killeriders

tojour rien.......

Merciiii =) j'avais peur de poster les premiere ligne car il y avait des clé et que je vouler pas perdre mon window !! =) ComboFix 09-09-07.05 - killer 08/09/2009 13:50.1.2 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.2047.1009 [GMT 2:00] Running from: c:\users\killer\Desktop\ComboFix.exe FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B} SP: Avira AntiVir PersonalEdition *enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9} SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

UP j'ai besoin d'aide

Salut Salut,j'espere que vous pouvez m'aider,mon pc lagg pendent les chargement, mais seulment apres quelque heur. et sa me fait planter la souris la musique et tout... j'ai fait un nettoyage avec antivir,avec l'anti malware,mais toujour pariel. alor on ma conseiller combo fix, et je ne sais pas se qu'il faut que je lui demande de suprimer donc voici le rapport,merci de votre aide et de votre patience : ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-1242926653-2254958597-335050124-500 c:\$recycle.bin\S-1-5-21-2138742642-2765880599-2234549539-500 c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500 C:\desktop.ini c:\programdata\Microsoft\Network\Downloader\qmgr0.dat c:\programdata\Microsoft\Network\Downloader\qmgr1.dat c:\windows\Installer\16e10da.msi c:\windows\Installer\18a6967.msi c:\windows\Installer\18af775.msi c:\windows\system32\dumphive.exe c:\windows\system32\SrchSTS.exe c:\windows\system32\tmp.reg c:\windows\system32\VACFix.exe c:\windows\system32\VCCLSID.exe c:\windows\system32\WS2Fix.exe ----- BITS: Possible infected sites ----- hxxp://premium.virginmega.fr . ((((((((((((((((((((((((( Files Created from 2009-08-08 to 2009-09-08 ))))))))))))))))))))))))))))))) . 2009-09-08 11:22 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-09-08 11:22 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-09-07 22:26 . 2009-09-08 11:37 -------- d-----w- c:\users\killer\AppData\Roaming\Moniteur neufbox 2009-09-07 22:26 . 2009-09-07 22:26 -------- d-----w- c:\program files\Moniteur neufbox 2009-09-02 20:00 . 2009-08-28 12:39 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2009-09-02 20:00 . 2009-08-28 10:15 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2009-09-02 16:28 . 2004-12-30 21:43 4682 ----a-w- c:\windows\system32\npptNT2.sys 2009-09-02 16:28 . 2009-09-02 16:28 -------- d-----w- c:\program files\Common Files\INCA Shared 2009-09-02 16:10 . 2009-09-02 16:10 -------- d-----w- c:\program files\gPotato.eu 2009-08-28 00:40 . 2009-06-22 10:22 2048 ----a-w- c:\windows\system32\tzres.dll 2009-08-15 05:35 . 2009-07-17 14:35 71680 ----a-w- c:\windows\system32\atl.dll 2009-08-15 05:35 . 2009-06-10 12:12 160256 ----a-w- c:\windows\system32\wkssvc.dll 2009-08-15 05:35 . 2009-06-04 12:34 2066432 ----a-w- c:\windows\system32\mstscax.dll 2009-08-15 05:35 . 2009-07-14 13:00 313344 ----a-w- c:\windows\system32\wmpdxm.dll 2009-08-15 05:35 . 2009-07-14 12:58 7680 ----a-w- c:\windows\system32\spwmp.dll 2009-08-15 05:35 . 2009-07-14 12:59 4096 ----a-w- c:\windows\system32\dxmasf.dll 2009-08-15 05:35 . 2009-07-14 10:59 8147456 ----a-w- c:\windows\system32\wmploc.DLL 2009-08-15 05:35 . 2009-06-10 11:45 206336 ----a-w- c:\windows\system32\telnet.exe 2009-08-15 05:35 . 2009-06-10 09:56 88576 ----a-w- c:\windows\system32\tlntsess.exe 2009-08-15 05:35 . 