>Adware.Trymedia C:\Program Files (x86)\Conduit =>Toolbar.Conduit C:\Program Files (x86)\ConduitEngine =>Toolbar.Conduit C:\Program Files (x86)\Trymedia =>Adware.Trymedia ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Auto 0 | (AMD External Events Utility) . (...) - C:\Windows\system32\atiesrxx.exe SR - | Auto 2011-01-13 40384 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe SS - | Auto 2011-01-13 0 | (gupdate) . (...) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 2011-01-13 0 | (Steam Client Service) . (...) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe SS - | Demand 2011-01-13 0 | c:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe (WPFFontCache_v0400) . (...) - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe SR - | Auto 2008-01-20 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Run by darwizardx at 2011-04-30 11:51:44 device: opened successfully user: error reading MBR Disk trace: error: Read Descripteur non valide kernel: error reading MBR ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by darwizardx at 2011-04-30 11:51:46 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ---\\ Liste des émulateurs de CD/DVD (Hook du MBR) O58 - SDL:[MD5.D0EE1700D64DFB7500DCFD7EA4EF1700] - 2010-12-28 - 00:00:00 ---A- . (...) -- C:\Windows\system32\drivers\sptd.sys [834544] End of the scan (902 lines in 01mn 45s)(0)
  2. bonsoir a se qui parais je serais infecté ok mais par quoi.... voici mon prescedent post http://forum.zebulon.fr/besoin-daide-perte-dinternet-intermintemp-t184994.html manip deja fait j'ai essayé redémarré ,déconnecté reconnecté le cable , débranché rebranché routeur et modem ) j'ai fait tourné spybot donné quelque petit résultat que j'Ai corrigé mais rien changé vérifie mes firewall..... j'ai vérifie avec hijack this je n'Est rien vue d'anormal mais bon ji connnais pas grand chose voici donc mon hijackthis ogfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:47:21, on 2011-04-29 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Users\darwizardx\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files (x86)\Electronic Arts\EADM\EADMUI.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Electronic Arts\EADM\EADM.exe C:\PROGRA~2\ELECTR~1\EADM\EACoreServer.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Users\darwizardx\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [HDAudDeck] "C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Users\darwizardx\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Electronic Arts\EADM\EADMUI.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{B1D7BBA7-6FB6-4BEE-9930-3055BC19AA16}: NameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{B1D7BBA7-6FB6-4BEE-9930-3055BC19AA16}: NameServer = 192.168.1.1 O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @c:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 20322 bytes
  3. bonjour/bonsoir tous le monde (mon os est vista 64Bit) j'épprouve un petit soucis depuis 2 jour et se sur 1 seul ordi seulement donc on va exclure (fournisseur,modem,routeur) ma connection sur firefox et ie9 coupe par intermitence sur quelque minute en fait sa me donne ceci comme message ( sais sur que '' l'Adresse change'' biensure '') je tien a prescisé que on dirais sais seulement sur les ''Browser'' puisque je perd pas ma connection sur msn et rien flash dans le ''centre reseaux et partage'' _________________________________________________________________ Adresse introuvable Firefox ne peut trouver le serveur à l'adresse www.darwizard.com. * Veuillez vérifier la syntaxe de l'adresse (saisie de ww.exemple.com au lieu de www.exemple.com par exemple) ; * Si vous n'arrivez à naviguer sur aucun site, vérifiez la connexion au réseau de votre ordinateur ; * Si votre ordinateur ou votre réseau est protégé par un pare-feu ou un proxy, assurez-vous que Firefox a l'autorisation d'accéder au Web. _____________________________________________________________ j'ai essayé redémarré ,déconnecté reconnecté le cable , débranché rebranché routeur et modem ) j'ai fait tourné spybot donné quelque petit résultat que j'Ai corrigé mais rien changé vérifie mes firewall..... j'ai vérifie avec hijack this je n'Est rien vue d'anormal je vais le posté plus bas quand meme! sinon ba voila je sais plus quoi faire!!! merci de votre aide!!! ====================================================================================================================== Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:34:13, on 2011-04-28 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Users\darwizardx\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Users\darwizardx\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [HDAudDeck] "C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Users\darwizardx\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Electronic Arts\EADM\EADMUI.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{B1D7BBA7-6FB6-4BEE-9930-3055BC19AA16}: NameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{B1D7BBA7-6FB6-4BEE-9930-3055BC19AA16}: NameServer = 192.168.1.1 O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @c:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 20168 bytes
  4. ..... donc il/ils est bien caché ... ou peut-etre Windows qui sembale seulement.......
  5. bonsoir tout le monde depuis un bout je voie ceci folding home mais j'ai bien beau lire je n'Arrive toujours pas a comprend exactement quoi que ca sert!!!! moi pour l'instant ce que j'ai compris sais que nous donnons un % de notre pc a folding home pour des recherches ???? vous voyer bien que je n'est rien compris pouvez vous l'expliqué en plus simplifié cest quoi??? je vous remercie d'avance (si cest possible un petit P.V pour etre sur que je voie la réponse
  6. alors voicie le log comme demandé Logfile of random's system information tool 1.06 (written by random/random) Run by DarwizardX at 2009-08-25 18:22:31 Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 System drive C: has 68 GB (44%) free of 153 GB Total RAM: 4094 MB (59% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:22:32, on 2009-08-25 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Normal Running processes: C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files (x86)\ASUS\AASP\1.00.82\aaCenter.exe C:\Program Files\ASUS\EPU\EPU.exe C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\DarwizardX\Downloads\RSIT.exe C:\Program Files (x86)\hijack\DarwizardX.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [HDAudDeck] "C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r O4 - HKLM\..\Run: [Cpu Level Up help] "C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\iEvony\Skype4COM.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing) O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files (x86)\WinPcap\rpcapd.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 7637 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2008-12-30 17713152] "Cpu Level Up help"=C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [2007-11-30 881152] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-04-28 61440] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-08-17 81000] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"= "ForceActiveDesktopOn"= "BindDirectlyToPropertySetStorage"= "NoActiveDesktopChanges"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{02f60d1e-6004-11de-88c9-806e6f6e6963}] shell\AutoRun\command - E:\AutoRunCD.exe ======List of files/folders created in the last 3 months====== 2009-08-25 18:22:31 ----D---- C:\rsit 2009-08-24 22:22:53 ----D---- C:\Program Files (x86)\hijack 2009-08-21 21:09:36 ----D---- C:\Users\DarwizardX\AppData\Roaming\Malwarebytes 2009-08-21 21:09:31 ----D---- C:\ProgramData\Malwarebytes 2009-08-21 21:09:31 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2009-08-19 22:06:19 ----D---- C:\ProgramData\Blizzard Entertainment 2009-08-12 21:49:55 ----D---- C:\Users\DarwizardX\AppData\Roaming\WinRAR 2009-08-11 18:46:49 ----A---- C:\Windows\system32\mstscax.dll 2009-08-11 18:46:42 ----A---- C:\Windows\system32\atl.dll 2009-08-11 18:46:13 ----A---- C:\Windows\system32\avifil32.dll 2009-08-11 18:45:49 ----A---- C:\Windows\system32\wmp.dll 2009-08-11 18:45:46 ----A---- C:\Windows\system32\wmpdxm.dll 2009-08-11 18:45:45 ----A---- C:\Windows\system32\spwmp.dll 2009-08-11 18:45:43 ----A---- C:\Windows\system32\wmploc.DLL 2009-08-11 18:45:43 ----A---- C:\Windows\system32\dxmasf.dll 2009-08-09 18:59:32 ----RHD---- C:\Users\DarwizardX\AppData\Roaming\SecuROM 2009-08-09 18:58:01 ----A---- C:\Windows\system32\PnkBstrB.exe 2009-08-09 18:57:59 ----A---- C:\Windows\system32\PnkBstrA.exe 2009-08-09 18:57:59 ----A---- C:\Windows\system32\pbsvc.exe 2009-08-09 18:57:53 ----A---- C:\Windows\system32\d3dx10_35.dll 2009-08-09 18:57:53 ----A---- C:\Windows\system32\D3DCompiler_35.dll 2009-08-09 18:57:52 ----A---- C:\Windows\system32\d3dx9_35.dll 2009-08-09 18:57:52 ----A---- C:\Windows\system32\d3dx10_34.dll 2009-08-09 18:57:52 ----A---- C:\Windows\system32\D3DCompiler_34.dll 2009-08-09 18:57:50 ----A---- C:\Windows\system32\d3dx9_34.dll 2009-08-09 18:57:48 ----A---- C:\Windows\system32\xinput1_3.dll 2009-08-09 18:56:48 ----D---- C:\ProgramData\Media Center Programs 2009-08-03 23:05:53 ----D---- C:\ProgramData\ma-config.com 2009-08-03 23:05:53 ----D---- C:\Program Files (x86)\ma-config.com 2009-08-02 12:27:29 ----D---- C:\Program Files (x86)\Teamspeak2_RC2 2009-07-30 07:12:37 ----A---- C:\Windows\dd_ATL80SP1_KB973923MSI4747.txt 2009-07-30 07:12:36 ----A---- C:\Windows\dd_ATL80SP1_KB973923UI4747.txt 2009-07-30 07:12:10 ----A---- C:\Windows\dd_ATL80SP1_KB973923MSI46E8.txt 2009-07-30 07:12:08 ----A---- C:\Windows\dd_ATL80SP1_KB973923UI46E8.txt 2009-07-29 07:22:32 ----A---- C:\Windows\system32\mshtml.dll 2009-07-29 07:22:21 ----A---- C:\Windows\system32\ieframe.dll 2009-07-29 07:22:18 ----A---- C:\Windows\system32\urlmon.dll 2009-07-29 07:22:16 ----A---- C:\Windows\system32\wininet.dll 2009-07-29 07:22:16 ----A---- C:\Windows\system32\ieui.dll 2009-07-29 07:22:14 ----A---- C:\Windows\system32\ieencode.dll 2009-07-23 21:28:42 ----D---- C:\ProgramData\Blizzard 2009-07-21 18:10:04 ----D---- C:\ProgramData\NOS 2009-07-21 18:10:04 ----D---- C:\Program Files (x86)\NOS 2009-07-16 11:12:43 ----D---- C:\ProgramData\Apple Computer 2009-07-16 11:12:43 ----D---- C:\Program Files (x86)\QuickTime 2009-07-15 10:33:11 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2009-07-15 10:29:38 ----A---- C:\Windows\system32\t2embed.dll 2009-07-15 10:29:38 ----A---- C:\Windows\system32\fontsub.dll 2009-07-15 10:29:38 ----A---- C:\Windows\system32\dciman32.dll 2009-07-15 10:29:38 ----A---- C:\Windows\system32\atmfd.dll 2009-07-13 12:31:53 ----D---- C:\.jagex_cache_32 2009-07-12 08:46:34 ----D---- C:\Program Files (x86)\LimeWire 2009-07-07 11:23:39 ----D---- C:\VCO Almanac 2009-07-05 11:48:49 ----D---- C:\Program Files (x86)\iEvony 2009-07-04 14:25:04 ----D---- C:\Program Files (x86)\StarCraft 2009-07-03 22:08:37 ----D---- C:\Program Files (x86)\Bounty Bay Online 2009-07-03 13:13:32 ----A---- C:\Windows\ntbtlog.txt 2009-07-02 15:35:52 ----D---- C:\Windows\hpojp8500a909 2009-07-02 15:30:19 ----D---- C:\Program Files (x86)\Hewlett-Packard 2009-07-02 14:30:24 ----D---- C:\Program Files (x86)\HP 2009-07-02 14:30:23 ----HD---- C:\Config.Msi 2009-07-02 14:20:24 ----D---- C:\Downloads 2009-07-02 14:19:43 ----D---- C:\Program Files (x86)\Free Download Manager 2009-06-30 16:03:43 ----D---- C:\ProgramData\Electronic Arts 2009-06-30 15:57:35 ----D---- C:\Program Files (x86)\Microsoft WSE 2009-06-30 15:57:00 ----A---- C:\Windows\system32\d3dx9_31.dll 2009-06-30 15:43:51 ----D---- C:\Program Files (x86)\Electronic Arts 2009-06-30 09:41:20 ----D---- C:\ProgramData\Hewlett-Packard 2009-06-28 13:36:58 ----D---- C:\Program Files (x86)\jv16 PowerTools 2009-06-28 12:33:44 ----D---- C:\Windows\system32\vi-VN 2009-06-28 12:33:44 ----D---- C:\Windows\system32\eu-ES 2009-06-28 12:33:44 ----D---- C:\Windows\system32\ca-ES 2009-06-28 12:23:20 ----A---- C:\Windows\system32\networkexplorer.dll 2009-06-28 12:23:19 ----A---- C:\Windows\system32\nslookup.exe 2009-06-28 12:23:19 ----A---- C:\Windows\system32\newdev.exe 2009-06-28 12:23:19 ----A---- C:\Windows\system32\newdev.dll 2009-06-28 12:23:19 ----A---- C:\Windows\system32\networkmap.dll 2009-06-28 12:23:19 ----A---- C:\Windows\system32\networkitemfactory.dll 2009-06-28 12:23:19 ----A---- C:\Windows\system32\netshell.dll 2009-06-28 12:23:18 ----A---- C:\Windows\system32\ntdll.dll 2009-06-28 12:23:18 ----A---- C:\Windows\system32\NlsLexicons0009.dll 2009-06-28 12:23:18 ----A---- C:\Windows\system32\NlsLexicons0007.dll 2009-06-28 12:23:18 ----A---- C:\Windows\system32\nlhtml.dll 2009-06-28 12:23:17 ----A---- C:\Windows\system32\mtxclu.dll 2009-06-28 12:23:17 ----A---- C:\Windows\system32\msxml6.dll 2009-06-28 12:23:17 ----A---- C:\Windows\system32\msxml3.dll 2009-06-28 12:23:17 ----A---- C:\Windows\system32\msxbde40.dll 2009-06-28 12:23:17 ----A---- C:\Windows\system32\mswstr10.dll 2009-06-28 12:23:17 ----A---- C:\Windows\system32\mswsock.dll 2009-06-28 12:23:17 ----A---- C:\Windows\system32\mswdat10.dll 2009-06-28 12:23:17 ----A---- C:\Windows\system32\msv1_0.dll 2009-06-28 12:23:16 ----A---- C:\Windows\system32\netplwiz.dll 2009-06-28 12:23:16 ----A---- C:\Windows\system32\netlogon.dll 2009-06-28 12:23:16 ----A---- C:\Windows\system32\netiohlp.dll 2009-06-28 12:23:16 ----A---- C:\Windows\system32\netcenter.dll 2009-06-28 12:23:16 ----A---- C:\Windows\system32\MSVidCtl.dll 2009-06-28 12:23:16 ----A---- C:\Windows\system32\msvcrt.dll 2009-06-28 12:23:16 ----A---- C:\Windows\system32\msvcp60.dll 2009-06-28 12:23:16 ----A---- C:\Windows\system32\msutb.dll 2009-06-28 12:23:15 ----A---- C:\Windows\system32\perfdisk.dll 2009-06-28 12:23:15 ----A---- C:\Windows\system32\PerfCenterCPL.dll 2009-06-28 12:23:15 ----A---- C:\Windows\system32\netapi32.dll 2009-06-28 12:23:15 ----A---- C:\Windows\system32\ncryptui.dll 2009-06-28 12:23:15 ----A---- C:\Windows\system32\ncrypt.dll 2009-06-28 12:23:15 ----A---- C:\Windows\system32\NcdProp.dll 2009-06-28 12:23:15 ----A---- C:\Windows\system32\NaturalLanguage6.dll 2009-06-28 12:23:14 ----A---- C:\Windows\system32\pdh.dll 2009-06-28 12:23:14 ----A---- C:\Windows\system32\pcaui.dll 2009-06-28 12:23:13 ----A---- C:\Windows\system32\pnpsetup.dll 2009-06-28 12:23:13 ----A---- C:\Windows\system32\pnidui.dll 2009-06-28 12:23:12 ----A---- C:\Windows\system32\pidgenx.dll 2009-06-28 12:23:12 ----A---- C:\Windows\system32\photowiz.dll 2009-06-28 12:23:12 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll 2009-06-28 12:23:11 ----A---- C:\Windows\system32\odbcconf.dll 2009-06-28 12:23:11 ----A---- C:\Windows\system32\odbc32.dll 2009-06-28 12:23:11 ----A---- C:\Windows\system32\ocsetup.exe 2009-06-28 12:23:11 ----A---- C:\Windows\system32\occache.dll 2009-06-28 12:23:10 ----A---- C:\Windows\system32\p2psvc.dll 2009-06-28 12:23:10 ----A---- C:\Windows\system32\P2PGraph.dll 2009-06-28 12:23:10 ----A---- C:\Windows\system32\oobefldr.dll 2009-06-28 12:23:10 ----A---- C:\Windows\system32\ntprint.dll 2009-06-28 12:23:10 ----A---- C:\Windows\system32\ntmarta.dll 2009-06-28 12:23:09 ----A---- C:\Windows\system32\osk.exe 2009-06-28 12:23:09 ----A---- C:\Windows\system32\ole32.dll 2009-06-28 12:23:09 ----A---- C:\Windows\system32\offfilt.dll 2009-06-28 12:23:09 ----A---- C:\Windows\system32\odbccp32.dll 2009-06-28 12:23:08 ----A---- C:\Windows\system32\onex.dll 2009-06-28 12:23:08 ----A---- C:\Windows\system32\olepro32.dll 2009-06-28 12:23:08 ----A---- C:\Windows\system32\oleprn.dll 2009-06-28 12:23:08 ----A---- C:\Windows\system32\oleaut32.dll 2009-06-28 12:23:08 ----A---- C:\Windows\system32\msexcl40.dll 2009-06-28 12:23:08 ----A---- C:\Windows\system32\msexch40.dll 2009-06-28 12:23:08 ----A---- C:\Windows\system32\msdrm.dll 2009-06-28 12:23:08 ----A---- C:\Windows\system32\msctfui.dll 2009-06-28 12:23:08 ----A---- C:\Windows\system32\msctfp.dll 2009-06-28 12:23:08 ----A---- C:\Windows\system32\MsCtfMonitor.dll 2009-06-28 12:23:08 ----A---- C:\Windows\system32\msctf.dll 2009-06-28 12:23:07 ----A---- C:\Windows\system32\msimsg.dll 2009-06-28 12:23:07 ----A---- C:\Windows\system32\msihnd.dll 2009-06-28 12:23:07 ----A---- C:\Windows\system32\msdtcprx.dll 2009-06-28 12:23:06 ----A---- C:\Windows\system32\msiexec.exe 2009-06-28 12:23:06 ----A---- C:\Windows\system32\msi.dll 2009-06-28 12:23:06 ----A---- C:\Windows\system32\mshtmled.dll 2009-06-28 12:23:06 ----A---- C:\Windows\system32\msftedit.dll 2009-06-28 12:23:06 ----A---- C:\Windows\system32\msfeedsbs.dll 2009-06-28 12:23:06 ----A---- C:\Windows\system32\msfeeds.dll 2009-06-28 12:23:05 ----A---- C:\Windows\system32\msrating.dll 2009-06-28 12:23:05 ----A---- C:\Windows\system32\mscories.dll 2009-06-28 12:23:05 ----A---- C:\Windows\system32\mscorier.dll 2009-06-28 12:23:05 ----A---- C:\Windows\system32\mscoree.dll 2009-06-28 12:23:05 ----A---- C:\Windows\system32\mscms.dll 2009-06-28 12:23:05 ----A---- C:\Windows\system32\mscandui.dll 2009-06-28 12:23:05 ----A---- C:\Windows\system32\MSAC3ENC.DLL 2009-06-28 12:23:04 ----A---- C:\Windows\system32\msscntrs.dll 2009-06-28 12:23:04 ----A---- C:\Windows\system32\msscb.dll 2009-06-28 12:23:04 ----A---- C:\Windows\system32\msrepl40.dll 2009-06-28 12:23:04 ----A---- C:\Windows\system32\msrd3x40.dll 2009-06-28 12:23:04 ----A---- C:\Windows\system32\msrd2x40.dll 2009-06-28 12:23:04 ----A---- C:\Windows\system32\mspbde40.dll 2009-06-28 12:23:04 ----A---- C:\Windows\system32\msltus40.dll 2009-06-28 12:23:04 ----A---- C:\Windows\system32\msjtes40.dll 2009-06-28 12:23:04 ----A---- C:\Windows\system32\msjter40.dll 2009-06-28 12:23:04 ----A---- C:\Windows\system32\msjint40.dll 2009-06-28 12:23:04 ----A---- C:\Windows\system32\msjet40.dll 2009-06-28 12:23:04 ----A---- C:\Windows\system32\msisip.dll 2009-06-28 12:23:03 ----A---- C:\Windows\system32\mstsc.exe 2009-06-28 12:23:03 ----A---- C:\Windows\system32\mstlsapi.dll 2009-06-28 12:23:03 ----A---- C:\Windows\system32\mstime.dll 2009-06-28 12:23:03 ----A---- C:\Windows\system32\mstext40.dll 2009-06-28 12:23:03 ----A---- C:\Windows\system32\mssvp.dll 2009-06-28 12:23:03 ----A---- C:\Windows\system32\mssitlb.dll 2009-06-28 12:23:03 ----A---- C:\Windows\system32\msshsq.dll 2009-06-28 12:23:03 ----A---- C:\Windows\system32\msnetobj.dll 2009-06-28 12:23:03 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL 2009-06-28 12:23:03 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL 2009-06-28 12:23:03 ----A---- C:\Windows\system32\msjetoledb40.dll 2009-06-28 12:23:02 ----A---- C:\Windows\system32\msstrc.dll 2009-06-28 12:23:02 ----A---- C:\Windows\system32\mssrch.dll 2009-06-28 12:23:02 ----A---- C:\Windows\system32\mssprxy.dll 2009-06-28 12:23:02 ----A---- C:\Windows\system32\mssphtb.dll 2009-06-28 12:23:02 ----A---- C:\Windows\system32\mssph.dll 2009-06-28 12:23:02 ----A---- C:\Windows\system32\msshooks.dll 2009-06-28 12:23:02 ----A---- C:\Windows\system32\msscp.dll 2009-06-28 12:23:02 ----A---- C:\Windows\system32\msinfo32.exe 2009-06-28 12:23:02 ----A---- C:\Windows\system32\msimtf.dll 2009-06-28 12:23:01 ----A---- C:\Windows\system32\secproc_ssp.dll 2009-06-28 12:23:01 ----A---- C:\Windows\system32\secproc_isv.dll 2009-06-28 12:23:01 ----A---- C:\Windows\system32\secproc.dll 2009-06-28 12:23:01 ----A---- C:\Windows\system32\scrrun.dll 2009-06-28 12:23:01 ----A---- C:\Windows\system32\scrobj.dll 2009-06-28 12:23:01 ----A---- C:\Windows\system32\scksp.dll 2009-06-28 12:23:00 ----A---- C:\Windows\system32\secur32.dll 2009-06-28 12:23:00 ----A---- C:\Windows\system32\secproc_ssp_isv.dll 2009-06-28 12:23:00 ----A---- C:\Windows\system32\SearchProtocolHost.exe 2009-06-28 12:23:00 ----A---- C:\Windows\system32\SearchIndexer.exe 2009-06-28 12:23:00 ----A---- C:\Windows\system32\SearchFilterHost.exe 2009-06-28 12:23:00 ----A---- C:\Windows\system32\sdohlp.dll 2009-06-28 12:22:58 ----A---- C:\Windows\system32\puiapi.dll 2009-06-28 12:22:57 ----A---- C:\Windows\system32\rasdial.exe 2009-06-28 12:22:57 ----A---- C:\Windows\system32\rasdiag.dll 2009-06-28 12:22:57 ----A---- C:\Windows\system32\raschap.dll 2009-06-28 12:22:57 ----A---- C:\Windows\system32\rasapi32.dll 2009-06-28 12:22:57 ----A---- C:\Windows\system32\RacEngn.dll 2009-06-28 12:22:57 ----A---- C:\Windows\system32\Query.dll 2009-06-28 12:22:57 ----A---- C:\Windows\system32\quartz.dll 2009-06-28 12:22:57 ----A---- C:\Windows\system32\qedit.dll 2009-06-28 12:22:57 ----A---- C:\Windows\system32\qdvd.dll 2009-06-28 12:22:57 ----A---- C:\Windows\system32\psisdecd.dll 2009-06-28 12:22:56 ----A---- C:\Windows\system32\printui.dll 2009-06-28 12:22:56 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2009-06-28 12:22:56 ----A---- C:\Windows\system32\powrprof.dll 2009-06-28 12:22:56 ----A---- C:\Windows\system32\powercpl.dll 2009-06-28 12:22:56 ----A---- C:\Windows\system32\PortableDeviceTypes.dll 2009-06-28 12:22:56 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll 2009-06-28 12:22:56 ----A---- C:\Windows\system32\PortableDeviceApi.dll 2009-06-28 12:22:55 ----A---- C:\Windows\system32\propsys.dll 2009-06-28 12:22:55 ----A---- C:\Windows\system32\propdefs.dll 2009-06-28 12:22:55 ----A---- C:\Windows\system32\prnntfy.dll 2009-06-28 12:22:55 ----A---- C:\Windows\system32\PresentationNative_v0300.dll 2009-06-28 12:22:55 ----A---- C:\Windows\system32\PresentationHostProxy.dll 2009-06-28 12:22:55 ----A---- C:\Windows\system32\PresentationHost.exe 2009-06-28 12:22:54 ----A---- C:\Windows\system32\scesrv.dll 2009-06-28 12:22:54 ----A---- C:\Windows\system32\SCardSvr.dll 2009-06-28 12:22:54 ----A---- C:\Windows\system32\scansetting.dll 2009-06-28 12:22:54 ----A---- C:\Windows\system32\rsaenh.dll 2009-06-28 12:22:54 ----A---- C:\Windows\system32\rrinstaller.exe 2009-06-28 12:22:54 ----A---- C:\Windows\system32\rpchttp.dll 2009-06-28 12:22:54 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe 2009-06-28 12:22:54 ----A---- C:\Windows\system32\RMActivate_ssp.exe 2009-06-28 12:22:54 ----A---- C:\Windows\system32\RMActivate_isv.exe 2009-06-28 12:22:54 ----A---- C:\Windows\system32\RMActivate.exe 2009-06-28 12:22:54 ----A---- C:\Windows\system32\riched20.dll 2009-06-28 12:22:53 ----A---- C:\Windows\system32\schannel.dll 2009-06-28 12:22:53 ----A---- C:\Windows\system32\scecli.dll 2009-06-28 12:22:53 ----A---- C:\Windows\system32\samlib.dll 2009-06-28 12:22:53 ----A---- C:\Windows\system32\rtutils.dll 2009-06-28 12:22:53 ----A---- C:\Windows\system32\rtffilt.dll 2009-06-28 12:22:53 ----A---- C:\Windows\system32\rdpencom.dll 2009-06-28 12:22:53 ----A---- C:\Windows\system32\rasplap.dll 2009-06-28 12:22:53 ----A---- C:\Windows\system32\rasmontr.dll 2009-06-28 12:22:52 ----A---- C:\Windows\system32\RelMon.dll 2009-06-28 12:22:52 ----A---- C:\Windows\system32\rekeywiz.exe 2009-06-28 12:22:52 ----A---- C:\Windows\system32\regapi.dll 2009-06-28 12:22:52 ----A---- C:\Windows\system32\reg.exe 2009-06-28 12:22:52 ----A---- C:\Windows\system32\rastls.dll 2009-06-28 12:22:52 ----A---- C:\Windows\system32\rastapi.dll 2009-06-28 12:22:52 ----A---- C:\Windows\system32\rasppp.dll 2009-06-28 12:22:52 ----A---- C:\Windows\system32\rasgcw.dll 2009-06-28 12:22:52 ----A---- C:\Windows\system32\rasdlg.dll 2009-06-28 12:22:51 ----A---- C:\Windows\system32\dsound.dll 2009-06-28 12:22:51 ----A---- C:\Windows\system32\dot3msm.dll 2009-06-28 12:22:51 ----A---- C:\Windows\system32\dot3cfg.dll 2009-06-28 12:22:51 ----A---- C:\Windows\system32\dnsapi.dll 2009-06-28 12:22:51 ----A---- C:\Windows\system32\dmusic.dll 2009-06-28 12:22:51 ----A---- C:\Windows\system32\dmsynth.dll 2009-06-28 12:22:51 ----A---- C:\Windows\system32\diskraid.exe 2009-06-28 12:22:51 ----A---- C:\Windows\system32\diskpart.exe 2009-06-28 12:22:51 ----A---- C:\Windows\system32\dimsroam.dll 2009-06-28 12:22:50 ----A---- C:\Windows\system32\dsprop.dll 2009-06-28 12:22:50 ----A---- C:\Windows\system32\drvstore.dll 2009-06-28 12:22:50 ----A---- C:\Windows\system32\drvinst.exe 2009-06-28 12:22:50 ----A---- C:\Windows\system32\drmv2clt.dll 2009-06-28 12:22:50 ----A---- C:\Windows\system32\drmmgrtn.dll 2009-06-28 12:22:50 ----A---- C:\Windows\system32\dpapimig.exe 2009-06-28 12:22:50 ----A---- C:\Windows\system32\DevicePairing.dll 2009-06-28 12:22:50 ----A---- C:\Windows\system32\dbgeng.dll 2009-06-28 12:22:50 ----A---- C:\Windows\system32\davclnt.dll 2009-06-28 12:22:50 ----A---- C:\Windows\system32\dataclen.dll 2009-06-28 12:22:50 ----A---- C:\Windows\system32\cscript.exe 2009-06-28 12:22:49 ----A---- C:\Windows\system32\dhcpcsvc6.dll 2009-06-28 12:22:49 ----A---- C:\Windows\system32\dhcpcsvc.dll 2009-06-28 12:22:49 ----A---- C:\Windows\system32\devmgr.dll 2009-06-28 12:22:49 ----A---- C:\Windows\system32\DevicePairingWizard.exe 2009-06-28 12:22:49 ----A---- C:\Windows\system32\DevicePairingProxy.dll 2009-06-28 12:22:49 ----A---- C:\Windows\system32\d3d9.dll 2009-06-28 12:22:48 ----A---- C:\Windows\system32\fdSSDP.dll 2009-06-28 12:22:48 ----A---- C:\Windows\system32\fdProxy.dll 2009-06-28 12:22:48 ----A---- C:\Windows\system32\fdeploy.dll 2009-06-28 12:22:48 ----A---- C:\Windows\system32\fdBthProxy.dll 2009-06-28 12:22:48 ----A---- C:\Windows\system32\fdBth.dll 2009-06-28 12:22:48 ----A---- C:\Windows\system32\fc.exe 2009-06-28 12:22:48 ----A---- C:\Windows\system32\Faultrep.dll 2009-06-28 12:22:48 ----A---- C:\Windows\system32\f3ahvoas.dll 2009-06-28 12:22:48 ----A---- C:\Windows\system32\extmgr.dll 2009-06-28 12:22:48 ----A---- C:\Windows\system32\ExplorerFrame.dll 2009-06-28 12:22:48 ----A---- C:\Windows\system32\dfshim.dll 2009-06-28 12:22:48 ----A---- C:\Windows\explorer.exe 2009-06-28 12:22:47 ----A---- C:\Windows\system32\fundisc.dll 2009-06-28 12:22:47 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll 2009-06-28 12:22:47 ----A---- C:\Windows\system32\ftp.exe 2009-06-28 12:22:47 ----A---- C:\Windows\system32\fontext.dll 2009-06-28 12:22:47 ----A---- C:\Windows\system32\findstr.exe 2009-06-28 12:22:47 ----A---- C:\Windows\system32\feclient.dll 2009-06-28 12:22:47 ----A---- C:\Windows\system32\explorer.exe 2009-06-28 12:22:46 ----A---- C:\Windows\system32\fdWSD.dll 2009-06-28 12:22:46 ----A---- C:\Windows\system32\fdWCN.dll 2009-06-28 12:22:46 ----A---- C:\Windows\system32\EhStorAPI.dll 2009-06-28 12:22:46 ----A---- C:\Windows\system32\eapphost.dll 2009-06-28 12:22:46 ----A---- C:\Windows\system32\eappgnui.dll 2009-06-28 12:22:46 ----A---- C:\Windows\system32\eappcfg.dll 2009-06-28 12:22:45 ----A---- C:\Windows\system32\evr.dll 2009-06-28 12:22:45 ----A---- C:\Windows\system32\eudcedit.exe 2009-06-28 12:22:45 ----A---- C:\Windows\system32\esent.dll 2009-06-28 12:22:45 ----A---- C:\Windows\system32\es.dll 2009-06-28 12:22:45 ----A---- C:\Windows\system32\EncDec.dll 2009-06-28 12:22:45 ----A---- C:\Windows\system32\EhStorShell.dll 2009-06-28 12:22:45 ----A---- C:\Windows\system32\EhStorPwdMgr.dll 2009-06-28 12:22:45 ----A---- C:\Windows\system32\EhStorAuthn.dll 2009-06-28 12:22:45 ----A---- C:\Windows\system32\eapp3hst.dll 2009-06-28 12:22:44 ----A---- C:\Windows\system32\blackbox.dll 2009-06-28 12:22:44 ----A---- C:\Windows\system32\bcrypt.dll 2009-06-28 12:22:44 ----A---- C:\Windows\system32\basecsp.dll 2009-06-28 12:22:44 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll 2009-06-28 12:22:44 ----A---- C:\Windows\system32\autoplay.dll 2009-06-28 12:22:44 ----A---- C:\Windows\system32\autoconv.exe 2009-06-28 12:22:43 ----A---- C:\Windows\system32\bthudtask.exe 2009-06-28 12:22:43 ----A---- C:\Windows\system32\azroles.dll 2009-06-28 12:22:43 ----A---- C:\Windows\system32\autofmt.exe 2009-06-28 12:22:42 ----A---- C:\Windows\system32\browseui.dll 2009-06-28 12:22:41 ----A---- C:\Windows\system32\autochk.exe 2009-06-28 12:22:41 ----A---- C:\Windows\system32\authz.dll 2009-06-28 12:22:41 ----A---- C:\Windows\system32\authui.dll 2009-06-28 12:22:41 ----A---- C:\Windows\system32\AUDIOKSE.dll 2009-06-28 12:22:41 ----A---- C:\Windows\system32\AudioEng.dll 2009-06-28 12:22:41 ----A---- C:\Windows\system32\audiodg.exe 2009-06-28 12:22:41 ----A---- C:\Windows\system32\atmlib.dll 2009-06-28 12:22:41 ----A---- C:\Windows\system32\Apphlpdm.dll 2009-06-28 12:22:41 ----A---- C:\Windows\system32\apphelp.dll 2009-06-28 12:22:41 ----A---- C:\Windows\system32\apds.dll 2009-06-28 12:22:40 ----A---- C:\Windows\system32\comdlg32.dll 2009-06-28 12:22:40 ----A---- C:\Windows\system32\cmmon32.exe 2009-06-28 12:22:40 ----A---- C:\Windows\system32\cmdial32.dll 2009-06-28 12:22:40 ----A---- C:\Windows\system32\AudioSes.dll 2009-06-28 12:22:39 ----A---- C:\Windows\system32\cscdll.dll 2009-06-28 12:22:39 ----A---- C:\Windows\system32\cscapi.dll 2009-06-28 12:22:39 ----A---- C:\Windows\system32\cryptui.dll 2009-06-28 12:22:39 ----A---- C:\Windows\system32\cryptsvc.dll 2009-06-28 12:22:39 ----A---- C:\Windows\system32\crypt32.dll 2009-06-28 12:22:39 ----A---- C:\Windows\system32\connect.dll 2009-06-28 12:22:39 ----A---- C:\Windows\system32\conime.exe 2009-06-28 12:22:39 ----A---- C:\Windows\system32\comuid.dll 2009-06-28 12:22:38 ----A---- C:\Windows\system32\credui.dll 2009-06-28 12:22:38 ----A---- C:\Windows\system32\comsvcs.dll 2009-06-28 12:22:38 ----A---- C:\Windows\system32\certreq.exe 2009-06-28 12:22:38 ----A---- C:\Windows\system32\certmgr.dll 2009-06-28 12:22:38 ----A---- C:\Windows\system32\CertEnrollUI.dll 2009-06-28 12:22:38 ----A---- C:\Windows\system32\CertEnroll.dll 2009-06-28 12:22:37 ----A---- C:\Windows\system32\cipher.exe 2009-06-28 12:22:37 ----A---- C:\Windows\system32\chtbrkr.dll 2009-06-28 12:22:37 ----A---- C:\Windows\system32\certcli.dll 2009-06-28 12:22:36 ----A---- C:\Windows\system32\CHxReadingStringIME.dll 2009-06-28 12:22:36 ----A---- C:\Windows\system32\chsbrkr.dll 2009-06-28 12:22:36 ----A---- C:\Windows\system32\certutil.exe 2009-06-28 12:22:35 ----A---- C:\Windows\system32\korwbrkr.dll 2009-06-28 12:22:35 ----A---- C:\Windows\system32\kernel32.dll 2009-06-28 12:22:35 ----A---- C:\Windows\system32\kerberos.dll 2009-06-28 12:22:35 ----A---- C:\Windows\system32\jscript.dll 2009-06-28 12:22:34 ----A---- C:\Windows\system32\Magnify.exe 2009-06-28 12:22:34 ----A---- C:\Windows\system32\lpk.dll 2009-06-28 12:22:34 ----A---- C:\Windows\system32\logman.exe 2009-06-28 12:22:34 ----A---- C:\Windows\system32\logagent.exe 2009-06-28 12:22:34 ----A---- C:\Windows\system32\l2nacp.dll 2009-06-28 12:22:33 ----A---- C:\Windows\system32\input.dll 2009-06-28 12:22:33 ----A---- C:\Windows\system32\InkEd.dll 2009-06-28 12:22:33 ----A---- C:\Windows\system32\infocardapi.dll 2009-06-28 12:22:33 ----A---- C:\Windows\system32\inetcomm.dll 2009-06-28 12:22:32 ----A---- C:\Windows\system32\ipsmsnap.dll 2009-06-28 12:22:32 ----A---- C:\Windows\system32\ipconfig.exe 2009-06-28 12:22:31 ----A---- C:\Windows\system32\midimap.dll 2009-06-28 12:22:31 ----A---- C:\Windows\system32\ipsecsnp.dll 2009-06-28 12:22:31 ----A---- C:\Windows\system32\IPHLPAPI.DLL 2009-06-28 12:22:30 ----A---- C:\Windows\system32\mmc.exe 2009-06-28 12:22:30 ----A---- C:\Windows\system32\mimefilt.dll 2009-06-28 12:22:30 ----A---- C:\Windows\system32\milcore.dll 2009-06-28 12:22:29 ----A---- C:\Windows\system32\mprapi.dll 2009-06-28 12:22:29 ----A---- C:\Windows\system32\mpr.dll 2009-06-28 12:22:28 ----A---- C:\Windows\system32\modemui.dll 2009-06-28 12:22:28 ----A---- C:\Windows\system32\MMDevAPI.dll 2009-06-28 12:22:28 ----A---- C:\Windows\system32\mmcndmgr.dll 2009-06-28 12:22:28 ----A---- C:\Windows\system32\mmcico.dll 2009-06-28 12:22:28 ----A---- C:\Windows\system32\mmci.dll 2009-06-28 12:22:28 ----A---- C:\Windows\system32\mferror.dll 2009-06-28 12:22:28 ----A---- C:\Windows\system32\mfc42u.dll 2009-06-28 12:22:27 ----A---- C:\Windows\system32\mfps.dll 2009-06-28 12:22:27 ----A---- C:\Windows\system32\mfpmp.exe 2009-06-28 12:22:27 ----A---- C:\Windows\system32\mfplat.dll 2009-06-28 12:22:27 ----A---- C:\Windows\system32\mfc42.dll 2009-06-28 12:22:27 ----A---- C:\Windows\system32\mf.dll 2009-06-28 12:22:27 ----A---- C:\Windows\system32\MediaMetadataHandler.dll 2009-06-28 12:22:25 ----A---- C:\Windows\system32\hidserv.dll 2009-06-28 12:22:25 ----A---- C:\Windows\system32\hdwwiz.exe 2009-06-28 12:22:24 ----A---- C:\Windows\system32\iassdo.dll 2009-06-28 12:22:24 ----A---- C:\Windows\system32\iassam.dll 2009-06-28 12:22:24 ----A---- C:\Windows\system32\iasrecst.dll 2009-06-28 12:22:24 ----A---- C:\Windows\system32\iasrad.dll 2009-06-28 12:22:24 ----A---- C:\Windows\system32\iaspolcy.dll 2009-06-28 12:22:24 ----A---- C:\Windows\system32\iasnap.dll 2009-06-28 12:22:24 ----A---- C:\Windows\system32\IasMigReader.exe 2009-06-28 12:22:24 ----A---- C:\Windows\system32\IasMigPlugin.dll 2009-06-28 12:22:24 ----A---- C:\Windows\system32\iasacct.dll 2009-06-28 12:22:24 ----A---- C:\Windows\system32\hbaapi.dll 2009-06-28 12:22:23 ----A---- C:\Windows\system32\iashlpr.dll 2009-06-28 12:22:23 ----A---- C:\Windows\system32\iasdatastore.dll 