Biessaten

C'est fait, merci à vous

Ok je desinstallerais avast et juste windows defenser suffit ? Il est sur le pc là et je l'avais activé vu que avast ne marchait plus. 1) http://www.cjoint.com/data/0BjpqSu8fiq.htm 2) http://cjoint.com/?0Bjr6RzD5Jg 3) Je ne pouvais pas réinitialiser vu que je n'avais pas accès à Chrome. J'ai désinstallé puis réinstaller, ça fonctionne. 4) Java à jour 5) http://cjoint.com/?0Bjr7hB9hTQ

Bonjour, Mon père a installé depuis quelques jours des logiciels de conversation vocale. Il m'a dit qu'il avait installé notamment Google Talk et que ca avait installé "autre chose" mais qu'il avait tout supprimé. A partir de là, après l'ecran de connexion a une session au demarrage de Windows, j'avais un écran noir, seulement accès au gestionnaire des taches. J'ai eut acces aux options de reparation au demarrage. La reparation n'a rien donné mais j'ai pu restaurer le pc a une version du 03/02 par là. Le problème d'écran noir est réglé mais le pc etait tres lent. J'ai enlevé les logiciels de pub avec adwcleaner et le probleme de lenteur a l'air resolu. Par contre, je ne peux pas reactiver avast. Lorsque je veux l'activer, j'ai la fenetre de confirmation j'accepte mais rien ne se passe. Je ne peux pas non plus ouvrir Chrome par la barre de tache ou directement en allant dans son dossier d'installation. Voici le rapport ZHDiag: http://cjoint.com/?0BjnWRBAMEs

Rapport de ZHPFix 1.12.3280 par Nicolas Coolman, Update du 02/05/2011 Fichier d'export Registre : Run by Salignac at 06/05/2011 22:25:16 Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002) Web site : ZHPFix Fix de rapport ========== Clé(s) du Registre ========== O42 - Logiciel: PokerStars.fr - (.PokerStars.fr.) [HKLM] -- PokerStars.fr => Désinstallation logicielle annulée par l'utilisateur ou désinstallation partielle! HKCU\Software\SweetIM => Clé supprimée avec succès HKLM\Software\SweetIM => Clé supprimée avec succès HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask.com Search Assistant => Clé supprimée avec succès HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{eee6c35b-6118-11dc-9c72-001320c79847} => Clé supprimée avec succès HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{eee6c35b-6118-11dc-9c72-001320c79847} => Clé supprimée avec succès O23 - Service: (CLTNetCnService) - Clé orpheline => Clé supprimée avec succès HKCU\Software\Boonty => Clé supprimée avec succès ========== Valeur(s) du Registre ========== O47 - AAKE:Key Export SP - "D:\PPMate\ppmate.exe" [Enabled] .(.) -- D:\PPMate\ppmate.exe (.not file.) => Valeur supprimée avec succès O47 - AAKE:Key Export SP - "D:\PPMate\ppamnet.exe" [Enabled] .(.) -- D:\PPMate\ppamnet.exe (.not file.) => Valeur supprimée avec succès O52 - TDSD: \Drivers32\"msacm.l3codecp"="" . (.Pas de propriétaire - Pas de description.) -- (.not file.) => Valeur supprimée avec succès O52 - TDSD: \drivers.desc\"l3codecp.acm"="" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm => Valeur supprimée avec succès TCP Query User{5BD4E122-B3CC-4636-AAFC-F660C9D220B3}D:\ppmate\ppamnet.exe => Valeur supprimée avec succès UDP Query User{75858DAF-908A-43E4-9D84-F17A27736F7C}D:\ppmate\ppamnet.exe => Valeur supprimée avec succès TCP Query User{E66263DF-6D65-4AA3-A803-6A2DCB64D64C}D:\tvants\tvants.exe => Valeur supprimée avec succès UDP Query User{DE1BBFFD-C417-4E11-975E-D283303BCA6D}D:\tvants\tvants.exe => Valeur supprimée avec succès TCP Query User{CACBBCCA-122A-4301-905E-7243E2EBDFA9}D:\tvants\tvants.exe => Valeur supprimée avec succès UDP Query User{CD31D448-43AD-4D0C-8C0F-FC012B5132C8}D:\tvants\tvants.exe => Valeur supprimée avec succès TCP Query User{4736CEA9-A5BB-4ACC-8193-DA91F0C48192}D:\syllabik\mirc.exe => Valeur supprimée avec succès UDP Query User{D0915088-9404-431F-B05B-C6294C88585C}D:\syllabik\mirc.exe => Valeur supprimée avec succès {6618C7A0-716C-4F9D-9E1A-DAEFEB0507AE} => Valeur supprimée avec succès {38A9DC71-93D2-4C14-A1B4-A4367E3BAC98} => Valeur supprimée avec succès TCP Query User{0053435F-FC3B-492E-9C80-7B864D3454DA}D:\trackmania nations eswc\tmnationseswc.exe => Valeur supprimée avec succès UDP Query User{9005091B-73E9-4188-90A3-BD6AC910C2D8}D:\trackmania nations eswc\tmnationseswc.exe => Valeur supprimée avec succès TCP Query User{F31D6993-B773-4DAE-BCFA-2F7431B32C80}D:\trackmania nations eswc\tmnationseswc.exe => Valeur supprimée avec succès UDP Query User{368CE820-333C-4258-AAD1-8CD61BB397F1}D:\trackmania nations eswc\tmnationseswc.exe => Valeur supprimée avec succès TCP Query User{EBD48E44-49CB-4A05-8F80-5E1CF7D9CD63}D:\tvuplayer\tvuplayer.exe => Valeur supprimée avec succès UDP Query User{8499F95F-DD12-460C-9CF3-E644EB93D67F}D:\tvuplayer\tvuplayer.exe => Valeur supprimée avec succès TCP Query User{616DF52A-02F3-4750-B988-5811A41D22F6}C:\users\salignac\appdata\local\temp\rar$ex01.274\nexuiz\nexuiz.exe => Valeur supprimée avec succès UDP Query User{DE4E3233-1D10-42CD-BC34-9EFDEC1B546F}C:\users\salignac\appdata\local\temp\rar$ex01.274\nexuiz\nexuiz.exe => Valeur supprimée avec succès TCP Query User{7626BF8B-73A2-421B-99C4-18F1EAEAAFB8}D:\perfect battle online 1.0b\perfect battle online.exe => Valeur supprimée avec succès UDP Query User{51A6B07C-5E49-46E3-914D-5FD5DAE49437}D:\perfect battle online 1.0b\perfect battle online.exe => Valeur supprimée avec succès TCP Query User{7E7517B1-2741-4ABA-91CF-4841AB36EC58}D:\bsmaxscript[7.0]\mirc.exe => Valeur supprimée avec succès UDP Query User{2E296385-C7B8-4812-B4FE-DF39FA381F04}D:\bsmaxscript[7.0]\mirc.exe => Valeur supprimée avec succès TCP Query User{96F3CC36-B88C-4941-ACF9-BB5B9D58752F}D:\yu-gi-oh virtual battle 5\yvb5.exe => Valeur supprimée avec succès UDP Query User{05464C87-9051-45A3-957B-196F83E7B61F}D:\yu-gi-oh virtual battle 5\yvb5.exe => Valeur supprimée avec succès TCP Query User{B34B6204-664A-4959-96BB-C1B7D5376E12}D:\goa\gunbound\gunbound\gunbound.gme => Valeur supprimée avec succès UDP Query User{3E20CD24-FE44-4754-B669-A3C6FEE48412}D:\goa\gunbound\gunbound\gunbound.gme => Valeur supprimée avec succès {7A1AEBD4-119D-4382-B196-33FC9C35625C} => Valeur supprimée avec succès {48FBB0E5-9A32-4300-8189-797A3D0D1AE2} => Valeur supprimée avec succès TCP Query User{8BE8A501-8663-4EDB-B72C-79C646E9FB47}D:\goa\gunbound\gunbound\gunbound.gme => Valeur supprimée avec succès UDP Query User{3B178A1D-F3D4-48E8-A066-5611EABBD04E}D:\goa\gunbound\gunbound\gunbound.gme => Valeur supprimée avec succès TCP Query User{4C4BAB5E-5E4A-4281-B09D-E475BBB55EBC}D:\tvuplayer\tvuplayer.exe => Valeur supprimée avec succès UDP Query User{73765BB1-39CC-44EB-A7F9-9EB7B5E2B460}D:\tvuplayer\tvuplayer.exe => Valeur supprimée avec succès TCP Query User{4C5F2C7F-C68C-4DAF-9FB3-C16801535CCC}D:\kvirc\kvirc.exe => Valeur supprimée avec succès UDP Query User{D5CB628C-351B-4F6B-A4EF-F9EB761D2C4B}D:\kvirc\kvirc.exe => Valeur supprimée avec succès {7532A3F9-CBE2-46B5-85B6-DFDC82284DBD} => Valeur supprimée avec succès {26BD9C7C-09AD-41DD-8E61-61184FBAA339} => Valeur supprimée avec succès O4 - HKLM\..\Run: [tsnp2std] . (.SONIX - tsnp2std Microsoft.) -- C:\Windows\tsnp2std.exe => Valeur supprimée avec succès O4 - HKLM\..\Run: [snp2std] . (.Sonix - CameraMonitor Application.) -- C:\Windows\vsnp2std.exe => Valeur supprimée avec succès ========== Dossier(s) ========== C:\Users\Salignac\Appdata\Local\PokerStars.FR => Supprimé et mis en quarantaine ========== Fichier(s) ========== d:\ppmate\ppmate.exe => Fichier absent d:\ppmate\ppamnet.exe => Fichier absent c:\windows\system32\l3codecp.acm => Supprimé et mis en quarantaine c:\users\salignac\appdata\local\pokerstars.fr => Fichier absent c:\documents and settings\salignac\local settings\application data\pokerstars.fr => Fichier absent c:\windows\tsnp2std.exe => Supprimé et mis en quarantaine c:\windows\vsnp2std.exe => Supprimé et mis en quarantaine ========== Récapitulatif ========== 8 : Clé(s) du Registre 42 : Valeur(s) du Registre 1 : Dossier(s) 7 : Fichier(s) End of the scan