2009-06-10 12:07 91136 ----a-w- c:\windows\system32\avifil32.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-09-08 11:38 . 2009-05-01 09:46 352615 ---ha-w- c:\windows\system32\drivers\vsconfig.xml 2009-09-08 11:29 . 2008-03-05 17:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-09-08 11:22 . 2009-09-08 11:22 687104 ----a-w- c:\windows\isRS-000.tmp 2009-09-08 09:53 . 2009-07-14 18:10 -------- d-----w- c:\users\killer\AppData\Roaming\IMVU 2009-09-07 21:00 . 2007-12-22 17:21 -------- d-----w- c:\users\killer\AppData\Roaming\uTorrent 2009-09-07 20:40 . 2008-11-25 20:48 -------- d-----w- c:\program files\Free Music Zilla 2009-09-07 10:56 . 2009-04-08 19:53 -------- d-----w- c:\program files\Steam 2009-09-06 10:37 . 2009-04-08 19:53 -------- d-----w- c:\program files\Common Files\Steam 2009-09-04 17:39 . 2008-06-04 13:39 -------- d-----w- c:\users\killer\AppData\Roaming\OpenOffice.org2 2009-09-02 18:10 . 2008-05-17 18:02 -------- d-----w- c:\users\killer\AppData\Roaming\teamspeak2 2009-09-01 18:41 . 2008-01-15 20:08 -------- d-----w- c:\program files\Navilog1 2009-09-01 16:32 . 2007-12-21 20:27 -------- d-----w- c:\programdata\Skype 2009-09-01 16:31 . 2009-03-03 17:55 -------- d-----w- c:\program files\Trials 2 Second Edition 2009-08-31 17:27 . 2007-10-16 19:32 733528 ----a-w- c:\windows\system32\perfh00C.dat 2009-08-31 17:27 . 2007-10-16 19:32 151100 ----a-w- c:\windows\system32\perfc00C.dat 2009-08-31 10:21 . 2009-01-12 11:23 -------- d-----w- c:\users\killer\AppData\Roaming\GrabIt 2009-08-31 10:04 . 2008-02-12 16:29 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2009-08-28 09:09 . 2009-07-14 18:09 -------- d-----w- c:\users\killer\AppData\Roaming\IMVUClient 2009-08-22 18:29 . 2009-05-01 10:16 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2009-08-21 16:09 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-08-07 17:51 . 2009-08-07 17:51 15308424 ----a-w- c:\windows\system32\xlive.dll 2009-08-07 17:51 . 2009-08-07 17:51 13642888 ----a-w- c:\windows\system32\xlivefnt.dll 2009-08-06 09:00 . 2008-05-12 14:57 -------- d-----w- c:\program files\Microsoft Silverlight 2009-07-30 22:51 . 2009-04-20 15:54 -------- d-----w- c:\program files\Mozilla Firefox 3.1 Beta 3 2009-07-29 20:58 . 2009-07-29 20:58 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf 2009-07-23 17:06 . 2009-07-23 17:06 -------- d-----w- c:\program files\Aspyr 2009-07-18 16:06 . 2009-07-29 10:24 827904 ----a-w- c:\windows\system32\wininet.dll 2009-07-18 16:01 . 2009-07-29 10:24 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-07-18 09:46 . 2009-07-29 10:24 26624 ----a-w- c:\windows\system32\ieUnatt.exe 2009-07-16 10:07 . 2009-07-16 10:07 -------- d-----w- c:\users\killer\AppData\Roaming\vlc 2009-07-14 17:29 . 2009-07-14 17:29 -------- d-----w- c:\program files\QuickTime 2009-07-14 17:29 . 2009-07-14 17:29 -------- d-----w- c:\programdata\Apple Computer 2009-07-14 17:27 . 2009-07-14 17:27 -------- d-----w- c:\program files\Apple Software Update 2009-07-14 17:27 . 2009-07-14 17:27 -------- d-----w- c:\programdata\Apple 2009-07-14 15:18 . 2009-07-14 15:18 -------- d-----w- c:\users\killer\AppData\Roaming\dvdcss 2009-07-10 19:17 . 2007-12-21 17:52 -------- d-----w- c:\program files\Messenger Plus! Live 2009-06-30 21:48 . 2008-06-12 18:08 615424 ----a-w- c:\windows\system32\themeui.dll 2009-06-30 21:48 . 