2009-06-28 12:22:23 ----A---- C:\Windows\system32\iasads.dll 2009-06-28 12:22:23 ----A---- C:\Windows\system32\gdi32.dll 2009-06-28 12:22:22 ----A---- C:\Windows\system32\gpedit.dll 2009-06-28 12:22:22 ----A---- C:\Windows\system32\gpapi.dll 2009-06-28 12:22:22 ----A---- C:\Windows\system32\gameux.dll 2009-06-28 12:22:22 ----A---- C:\Windows\system32\FwRemoteSvr.dll 2009-06-28 12:22:22 ----A---- C:\Windows\system32\FWPUCLNT.DLL 2009-06-28 12:22:21 ----A---- C:\Windows\system32\gpupdate.exe 2009-06-28 12:22:21 ----A---- C:\Windows\system32\gpresult.exe 2009-06-28 12:22:18 ----A---- C:\Windows\system32\IMJP10K.DLL 2009-06-28 12:22:17 ----A---- C:\Windows\system32\imm32.dll 2009-06-28 12:22:16 ----A---- C:\Windows\system32\ifmon.dll 2009-06-28 12:22:16 ----A---- C:\Windows\system32\iertutil.dll 2009-06-28 12:22:16 ----A---- C:\Windows\system32\iepeers.dll 2009-06-28 12:22:15 ----A---- C:\Windows\system32\imapi2fs.dll 2009-06-28 12:22:15 ----A---- C:\Windows\system32\imapi2.dll 2009-06-28 12:22:15 ----A---- C:\Windows\system32\imapi.dll 2009-06-28 12:22:15 ----A---- C:\Windows\system32\iedkcs32.dll 2009-06-28 12:22:15 ----A---- C:\Windows\system32\ieapfltr.dll 2009-06-28 12:22:15 ----A---- C:\Windows\system32\ieaksie.dll 2009-06-28 12:22:15 ----A---- C:\Windows\system32\icardres.dll 2009-06-28 12:22:15 ----A---- C:\Windows\system32\icardagt.exe 2009-06-28 12:22:15 ----A---- C:\Windows\system32\iassvcs.dll 2009-06-28 12:22:13 ----A---- C:\Windows\system32\untfs.dll 2009-06-28 12:22:12 ----A---- C:\Windows\system32\vbscript.dll 2009-06-28 12:22:11 ----A---- C:\Windows\system32\vdsutil.dll 2009-06-28 12:22:11 ----A---- C:\Windows\system32\vdsdyn.dll 2009-06-28 12:22:11 ----A---- C:\Windows\system32\vdmdbg.dll 2009-06-28 12:22:11 ----A---- C:\Windows\system32\Utilman.exe 2009-06-28 12:22:11 ----A---- C:\Windows\system32\usercpl.dll 2009-06-28 12:22:11 ----A---- C:\Windows\system32\user32.dll 2009-06-28 12:22:10 ----A---- C:\Windows\system32\usp10.dll 2009-06-28 12:22:10 ----A---- C:\Windows\system32\userenv.dll 2009-06-28 12:22:10 ----A---- C:\Windows\system32\TsWpfWrp.exe 2009-06-28 12:22:10 ----A---- C:\Windows\system32\TSTheme.exe 2009-06-28 12:22:09 ----A---- C:\Windows\system32\ulib.dll 2009-06-28 12:22:06 ----A---- C:\Windows\system32\wdscore.dll 2009-06-28 12:22:06 ----A---- C:\Windows\system32\wdc.dll 2009-06-28 12:22:06 ----A---- C:\Windows\system32\wcnwiz2.dll 2009-06-28 12:22:06 ----A---- C:\Windows\system32\wcnwiz.dll 2009-06-28 12:22:06 ----A---- C:\Windows\system32\WcnNetsh.dll 2009-06-28 12:22:06 ----A---- C:\Windows\system32\wcncsvc.dll 2009-06-28 12:22:04 ----A---- C:\Windows\system32\vssapi.dll 2009-06-28 12:22:04 ----A---- C:\Windows\system32\version.dll 2009-06-28 12:21:59 ----A---- C:\Windows\system32\SyncCenter.dll 2009-06-28 12:21:57 ----A---- C:\Windows\system32\sud.dll 2009-06-28 12:21:55 ----A---- C:\Windows\system32\tquery.dll 2009-06-28 12:21:55 ----A---- C:\Windows\system32\thawbrkr.dll 2009-06-28 12:21:54 ----A---- C:\Windows\system32\tsgqec.dll 2009-06-28 12:21:54 ----A---- C:\Windows\system32\themeui.dll 2009-06-28 12:21:54 ----A---- C:\Windows\system32\themecpl.dll 2009-06-28 12:21:53 ----A---- C:\Windows\system32\tscupgrd.exe 2009-06-28 12:21:53 ----A---- C:\Windows\system32\tsbyuv.dll 2009-06-28 12:21:53 ----A---- C:\Windows\system32\systemcpl.dll 2009-06-28 12:21:51 ----A---- C:\Windows\system32\tcpmon.dll 2009-06-28 12:21:51 ----A---- C:\Windows\system32\tcpipcfg.dll 2009-06-28 12:21:51 ----A---- C:\Windows\system32\taskeng.exe 2009-06-28 12:21:51 ----A---- C:\Windows\system32\taskcomp.dll 2009-06-28 12:21:50 ----A---- C:\Windows\system32\WscEapPr.dll 2009-06-28 12:21:50 ----A---- C:\Windows\system32\tapisrv.dll 2009-06-28 12:21:49 ----A---- C:\Windows\system32\wscript.exe 2009-06-28 12:21:49 ----A---- C:\Windows\system32\wscntfy.dll 2009-06-28 12:21:49 ----A---- C:\Windows\system32\wscisvif.dll 2009-06-28 12:21:49 ----A---- C:\Windows\system32\wscapi.dll 2009-06-28 12:21:49 ----A---- C:\Windows\system32\wpdwcn.dll 2009-06-28 12:21:48 ----A---- C:\Windows\system32\wsnmp32.dll 2009-06-28 12:21:48 ----A---- C:\Windows\system32\WsmSvc.dll 2009-06-28 12:21:48 ----A---- C:\Windows\system32\wshext.dll 2009-06-28 12:21:48 ----A---- C:\Windows\system32\wshbth.dll 2009-06-28 12:21:48 ----A---- C:\Windows\system32\WSDMon.dll 2009-06-28 12:21:48 ----A---- C:\Windows\system32\wsdchngr.dll 2009-06-28 12:21:48 ----A---- C:\Windows\system32\WSDApi.dll 2009-06-28 12:21:47 ----A---- C:\Windows\system32\wmpps.dll 2009-06-28 12:21:47 ----A---- C:\Windows\system32\wmpmde.dll 2009-06-28 12:21:47 ----A---- C:\Windows\system32\WMPhoto.dll 2009-06-28 12:21:47 ----A---- C:\Windows\system32\WMPEncEn.dll 2009-06-28 12:21:47 ----A---- C:\Windows\system32\wmpeffects.dll 2009-06-28 12:21:46 ----A---- C:\Windows\system32\WMNetMgr.dll 2009-06-28 12:21:41 ----A---- C:\Windows\system32\wpcao.dll 2009-06-28 12:21:40 ----A---- C:\Windows\system32\wpcsvc.dll 2009-06-28 12:21:40 ----A---- C:\Windows\system32\WMVXENCD.DLL 2009-06-28 12:21:39 ----A---- C:\Windows\system32\WMVSDECD.DLL 2009-06-28 12:21:39 ----A---- C:\Windows\system32\WMVCORE.DLL 2009-06-28 12:21:36 ----A---- C:\Windows\system32\WMVENCOD.DLL 2009-06-28 12:21:36 ----A---- C:\Windows\system32\WMVDECOD.DLL 2009-06-28 12:21:34 ----A---- C:\Windows\system32\accessibilitycpl.dll 2009-06-28 12:21:27 ----A---- C:\Windows\system32\zipfldr.dll 2009-06-28 12:21:27 ----A---- C:\Windows\system32\xmlfilter.dll 2009-06-28 12:21:27 ----A---- C:\Windows\system32\aaclient.dll 2009-06-28 12:21:24 ----A---- C:\Windows\system32\wusa.exe 2009-06-28 12:21:17 ----A---- C:\Windows\system32\adtschema.dll 2009-06-28 12:21:17 ----A---- C:\Windows\system32\adsmsext.dll 2009-06-28 12:21:16 ----A---- C:\Windows\system32\advapi32.dll 2009-06-28 12:21:15 ----A---- C:\Windows\system32\adsldpc.dll 2009-06-28 12:21:14 ----A---- C:\Windows\system32\WindowsCodecsExt.dll 2009-06-28 12:21:03 ----A---- C:\Windows\system32\WindowsCodecs.dll 2009-06-28 12:20:52 ----A---- C:\Windows\system32\WebClnt.dll 2009-06-28 12:20:52 ----A---- C:\Windows\system32\webcheck.dll 2009-06-28 12:20:51 ----A---- C:\Windows\system32\wmdrmsdk.dll 2009-06-28 12:20:51 ----A---- C:\Windows\system32\wmdrmnet.dll 2009-06-28 12:20:51 ----A---- C:\Windows\system32\wmdrmdev.dll 2009-06-28 12:20:51 ----A---- C:\Windows\system32\WMADMOD.DLL 2009-06-28 12:20:51 ----A---- C:\Windows\system32\wlgpclnt.dll 2009-06-28 12:20:51 ----A---- C:\Windows\system32\Wldap32.dll 2009-06-28 12:20:51 ----A---- C:\Windows\system32\win32spl.dll 2009-06-28 12:20:51 ----A---- C:\Windows\system32\wiaaut.dll 2009-06-28 12:20:51 ----A---- C:\Windows\system32\whealogr.dll 2009-06-28 12:20:51 ----A---- C:\Windows\system32\wevtutil.exe 2009-06-28 12:20:51 ----A---- C:\Windows\system32\wevtapi.dll 2009-06-28 12:20:51 ----A---- C:\Windows\system32\WerFaultSecure.exe 2009-06-28 12:20:51 ----A---- C:\Windows\system32\WerFault.exe 2009-06-28 12:20:51 ----A---- C:\Windows\system32\wer.dll 2009-06-28 12:20:49 ----A---- C:\Windows\system32\WinSCard.dll 2009-06-28 12:20:49 ----A---- C:\Windows\system32\winrnr.dll 2009-06-28 12:20:49 ----A---- C:\Windows\system32\winmm.dll 2009-06-28 12:20:49 ----A---- C:\Windows\system32\winhttp.dll 2009-06-28 12:20:45 ----A---- C:\Windows\system32\wlanpref.dll 2009-06-28 12:20:45 ----A---- C:\Windows\system32\wlanmsm.dll 2009-06-28 12:20:45 ----A---- C:\Windows\system32\wlanhlp.dll 2009-06-28 12:20:45 ----A---- C:\Windows\system32\wlangpui.dll 2009-06-28 12:20:45 ----A---- C:\Windows\system32\winlogon.exe 2009-06-28 12:20:44 ----A---- C:\Windows\system32\wlanui.dll 2009-06-28 12:20:42 ----A---- C:\Windows\system32\softkbd.dll 2009-06-28 12:20:42 ----A---- C:\Windows\system32\SMBHelperClass.dll 2009-06-28 12:20:42 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll 2009-06-28 12:20:42 ----A---- C:\Windows\system32\slwmi.dll 2009-06-28 12:20:42 ----A---- C:\Windows\system32\slwga.dll 2009-06-28 12:20:42 ----A---- C:\Windows\system32\slmgr.vbs 2009-06-28 12:20:42 ----A---- C:\Windows\system32\SLCommDlg.dll 2009-06-28 12:20:41 ----A---- C:\Windows\system32\sperror.dll 2009-06-28 12:20:41 ----A---- C:\Windows\system32\spcmsg.dll 2009-06-28 12:20:41 ----A---- C:\Windows\system32\SndVol.exe 2009-06-28 12:20:41 ----A---- C:\Windows\system32\shwebsvc.dll 2009-06-28 12:20:41 ----A---- C:\Windows\system32\shsvcs.dll 2009-06-28 12:20:41 ----A---- C:\Windows\system32\shsetup.dll 2009-06-28 12:20:41 ----A---- C:\Windows\system32\setupapi.dll 2009-06-28 12:20:41 ----A---- C:\Windows\system32\sethc.exe 2009-06-28 12:20:41 ----A---- C:\Windows\system32\services.exe 2009-06-28 12:20:41 ----A---- C:\Windows\system32\sendmail.dll 2009-06-28 12:20:40 ----A---- C:\Windows\system32\slcinst.dll 2009-06-28 12:20:40 ----A---- C:\Windows\system32\SLCExt.dll 2009-06-28 12:20:40 ----A---- C:\Windows\system32\slcc.dll 2009-06-28 12:20:40 ----A---- C:\Windows\system32\SLC.dll 2009-06-28 12:20:40 ----A---- C:\Windows\system32\shlwapi.dll 2009-06-28 12:20:40 ----A---- C:\Windows\system32\shell32.dll 2009-06-28 12:20:40 ----A---- C:\Windows\system32\shdocvw.dll 2009-06-28 12:20:37 ----A---- C:\Windows\system32\Storprop.dll 2009-06-28 12:20:37 ----A---- C:\Windows\system32\stobject.dll 2009-06-28 12:20:37 ----A---- C:\Windows\system32\spreview.exe 2009-06-28 12:20:36 ----A---- C:\Windows\system32\spp.dll 2009-06-28 12:20:32 ----A---- C:\Windows\system32\srchadmin.dll 2009-06-28 12:20:32 ----A---- C:\Windows\system32\sqlsrv32.dll 2009-06-28 12:20:32 ----A---- C:\Windows\system32\spwizui.dll 2009-06-28 12:20:32 ----A---- C:\Windows\system32\spwinsat.dll 2009-06-28 12:20:32 ----A---- C:\Windows\system32\spoolss.dll 2009-06-28 12:20:32 ----A---- C:\Windows\system32\spinstall.exe 2009-06-28 11:00:47 ----A---- C:\Windows\system32\aswBoot.exe 2009-06-28 10:20:24 ----D---- C:\Program Files (x86)\Windows Installer Clean Up 2009-06-28 10:16:09 ----D---- C:\Program Files (x86)\MSECACHE 2009-06-27 09:52:00 ----D---- C:\Program Files (x86)\MSXML 4.0 2009-06-26 17:24:55 ----D---- C:\Program Files (x86)\Common Files\HP 2009-06-26 14:41:11 ----A---- C:\Windows\system32\javaws.exe 2009-06-26 14:41:11 ----A---- C:\Windows\system32\javaw.exe 2009-06-26 14:41:11 ----A---- C:\Windows\system32\java.exe 2009-06-26 12:06:32 ----D---- C:\ProgramData\WEBREG 2009-06-26 12:02:19 ----D---- C:\Users\DarwizardX\AppData\Roaming\HP 2009-06-26 11:47:35 ----D---- C:\Program Files (x86)\Common Files\Hewlett-Packard 2009-06-26 11:45:38 ----D---- C:\ProgramData\HP 2009-06-26 09:41:49 ----D---- C:\Users\DarwizardX\AppData\Roaming\LimeWire 2009-06-26 09:41:17 ----A---- C:\Windows\system32\deploytk.dll 2009-06-26 09:40:57 ----D---- C:\Program Files (x86)\Java 2009-06-25 19:25:41 ----D---- C:\Users\DarwizardX\AppData\Roaming\Logitech 2009-06-25 19:05:46 ----D---- C:\ProgramData\Logitech 2009-06-25 19:05:33 ----D---- C:\Users\DarwizardX\AppData\Roaming\InstallShield 2009-06-25 19:05:27 ----D---- C:\ProgramData\LogiShrd 