Cijoint.fr - Service gratuit de dépôt de fichiers

Le programme de protection des ressources Windows n'a trouvé aucune violation d'intégrité.

Le souci vient de ntkrnlpa.exe. Je ne sais pas quoi faire là...

Bonsoir, On m'a conseillé de venir ici pour résoudre mon problème d'écran bleu au démarrage qui arrive souvent. Obligé de redémarrer plusieurs fois pour que l'ordi s'allume normalement. près le redémarrage, windows m'indique qu'il a eut des soucis, voici le rapport: Signature du problème : Nom d’événement de problème: BlueScreen Version du système: 6.0.6002.2.2.0.768.2 Identificateur de paramètres régionaux: 1036 Informations supplémentaires sur le problème : BCCode: 1 BCP1: 82C20626 BCP2: 00000000 BCP3: 0000FFFE BCP4: 00000000 OS Version: 6_0_6002 Service Pack: 2_0 Product: 768_1 Fichiers aidant à décrire le problème : C:\Windows\Minidump\Mini033011-02.dmp C:\Users\Salignac\AppData\Local\Temp\WER-158060-0.sysdata.xml C:\Users\Salignac\AppData\Local\Temp\WER9368.tmp.version.txt Lire notre déclaration de confidentialité : Analyse des incidents Microsoft en ligne

Le problème d'écran bleu n'est pas résolu...

Je ne sais pas comment augmenter la mémoire. Je ne connaissais pas le dossier, je l'ai supprimé et j'ai aussi désinstaller PricePong. On m'a effectivement demandé de redémarrer le pc à la fin de la correction mais après au démarrage j'ai encore eut l'écran tout bleu. J'ai éteins le pc par le bouton et j'ai démarré sans souci cette fois. Voici le rapport OTL: All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}\ not found. File C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{5CBE3B7C-1E47-477E-A7DD-396DB0476E29} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\jswtrayutil deleted successfully. Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\chat-land.org\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{47e200e1-83eb-11db-9964-001921745b98}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47e200e1-83eb-11db-9964-001921745b98}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{47e200e1-83eb-11db-9964-001921745b98}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47e200e1-83eb-11db-9964-001921745b98}\ not found. File K:\USBAutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e8f9b1c9-87df-11de-8308-001921745b98}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e8f9b1c9-87df-11de-8308-001921745b98}\ not found. File K:\start.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e8f9b1c9-87df-11de-8308-001921745b98}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e8f9b1c9-87df-11de-8308-001921745b98}\ not found. File K:\start.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e8f9b1ce-87df-11de-8308-001921745b98}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e8f9b1ce-87df-11de-8308-001921745b98}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e8f9b1ce-87df-11de-8308-001921745b98}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e8f9b1ce-87df-11de-8308-001921745b98}\ not found. File K:\LaunchU3.exe -a not found. C:\Windows\PEV.exe moved successfully. C:\Windows\sed.exe moved successfully. C:\Windows\grep.exe moved successfully. C:\Windows\zip.exe moved successfully. ADS C:\ProgramData\TEMP:052A05A1 deleted successfully. ADS C:\Users\Salignac\Desktop\MOV00785.AVI:TOC.WMV deleted successfully. ADS C:\Users\Salignac\Desktop\MOV00777.AVI:TOC.WMV deleted successfully. ADS C:\Users\Salignac\Desktop\MOV00249.AVI:TOC.WMV deleted successfully. ADS C:\Users\Salignac\Desktop\MOV00245.AVI:TOC.WMV deleted successfully. ADS C:\Users\Salignac\Desktop\MOV00238.AVI:TOC.WMV deleted successfully. ADS C:\Users\Salignac\Desktop\MOV00233.AVI:TOC.WMV deleted successfully. ADS C:\ProgramData\TEMP:F67AAFC5 deleted successfully. ADS C:\ProgramData\TEMP:B12D1A7D deleted successfully. ADS C:\ProgramData\TEMP:4E6B8D68 deleted successfully. ADS C:\ProgramData\TEMP:6BD304B9 deleted successfully. ADS C:\ProgramData\TEMP:708BB0FA deleted successfully. ADS C:\ProgramData\TEMP:43E95997 deleted successfully. ADS C:\ProgramData\TEMP:BDF08FAF deleted successfully. ADS C:\ProgramData\TEMP:667565EE deleted successfully. ADS C:\ProgramData\TEMP:7AF9CAEB deleted successfully. ADS C:\ProgramData\TEMP:F50F1555 deleted successfully. ADS C:\ProgramData\TEMP:912389B7 deleted successfully. ADS C:\ProgramData\TEMP:52E1DB1D deleted successfully. ADS C:\ProgramData\TEMP:DF2EA4BB deleted successfully. ADS C:\ProgramData\TEMP:9FE30AB2 deleted successfully. ADS C:\ProgramData\TEMP:4E9307D7 deleted successfully. ADS C:\ProgramData\TEMP:A42A9F39 deleted successfully. ADS C:\ProgramData\TEMP:FF8F1AE3 deleted successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\PriceGong not found. ========== FILES ========== File\Folder C:\Program Files\PriceGong not found. C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully. C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully. C:\sqmdata00.sqm moved successfully. C:\sqmnoopt00.sqm moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: Salignac ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 525487377 bytes ->Java cache emptied: 1289516 bytes ->FireFox cache emptied: 76582440 bytes ->Google Chrome cache emptied: 17560586 bytes ->Flash cache emptied: 202516 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 60253179 bytes RecycleBin emptied: 10587125 bytes Total Files Cleaned = 660,00 mb [EMPTYFLASH] User: Administrator User: All Users User: Default User: Default User User: Public User: Salignac ->Flash cache emptied: 0 bytes Total Flash Files Cleaned = 0,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.22.3 log created on 04082011_185429 Files\Folders moved on Reboot... File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot. Registry entries deleted on Reboot...