2008-06-12 18:09 240128 ----a-w- c:\windows\system32\uxtheme.dll 2009-06-15 15:24 . 2009-07-15 22:03 156672 ----a-w- c:\windows\system32\t2embed.dll 2009-06-15 15:20 . 2009-07-15 22:03 72704 ----a-w- c:\windows\system32\fontsub.dll 2009-06-15 15:20 . 2009-07-15 22:03 10240 ----a-w- c:\windows\system32\dciman32.dll 2009-06-15 12:52 . 2009-07-15 22:03 289792 ----a-w- c:\windows\system32\atmfd.dll 2007-12-02 11:36 . 2007-12-02 11:36 278528 ----a-w- c:\program files\Common Files\FDEUnInstaller.exe 2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll 2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll 2007-10-16 19:36 . 2007-10-16 19:36 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . ------- Sigcheck ------- [-] 2009-06-30 . 2406E3A5FAE743DCE81168A8CDB8573F . 247296 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll [7] 2008-01-19 . 27F10F348E508243F6254846F8370D0D . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_cd305d2a1ced96e2\shsvcs.dll [7] 2006-11-02 . B264DFA21677728613267FE63802B332 . 245248 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16386_none_caf99b2e2002860e\shsvcs.dll c:\windows\system32\drivers\ip6fw.sys ... is missing !! c:\windows\system32\msgsvc.dll ... is missing !! c:\windows\system32\drivers\acpiec.sys ... is missing !! c:\windows\system32\eventlog.dll ... is missing !! c:\windows\system32\mspmsnsv.dll ... is missing !! c:\windows\system32\xmlprov.dll ... is missing !! . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2007-08-30 205480] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2008-09-29 106496] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-05-05 3885408] "Yodm3D"="c:\program files\yod\Yodm3D.exe" [2007-06-26 2058752] "RGSC"="c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2009-04-02 306088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-02-06 454000] "Flashget"="c:\program files\FlashGet\flashget.exe" [2007-09-25 2007088] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-02 13683232] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-02 92704] "ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-03-03 959976] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696] c:\users\killer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Moniteur neufbox.lnk - c:\program files\Moniteur neufbox\Moniteur neufbox.exe [2009-2-13 589744] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3791306889-1641947110-789305838-1002] "EnableNotificationsRef"=dword:00000003 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{8AC5EA2E-CD86-4E36-9E4A-279199C81C42}"= UDP:c:\program files\Skype\Phone\Skype.exe:Skype "{100578F1-FA1E-4B77-8485-73477664AC76}"= TCP:c:\program files\Skype\Phone\Skype.exe:Skype "{4806E01A-9C77-4772-BD62-429F06693237}"= Disabled:UDP:c:\skype\Phone\Skype.exe:Skype "{9772019C-8C93-43EB-9EFA-0914C294CF87}"= Disabled:TCP:c:\skype\Phone\Skype.exe:Skype "TCP Query User{B61C213E-E72E-40B9-B7E6-02633E7E8B5D}c:\\program files\\steam\\steamapps\\killeriders\\condition zero\\hl.exe"= UDP:c:\program files\steam\steamapps\killeriders\condition zero\hl.exe:Half-Life Launcher "UDP Query User{85D2E8EA-2DEB-4B45-870B-670DC6435F35}c:\\program files\\steam\\steamapps\\killeriders\\condition zero\\hl.exe"= TCP:c:\program files\steam\steamapps\killeriders\condition zero\hl.exe:Half-Life Launcher "TCP