2009-06-24 10:18:04 ----D---- C:\Program Files (x86)\Microsoft Works 2009-06-24 10:17:42 ----D---- C:\Program Files (x86)\Common Files\DESIGNER 2009-06-24 10:17:27 ----D---- C:\Program Files (x86)\Microsoft.NET 2009-06-24 10:14:49 ----D---- C:\ProgramData\Microsoft Help 2009-06-24 10:14:49 ----D---- C:\Program Files (x86)\Microsoft Office 2009-06-24 10:14:10 ----RHD---- C:\MSOCache 2009-06-24 07:18:00 ----D---- C:\Windows\pss 2009-06-23 20:12:38 ----D---- C:\Program Files (x86)\WinPcap 2009-06-23 19:07:05 ----A---- C:\Windows\War3Unin.exe 2009-06-23 16:58:02 ----A---- C:\BnetLog.txt 2009-06-23 16:55:01 ----D---- C:\Program Files (x86)\Common Files\Blizzard Entertainment 2009-06-23 12:58:43 ----D---- C:\ProgramData\Azureus 2009-06-23 12:58:42 ----D---- C:\Users\DarwizardX\AppData\Roaming\Azureus 2009-06-23 12:58:13 ----D---- C:\Program Files (x86)\Common Files\i4j_jres 2009-06-23 12:56:57 ----D---- C:\Program Files (x86)\Project64 1.6 2009-06-23 12:55:36 ----D---- C:\Users\DarwizardX\AppData\Roaming\vlc 2009-06-23 12:55:19 ----D---- C:\Program Files (x86)\VideoLAN 2009-06-23 12:54:59 ----D---- C:\Users\DarwizardX\AppData\Roaming\ATI 2009-06-23 12:54:59 ----D---- C:\ProgramData\ATI 2009-06-23 12:50:59 ----D---- C:\ATI 2009-06-23 12:48:04 ----D---- C:\ProgramData\Spybot - Search & Destroy 2009-06-23 12:48:04 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2009-06-23 12:41:52 ----D---- C:\Users\DarwizardX\AppData\Roaming\Macromedia 2009-06-23 12:41:52 ----D---- C:\Users\DarwizardX\AppData\Roaming\Adobe 2009-06-23 12:38:39 ----A---- C:\Windows\system32\d3dx9_32.dll 2009-06-23 12:38:22 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2009-06-23 12:37:19 ----D---- C:\Windows\system32\Macromed 2009-06-23 12:37:07 ----D---- C:\Users\DarwizardX\AppData\Roaming\teamspeak2 2009-06-23 12:37:03 ----D---- C:\Program Files (x86)\Microsoft 2009-06-23 12:36:47 ----D---- C:\Program Files (x86)\Windows Live SkyDrive 2009-06-23 12:36:29 ----D---- C:\Program Files (x86)\Windows Live 2009-06-23 12:36:13 ----D---- C:\Windows\PCHEALTH 2009-06-23 12:35:21 ----D---- C:\Program Files (x86)\Common Files\Windows Live 2009-06-23 12:33:53 ----D---- C:\Users\DarwizardX\AppData\Roaming\Mozilla 2009-06-23 12:33:48 ----D---- C:\Program Files (x86)\Mozilla Firefox 2009-06-23 12:32:34 ----D---- C:\Program Files (x86)\WinRAR 2009-06-23 11:41:14 ----A---- C:\Windows\system32\netfxperf.dll 2009-06-23 11:37:29 ----A---- C:\Windows\system32\MSVCR71.dll 2009-06-23 11:37:29 ----A---- C:\Windows\system32\MSVCP71.dll 2009-06-23 11:37:29 ----A---- C:\Windows\system32\MFC71.dll 2009-06-23 11:33:45 ----A---- C:\Windows\system32\kbd106n.dll 2009-06-23 11:33:09 ----A---- C:\Windows\system32\jsproxy.dll 2009-06-23 11:30:58 ----A---- C:\Windows\system32\rpcrt4.dll 2009-06-23 11:30:56 ----A---- C:\Windows\system32\localspl.dll 2009-06-23 11:30:41 ----D---- C:\ProgramData\WinZip 2009-06-23 11:26:53 ----D---- C:\ProgramData\Adobe 2009-06-23 11:26:50 ----D---- C:\Program Files (x86)\Common Files\Adobe 2009-06-23 11:26:50 ----D---- C:\Program Files (x86)\Adobe 2009-06-23 11:24:09 ----D---- C:\ProgramData\ASUS OC Profiles 2009-06-23 11:21:21 ----A---- C:\Windows\system32\MSVCRTD.DLL 2009-06-23 11:21:21 ----A---- C:\Windows\system32\mfc42d.dll 2009-06-23 11:20:14 ----A---- C:\Windows\Language_trs.ini 2009-06-23 11:17:19 ----HD---- C:\ASUS.000 2009-06-23 11:17:08 ----HD---- C:\ASUS.SYS 2009-06-23 11:16:47 ----D---- C:\Program Files (x86)\Downloaded Installations 2009-06-23 11:14:38 ----RA---- C:\Windows\system32\AsIO.dll 2009-06-23 11:14:38 ----D---- C:\Program Files (x86)\ASUS 2009-06-23 11:13:45 ----A---- C:\Windows\system32\wups.dll 2009-06-23 11:13:45 ----A---- C:\Windows\system32\wudriver.dll 2009-06-23 11:13:45 ----A---- C:\Windows\system32\wuapi.dll 2009-06-23 11:13:39 ----A---- C:\Windows\system32\wuwebv.dll 2009-06-23 11:13:39 ----A---- C:\Windows\system32\wuapp.exe 2009-06-23 11:10:43 ----D---- C:\Windows\system32\Atheros_L1e 2009-06-23 11:04:15 ----D---- C:\Program Files (x86)\AMD 2009-06-23 11:04:14 ----D---- C:\Program Files (x86)\ATI Technologies 2009-06-23 11:00:08 ----D---- C:\Windows\ASUSInstAll 2009-06-23 10:57:22 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2009-06-23 10:56:55 ----D---- C:\Program Files (x86)\VIA 2009-06-23 10:56:54 ----N---- C:\Windows\difxapi.dll 2009-06-23 10:56:43 ----D---- C:\Program Files (x86)\Common Files\InstallShield 2009-06-23 10:56:41 ----SHD---- C:\Windows\Installer 2009-06-23 10:56:12 ----A---- C:\Windows\Ascd_log.ini 2009-06-23 10:55:37 ----A---- C:\Windows\Ascd_tmp.ini 2009-06-23 10:54:01 ----D---- C:\Users\DarwizardX\AppData\Roaming\Identities 2009-06-23 10:53:45 ----SD---- C:\Users\DarwizardX\AppData\Roaming\Microsoft 2009-06-23 10:53:45 ----D---- C:\Users\DarwizardX\AppData\Roaming\Media Center Programs 2009-06-23 10:51:54 ----SHD---- C:\ProgramData\Modèles 2009-06-23 10:51:54 ----SHD---- C:\ProgramData\Menu Démarrer 2009-06-23 10:51:54 ----SHD---- C:\ProgramData\Favoris 2009-06-23 10:51:54 ----SHD---- C:\ProgramData\Bureau 2009-06-23 10:51:26 ----D---- C:\Windows\Debug 2009-06-23 10:46:52 ----D---- C:\Windows\SoftwareDistribution 2009-06-23 10:42:20 ----D---- C:\Windows\Prefetch 2009-06-23 10:42:06 ----SHD---- C:\System Volume Information 2009-06-23 05:41:23 ----D---- C:\Windows\Panther 2009-06-23 05:41:10 ----RAS---- C:\BOOTSECT.BAK 2009-06-23 05:41:09 ----SHD---- C:\Boot ======List of files/folders modified in the last 3 months====== 2009-08-25 18:22:03 ----D---- C:\Windows\Temp 2009-08-24 22:22:56 ----RD---- C:\Program Files (x86) 2009-08-22 14:13:23 ----D---- C:\Windows 2009-08-21 21:09:32 ----D---- C:\Windows\system32\drivers 2009-08-21 21:09:31 ----HD---- C:\ProgramData 2009-08-19 19:08:11 ----D---- C:\Windows\Logs 2009-08-17 22:23:15 ----D---- C:\Windows\SysWOW64 2009-08-12 22:01:18 ----D---- C:\Windows\LiveKernelReports 2009-08-12 18:26:17 ----D---- C:\Windows\System32 2009-08-12 14:11:55 ----D---- C:\Windows\winsxs 2009-08-12 14:11:18 ----D---- C:\Program Files (x86)\Windows Media Player 2009-08-09 19:52:49 ----SD---- C:\ProgramData\Microsoft 2009-07-26 22:40:09 ----D---- C:\Windows\inf 2009-07-22 19:07:16 ----SD---- C:\Windows\Downloaded Program Files 2009-07-16 11:13:04 ----D---- C:\Program Files (x86)\Internet Explorer 2009-07-15 15:10:37 ----D---- C:\Program Files (x86)\Windows Mail 2009-07-03 14:47:00 ----D---- C:\Windows\twain_32 2009-07-03 13:24:00 ----SHD---- C:\$Recycle.Bin 2009-07-03 13:23:19 ----RD---- C:\Users 2009-07-02 14:35:20 ----D---- C:\Windows\rescache 2009-07-02 14:10:09 ----D---- C:\Windows\system32\migration 2009-07-02 14:10:09 ----D---- C:\Windows\system32\fr-FR 2009-07-02 13:51:44 ----RD---- C:\Program Files 2009-06-30 15:57:39 ----RSD---- C:\Windows\assembly 2009-06-30 15:57:28 ----D---- C:\Program Files (x86)\Common Files\microsoft shared 2009-06-28 12:46:49 ----D---- C:\Windows\Microsoft.NET 2009-06-28 12:34:26 ----D---- C:\Windows\servicing 2009-06-28 12:34:26 ----D---- C:\Windows\ehome 2009-06-28 12:34:26 ----D---- C:\Program Files (x86)\Windows Sidebar 2009-06-28 12:34:26 ----D---- C:\Program Files (x86)\Windows Photo Gallery 2009-06-28 12:34:26 ----D---- C:\Program Files (x86)\Windows Calendar 2009-06-28 12:34:26 ----D---- C:\Program Files (x86)\Common Files\System 2009-06-28 12:34:19 ----D---- C:\Windows\system32\XPSViewer 2009-06-28 12:34:19 ----D---- C:\Windows\system32\sk-SK 2009-06-28 12:34:19 ----D---- C:\Windows\system32\oobe 2009-06-28 12:34:19 ----D---- C:\Windows\system32\lv-LV 2009-06-28 12:34:19 ----D---- C:\Windows\system32\ko-KR 2009-06-28 12:34:19 ----D---- C:\Windows\system32\it-IT 2009-06-28 12:34:19 ----D---- C:\Windows\system32\hr-HR 2009-06-28 12:34:19 ----D---- C:\Windows\system32\fr 2009-06-28 12:34:19 ----D---- C:\Windows\system32\et-EE 2009-06-28 12:34:19 ----D---- C:\Windows\system32\en-US 2009-06-28 12:34:19 ----D---- C:\Windows\system32\el-GR 2009-06-28 12:34:19 ----D---- C:\Windows\system32\de-DE 2009-06-28 12:34:19 ----D---- C:\Windows\system32\da-DK 2009-06-28 12:34:18 ----D---- C:\Windows\system32\ru-RU 2009-06-28 12:34:18 ----D---- C:\Windows\system32\AdvancedInstallers 2009-06-28 12:34:15 ----D---- C:\Windows\system32\sv-SE 2009-06-28 12:34:15 ----D---- C:\Windows\system32\SLUI 2009-06-28 12:34:15 ----D---- C:\Windows\system32\setup 2009-06-28 12:34:15 ----D---- C:\Windows\system32\pt-PT 2009-06-28 12:34:15 ----D---- C:\Windows\system32\hu-HU 2009-06-28 12:34:15 ----D---- C:\Windows\system32\he-IL 2009-06-28 12:34:15 ----D---- C:\Windows\system32\fi-FI 2009-06-28 12:34:15 ----D---- C:\Windows\system32\cs-CZ 2009-06-28 12:34:14 ----D---- C:\Windows\system32\zh-TW 2009-06-28 12:34:14 ----D---- C:\Windows\system32\zh-CN 2009-06-28 12:34:14 ----D---- C:\Windows\system32\wbem 2009-06-28 12:34:14 ----D---- C:\Windows\system32\uk-UA 2009-06-28 12:34:14 ----D---- C:\Windows\system32\tr-TR 2009-06-28 12:34:14 ----D---- C:\Windows\system32\th-TH 2009-06-28 12:34:14 ----D---- C:\Windows\system32\sr-Latn-CS 2009-06-28 12:34:14 ----D---- C:\Windows\system32\sl-SI 2009-06-28 12:34:14 ----D---- C:\Windows\system32\ro-RO 2009-06-28 12:34:14 ----D---- C:\Windows\system32\pl-PL 2009-06-28 12:34:14 ----D---- C:\Windows\system32\nl-NL 2009-06-28 12:34:14 ----D---- C:\Windows\system32\nb-NO 2009-06-28 12:34:14 ----D---- C:\Windows\system32\manifeststore 2009-06-28 12:34:14 ----D---- C:\Windows\system32\lt-LT 2009-06-28 12:34:14 ----D---- C:\Windows\system32\ja-JP 2009-06-28 12:34:14 ----D---- C:\Windows\system32\es-ES 2009-06-28 12:34:14 ----D---- C:\Windows\system32\bg-BG 2009-06-28 12:34:14 ----D---- C:\Windows\system32\ar-SA 2009-06-28 12:34:13 ----D---- C:\Windows\system32\pt-BR 2009-06-28 12:34:13 ----D---- C:\Windows\system32\migwiz 2009-06-28 12:34:06 ----D---- C:\Windows\IME 2009-06-28 12:33:50 ----RSD---- C:\Windows\Fonts 2009-06-28 12:33:50 ----D---- C:\Windows\AppPatch 2009-06-27 08:23:21 ----D---- C:\Windows\PolicyDefinitions 2009-06-26 18:41:43 ----A---- C:\Windows\win.ini 2009-06-26 17:24:55 ----D---- C:\Program Files (x86)\Common Files 2009-06-24 10:15:33 ----D---- C:\Windows\ShellNew ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2007-12-17 14392] R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [] R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [] R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [] R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [] R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [] R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\Windows\system32\drivers\AtiHdmi.sys [] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [] R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys [] R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E60x64.sys [] R3 L8042Kbd;SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [] R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [] R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [] R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [] R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [] R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [] S2 X4HSX32;X4HSX32; \??