OTL Extras logfile created on: 08/04/2011 12:19:24 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Salignac\Desktop Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19019) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 447,00 Mb Total Physical Memory | 153,00 Mb Available Physical Memory | 34,00% Memory free 1,00 Gb Paging File | 1,00 Gb Available in Paging File | 45,00% Paging File free Paging file location(s): ?:\pagefile.sys %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 71,28 Gb Total Space | 33,49 Gb Free Space | 46,98% Space Free | Partition Type: NTFS Drive D: | 70,94 Gb Total Space | 42,99 Gb Free Space | 60,60% Space Free | Partition Type: NTFS Drive M: | 1,91 Gb Total Space | 0,33 Gb Free Space | 17,37% Space Free | Partition Type: FAT32 Computer Name: PC-DE-SALIGNAC | User Name: Salignac | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 0 "InternetSettingsDisableNotify" = 0 "AutoUpdateDisableNotify" = 0 "FirewallDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe" = C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu "C:\Acer\Empowering Technology\eDataSecurity\encryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption "C:\Acer\Empowering Technology\eDataSecurity\decryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption "D:\PPMate\ppmate.exe" = D:\PPMate\ppmate.exe:*:Enabled:PPMate "D:\PPMate\ppamnet.exe" = D:\PPMate\ppamnet.exe:*:Enabled:PPMate ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{15D99BAF-90B9-49A2-B199-428553FB0600}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{197E5175-BE5E-43A8-A0AC-304ACCA67757}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{1B026C55-7AE8-40EF-8D73-89B76A8D581D}" = lport=2869 | protocol=6 | dir=in | app=system | "{1C7464E4-7D22-46F0-855F-0C55764F16F1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{1F182B0F-243E-4870-8E5D-476110E87F64}" = lport=2869 | protocol=6 | dir=in | app=system | "{3B1ED88C-657E-437B-9156-82E40810BA06}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{614BA8BF-AD3D-420B-9A54-9B1885D7CEEC}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp | "{6D00FA1E-E68D-4035-90BC-F83F2C385B21}" = lport=6990 | protocol=17 | dir=in | name=league of legends launcher | "{75027846-ED37-4543-A5B5-6FDB750393CB}" = lport=2869 | protocol=6 | dir=in | app=system | "{8ACD1F42-144B-46CC-AF1A-B8F8F2319AAD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{8E321268-5E48-42EE-8D85-7373DD555A04}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{8FF327CE-5386-4ADE-AD93-06B811E5D26E}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp | "{93E1099B-FA71-46AB-8246-8ADAA9ED64F2}" = lport=6990 | protocol=6 | dir=in | name=league of legends launcher | "{AD430890-D7A7-4D5B-8E56-9AD2D5A89F18}" = lport=2869 | protocol=6 | dir=in | app=system | "{B66E6801-00BE-400D-8D6E-16915904B346}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher | "{BE5FD5DF-2F65-4F06-8D6B-DCA8603CD5DA}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0BDF670F-4AE3-4D36-9413-98AEA69C78AA}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{152308B8-FCEF-48C5-9CBC-BEB919503CC2}" = protocol=17 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{15A2D556-4554-4C5C-9551-686A21EC8EE8}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe | "{18C5A4A2-74B0-4780-ADFB-F53C93D5B28F}" = protocol=6 | dir=in | app=c:\program files\sports interactive\football manager 2009\fm.exe | "{1C1047D2-8CE6-45B4-B47F-0F0319958657}" = protocol=6 | dir=in | app=d:\yahoo!\messenger\yahoomessenger.exe | "{1EC27BEE-258C-48E8-B3FE-2E0DAA5637C0}" = protocol=17 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe | "{1FD7B26F-31B0-49E6-8611-C3DF783DBC99}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{2030CDB3-E7A6-4BEA-B7A0-9AA5AD631814}" = protocol=6 | dir=in | app=c:\acer\empowering technology\emode\pcm\pcmservice.exe | "{21BEA6E3-41C0-4465-9FE1-9DFF52FB4938}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe | "{26BD9C7C-09AD-41DD-8E61-61184FBAA339}" = protocol=17 | dir=in | app=c:\users\salignac\desktop\sweetimsetup.exe | "{27674EA0-FE08-4965-B8DB-58882479F43E}" = protocol=17 | dir=in | app=d:\adsltv\adsltv.exe | "{2A5AF146-7F75-4668-BC5F-484CA3B3AB6B}" = dir=in | app=c:\program files\msn messenger\livecall.exe | "{2D47F8EB-E4B5-4DF4-B82C-ED2DADCA4FB7}" = protocol=6 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{38A9DC71-93D2-4C14-A1B4-A4367E3BAC98}" = protocol=17 | dir=in | app=d:\football manager 2008\fm.exe | "{39949F9C-A852-426D-97E5-41092B7E92DD}" = protocol=17 | dir=in | app=d:\yahoo!\messenger\yahoomessenger.exe | "{3BA3277C-EB6A-45A2-AAEC-74819E44BDCD}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe | "{41659434-2739-4E20-8829-21C371CF8CF9}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{43C9D8FB-2A59-4DA9-8336-1A835F1D8373}" = protocol=6 | dir=in | app=d:\league of legends\air\lolclient.exe | "{516EC8D1-3499-450F-9938-FEB56AA0C231}" = dir=in | app=c:\program files\msn messenger\livecall.exe | "{578FD4BD-EA6A-4C59-A426-10EAF665DB9E}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{58850717-2ABA-4A44-A949-72F37374B836}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{6618C7A0-716C-4F9D-9E1A-DAEFEB0507AE}" = protocol=6 | dir=in | app=d:\football manager 2008\fm.exe | "{6A75778E-A8B9-408A-9297-EFA9DC0AC368}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{6D0B52F2-56D2-4604-A7F5-8E6C545ECE13}" = protocol=17 | dir=in | app=d:\league of legends\air\lolclient.exe | "{731C494A-EF0F-44A3-A73F-F56686C26880}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{7532A3F9-CBE2-46B5-85B6-DFDC82284DBD}" = protocol=6 | dir=in | app=c:\users\salignac\desktop\sweetimsetup.exe | "{8FBC33AA-18DD-4006-83C4-041FC34C4818}" = protocol=6 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe | "{9459CCBC-51C8-415B-B7A7-59141B0934B9}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{94C62AAB-DA5C-43FB-8337-CE81EBBE7B0F}" = protocol=6 | dir=in | app=d:\adsltv\adsltv.exe | "{990AA129-5B49-4D0A-B1A6-43BE98ED1AAD}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | "{9C2CC974-4634-433B-918B-638A0138D2A1}" = protocol=17 | dir=in | app=d:\adsltv\vlc\vlc.exe | "{A1AB562D-DEFC-4ADB-88B6-A2F2748CB25F}" = protocol=6 | dir=in | app=d:\league of legends\game\league of legends.exe | "{A36B4161-BBCD-4513-926B-2440C7FD7404}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{A6FD98EE-476C-4942-A804-CBA75A8FDBF3}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe | "{AC4D3FCF-E7D8-48B4-988F-355F6FD18896}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{C18200A8-B581-4308-A719-918101CFB7CB}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | "{C54517E0-F923-49FC-B366-1EC15169F3C6}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe | "{CA64D56B-ED90-4160-ADCA-420399940561}" = protocol=17 | dir=in | app=c:\acer\empowering technology\emode\pcm\pcmservice.exe | "{DB891366-B097-4EA5-A8F6-A50D81A2C9B1}" = protocol=6 | dir=in | app=d:\adsltv\vlc\vlc.exe | "{E3209CBD-3A4B-4E0D-A67A-CE4A9BE332B6}" = dir=in | app=c:\program files\msn messenger\livecall.exe | "{E5EE3443-2420-4147-A04B-405370EFC69D}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe | "{E7547D29-3284-482B-A4FF-0184D831E812}" = protocol=17 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{EE917CFB-5516-4CB1-9C3E-F21A20C5FA46}" = protocol=6 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{F3F090CD-6CB4-4B47-AA35-04AF4FE58BEA}" = protocol=17 | dir=in | app=d:\league of legends\game\league of legends.exe | "{F981A7F4-20B8-4792-AF47-A0420DF8BDFB}" = protocol=17 | dir=in | app=c:\program files\sports interactive\football manager 2009\fm.exe | "TCP Query User{0053435F-FC3B-492E-9C80-7B864D3454DA}D:\trackmania nations eswc\tmnationseswc.exe" = protocol=6 | dir=in | app=d:\trackmania nations eswc\tmnationseswc.exe | "TCP Query User{0721C5FA-8E3B-48A1-B41C-99E0AE5493C1}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{1082E2F8-C24E-4128-829F-74DA4DE6E0CD}D:\league of legends\lol.launcher.exe" = protocol=6 | dir=in | app=d:\league of legends\lol.launcher.exe | "TCP Query User{12B178E3-C2F9-4524-9D23-F12A50EFA007}D:\goa\gunbound\gunbound.gme" = protocol=6 | dir=in | app=d:\goa\gunbound\gunbound.gme | "TCP Query User{393E5927-8CAC-4A3D-813F-E3831A788F50}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{4736CEA9-A5BB-4ACC-8193-DA91F0C48192}D:\syllabik\mirc.exe" = protocol=6 | dir=in | app=d:\syllabik\mirc.exe | "TCP Query User{4892CBFB-35C1-43D1-AFA7-98913965624A}C:\program files\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe | "TCP Query User{4C4BAB5E-5E4A-4281-B09D-E475BBB55EBC}D:\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=d:\tvuplayer\tvuplayer.exe | "TCP Query User{4C5F2C7F-C68C-4DAF-9FB3-C16801535CCC}D:\kvirc\kvirc.exe" = protocol=6 | dir=in | app=d:\kvirc\kvirc.exe | "TCP Query User{501012D0-0AA0-4499-A92E-A587B184FFA1}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=6 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe | "TCP Query User{530D7CDF-0223-452E-8E80-11012B1EA3E1}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | "TCP Query User{5AF1DE73-6C1A-4D62-8B64-16577A911487}C:\program files\sports interactive\football manager 2007\fm.exe" = protocol=6 | dir=in | app=c:\program files\sports interactive\football manager 2007\fm.exe | "TCP Query User{5BD4E122-B3CC-4636-AAFC-F660C9D220B3}D:\ppmate\ppamnet.exe" = protocol=6 | dir=in | app=d:\ppmate\ppamnet.exe | "TCP Query User{616DF52A-02F3-4750-B988-5811A41D22F6}C:\users\salignac\appdata\local\temp\rar$ex01.274\nexuiz\nexuiz.exe" = protocol=6 | dir=in | app=c:\users\salignac\appdata\local\temp\rar$ex01.274\nexuiz\nexuiz.exe | "TCP Query User{68CB852B-270F-4EFD-8B05-3D79325F989D}D:\skype\phone\skype.exe" = protocol=6 | dir=in | app=d:\skype\phone\skype.exe | "TCP Query User{6C243AEB-7785-4ACF-8C1C-EEB7E7DCAA11}C:\windows\system32\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dpnsvr.exe | "TCP Query User{6F8CD8B1-436C-4550-844D-CBB858BC5F65}D:\tvup\tvuplayer.exe" = protocol=6 | dir=in | app=d:\tvup\tvuplayer.exe | "TCP Query User{7626BF8B-73A2-421B-99C4-18F1EAEAAFB8}D:\perfect battle online 1.0b\perfect battle online.exe" = protocol=6 | dir=in | app=d:\perfect battle online 1.0b\perfect battle online.exe | "TCP Query User{7943BC1B-0481-45FE-8ABB-5B48179A677E}C:\program files\netscape\netscape\netscp.exe" = protocol=6 | dir=in | app=c:\program files\netscape\netscape\netscp.exe | "TCP Query User{7DF33745-9F87-4960-A259-65CF5C175408}C:\program files\messengerdiscovery\messengerdiscovery live.exe" = protocol=6 | dir=in | app=c:\program files\messengerdiscovery\messengerdiscovery live.exe | "TCP Query User{7E7517B1-2741-4ABA-91CF-4841AB36EC58}D:\bsmaxscript[7.0]\mirc.exe" = protocol=6 | dir=in | app=d:\bsmaxscript[7.0]\mirc.exe | "TCP Query User{849D2C0E-6B37-4DCE-A87E-E9EB585C38A5}D:\skype\phone\skype.exe" = protocol=6 | dir=in | app=d:\skype\phone\skype.exe | "TCP Query User{85E26757-CBA6-434E-92E4-F64EB51C77EC}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{8BA3DEE5-829D-4896-983E-9C8A4C2291D8}C:\program files\messengerdiscovery\messengerdiscovery live.exe" = protocol=6 | dir=in | app=c:\program files\messengerdiscovery\messengerdiscovery live.exe | "TCP Query User{8BE8A501-8663-4EDB-B72C-79C646E9FB47}D:\goa\gunbound\gunbound\gunbound.gme" = protocol=6 | dir=in | app=d:\goa\gunbound\gunbound\gunbound.gme | "TCP Query User{8BF04CFC-1392-43CC-A8BE-B77B7AAECAB8}D:\goa\gunbound\gunbound.gme" = protocol=6 | dir=in | app=d:\goa\gunbound\gunbound.gme | "TCP Query User{9098F925-6331-4F49-984C-36E435D6826C}D:\teamscript4\mirc.exe" = protocol=6 | dir=in | app=d:\teamscript4\mirc.exe | "TCP Query User{955FF4B2-B03B-4242-887E-DFB11EF7CAA2}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=6 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe | "TCP Query User{96F3CC36-B88C-4941-ACF9-BB5B9D58752F}D:\yu-gi-oh virtual battle 5\yvb5.exe" = protocol=6 | dir=in | app=d:\yu-gi-oh virtual battle 5\yvb5.exe | "TCP Query User{B34B6204-664A-4959-96BB-C1B7D5376E12}D:\goa\gunbound\gunbound\gunbound.gme" = protocol=6 | dir=in | app=d:\goa\gunbound\gunbound\gunbound.gme | "TCP Query User{BC78BC7A-7C68-4708-9100-48FCBFF7DB79}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | "TCP Query User{C9A05465-E990-48E3-B51A-45B002F26C06}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | "TCP Query User{CACBBCCA-122A-4301-905E-7243E2EBDFA9}D:\tvants\tvants.exe" = protocol=6 | dir=in | app=d:\tvants\tvants.exe | "TCP Query User{CEAB09B6-DDEE-4EA0-A8BE-FDF7B024939B}C:\users\salignac\appdata\roaming\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\users\salignac\appdata\roaming\sopcast\adv\sopadver.exe | "TCP Query User{E5DE59BA-EE2D-46CE-BE46-EC83ECB0437B}D:\teamscript4\mirc.exe" = protocol=6 | dir=in | app=d:\teamscript4\mirc.exe | "TCP Query User{E66263DF-6D65-4AA3-A803-6A2DCB64D64C}D:\tvants\tvants.exe" = protocol=6 | dir=in | app=d:\tvants\tvants.exe | "TCP Query User{EBD48E44-49CB-4A05-8F80-5E1CF7D9CD63}D:\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=d:\tvuplayer\tvuplayer.exe | "TCP Query User{F31D6993-B773-4DAE-BCFA-2F7431B32C80}D:\trackmania nations eswc\tmnationseswc.exe" = protocol=6 | dir=in | app=d:\trackmania nations eswc\tmnationseswc.exe | "TCP Query User{FD88A564-5C64-48C9-A2A7-37158927C857}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{003625C5-0260-4508-9F74-C759F79F1764}D:\league of legends\lol.launcher.exe" = protocol=17 | dir=in | app=d:\league of legends\lol.launcher.exe | "UDP Query User{05464C87-9051-45A3-957B-196F83E7B61F}D:\yu-gi-oh virtual battle 5\yvb5.exe" = protocol=17 | dir=in | app=d:\yu-gi-oh virtual battle 5\yvb5.exe | "UDP Query User{172F0D19-0F60-4161-BA4C-BF7FF351FEB9}C:\program files\sports interactive\football manager 2007\fm.exe" = protocol=17 | dir=in | app=c:\program files\sports interactive\football manager 2007\fm.exe | "UDP Query User{28EE7CB8-4051-4D7E-8378-D0DB05FDAF89}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | "UDP Query User{2A443D99-B39D-45DD-AB80-7E62F9C2849E}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{2E296385-C7B8-4812-B4FE-DF39FA381F04}D:\bsmaxscript[7.0]\mirc.exe" = protocol=17 | dir=in | app=d:\bsmaxscript[7.0]\mirc.exe | "UDP Query User{368CE820-333C-4258-AAD1-8CD61BB397F1}D:\trackmania nations eswc\tmnationseswc.exe" = protocol=17 | dir=in | app=d:\trackmania nations eswc\tmnationseswc.exe | "UDP Query User{3B178A1D-F3D4-48E8-A066-5611EABBD04E}D:\goa\gunbound\gunbound\gunbound.gme" = protocol=17 | dir=in | app=d:\goa\gunbound\gunbound\gunbound.gme | "UDP Query User{3E20CD24-FE44-4754-B669-A3C6FEE48412}D:\goa\gunbound\gunbound\gunbound.gme" = protocol=17 | dir=in | app=d:\goa\gunbound\gunbound\gunbound.gme | "UDP Query User{46031905-BD5A-49CC-95B6-BB76CE62CCE9}D:\tvup\tvuplayer.exe" = protocol=17 | dir=in | app=d:\tvup\tvuplayer.exe | "UDP Query User{4A256535-A461-4008-935B-6A562C2676C2}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{4C4F96E5-9EF9-42E8-B385-1EFE446449D0}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{4E441AD1-99BB-454E-9E62-D704C1976E21}D:\skype\phone\skype.exe" = protocol=17 | dir=in | app=d:\skype\phone\skype.exe | "UDP Query User{517A9338-2A41-4747-8D67-966F4A9B52DC}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | "UDP Query User{51A6B07C-5E49-46E3-914D-5FD5DAE49437}D:\perfect battle online 1.0b\perfect battle online.exe" = protocol=17 | dir=in | app=d:\perfect battle online 1.0b\perfect battle online.exe | "UDP Query User{53324679-6082-4CEC-ABEF-7FFD7C219E37}C:\program files\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe | "UDP Query User{5B116A3C-F984-47C1-ACFC-D86D660B2BF9}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{64F7BB6E-F31A-48EC-B121-2BC48582DCD8}D:\teamscript4\mirc.exe" = protocol=17 | dir=in | app=d:\teamscript4\mirc.exe | "UDP Query User{73765BB1-39CC-44EB-A7F9-9EB7B5E2B460}D:\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=d:\tvuplayer\tvuplayer.exe | "UDP Query User{75858DAF-908A-43E4-9D84-F17A27736F7C}D:\ppmate\ppamnet.exe" = protocol=17 | dir=in | app=d:\ppmate\ppamnet.exe | "UDP Query User{82F36EC5-BBE4-4A45-905B-4B842194A413}D:\skype\phone\skype.exe" = protocol=17 | dir=in | app=d:\skype\phone\skype.exe | "UDP Query User{8499F95F-DD12-460C-9CF3-E644EB93D67F}D:\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=d:\tvuplayer\tvuplayer.exe | "UDP Query User{9005091B-73E9-4188-90A3-BD6AC910C2D8}D:\trackmania nations eswc\tmnationseswc.exe" = protocol=17 | dir=in | app=d:\trackmania nations eswc\tmnationseswc.exe | "UDP Query User{98BB6EBF-D7EF-427C-8667-C902FB00670C}D:\teamscript4\mirc.exe" = protocol=17 | dir=in | app=d:\teamscript4\mirc.exe | "UDP Query User{9FDB016F-65E2-4841-ABDE-0C8CB7050379}D:\goa\gunbound\gunbound.gme" = protocol=17 | dir=in | app=d:\goa\gunbound\gunbound.gme | "UDP Query User{A57D1B85-47D9-4E77-BF1C-F11C8481064B}C:\users\salignac\appdata\roaming\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\users\salignac\appdata\roaming\sopcast\adv\sopadver.exe | "UDP Query User{CD31D448-43AD-4D0C-8C0F-FC012B5132C8}D:\tvants\tvants.exe" = protocol=17 | dir=in | app=d:\tvants\tvants.exe | "UDP Query User{CD43E3C4-E30C-4148-B003-979FC3C1C23A}D:\goa\gunbound\gunbound.gme" = protocol=17 | dir=in | app=d:\goa\gunbound\gunbound.gme | "UDP Query User{D0915088-9404-431F-B05B-C6294C88585C}D:\syllabik\mirc.exe" = protocol=17 | dir=in | app=d:\syllabik\mirc.exe | "UDP Query User{D5CB628C-351B-4F6B-A4EF-F9EB761D2C4B}D:\kvirc\kvirc.exe" = protocol=17 | dir=in | app=d:\kvirc\kvirc.exe | "UDP Query User{D86BA327-DBFF-453B-BF81-FD7D45C2ACB1}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=17 