Query User{1DBCC857-D0AA-4F72-8A48-2FDBCCB023EC}c:\\program files\\microsoft games\\flight simulator 9\\fs9.exe"= UDP:c:\program files\microsoft games\flight simulator 9\fs9.exe:Microsoft Flight Simulator "UDP Query User{857D29DD-59E2-449F-A30C-F51BEBF9EADF}c:\\program files\\microsoft games\\flight simulator 9\\fs9.exe"= TCP:c:\program files\microsoft games\flight simulator 9\fs9.exe:Microsoft Flight Simulator "TCP Query User{F636588D-7F29-47B5-8080-121F16C89432}c:\\program files\\flashget\\flashget.exe"= UDP:c:\program files\flashget\flashget.exe:FlashGet "UDP Query User{5B870C8B-4E09-400B-91EB-AEB69FA20A6A}c:\\program files\\flashget\\flashget.exe"= TCP:c:\program files\flashget\flashget.exe:FlashGet "TCP Query User{DBB43B89-3D29-4249-BA2E-98D87D5929C4}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:uTorrent "UDP Query User{59F44481-C787-406D-A782-B18CEDB1DE7E}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:uTorrent "TCP Query User{14C6BC42-182D-491C-9789-D214CBABCA55}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox "UDP Query User{0B236F6D-7609-4CEE-895E-401F47AE8A56}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox "TCP Query User{C268F105-7A11-490B-802B-009A0A5A27B2}c:\\program files\\steam\\steamapps\\killeriders\\counter-strike\\hl.exe"= UDP:c:\program files\steam\steamapps\killeriders\counter-strike\hl.exe:Half-Life Launcher "UDP Query User{1AD90AB9-F28F-4BDB-84C9-5322D394E4D3}c:\\program files\\steam\\steamapps\\killeriders\\counter-strike\\hl.exe"= TCP:c:\program files\steam\steamapps\killeriders\counter-strike\hl.exe:Half-Life Launcher "TCP Query User{B65483C8-E765-4C24-A791-9BB48FFC68B4}c:\\users\\killer\\desktop\\half life\\half-life (steam-free) (hd pack) - counter-strike 1.6 - opposing force - blue shift - team fortress classic\\hl.exe"= UDP:c:\users\killer\desktop\half life\half-life (steam-free) (hd pack) - counter-strike 1.6 - opposing force - blue shift - team fortress classic\hl.exe:hl.exe "UDP Query User{2ACA2757-CB55-4970-9822-FE3A078B245B}c:\\users\\killer\\desktop\\half life\\half-life (steam-free) (hd pack) - counter-strike 1.6 - opposing force - blue shift - team fortress classic\\hl.exe"= TCP:c:\users\killer\desktop\half life\half-life (steam-free) (hd pack) - counter-strike 1.6 - opposing force - blue shift - team fortress classic\hl.exe:hl.exe "TCP Query User{F6FA46FA-AC51-42E4-9242-609100875546}c:\\users\\killer\\desktop\\half life\\half-life (steam-free) (hd pack) - counter-strike 1.6 - opposing force - blue shift - team fortress classic\\hltv.exe"= UDP:c:\users\killer\desktop\half life\half-life (steam-free) (hd pack) - counter-strike 1.6 - opposing force - blue shift - team fortress classic\hltv.exe:hltv.exe "UDP Query User{AC8F8A3E-5FF1-4C70-BD02-88AF2609ED35}c:\\users\\killer\\desktop\\half life\\half-life (steam-free) (hd pack) - counter-strike 1.6 - opposing force - blue shift - team fortress classic\\hltv.exe"= TCP:c:\users\killer\desktop\half life\half-life (steam-free) (hd pack) - counter-strike 1.6 - opposing force - blue shift - team fortress classic\hltv.exe:hltv.exe "TCP Query User{BD95F7B8-5D2C-4C90-8873-DD27878DEA20}c:\\windows\\system32\\dpnsvr.exe"= UDP:c:\windows\system32\dpnsvr.exe:Serveur Microsoft DirectPlay 8 "UDP Query User{4B59C480-4CD3-410B-8302-719B1BEAF3CC}c:\\windows\\system32\\dpnsvr.exe"= TCP:c:\windows\system32\dpnsvr.exe:Serveur