\C:\Program Files (x86)\GameTap Web Player\bin\Release\X4HSX32.Sys [] S3 cpuz132;cpuz132; \??\C:\Windows\system32\drivers\cpuz132_x64.sys [] S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [] S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [] S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [] S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [] S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe [2008-08-15 86016] R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-08-17 18752] R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-08-17 138680] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-20 21504] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-20 21504] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-08-09 66872] R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-08-17 352920] S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-03-29 89920] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-20 19968] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2007-11-06 92792] S4 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-08-17 254040] -----------------EOF----------------- et voici le info O_O son gros les les texte info.txt logfile of random's system information tool 1.06 2009-08-25 18:22:33 ======Uninstall list====== Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe Adobe Reader 8.1.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81100000003} AI Suite-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{310BC5E2-31AF-49BB-904D-E71EB93645DC}\Setup.exe" -l0x40c Archiveur WinRAR-->C:\Program Files (x86)\WinRAR\uninstall.exe Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} ASUSUpdate-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\setup.exe" -l0xc0c Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x040c -removeonly Atheros Ethernet Utility-->"C:\Program Files (x86)\InstallShield Installation Information\{FB686487-C637-4EEF-BCB1-C92463F2CC05}\setup.exe" -runfromtemp -l0x040c -removeonly avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup Bounty Bay Online-->"C:\Program Files (x86)\Bounty Bay Online\unins000.exe" Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C} CDDRV_Installer-->MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA} Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} Crysis®-->MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4} EA Download Manager-->C:\Program Files (x86)\Electronic Arts\EADM\Uninstall.exe EPU-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9C2AC00C-0C06-4B7E-97A4-A833808D54D6}\setup.exe" -l0x40c Express Gate-->MsiExec.exe /X{A0494B41-EBD7-4C0D-91B7-DC39741B27BB} Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF} HijackThis 2.0.2-->"C:\Users\DarwizardX\Desktop\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {08155812-0202-4D5F-A7FF-12A2782DC548} /qb+ REBOOTPROMPT="" HP Print Diagnostic Utility-->MsiExec.exe /I{F6C050A4-0EC4-44FE-A3B6-71978ED31418} HydraVision-->MsiExec.exe /X{13A63CE1-102E-0F29-1461-BD793DCB0766} Installation Windows Live-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D} Java 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF} Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3} jv16 PowerTools 1.3-->"C:\Program Files (x86)\jv16 PowerTools\unins000.exe" Les Sims™ 3-->"C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -runfromtemp -l0x040c -removeonly LimeWire 5.2.13-->"C:\Program Files (x86)\LimeWire\uninstall.exe" Logitech SetPoint-->C:\Program Files (x86)\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe -runfromtemp -l0x040c -removeonly Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-040C-1000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE} Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13} Mozilla Firefox (3.5.2)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} PC Probe II-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}\setup.exe" -l0x40c Project64 1.6-->MsiExec.exe /X{9559F7CA-5E34-4237-A2D9-D856464AD727} PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68} Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08} Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73} Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780} Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D} Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C} Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050} Spybot - Search & Destroy-->"C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe" StarCraft-->C:\Program Files (x86)\Common Files\Blizzard Entertainment\StarCraft\Uninstall.exe TeamSpeak 2 RC2-->"C:\Program Files (x86)\Teamspeak2_RC2\unins000.exe" Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Version d'évaluation de Microsoft Office Home and Student 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL VIA Le gestionnaire du dispositif de plate-forme-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169} VLC media player 0.9.9-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe Warcraft III-->C:\Windows\War3Unin.exe C:\Windows\War3Unin.dat Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52} Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657} Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C} Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E} WinPcap 4.0.2-->C:\Program Files (x86)\WinPcap\uninstall.exe World of Warcraft-->C:\Program Files (x86)\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== AS: Spybot - Search and Destroy (disabled) (outdated) AS: Windows Defender ======System event log====== Computer Name: PC-de-Darwizard Event Code: 15016 Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur. Record Number: 498 Source Name: Microsoft-Windows-HttpEvent Time Written: 20090623145127.826086-000 Event Type: Erreur User: Computer Name: 26L2233B3-02 Event Code: 134 Message: NtpClient n'a pas pu définir d'homologue manuel à utiliser comme source de temps en raison d'une erreur de résolution DNS sur " time.windows.com,0x9 ". NtpClient réessaiera dans 15 minutes, et à nouveau une fois le double de l'intervalle de nouvelle tentative écoulé. L'erreur était : Hôte inconnu. (0x80072AF9) Record Number: 16 Source Name: Microsoft-Windows-Time-Service Time Written: 20090623144447.000000-000 Event Type: Avertissement User: Computer Name: 26L2233B3-02 Event Code: 134 Message: NtpClient n'a pas pu définir d'homologue manuel à utiliser comme source de temps en raison d'une erreur de résolution DNS sur " time.windows.com,0x9 ". NtpClient réessaiera dans 15 minutes, et à nouveau une fois le double de l'intervalle de nouvelle tentative écoulé. L'erreur était : Hôte inconnu. (0x80072AF9) Record Number: 15 Source Name: Microsoft-Windows-Time-Service Time Written: 20090623144447.000000-000 Event Type: Avertissement User: Computer Name: 26L2233B3-02 Event Code: 15016 Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur. Record Number: 14 Source Name: Microsoft-Windows-HttpEvent Time Written: 20090623144442.751523-000 Event Type: Erreur User: Computer Name: 26L2233B3-02 Event Code: 263 Message: Le service ‘ShellHWDetection’ n'a peut-être pas annulé son inscription aux notifications d’événements de périphériques avant d’être arrêté. Record Number: 13 Source Name: PlugPlayManager Time Written: 20090623144442.000000-000 Event Type: Avertissement User: =====Application event log===== Computer Name: PC-de-Darwizard Event Code: 63 Message: Le fournisseur WmiPerfClass a été inscrit dans l’espace de noms Windows Management Instrumentation root\cimv2, afin d’utiliser le compte LocalSystem. Ce compte bénéficie de privilèges et le fournisseur peut provoquer une violation de sécurité s’il ne représente pas correctement les demandes utilisateur. Record Number: 55 Source Name: Microsoft-Windows-WMI Time Written: 20090623145534.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-Darwizard Event Code: 63 Message: Le fournisseur WmiPerfClass a été inscrit dans l’espace de noms Windows Management Instrumentation root\cimv2, afin d’utiliser le compte LocalSystem. Ce compte bénéficie de privilèges et le fournisseur peut provoquer une violation de sécurité s’il ne représente pas correctement les demandes utilisateur. Record Number: 54 Source Name: Microsoft-Windows-WMI Time Written: 20090623145534.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-Darwizard Event Code: 10 Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. Record Number: 29 Source Name: Microsoft-Windows-WMI Time Written: 20090623145141.000000-000 Event Type: Erreur User: Computer Name: PC-de-Darwizard Event Code: 1008 Message: Le service Windows Search tente de supprimer l’ancien catalogue. Record Number: 25 Source Name: Microsoft-Windows-Search Time Written: 20090623145136.000000-000 Event Type: Avertissement User: Computer Name: 26L2233B3-02 Event Code: 1036 Message: Échec de InitializePrintProvider pour le fournisseur inetpp.dll. Cela peut se produire à la suite d’une instabilité du système ou d’une insuffisance des ressources système. Record Number: 13 Source Name: Microsoft-Windows-SpoolerSpoolss Time Written: 20090623144644.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM =====Security event log===== Computer Name: 26L2233B3-02 Event Code: 4648 Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites. Sujet : ID de sécurité : S-1-5-18 Nom du compte : 26L2233B3-02$ Domaine du compte : WORKGROUP ID d’ouverture de session : 0x3e7 GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Compte dont les informations d’identification ont été utilisées : Nom du compte : SYSTEM Domaine du compte : AUTORITE NT GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Serveur cible : Nom du serveur cible : localhost Informations supplémentaires : localhost Informations sur le processus : ID du processus : 0x224 Nom du processus : C:\Windows\System32\services.exe Informations sur le réseau : Adresse du réseau : - Port : - Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS. Record Number: 5 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090623144359.320845-000 Event Type: Succès de l'audit User: Computer Name: 26L2233B3-02 Event Code: 4902 Message: La table de stratégie d’audit par utilisateur a été créée. Nombre d’éléments : 0 ID de la stratégie : 0x88b6f Record Number: 4 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090623144352.004398-000 Event Type: Succès de l'audit User: Computer Name: 26L2233B3-02 Event Code: 4624 Message: L’ouverture de session d’un compte s’est correctement déroulée. Sujet : ID de sécurité : S-1-0-0 Nom du compte : - Domaine du compte : - ID d’ouverture de session : 0x0 Type d’ouverture de session : 0 Nouvelle ouverture de session : ID de sécurité : S-1-5-18 Nom du compte : SYSTEM Domaine du compte : AUTORITE NT ID d’ouverture de session : 0x3e7 GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Informations sur le processus : ID du processus : 0x4 Nom du processus : Informations sur le réseau : Nom de la station de travail : - Adresse du réseau source : - Port source : - Informations détaillées sur l’authentification : Processus d’ouverture de session : - Package d’authentification : - Services en transit : - Nom du package (NTLM uniquement) : - Longueur de la clé : 0 Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée. Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe. Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau). Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté. Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas. Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique. - Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC . - Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session. - Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM. - La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée. Record Number: 3 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090623144348.400775-000 Event Type: Succès de l'audit User: Computer Name: 26L2233B3-02 Event Code: 4608 Message: Windows démarre. Cet événement est journalisé lorsque LSASS.EXE démarre et que le sous-système d’audit est initialisé. Record Number: 2 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090623144348.400775-000 Event Type: Succès de l'audit User: Computer Name: 26L2233B3-02 Event Code: 4634 Message: Fermeture de session d’un compte. Sujet : ID de sécurité : S-1-5-7 Nom du compte : ANONYMOUS LOGON Domaine du compte : NT AUTHORITY ID du compte : 0x21410 Type d’ouverture de session : 3 Cet événement est généré lorsqu’une session ouverte est supprimée. Il peut être associé à un événement d’ouverture de session en utilisant la valeur ID d’ouverture de session. Les ID d’ouverture de session ne sont uniques qu’entre les redémarrages sur un même ordinateur. Record Number: 1 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20080121034608.538800-000 Event Type: Succès de l'audit User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\QuickTime\QTSystem\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=16 "PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 4 Stepping 2, AuthenticAMD "PROCESSOR_REVISION"=0402 "NUMBER_OF_PROCESSORS"=4 "TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\34FB5F65-FFEB-4B61-BF0E-A6A76C450FAA\TraceFormat "DFSTRACINGON"=FALSE "CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip -----------------EOF-----------------
  7. décidément on a pas trouvé le problème encore :S un autre soluce? sinon je vais formaté cava arrangé :'(
  8. messemble que cest ce que j'avais fait la premiere fois mais voila pour etre sur en admin Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:03:27, on 2009-08-24 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Normal Running processes: C:\Program Files\ASUS\EPU\EPU.exe C:\Program Files (x86)\ASUS\AASP\1.00.82\aaCenter.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\DarwizardX\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [HDAudDeck] "C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r O4 - HKLM\..\Run: [Cpu Level Up help] "C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\iEvony\Skype4COM.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing) O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files (x86)\WinPcap\rpcapd.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 7595 bytes
  9. rebonjour/bonsoir voici alors les résultat demandé Fichier userinit.exe reçu le 2009.08.23 18:15:43 (UTC) AntivirusVersionDernière mise à jourRésultata-squared4.5.0.242009.08.23-AhnLab-V35.0.0.22009.08.23-AntiVir7.9.1.32009.08.21-Antiy-AVL2.0.3.72009.08.21-Authentium5.1.2.42009.08.22-Avast4.8.1335.02009.08.23-AVG8.5.0.4062009.08.23-BitDefender7.22009.08.23-CAT-QuickHeal10.002009.08.22-ClamAV0.94.12009.08.23-Comodo20712009.08.23-DrWeb5.0.0.121822009.08.23-eSafe7.0.17.02009.08.23-eTrust-Vet31.6.66942009.08.21-F-Prot4.4.4.562009.08.22-F-Secure8.0.14470.02009.08.23-Fortinet3.120.0.02009.08.23-GData192009.08.23-IkarusT3.1.1.68.02009.08.23-Jiangmin11.0.8002009.08.23-K7AntiVirus7.10.8252009.08.22-Kaspersky7.0.0.1252009.08.23-McAfee57182009.08.23-McAfee+Artemis57182009.08.23-McAfee-GW-Edition6.8.52009.08.23-Microsoft1.49032009.08.23-NOD3243612009.08.23-Norman6.01.092009.08.21-nProtect2009.1.8.02009.08.23-Panda10.0.0.142009.08.23-PCTools4.4.2.02009.08.23-Prevx3.02009.08.23-Rising21.43.50.002009.08.22-Sophos4.44.02009.08.23-Sunbelt3.2.1858.22009.08.22-Symantec1.4.4.122009.08.23-TheHacker6.3.4.3.3862009.08.22-TrendMicro8.950.0.10942009.08.22-VBA323.12.10.92009.08.23-ViRobot2009.8.22.18972009.08.22-VirusBuster4.6.5.02009.08.23-Information additionnelleFile size: 25088 bytesMD5...: 0e135526e9785d085bcd9aede6fbcbf9SHA1..: d15244d41efddbab08d53fe032aedff39091d3afSHA256: 75eea7e5ae90d857b777361a0166f9a82e354f229fd5250af8738364e6fb45dbssdeep: 384:19KvuowvkKP3vaAf7MQHZa34SACInaPGvF6xUqYzuSSqm6qFWd3ymWfG:XwI<br>PPZAJxGt/q6sqw1n<br>PEiD..: -TrID..: File type identification<br>Win32 Executable MS Visual C++ (generic) (65.2%)<br>Win32 Executable Generic (14.7%)<br>Win32 Dynamic Link Library (generic) (13.1%)<br>Generic Win/DOS Executable (3.4%)<br>DOS Executable Generic (3.4%)PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x2ae5<br>timedatestamp.....: 0x47918d87 (Sat Jan 19 05:41:27 2008)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x4a2d 0x4c00 6.04 a21b68c5650468c1bc36f74b6c0ca26b<br>.data 0x6000 0x498 0x600 0.71 1c4544d585aae74667954f292fb15884<br>.rsrc 0x7000 0x780 0x800 4.04 9110c031f7af84bd01ee2d772a5521bd<br>.reloc 0x8000 0x3d0 0x400 6.50 2e13e6c4860701e4a4d0db6e88af4c7c<br><br>( 9 imports ) <br>> USER32.dll: GetSystemMetrics, SystemParametersInfoW, MessageBoxW, LoadStringW, LoadRemoteFonts, CreateWindowExW, ExitWindowsEx, GetKeyboardLayout, CharNextW, DefWindowProcW, RegisterClassExW, DestroyWindow<br>> ADVAPI32.dll: RegOpenKeyExA, RegQueryValueExA, RegQueryInfoKeyW, RegDeleteTreeW, OpenProcessToken, RegCreateKeyExW, RegSetValueExW, RegQueryValueExW, RegOpenKeyExW, RegCloseKey<br>> CRYPT32.dll: CryptProtectData<br>> ntdll.dll: RtlInitUnicodeString, NtOpenKey, NtClose, DbgPrint<br>> NETAPI32.dll: NetApiBufferFree, DsGetDcNameW<br>> WLDAP32.dll: -, -, -, -, -, -<br>> USERENV.dll: -<br>> KERNEL32.dll: GetStartupInfoA, SetUnhandledExceptionFilter, GetModuleHandleA, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, UnhandledExceptionFilter, InterlockedExchange, DelayLoadFailureHook, ExpandEnvironmentStringsA, LoadLibraryA, InterlockedCompareExchange, HeapSetInformation, GetCurrentThread, SetThreadPriority, CreateThread, SetCurrentDirectoryW, FormatMessageW, GetCurrentProcess, GetFileAttributesExW, GetSystemDirectoryW, SetLastError, ExpandEnvironmentStringsW, CreateProcessW, lstrlenW, GetVersionExW, LocalFree, LocalAlloc, GetEnvironmentVariableW, FreeLibrary, GetProcAddress, LoadLibraryW, CompareFileTime, SearchPathW, SetEnvironmentVariableW, GetLastError, CloseHandle, WaitForSingleObject, Sleep, OpenEventW, SetEvent, GetUserDefaultLangID<br>> msvcrt.dll: exit, _acmdln, _initterm, memmove, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, _ismbblead, [email protected]@YAXXZ, _except_handler4_common, _controlfp, _XcptFilter, _vsnwprintf, _exit, _cexit, __getmainargs, _wcsicmp, __set_app_type, memset, _amsg_exit<br><br>( 0 exports ) <br>PDFiD.: -RDS...: NSRL Reference Data Set<br>- var mostrarNegativos=1; var modoMuestra='tabla'; var is_ie/*@cc_on = { version : 1 }@*/; //pa cagarse, verdad... function comoTxt(separador) { var pre=document.getElementById("tabulado"); document.getElementsByTagName("body")[0].removeChild(pre); var salto='\n'; if (is_ie) salto='\r'; var tbl = opener.document.getElementById('tablaMotores'); var contenido=''; for (var i=0; i < tbl.rows.length; i++) { var row = tbl.rows; var linea=''; for (var j=0; j < row.cells.length; j++) { linea+=row.cells[j].innerHTML+separador; } linea=linea.substr(0,linea.length-1); if ( (row.cells[3].innerHTML == '-') && (mostrarNegativos==0) ) { continue; } contenido+=linea+salto; } contenido+=salto; // Tabla info var inftbl = opener.document.getElementById('tablaInformacion'); for (var i=0; i < inftbl.rows.length; i++) { var infrow = inftbl.rows; var info = infrow.cells[0].innerHTML; contenido+=info+salto; } var pre=document.createElement("pre"); pre.id = "tabulado"; var tnode=document.createTextNode(contenido); pre.appendChild(tnode); document.getElementsByTagName("body")[0].appendChild(pre); } function comoHTML() { var pre=document.getElementById("enhtml"); var salto='\n'; var tbl = opener.document.getElementById('tablaMotores'); var contenido=''; contenido+=''+infoMuestra()+''; for (var i=0; i < tbl.rows.length; i++) { var row = tbl.rows; var linea=''; for (var j=0; j < row.cells.length; j++) { if ( (j == 3) && (i > 0) && (row.cells[j].innerHTML != '-') ) { linea+=''+row.cells[j].innerHTML+''; } else { linea+=''+row.cells[j].innerHTML+''; } } linea=linea.substr(0,linea.length-1); if ( (row.cells[3].innerHTML == '-') && (mostrarNegativos==0) ) { continue; } contenido+=linea+''; } contenido+=' '; // Tabla info var inftbl = opener.document.getElementById('tablaInformacion'); for (var i=0; i < inftbl.rows.length; i++) { var infrow = inftbl.rows; var info = infrow.cells[0].innerHTML; contenido+=''+info+''; } pre.value=contenido+''; pre.focus(); pre.select(); } function comoTabla() { var mottbl = opener.document.getElementById('tablaMotores'); var inftbl = opener.document.getElementById('tablaInformacion'); var tbl = document.getElementById('tableado'); // Vaciamos la tabla for (var i=tbl.rows.length; i > 0 ; i--) tbl.deleteRow(0); // Tabla motores for (var i=0; i < mottbl.rows.length; i++) { var row = tbl.insertRow(tbl.rows.length); var motrow = mottbl.rows; for (var j=0; j < motrow.cells.length; j++) { var cell = row.insertCell(j); var contenido = motrow.cells[j].innerHTML; var textN = document.createTextNode(contenido); cell.appendChild(textN); if (j==2) cell.style.textAlign="center"; else if (j==3) { if ( (i!=0) && (contenido != '-') && (contenido != 'no ha encontrado virus') && (contenido != 'no virus found') && (contenido != 'No threat detected') && (contenido != 'Not analyzed yet')) { cell.style.color="red"; } } if ( (mostrarNegativos==0) && (j==3) && (i!