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe | "UDP Query User{D8918C39-088F-4883-A8AA-25DAD5AA3E1C}C:\windows\system32\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dpnsvr.exe | "UDP Query User{DE1BBFFD-C417-4E11-975E-D283303BCA6D}D:\tvants\tvants.exe" = protocol=17 | dir=in | app=d:\tvants\tvants.exe | "UDP Query User{DE4E3233-1D10-42CD-BC34-9EFDEC1B546F}C:\users\salignac\appdata\local\temp\rar$ex01.274\nexuiz\nexuiz.exe" = protocol=17 | dir=in | app=c:\users\salignac\appdata\local\temp\rar$ex01.274\nexuiz\nexuiz.exe | "UDP Query User{E20FC178-BFC6-4F8B-A04D-D47985B0AABD}C:\program files\messengerdiscovery\messengerdiscovery live.exe" = protocol=17 | dir=in | app=c:\program files\messengerdiscovery\messengerdiscovery live.exe | "UDP Query User{E963EFC3-07D4-4575-B318-9ADBDDD5D225}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | "UDP Query User{EB2C2267-28CB-40CC-8662-0E70D8306FC3}C:\program files\netscape\netscape\netscp.exe" = protocol=17 | dir=in | app=c:\program files\netscape\netscape\netscp.exe | "UDP Query User{F0A6CC79-747E-4FD4-9670-7FBDAB347489}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=17 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe | "UDP Query User{F174102F-BCC5-4BDF-85A4-97F66BAF831D}C:\program files\messengerdiscovery\messengerdiscovery live.exe" = protocol=17 | dir=in | app=c:\program files\messengerdiscovery\messengerdiscovery live.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0405E51E-9582-4207-8F38-AC44201D3808}" = VeohTV BETA "{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter "{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F2A5DF9-40E1-4644-ADBD-D80F347BA6C8}" = Gestionnaire pour appareils Windows Mobile "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only) "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20 "{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2 "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{3AFDD2C6-8663-46B5-B195-6CEB00D44768}" = adsl TV "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A712D29-DBE3-4381-A331-AF4AE5BEB244}" = ArcSoft Software Suite "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.5 "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant "{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7 "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = USB2.0 PC Camera (SN9C201&202) "{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends "{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{A2AE9709-283B-4B48-AA34-729C070A62FB}" = NETGEAR WNA1100 wireless USB 2.0 adapter "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter "{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology "{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9 "{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer "{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CB8CA439-DA83-419C-A4CF-5A0A50025144}" = Mise à jour du pilote du Gestionnaire pour appareils Windows Mobile "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D462BF9E-0C35-4705-BF9B-3DF9F3816643}" = Acer ePerformance Management "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1 "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EFCE5837-FC21-11D6-9D24-00010240CE95}" = Java 2 Runtime Environment, SE v1.4.1_02 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player "avast5" = avast! Free Antivirus "AVS DVD Player_is1" = AVS DVD Player version 2.4 "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "Fourmis v1.2" = Fourmis v1.2 "Google Chrome" = Google Chrome "HijackThis" = HijackThis 2.0.2 "InstallShield_{0405E51E-9582-4207-8F38-AC44201D3808}" = VeohTV BETA "InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker "Java Web Start" = Java Web Start "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Messenger Plus! Live" = Messenger Plus! Live "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "mIRC" = mIRC "Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10) "PhotoFiltre" = PhotoFiltre "PokerStars.fr" = PokerStars.fr "PriceGong" = PriceGong 2.1.0 "TeamScripT 4" = TeamScripT 4 "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "TVUPlayer" = TVUPlayer 2.4.5.3 "Veoh Video Compass" = Veoh Video Compass "VLC media player" = VLC media player 0.9.9 "WinISO_is1" = WinISO 5.3 "WinLiveSuite" = Windows Live "WinRAR archiver" = WinRAR archiver "Yahoo! Messenger" = Yahoo! Messenger ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "PhotoFiltre" = PhotoFiltre ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 02/04/2011 16:45:48 | Computer Name = PC-de-Salignac | Source = Microsoft-Windows-SpoolerSpoolss | ID = 1031 Description = Error - 03/04/2011 06:54:26 | Computer Name = PC-de-Salignac | Source = Windows Search Service | ID = 3013 Description = Error - 03/04/2011 06:54:26 | Computer Name = PC-de-Salignac | Source = Windows Search Service | ID = 3013 Description = Error - 04/04/2011 11:47:02 | Computer Name = PC-de-Salignac | Source = Application Error | ID = 1000 Description = Application défaillante Explorer.EXE, version 6.0.6002.18005, horodatage 0x49e01da5, module défaillant ntdll.dll, version 6.0.6002.18327, horodatage 0x4cb73436, code d’exception 0xc0000374, décalage d’erreur 0x000b06fc, ID du processus 0x760, heure de début de l’application 0x01cbf2a5d5e8d0d9. Error - 05/04/2011 07:50:25 | Computer Name = PC-de-Salignac | Source = Application Hang | ID = 1002 Description = Le programme iexplore.exe version 8.0.6001.19019 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solutions aux problèmes du Panneau de configuration. ID de processus : 1cec Heure de début : 01cbf37230fe9ea3 Heure de fin : 0 Error - 06/04/2011 17:00:40 | Computer Name = PC-de-Salignac | Source = Application Hang | ID = 1002 Description = Le programme firefox.exe version 1.9.2.3909 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solutions aux problèmes du Panneau de configuration. ID de processus : 9a74 Heure de début : 01cbf4907236e7e0 Heure de fin : 21540 Error - 06/04/2011 17:00:53 | Computer Name = PC-de-Salignac | Source = Application Error | ID = 1000 Description = Application défaillante plugin-container.exe, version 1.9.2.3909, horodatage 0x4c8fdc89, module défaillant ntdll.dll, version 6.0.6002.18327, horodatage 0x4cb73436, code d’exception 0xc0000005, décalage d’erreur 0x00048822, ID du processus 0xa988, heure de début de l’application 0x01cbf49810b2c9f0. Error - 07/04/2011 17:48:11 | Computer Name = PC-de-Salignac | Source = Application Hang | ID = 1002 Description = Le programme iexplore.exe version 8.0.6001.19019 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solutions aux problèmes du Panneau de configuration. ID de processus : 1c14 Heure de début : 01cbf555aa28cfb3 Heure de fin : 0 Error - 07/04/2011 17:48:23 | Computer Name = PC-de-Salignac | Source = Application Hang | ID = 1002 Description = Le programme firefox.exe version 1.9.2.3909 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solutions aux problèmes du Panneau de configuration. ID de processus : 343c Heure de début : 01cbf5645d5195f3 Heure de fin : 672 Error - 07/04/2011 17:48:29 | Computer Name = PC-de-Salignac | Source = Application Error | ID = 1000 Description = Application défaillante plugin-container.exe, version 1.9.2.3909, horodatage 0x4c8fdc89, module défaillant ntdll.dll, version 6.0.6002.18327, horodatage 0x4cb73436, code d’exception 0xc0000005, décalage d’erreur 0x00048822, ID du processus 0x27f4, heure de début de l’application 0x01cbf564a008e6a3. [ System Events ] Error - 07/04/2011 01:27:10 | Computer Name = PC-de-Salignac | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 2 Description = Error - 07/04/2011 01:29:04 | Computer Name = PC-de-Salignac | Source = LSM | ID = 1048 Description = Error - 07/04/2011 13:38:45 | Computer Name = PC-de-Salignac | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 2 Description = Error - 07/04/2011 13:38:45 | Computer Name = PC-de-Salignac | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 2 Description = Error - 07/04/2011 13:40:31 | Computer Name = PC-de-Salignac | Source = LSM | ID = 1048 Description = Error - 07/04/2011 13:45:48 | Computer Name = PC-de-Salignac | Source = Service Control Manager | ID = 7022 Description = Error - 07/04/2011 13:52:30 | Computer Name = PC-de-Salignac | Source = Service Control Manager | ID = 7022 Description = Error - 08/04/2011 04:17:29 | Computer Name = PC-de-Salignac | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 2 Description = Error - 08/04/2011 04:17:29 | Computer Name = PC-de-Salignac | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 2 Description = Error - 08/04/2011 04:20:03 | Computer Name = PC-de-Salignac | Source = LSM | ID = 1048 Description = < End of report >