Microsoft DirectPlay 8 "TCP Query User{3EB6B3CF-B303-40B8-BB4C-BDBB58317B1F}c:\\program files\\ubisoft\\tom clancy's splinter cell chaos theory\\versus\\system\\scct_versus.ex"= UDP:c:\program files\ubisoft\tom clancy's splinter cell chaos theory\versus\system\scct_versus.ex:SCCT_Versus.ex "UDP Query User{1E93FD61-4DA7-4232-AFA7-1051E94CBAC4}c:\\program files\\ubisoft\\tom clancy's splinter cell chaos theory\\versus\\system\\scct_versus.ex"= TCP:c:\program files\ubisoft\tom clancy's splinter cell chaos theory\versus\system\scct_versus.ex:SCCT_Versus.ex "TCP Query User{8779561E-CBB8-4CE2-96F9-B3DF7FDD9044}c:\\program files\\inventel\\gateway\\rgwrepair.exe"= UDP:c:\program files\inventel\gateway\rgwrepair.exe:RGWRepair "UDP Query User{45F308D7-639C-41A1-8C53-2D17CE136565}c:\\program files\\inventel\\gateway\\rgwrepair.exe"= TCP:c:\program files\inventel\gateway\rgwrepair.exe:RGWRepair "TCP Query User{1237AFA4-369F-4E97-AE33-FDB45159F182}c:\\program files\\gamespy\\comrade\\comrade.exe"= UDP:c:\program files\gamespy\comrade\comrade.exe:Comrade "UDP Query User{A05B1A72-23B0-4D15-BB2A-BAF08AF2F015}c:\\program files\\gamespy\\comrade\\comrade.exe"= TCP:c:\program files\gamespy\comrade\comrade.exe:Comrade "TCP Query User{E93C6DAE-4DBD-48F8-8BED-567464AE9579}c:\\program files\\steam\\steamapps\\thebosslulu\\condition zero\\hl.exe"= UDP:c:\program files\steam\steamapps\thebosslulu\condition zero\hl.exe:Half-Life Launcher "UDP Query User{9C5FA17C-64B7-4FEF-ACFD-6C5D714F2CB7}c:\\program files\\steam\\steamapps\\thebosslulu\\condition zero\\hl.exe"= TCP:c:\program files\steam\steamapps\thebosslulu\condition zero\hl.exe:Half-Life Launcher "TCP Query User{4489EF0F-C32D-4E1E-96E7-D2A0FD2DC48B}c:\\program files\\steam\\steamapps\\thebosslulu\\counter-strike\\hl.exe"= UDP:c:\program files\steam\steamapps\thebosslulu\counter-strike\hl.exe:Half-Life Launcher "UDP Query User{DB0EC54F-1CDA-4D54-B3C2-169779965B96}c:\\program files\\steam\\steamapps\\thebosslulu\\counter-strike\\hl.exe"= TCP:c:\program files\steam\steamapps\thebosslulu\counter-strike\hl.exe:Half-Life Launcher "TCP Query User{D5183DCF-6631-423E-BADC-636BD2C529C8}c:\\users\\killer\\desktop\\h4ck0r1sus.exe"= UDP:c:\users\killer\desktop\h4ck0r1sus.exe:h4ck0r1sus.exe "UDP Query User{2A5AB143-B0EB-45BB-9F9E-650F5313AC12}c:\\users\\killer\\desktop\\h4ck0r1sus.exe"= TCP:c:\users\killer\desktop\h4ck0r1sus.exe:h4ck0r1sus.exe "TCP Query User{1B4EC4E4-66C4-48E2-B8FB-990267BD6C96}c:\\program files\\autodesk\\maya 8.5 personal learning edition\\bin\\maya.exe"= UDP:c:\program files\autodesk\maya 8.5 personal learning edition\bin\maya.exe:Maya "UDP Query User{3F53A95C-ADAD-49DC-B657-E9A9AF466C46}c:\\program files\\autodesk\\maya 8.5 personal learning edition\\bin\\maya.exe"= TCP:c:\program files\autodesk\maya 8.5 personal learning edition\bin\maya.exe:Maya "TCP Query User{BEF95DAA-572E-409B-B051-6FB236C45A4D}c:\\windows\\system32\\java.exe"= UDP:c:\windows\system32\java.exe:Java Platform SE binary "UDP Query User{8A23FB0C-F683-4134-BB67-BCB4297E746A}c:\\windows\\system32\\java.exe"= TCP:c:\windows\system32\java.exe:Java Platform SE binary "TCP Query User{9DECE28B-CC25-46C1-89B5-9B2CFDA5FF74}c:\\program files\\secondlife\\slvoice.exe"= UDP:c:\program files\secondlife\slvoice.exe:SLVoice "UDP Query User{4EB819BE-89B3-4B30-971D-6B2CD9C32B18}c:\\program