=0) && (contenido == '-') ) { row.style.display='none'; } } } var row = tbl.insertRow(tbl.rows.length); var cell = row.insertCell(0); cell.colSpan=4; cell.appendChild(document.createTextNode('.')); cell.innerHTML=''; cell.height=10; // Tabla info for (var i=0; i < inftbl.rows.length; i++) { var row = tbl.insertRow(tbl.rows.length); var infrow = inftbl.rows; var cell = row.insertCell(0); cell.colSpan=4; var contenido = infrow.cells[0].innerHTML; cell.appendChild(document.createTextNode(contenido)); } } function redibuja(que) { document.getElementById('tabulado').style.display="none"; document.getElementById('tableado').style.display="none"; document.getElementById('enhtml').style.display="none"; if (que == 'tab') { document.getElementById('tabulado').style.display="block"; modoMuestra='tab'; comoTxt('\t'); } else if (que == 'punto') { document.getElementById('tabulado').style.display="block"; modoMuestra='punto'; comoTxt(';'); } else if (que == 'tabla') { document.getElementById('tableado').style.display="block"; modoMuestra='tabla'; comoTabla(); } else if (que == 'html') { document.getElementById('enhtml').style.display="block"; modoMuestra='html'; comoHTML(); } return false; } function cambiaVista() { if (mostrarNegativos) { mostrarNegativos=0; document.getElementById('botonpositivos').className='positivoOff'; } else { mostrarNegativos=1; document.getElementById('botonpositivos').className='positivoOn'; } redibuja(modoMuestra); return false; } function infoMuestra() { var estado=opener.document.getElementById('status').innerHTML; var upped=estado.toUpperCase(); var txt=estado.substr(0,upped.indexOf(' /g, ''); // tags return txt; } // Capturamos el nombre de la muestra y hora de envio document.getElementById('nombre').innerHTML=infoMuestra(); comoTabla(); redibuja(modoMuestra); Antivirus Version Dernière mise à jour Résultat a-squared 4.5.0.24 2009.08.23 - AhnLab-V3 5.0.0.2 2009.08.23 - AntiVir 7.9.1.3 2009.08.21 - Antiy-AVL 2.0.3.7 2009.08.21 - Authentium 5.1.2.4 2009.08.22 - Avast 4.8.1335.0 2009.08.23 - AVG 8.5.0.406 2009.08.23 - BitDefender 7.2 2009.08.23 - CAT-QuickHeal 10.00 2009.08.22 - ClamAV 0.94.1 2009.08.23 - Comodo 2071 2009.08.23 - DrWeb 5.0.0.12182 2009.08.23 - eSafe 7.0.17.0 2009.08.23 - eTrust-Vet 31.6.6694 2009.08.21 - F-Prot 4.4.4.56 2009.08.22 - F-Secure 8.0.14470.0 2009.08.23 - Fortinet 3.120.0.0 2009.08.23 - GData 19 2009.08.23 - Ikarus T3.1.1.68.0 2009.08.23 - Jiangmin 11.0.800 2009.08.23 - K7AntiVirus 7.10.825 2009.08.22 - Kaspersky 7.0.0.125 2009.08.23 - McAfee 5718 2009.08.23 - McAfee+Artemis 5718 2009.08.23 - McAfee-GW-Edition 6.8.5 2009.08.23 - Microsoft 1.4903 2009.08.23 - NOD32 4361 2009.08.23 - Norman 6.01.09 2009.08.21 - nProtect 2009.1.8.0 2009.08.23 - Panda 10.0.0.14 2009.08.23 - PCTools 4.4.2.0 2009.08.23 - Prevx 3.0 2009.08.23 - Rising 21.43.50.00 2009.08.22 - Sophos 4.44.0 2009.08.23 - Sunbelt 3.2.1858.2 2009.08.22 - Symantec 1.4.4.12 2009.08.23 - TheHacker 6.3.4.3.386 2009.08.22 - TrendMicro 8.950.0.1094 2009.08.22 - VBA32 3.12.10.9 2009.08.23 - ViRobot 2009.8.22.1897 2009.08.22 - VirusBuster 4.6.5.0 2009.08.23 - Information additionnelle File size: 25088 bytes MD5...: 0e135526e9785d085bcd9aede6fbcbf9 SHA1..: d15244d41efddbab08d53fe032aedff39091d3af SHA256: 75eea7e5ae90d857b777361a0166f9a82e354f229fd5250af8738364e6fb45db ssdeep: 384:19KvuowvkKP3vaAf7MQHZa34SACInaPGvF6xUqYzuSSqm6qFWd3ymWfG:XwI<br>PPZAJxGt/q6sqw1n<br> PEiD..: - TrID..: File type identification<br>Win32 Executable MS Visual C++ (generic) (65.2%)<br>Win32 Executable Generic (14.7%)<br>Win32 Dynamic Link Library (generic) (13.1%)<br>Generic Win/DOS Executable (3.4%)<br>DOS Executable Generic (3.4%) PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x2ae5<br>timedatestamp.....: 0x47918d87 (Sat Jan 19 05:41:27 2008)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x4a2d 0x4c00 6.04 a21b68c5650468c1bc36f74b6c0ca26b<br>.data 0x6000 0x498 0x600 0.71 1c4544d585aae74667954f292fb15884<br>.rsrc 0x7000 0x780 0x800 4.04 9110c031f7af84bd01ee2d772a5521bd<br>.reloc 0x8000 0x3d0 0x400 6.50 2e13e6c4860701e4a4d0db6e88af4c7c<br><br>( 9 imports ) <br>> USER32.dll: GetSystemMetrics, SystemParametersInfoW, MessageBoxW, LoadStringW, LoadRemoteFonts, CreateWindowExW, ExitWindowsEx, GetKeyboardLayout, CharNextW, DefWindowProcW, RegisterClassExW, DestroyWindow<br>> ADVAPI32.dll: RegOpenKeyExA, RegQueryValueExA, RegQueryInfoKeyW, RegDeleteTreeW, OpenProcessToken, RegCreateKeyExW, RegSetValueExW, RegQueryValueExW, RegOpenKeyExW, RegCloseKey<br>> CRYPT32.dll: CryptProtectData<br>> ntdll.dll: RtlInitUnicodeString, NtOpenKey, NtClose, DbgPrint<br>> NETAPI32.dll: NetApiBufferFree, DsGetDcNameW<br>> WLDAP32.dll: -, -, -, -, -, -<br>> USERENV.dll: -<br>> KERNEL32.dll: GetStartupInfoA, SetUnhandledExceptionFilter, GetModuleHandleA, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, UnhandledExceptionFilter, InterlockedExchange, DelayLoadFailureHook, ExpandEnvironmentStringsA, LoadLibraryA, InterlockedCompareExchange, HeapSetInformation, GetCurrentThread, SetThreadPriority, CreateThread, SetCurrentDirectoryW, FormatMessageW, GetCurrentProcess, GetFileAttributesExW, GetSystemDirectoryW, SetLastError, ExpandEnvironmentStringsW, CreateProcessW, lstrlenW, GetVersionExW, LocalFree, LocalAlloc, GetEnvironmentVariableW, FreeLibrary, GetProcAddress, LoadLibraryW, CompareFileTime, SearchPathW, SetEnvironmentVariableW, GetLastError, CloseHandle, WaitForSingleObject, Sleep, OpenEventW, SetEvent, GetUserDefaultLangID<br>> msvcrt.dll: exit, _acmdln, _initterm, memmove, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, _ismbblead, [email protected]@YAXXZ, _except_handler4_common, _controlfp, _XcptFilter, _vsnwprintf, _exit, _cexit, __getmainargs, _wcsicmp, __set_app_type, memset, _amsg_exit<br><br>( 0 exports ) <br> PDFiD.: - RDS...: NSRL Reference Data Set<br>-
  10. rebonsoir tous le monde malheureusement nous somme pas sur les même horaire alors on ce parle en décalé j'ai donc fait et mi les rapport sur lautre post comme je disait un fois la manip fait elle a rien trouvé alors :S alors si vous avez des idée pour pas laissez tous le travail a falkra plus on a de cerveau mieu je vais men tiré mais bon ce n'Est que un simple infection caché mais comme je dit je souhaite apprendre a tenir une machine propre p.s je suis sur le point effectué un défragmentation mais a mon avis ça n'aideras pas a mes plantage instantané quand j ouvre parfois firefox,autre,etc... mais j'essaye quand meme
  11. rebonsoir j'ai fait la manip expliqué mais j'ai trouve un gros ZÉRO rien trouvé sauf un fichier hijackthis.............. si tu a d'autre chose a proposé j'espère finir par trouvé la solution au problème voici mes 2 rapport que j'ai fait Malwarebytes' Anti-Malware 1.40 Version de la base de données: 2673 Windows 6.0.6002 Service Pack 2 2009-08-21 21:25:19 mbam-log-2009-08-21 (21-25-19).txt Type de recherche: Examen rapide Eléments examinés: 82709 Temps écoulé: 3 minute(s), 48 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 1 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) //////////////////////////////////////////////////////////////////////////////////////////////////////////////////// Malwarebytes' Anti-Malware 1.40 Version de la base de données: 2673 Windows 6.0.6002 Service Pack 2 2009-08-21 22:22:26 mbam-log-2009-08-21 (22-22-26).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 257367 Temps écoulé: 42 minute(s), 39 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)
  12. bonjour/bonsoir a tous de zebulon cela fait bien longtemps que je parcours zebulon pour bien des truc je voie que beaucoup d'entre vous son très compétant et j'ai appris beaucoup de chose ici en plus de 4 ans mais il me reste encore bien d'autre chose a apprendre qui est de gardé un système rapide,stable,sain qui est mon problème que je demande un grand aide aujourd'hui étant découragé de toujours arrivé au même résultat formaté premierement je tien a precisé que je n'utilise que firefox dans ca version la plus a jour et n'utilise pas internet explorer anssi que toute les composante de mon ordinateur son recente avec tous les pilotes a jour alors voici le lien de mon hijackthis avant même que on me le demande :: http://forum.zebulon.fr/raport-analyse-hij...de-t166802.html comme je disait plus haut je suis écœuré,découragé de toujours avoir a terminé par formaté problème exposé :: depuis quelque temps et cela fini toujours pareil mon ordinateur deviens lente pour démarré,navigué et même le loading principale de world of warcraft en est quadriplé j'Ai bien beau effecteur mes test ((avast,spy bot,ad aware)) tous les semaines je n'arrive pas a gardé mon system correct plus de 1-3 mois par la suite bug,plantage,lenteur surtout en navigation sur internet sur n'importe quoi la souris bloque clavier intouchable si il y a un sons qui joue il se repette au 1 seconde et mintenant cela commence a le faire de plus en plus sur l'os tous cour alors j'aimerais avoir des conseil serieux pour pouvoir rétablir mon systeme a son origine et le mintenir ansi sans avoir recour au formatage J'espere na pas avoir ecrit c'est quelque ligne pour rien et avoir un soutien volontaire p.s ma configuration hardware est dans ma signature et a jour
  13. alors voicie mon analyse hijack this suite au post ::http://forum.zebulon.fr/j-ai-vraiment-besoin-d-aide-t166803.html Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:03:43, on 2009-08-20 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Normal Running processes: C:\Program Files\ASUS\EPU\EPU.exe C:\Program Files (x86)\ASUS\AASP\1.00.82\aaCenter.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\DarwizardX\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [HDAudDeck] "C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r O4 - HKLM\..\Run: [Cpu Level Up help] "C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\iEvony\Skype4COM.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing) O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files (x86)\WinPcap\rpcapd.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 7582 bytes
  14. bon jai redirigé mon flux d'air c'étais tous a l'envers ma fan lateral sortais l'Air et arrière rentrais jai donc inverser au repos j'Ai noté un différence la mémoire se tien plus froide de 4Celcius et le cpu se tien dans les allentour de 44 mais fini par monté a 50 au bout de 1-2 heur de jeux donc je trouve ceci encore trop haut jaimerais aumoin atteindre les 38-40 celcius au repos et 45 ingame sinon le tmg A1 ne serrais t'il pas assé puissant??? j'Ai remarqué un grand défaut de ma carte mère qui est la braquette qui rentien le ventirad nest pas dans le bon sens si ce ne serais pas de ca je pourrais rentré un zalman 9700 mais pour le moment le ventirad pointerais vers le bas et pourquoi tous le monde ca pointe de droit/gauche tendis que moi haut/bas je désire éventuellement faire un o/c par plaisir d'apprendre dans cette section suije limité par ceci ou vous avez des option a me donné quel température serais bonne pour mi aventuré et a combien mon amd phenom ii 815 2,66ghz peu suporté????
  15. voila testé en jeux et cest caca j'atteind les 53 celcius tendit que l'origine montais pas en haut de 50 pour temp jai lit un overview sur se ventirad la et il avais vraiment une difference notable de 8 degres sur un 2,6ghz comme moi mais je crois le mien fait defaut quoi mon premier but etant de metre un zalman mais je manque d'Espace :'(:'( je vais essayer de voir ceque je peut faire avec mon vendeur demain amoin que qulqun puisse m'aider ici
×
×
  • Créer...