OTL logfile created on: 08/04/2011 12:19:24 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Salignac\Desktop Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19019) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 447,00 Mb Total Physical Memory | 153,00 Mb Available Physical Memory | 34,00% Memory free 1,00 Gb Paging File | 1,00 Gb Available in Paging File | 45,00% Paging File free Paging file location(s): ?:\pagefile.sys %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 71,28 Gb Total Space | 33,49 Gb Free Space | 46,98% Space Free | Partition Type: NTFS Drive D: | 70,94 Gb Total Space | 42,99 Gb Free Space | 60,60% Space Free | Partition Type: NTFS Drive M: | 1,91 Gb Total Space | 0,33 Gb Free Space | 17,37% Space Free | Partition Type: FAT32 Computer Name: PC-DE-SALIGNAC | User Name: Salignac | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/04/08 12:14:50 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Salignac\Desktop\OTL.exe PRC - [2011/01/13 10:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- D:\Avast5\AvastUI.exe PRC - [2011/01/13 10:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- D:\Avast5\AvastSvc.exe PRC - [2009/12/10 11:13:56 | 004,562,944 | ---- | M] () -- C:\Program Files\NETGEAR\WNA1100\WNA1100.exe PRC - [2009/11/27 12:04:44 | 000,278,528 | ---- | M] () -- C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2007/05/28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- D:\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2007/01/05 18:12:58 | 000,258,048 | ---- | M] (SONIX) -- C:\Windows\tsnp2std.exe PRC - [2006/12/08 15:45:32 | 000,045,056 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe PRC - [2006/11/23 16:24:54 | 000,319,488 | ---- | M] () -- C:\Windows\System32\SysMonitor.exe PRC - [2006/11/12 21:35:08 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe PRC - [2006/11/09 04:57:52 | 003,784,704 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2006/09/15 14:21:54 | 000,675,840 | ---- | M] (Sonix) -- C:\Windows\vsnp2std.exe ========== Modules (SafeList) ========== MOD - [2011/04/08 12:14:50 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Salignac\Desktop\OTL.exe MOD - [2011/01/13 10:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- D:\Avast5\snxhk.dll MOD - [2010/08/31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (CLTNetCnService) SRV - [2011/01/13 10:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- D:\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2009/11/27 12:04:44 | 000,278,528 | ---- | M] () [Auto | Running] -- C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe -- (WSWNA1100) SRV - [2009/11/05 16:10:22 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\NETGEAR\WNA1100\jswpsapi.exe -- (jswpsapi) SRV - [2008/01/19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2007/05/28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- D:\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2007/01/24 13:21:24 | 000,375,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007/01/24 13:21:14 | 000,177,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2006/12/08 15:45:32 | 000,045,056 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService) SRV - [2006/11/12 21:35:08 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService) ========== Driver Services (SafeList) ========== DRV - [2011/01/13 10:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011/01/13 10:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011/01/13 10:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011/01/13 10:37:19 | 000,051,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2011/01/13 10:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009/11/27 03:47:00 | 001,384,448 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athur.sys -- (athur) DRV - [2009/04/11 06:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb) DRV - [2008/11/01 23:50:18 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2008/10/08 06:15:12 | 000,025,216 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901) DRV - [2008/05/15 02:28:00 | 000,020,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf) DRV - [2007/04/27 19:02:08 | 012,039,552 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snp2sxp.sys -- (SNP2STD) USB2.0 PC Camera (SNP2STD) DRV - [2007/02/08 19:44:43 | 000,083,320 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x) DRV - [2007/01/19 18:20:54 | 000,021,728 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\scmndisp.sys -- (SCMNdisP) DRV - [2006/12/07 18:12:02 | 000,076,584 | ---- | M] () [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15) DRV - [2006/11/24 15:46:36 | 002,085,888 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300) DRV - [2006/07/05 14:39:29 | 000,059,256 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x) DRV - [2006/06/14 16:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x) DRV - [2005/06/17 10:27:42 | 000,379,456 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WlanUIG.sys -- (WlanUIG) DRV - [2005/02/23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = {searchTerms} - Yahoo! Search Results IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Freebox, la meilleure offre ADSL : Internet, Téléphone, Télévision IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "SweetIM Search" FF - prefs.js..browser.search.defaulturl: "http://search.sweetim.com/search.asp?src=2&q="'>http://search.sweetim.com/search.asp?src=2&q=" FF - prefs.js..browser.search.order.1: "Yahoo" FF - prefs.js..browser.search.param.yahoo-fr: "megaup" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "http://www.google.fr/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: [email protected]:4.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: [email protected]:2 FF - prefs.js..extensions.enabledItems: 4 FF - prefs.js..extensions.enabledItems: 9 FF - prefs.js..extensions.enabledItems: 1 FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&q=" FF - prefs.js..network.proxy.http: "148.233.159.58" FF - prefs.js..network.proxy.http_port: 8080 FF - prefs.js..network.proxy.socks_version: 4 FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Yahoo" FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "resource:/browserconfig.properties" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/29 13:47:42 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/29 13:47:40 | 000,000,000 | ---D | M] [2008/09/08 18:46:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Salignac\AppData\Roaming\mozilla\Extensions [2010/11/22 14:46:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Salignac\AppData\Roaming\mozilla\Firefox\Profiles\8q9g78ds.default\extensions [2009/09/02 14:36:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Salignac\AppData\Roaming\mozilla\Firefox\Profiles\8q9g78ds.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/09/29 13:49:45 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Salignac\AppData\Roaming\mozilla\Firefox\Profiles\8q9g78ds.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010/09/29 14:28:11 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Salignac\AppData\Roaming\mozilla\Firefox\Profiles\8q9g78ds.default\extensions\[email protected] [2010/11/22 14:46:08 | 000,000,000 | ---D | M] (Illimitux) -- C:\Users\Salignac\AppData\Roaming\mozilla\Firefox\Profiles\8q9g78ds.default\extensions\[email protected] [2008/12/07 14:51:40 | 000,000,000 | ---D | M] (Oberon Game Host) -- C:\Users\Salignac\AppData\Roaming\mozilla\Firefox\Profiles\8q9g78ds.default\extensions\[email protected] [2010/10/19 19:42:24 | 000,003,915 | ---- | M] () -- C:\Users\Salignac\AppData\Roaming\Mozilla\Firefox\Profiles\8q9g78ds.default\searchplugins\sweetim.xml [2010/09/29 13:47:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2007/07/18 16:34:01 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010/06/19 01:22:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/06/19 01:21:37 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010/09/14 23:32:19 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2010/09/14 23:32:19 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/09/14 23:32:19 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2010/09/14 23:32:19 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2010/09/14 23:32:19 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll (PriceGong) O3 - HKLM\..