files\\secondlife\\slvoice.exe"= TCP:c:\program files\secondlife\slvoice.exe:SLVoice "{B1748944-3EE4-4922-8F36-B1B0B0BDA5C5}"= UDP:5900:vnc "TCP Query User{A41CA44F-E34E-4BBB-8B5E-658EF04F5A73}c:\\program files\\sierra entertainment\\timeshift\\bin\\timeshift.exe"= UDP:c:\program files\sierra entertainment\timeshift\bin\timeshift.exe:TimeShift "UDP Query User{B4A13D21-847D-4F58-9920-74F7FEB0F299}c:\\program files\\sierra entertainment\\timeshift\\bin\\timeshift.exe"= TCP:c:\program files\sierra entertainment\timeshift\bin\timeshift.exe:TimeShift "TCP Query User{A604EAF4-B6AB-4AE8-A52D-1F06433E1B43}c:\\program files\\ultravnc\\winvnc.exe"= UDP:c:\program files\ultravnc\winvnc.exe:VNC server for Win32 "UDP Query User{B6FF63A0-D577-4425-A391-F9D9E45A8856}c:\\program files\\ultravnc\\winvnc.exe"= TCP:c:\program files\ultravnc\winvnc.exe:VNC server for Win32 "TCP Query User{5A2F54BE-3E13-4864-BBA6-6C71FBB0E06E}c:\\program files\\steam\\steamapps\\thebosslulu\\dedicated server\\hlds.exe"= UDP:c:\program files\steam\steamapps\thebosslulu\dedicated server\hlds.exe:HLDS Launcher "UDP Query User{4273C631-6EEE-4183-9C74-94E49E623856}c:\\program files\\steam\\steamapps\\thebosslulu\\dedicated server\\hlds.exe"= TCP:c:\program files\steam\steamapps\thebosslulu\dedicated server\hlds.exe:HLDS Launcher "TCP Query User{8BC27F39-FBD3-42E6-8AEA-E4ED2A9A4CA7}c:\\program files\\world of warcraft\\wow-1.12.0-frfr-downloader.exe"= UDP:c:\program files\world of warcraft\wow-1.12.0-frfr-downloader.exe:Blizzard Downloader "UDP Query User{274709FE-D1F9-4CB9-A170-4B2DE4835044}c:\\program files\\world of warcraft\\wow-1.12.0-frfr-downloader.exe"= TCP:c:\program files\world of warcraft\wow-1.12.0-frfr-downloader.exe:Blizzard Downloader "TCP Query User{42B069EE-DBB9-40A4-A6BC-AFC3801FF1E7}c:\\program files\\world of warcraft\\wow-1.12.x-to-2.0.1-frfr-patch-downloader.exe"= UDP:c:\program files\world of warcraft\wow-1.12.x-to-2.0.1-frfr-patch-downloader.exe:Blizzard Downloader "UDP Query User{AF730F62-2CC1-4FF2-A2E2-05B09574BF2C}c:\\program files\\world of warcraft\\wow-1.12.x-to-2.0.1-frfr-patch-downloader.exe"= TCP:c:\program files\world of warcraft\wow-1.12.x-to-2.0.1-frfr-patch-downloader.exe:Blizzard Downloader "TCP Query User{8BA7E18B-FDAA-419F-A7B4-B7F46C80AAC6}c:\\users\\killer\\desktop\\media bureau\\hack\\prorat\\proconnective.exe"= UDP:c:\users\killer\desktop\media bureau\hack\prorat\proconnective.exe:proconnective.exe "UDP Query User{FA80034D-0A0D-45CF-8924-331BA201D808}c:\\users\\killer\\desktop\\media bureau\\hack\\prorat\\proconnective.exe"= TCP:c:\users\killer\desktop\media bureau\hack\prorat\proconnective.exe:proconnective.exe "TCP Query User{0DB4C013-E896-4B4A-88BF-2AF8FC36A48D}c:\\users\\killer\\documents\\mes fichiers reçus\\wow-burningcrusade-frfr-installer-downloader\\wow-burningcrusade-frfr-installer-downloader.exe"= UDP:c:\users\killer\documents\mes fichiers reçus\wow-burningcrusade-frfr-installer-downloader\wow-burningcrusade-frfr-installer-downloader.exe:wow-burningcrusade-frfr-installer-downloader.exe "UDP Query User{A1031E36-CB49-41FD-9D2B-68291A0E8EB0}c:\\users\\killer\\documents\\mes fichiers reçus\\wow-burningcrusade-frfr-installer-downloader\\wow-burningcrusade-frfr-installer-downloader.exe"= TCP:c:\users\killer\documents\mes fichiers reçus\wow-burningcrusade-frfr-installer-downloader\wow-burningcrusade-frfr-installer-downloader.exe:wow-burningcrusade-frfr-installer-downloader.exe "{79209FD0-EBB9-442B-839C-720AD12C3AC0}"= TCP:27015:dedicaced server "{3CF96722-743F-4EE4-B528-D7C2207ED6AD}"= UDP:27015:dedicaced "{6D2F1C1B-DBBB-4721-9031-76746593CA85}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA "{238389C1-0C53-4600-A743-BE3E63607B98}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA "{DF259644-E5FC-4631-96D5-6B8DDBC32BDA}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB "{7474A9BD-A72B-4B70-ADA6-064B6980199F}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB "TCP Query User{FCC625B5-2D89-4A7F-BB43-6BAB8E4B7DB0}c:\\users\\killer\\desktop\\nobacko\\nobacko.exe"= UDP:c:\users\killer\desktop\nobacko\nobacko.exe:nobacko.exe "UDP Query User{BC66515F-3877-42CD-8775-AC508798E408}c:\\users\\killer\\desktop\\nobacko\\nobacko.exe"= TCP:c:\users\killer\desktop\nobacko\nobacko.exe:nobacko.exe "TCP Query User{D2C9DEE7-BD22-4F93-859B-24FA7AE613A5}c:\\program files\\ghostsurf 2005\\proxy.exe"= UDP:c:\program files\ghostsurf 2005\proxy.exe:GhostSurf proxy "UDP Query User{3EFAC972-7443-48F2-AABA-689EFBA6E49A}c:\\program files\\ghostsurf 2005\\proxy.exe"= TCP:c:\program files\ghostsurf 2005\proxy.exe:GhostSurf proxy "TCP Query User{56204778-8DBD-4A6A-905F-0A7704F194CB}c:\\program files\\teamspeak2_rc2\\server_windows.exe"= UDP:c:\program files\teamspeak2_rc2\server_windows.exe:Server "UDP Query User{1F8B7009-2D6E-482E-B010-ADFBC72695F5}c:\\program files\\teamspeak2_rc2\\server_windows.exe"= TCP:c:\program files\teamspeak2_rc2\server_windows.exe:Server "TCP Query User{79DB7538-2851-4569-8A1C-580AB5710A73}c:\\program files\\steam\\steamapps\\thebosslulu\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\thebosslulu\counter-strike source\hl2.exe:hl2 "UDP Query User{07CC567A-85AE-43E0-B5C1-3E54D90990D6}c:\\program files\\steam\\steamapps\\thebosslulu\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\thebosslulu\counter-strike source\hl2.exe:hl2 "TCP Query User{2CE9B131-CA32-412E-85F0-82D24B1982F4}c:\\program files\\steam\\steamapps\\thebosslulu\\condition zero deleted scenes\\hl.exe"= UDP:c:\program files\steam\steamapps\thebosslulu\condition zero deleted scenes\hl.exe:Half-Life Launcher "UDP Query User{325B0CC0-97F0-4773-B5A3-4C52348D8D1E}c:\\program files\\steam\\steamapps\\thebosslulu\\condition zero deleted scenes\\hl.exe"= TCP:c:\program files\steam\steamapps\thebosslulu\condition zero deleted scenes\hl.exe:Half-Life Launcher "TCP Query User{DDCD7A30-715E-4875-9227-D552BEBDFCF6}c:\\program files\\steam\\steamapps\\thebosslulu\\day of defeat\\hl.exe"= UDP:c:\program files\steam\steamapps\thebosslulu\day of defeat\hl.exe:Half-Life Launcher "UDP Query User{2D63CC16-9DD6-4871-865F-7167B19B68D1}c:\\program files\\steam\\steamapps\\thebosslulu\\day of defeat\\hl.exe"= TCP:c:\program files\steam\steamapps\thebosslulu\day of defeat\hl.exe:Half-Life Launcher "TCP Query User{CCE13EE0-EABA-472E-A9E2-71E12AFA5C8F}c:\\program files\\flightgear\\bin\\win32\\fgfs.exe"= UDP:c:\program files\flightgear\bin\win32\fgfs.exe:fgfs "UDP Query User{8F7978C1-ABC7-48A9-94BC-D5038493E2D9}c:\\program files\\flightgear\\bin\\win32\\fgfs.exe"= TCP:c:\program files\flightgear\bin\win32\fgfs.exe:fgfs "TCP Query User{9E818321-79B3-4F00-81D3-8AEE2781D965}c:\\program