\Toolbar: (Veoh Video Compass) - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll (Veoh Networks) O3 - HKLM\..\Toolbar: (Veoh Browser Plug-in) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (Veoh Networks Inc) O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found. O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Windows\System32\SysMonitor.exe () O4 - HKLM..\Run: [avast5] D:\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [jswtrayutil] File not found O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [snp2std] C:\Windows\vsnp2std.exe (Sonix) O4 - HKLM..\Run: [tsnp2std] C:\Windows\tsnp2std.exe (SONIX) O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: chat-land.org ([]* in Trusted sites) O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} http://www.maalaimalar.com/wfplayer/tdserver.cab (TDServer Control) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240 O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img27.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img27.jpg O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{47e200e1-83eb-11db-9964-001921745b98}\Shell - "" = AutoRun O33 - MountPoints2\{47e200e1-83eb-11db-9964-001921745b98}\Shell\AutoRun\command - "" = K:\USBAutoRun.exe O33 - MountPoints2\{e8f9b1c9-87df-11de-8308-001921745b98}\Shell\AutoRun\command - "" = K:\start.exe O33 - MountPoints2\{e8f9b1c9-87df-11de-8308-001921745b98}\Shell\iledefrance\command - "" = K:\start.exe O33 - MountPoints2\{e8f9b1ce-87df-11de-8308-001921745b98}\Shell - "" = AutoRun O33 - MountPoints2\{e8f9b1ce-87df-11de-8308-001921745b98}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found Drivers32: msacm.ac3acm - C:\Windows\System32\AC3ACM.acm (fccHandler) Drivers32: msacm.alf2cd - C:\Windows\System32\alf2cd.acm (NCT Company) Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3codecp - File not found Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation) Drivers32: msacm.scg726 - C:\Windows\System32\Scg726.acm (SHARP Corporation) Drivers32: msacm.voxacm160 - C:\Windows\System32\vct3216.acm (Voxware, Inc.) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.dvsd - C:\Windows\System32\mcdvd_32.dll (MainConcept) Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com) Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com) Drivers32: vidc.xvid - C:\Windows\System32\xvidvfw.dll () Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin ========== Files/Folders - Created Within 30 Days ========== [2011/04/08 12:14:59 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Salignac\Desktop\OTL.exe [2011/04/06 12:02:00 | 007,734,240 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Salignac\Desktop\mbam-setup.exe [2011/03/30 09:45:01 | 000,000,000 | ---D | C] -- C:\ProgramData\eBpIdDbMiOn28604 [2011/03/23 08:56:05 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2011/03/23 08:56:04 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2008/02/13 19:59:29 | 000,151,552 | ---- | C] ( ) -- C:\Windows\System32\rsnp2std.dll [2008/02/13 19:59:27 | 000,077,824 | ---- | C] ( ) -- C:\Windows\System32\csnp2std.dll [2007/07/17 16:29:34 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent.exe [2006/12/15 17:20:23 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll [1 C:\Users\Salignac\*.tmp files -> C:\Users\Salignac\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/04/08 12:24:04 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/04/08 12:23:16 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/04/08 12:18:51 | 000,678,804 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2011/04/08 12:18:51 | 000,592,304 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011/04/08 12:18:51 | 000,126,420 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2011/04/08 12:18:51 | 000,100,378 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011/04/08 12:18:25 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011/04/08 12:18:25 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011/04/08 12:14:50 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Salignac\Desktop\OTL.exe [2011/04/08 10:18:45 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/04/08 10:18:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/04/07 23:51:18 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011/04/07 22:37:29 | 000,009,877 | ---- | M] () -- C:\Users\Salignac\Desktop\NT_215934000000.jpg [2011/04/07 16:57:13 | 004,448,328 | ---- | M] () -- C:\Users\Salignac\Desktop\FLUVORE_colonel_reyel__aureelie_72184.mp3 [2011/04/07 16:47:50 | 000,373,320 | ---- | M] () -- C:\Users\Salignac\Desktop\colonel_reyel__aurelie.mp3 [2011/04/07 07:27:50 | 142,109,721 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011/04/05 14:32:22 | 007,734,240 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Salignac\Desktop\mbam-setup.exe [2011/04/05 14:31:46 | 000,879,081 | ---- | M] () -- C:\Users\Salignac\Desktop\SecurityCheck.exe [2011/04/01 14:23:19 | 000,002,685 | ---- | M] () -- C:\Users\Salignac\Desktop\Microsoft Office Word 2003.lnk [2011/03/27 00:29:39 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2011/03/24 23:32:41 | 000,000,393 | ---- | M] () -- C:\Users\Salignac\Desktop\Ordinateur salon - Raccourci.lnk [1 C:\Users\Salignac\*.tmp files -> C:\Users\Salignac\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/04/08 12:23:16 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/04/07 22:39:01 | 000,009,877 | ---- | C] () -- C:\Users\Salignac\Desktop\NT_215934000000.jpg [2011/04/07 16:57:13 | 004,448,328 | ---- | C] () -- C:\Users\Salignac\Desktop\FLUVORE_colonel_reyel__aureelie_72184.mp3 [2011/04/07 16:47:37 | 000,373,320 | ---- | C] () -- C:\Users\Salignac\Desktop\colonel_reyel__aurelie.mp3 [2011/04/06 12:02:10 | 000,879,081 | ---- | C] () -- C:\Users\Salignac\Desktop\SecurityCheck.exe [2011/03/30 13:36:52 | 001,734,285 | ---- | C] () -- C:\Users\Salignac\Desktop\SDC10107.JPG [2011/03/30 13:36:52 | 001,696,712 | ---- | C] () -- C:\Users\Salignac\Desktop\SDC10108.JPG [2011/03/30 13:36:52 | 001,685,841 | ---- | C] () -- C:\Users\Salignac\Desktop\SDC10109.JPG [2011/03/30 13:36:52 | 001,679,229 | ---- | C] () -- C:\Users\Salignac\Desktop\SDC10106.JPG [2011/03/30 13:36:52 | 000,040,090 | ---- | C] () -- C:\Users\Salignac\Desktop\sagay.JPG [2011/03/30 13:36:52 | 000,015,649 | ---- | C] () -- C:\Users\Salignac\Desktop\DSC00207.JPG [2011/03/24 23:32:41 | 000,000,393 | ---- | C] () -- C:\Users\Salignac\Desktop\Ordinateur salon - Raccourci.lnk [2009/09/16 22:05:12 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009/09/16 22:05:11 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/08/01 19:38:22 | 000,000,600 | ---- | C] () -- C:\Users\Salignac\AppData\Local\PUTTY.RND [2009/06/15 21:42:13 | 000,155,136 | ---- | C] () -- C:\Windows\PEV.exe [2009/06/15 21:42:13 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2009/06/15 21:42:13 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2009/06/15 21:42:13 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2008/11/21 23:47:52 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2008/09/30 20:12:45 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI [2008/09/07 20:29:26 | 000,007,268 | ---- | C] () -- C:\Users\Salignac\AppData\Local\d3d9caps.dat [2008/08/28 22:30:59 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008/02/13 19:59:45 | 000,015,497 | ---- | C] () -- C:\Windows\snp2std.ini [2008/02/13 19:59:40 | 000,025,472 | ---- | C] () -- C:\Windows\System32\drivers\sncamd.sys [2008/02/13 19:59:34 | 012,039,552 | ---- | C] () -- C:\Windows\System32\drivers\snp2sxp.sys [2008/01/13 18:00:04 | 000,000,050 | ---- | C] () -- C:\Windows\MegaManager.INI [2007/11/17 12:07:36 | 000,228,648 | ---- | C] () -- C:\Windows\OptChecker.exe [2007/10/31 10:39:54 | 000,059,904 | ---- | C] () -- C:\Windows\System32\zlib1.dll [2007/10/30 14:22:50 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2007/09/11 18:16:57 | 000,000,018 | ---- | C] () -- C:\Windows\cnc.ini [2007/09/01 08:39:54 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2007/08/04 13:31:25 | 000,000,060 | ---- | C] () -- C:\Users\Salignac\AppData\Roaming\AVSDVDPlayer.m3u [2007/08/04 13:20:03 | 000,524,288 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2007/08/04 13:20:03 | 000,139,264 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2007/07/28 18:23:03 | 000,000,014 | ---- | C] () -- C:\Windows\Powerplayer.ini [2007/07/28 18:22:58 | 000,000,544 | ---- | C] () -- C:\Windows\psnetwork.ini [2007/07/18 12:03:51 | 000,095,232 | ---- | C] () -- C:\Users\Salignac\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007/07/17 21:33:42 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat [2007/07/17 21:31:22 | 000,005,420 | ---- | C] () -- C:\Windows\mozver.dat [2007/07/17 16:32:37 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini [2007/07/17 16:32:36 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini [2007/07/17 16:29:34 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyAgentUser.exe [2007/05/17 13:58:10 | 000,143,360 | ---- | C] () -- C:\Windows\System32\libexpatw.dll [2006/12/16 01:37:08 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll [2006/12/16 00:53:56 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat [2006/12/16 00:53:56 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2006/12/16 00:53:56 | 000,138,101 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2006/12/16 00:53:56 | 000,000,937 | ---- | C] () -- C:\Windows\generic.ini [2006/12/16 00:53:56 | 000,000,113 | ---- | C] () -- C:\Windows\Alaunch.ini [2006/12/15 17:20:27 | 000,319,488 | ---- | C] () -- C:\Windows\System32\SysMonitor.exe [2006/12/15 17:20:25 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll [2006/12/15 17:17:15 | 000,049,152 | ---- | C] () -- C:\Windows\System32\ChCfg.exe [2006/12/15 17:15:42 | 000,013,952 | ---- | C] () -- C:\Windows\System32\drivers\UBHelper.sys [2006/11/16 13:20:10 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll [2006/11/16 13:19:10 | 000,037,376 | ---- | C] () -- C:\Windows\System32\MSNChatHook.dll [2006/11/02 17:45:36 | 000,678,804 | ---- | C] () -- C:\Windows\System32\perfh00C.dat [2006/11/02 17:45:36 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.dat [2006/11/02 17:45:36 | 000,126,420 | ---- | C] () -- C:\Windows\System32\perfc00C.dat [2006/11/02 17:45:36 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.dat [2006/11/02 14:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006/11/02 14:44:53 | 000,371,864 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006/11/02 12:33:01 | 000,592,304 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006/11/02 12:33:01 | 000,100,378 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2001/12/26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll [2001/09/03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll [2001/07/30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll [2001/07/23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009/04/11 08:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2006/12/16 00:54:25 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2009/06/15 21:59:11 | 000,021,106 | ---- | M] () -- C:\ComboFix.txt [2006/09/18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2007/11/18 12:49:33 | 000,001,327 | ---- | M] () -- C:\error.log [2007/11/17 13:53:14 | 000,168,376 | ---- | M] () -- C:\ExtractLog.txt [2007/09/11 18:18:01 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2007/09/11 18:18:01 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2011/04/08 10:18:07 | 1073,741,824 | -HS- | M] () -- C:\pagefile.sys [2011/04/08 12:23:16 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2006/12/15 17:17:17 | 000,000,351 | ---- | M] () -- C:\RHDSetup.log [2007/07/17 16:49:42 | 000,000,091 | ---- | M] () -- C:\Setup.log [2010/03/14 16:06:13 | 000,921,624 | ---- | M] () -- C:\snp2sxp-001.raw [2010/02/15 18:41:17 | 000,230,424 | ---- | M] () -- C:\snp2sxp-002.raw [2010/02/15 19:15:17 | 000,460,824 | ---- | M] () -- C:\snp2sxp-003.raw [2010/01/01 16:55:31 | 000,230,424 | ---- | M] () -- C:\snp2sxp-004.raw [2007/07/18 16:35:23 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm [2007/07/18 16:35:23 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm [2010/03/04 15:20:10 | 000,000,162 | ---- | M] () -- C:\YServer.txt < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2006/11/02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2006/11/02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2006/11/02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006/11/02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006/11/02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\system32\drivers\*.sys /90 > [2011/01/13 10:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2011/01/13 10:37:19 | 000,051,280 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2011/01/13 10:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys [2011/01/13 10:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys [2011/01/13 10:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys [2011/01/20 18:37:37 | 000,638,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-04-08 08:38:04 ========== Alternate Data Streams ========== @Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:052A05A1 @Alternate Data Stream - 64 bytes -> C:\Users\Salignac\Desktop\MOV00785.AVI:TOC.WMV @Alternate Data Stream - 64 bytes -> C:\Users\Salignac\Desktop\MOV00777.AVI:TOC.WMV @Alternate Data Stream - 64 bytes -> C:\Users\Salignac\Desktop\MOV00249.AVI:TOC.WMV @Alternate Data Stream - 64 bytes -> C:\Users\Salignac\Desktop\MOV00245.AVI:TOC.WMV @Alternate Data Stream - 64 bytes -> C:\Users\Salignac\Desktop\MOV00238.AVI:TOC.WMV @Alternate Data Stream - 64 bytes -> C:\Users\Salignac\Desktop\MOV00233.AVI:TOC.WMV @Alternate Data Stream - 181 bytes -> C:\ProgramData\TEMP:F67AAFC5 @Alternate Data Stream - 180 bytes -> C:\ProgramData\TEMP:B12D1A7D @Alternate Data Stream - 170 bytes -> C:\ProgramData\TEMP:4E6B8D68 @Alternate Data Stream - 168 bytes -> C:\ProgramData\TEMP:6BD304B9 @Alternate Data Stream - 163 bytes -> C:\ProgramData\TEMP:708BB0FA @Alternate Data Stream - 163 bytes -> C:\ProgramData\TEMP:43E95997 @Alternate Data Stream - 162 bytes -> C:\ProgramData\TEMP:BDF08FAF @Alternate Data Stream - 154 bytes -> C:\ProgramData\TEMP:667565EE @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:7AF9CAEB @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:F50F1555 @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:912389B7 @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:52E1DB1D @Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:DF2EA4BB @Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:9FE30AB2 @Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:4E9307D7 @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:A42A9F39 @Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:FF8F1AE3 < End of report >

Je crois qu'il n'a pas détecté d'erreurs donc je n'ai pas pu "afficher les résultat" et supprimer la sélection. Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 6302 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.19019 07/04/2011 19:58:18 mbam-log-2011-04-07 (19-58-17).txt Type d'examen: Examen rapide Elément(s) analysé(s): 150898 Temps écoulé: 13 minute(s), 7 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Results of screen317's Security Check version 0.99.10 Windows Vista Service Pack 2 (UAC is enabled) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: avast! Free Antivirus WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware HijackThis 2.0.2 Java Web Start Java 6 Update 20 Java 6 Update 2 Java 2 Runtime Environment, SE v1.4.1_02 Out of date Java installed! Adobe Flash Player 10.0.45.2 Adobe Reader 7.0.9 Out of date Adobe Reader installed! ```````````````````````````````` Process Check: objlist.exe by Laurent Common Files Microsoft Shared Windows Live AvastSvc.exe -?- AvastUI.exe ``````````End of Log````````````

http://forum.zebulon.fr/probleme-de-demarrage-et-lenteur-t184198.html Je n'ai aucune réponse.

Personne ?