files\\steam\\steamapps\\thebosslulu\\deathmatch classic\\hl.exe"= UDP:c:\program files\steam\steamapps\thebosslulu\deathmatch classic\hl.exe:Half-Life Launcher "UDP Query User{FED6CBE3-AF7E-48C1-9F7C-DCEA98314067}c:\\program files\\steam\\steamapps\\thebosslulu\\deathmatch classic\\hl.exe"= TCP:c:\program files\steam\steamapps\thebosslulu\deathmatch classic\hl.exe:Half-Life Launcher "TCP Query User{9EE7181A-9D11-4493-8448-151299765156}c:\\program files\\steam\\steamapps\\scauis\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\scauis\counter-strike source\hl2.exe:hl2 "UDP Query User{4F98DB9C-9510-45ED-BA72-7CBD6A79D40A}c:\\program files\\steam\\steamapps\\scauis\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\scauis\counter-strike source\hl2.exe:hl2 "TCP Query User{876F301C-8D50-4778-909A-687A9B776E63}c:\\program files\\activision value\\soldier of fortune payback\\sof3.exe"= UDP:c:\program files\activision value\soldier of fortune payback\sof3.exe:sof3 "UDP Query User{4A0A70F4-5426-44FF-BDDA-E5A53C089C60}c:\\program files\\activision value\\soldier of fortune payback\\sof3.exe"= TCP:c:\program files\activision value\soldier of fortune payback\sof3.exe:sof3 "TCP Query User{A3580BD0-1144-4A55-BB0D-A8423BE60F89}c:\\program files\\steam\\steamapps\\scauis\\condition zero\\hl.exe"= UDP:c:\program files\steam\steamapps\scauis\condition zero\hl.exe:Half-Life Launcher "UDP Query User{551541FF-BA1B-41BD-8099-205CEB5CE368}c:\\program files\\steam\\steamapps\\scauis\\condition zero\\hl.exe"= TCP:c:\program files\steam\steamapps\scauis\condition zero\hl.exe:Half-Life Launcher "TCP Query User{EEC2DDB8-8D82-48FD-B33E-F2A38DAB3386}c:\\program files\\steam\\steamapps\\goltizg\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\counter-strike source\hl2.exe:hl2 "UDP Query User{E497E5B0-FE99-45B5-AA91-22093EBD37AE}c:\\program files\\steam\\steamapps\\goltizg\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\counter-strike source\hl2.exe:hl2 "TCP Query User{767EA878-39D2-4820-9756-134B14EAAC00}c:\\program files\\steam\\steamapps\\goltizg\\source dedicated server\\srcds.exe"= UDP:c:\program files\steam\steamapps\goltizg\source dedicated server\srcds.exe:srcds "UDP Query User{7CACDB5B-AC11-4827-BFA6-EBF62FB161AF}c:\\program files\\steam\\steamapps\\goltizg\\source dedicated server\\srcds.exe"= TCP:c:\program files\steam\steamapps\goltizg\source dedicated server\srcds.exe:srcds "{E65C1690-094C-4C0D-9E7F-394A63CD0FF9}"= UDP:c:\program files\WarRock\WRLauncher.exe:Launch WRLauncher.exe "{53050C2C-AB72-46CA-ABC6-1DE9958E58D2}"= TCP:c:\program files\WarRock\WRLauncher.exe:Launch WRLauncher.exe "{D7813FF8-5ED1-4C65-92DF-0ADEA41D6A51}"= UDP:c:\program files\WarRock\WRUpdater.exe:Launch WRUpdater.exe "{2402E81D-B1B2-475D-8F28-774DB2B3C844}"= TCP:c:\program files\WarRock\WRUpdater.exe:Launch WRUpdater.exe "TCP Query User{CF6C7BB9-AC01-43A2-B273-BEC8B1A3A017}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client "UDP Query User{72BA0BC9-13D6-4CE7-8ED4-6BE021543C12}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client "TCP Query User{DE6D2972-2719-4FEA-84A0-62D39FFFD368}c:\\program files\\steam\\steamapps\\goltizg\\half-life 2 deathmatch\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\half-life 2 deathmatch\hl2.exe:hl2 "UDP Query User{F723381E-9167-48D1-9C40-F6BCA4E2BC99}c:\\program files\\steam\\steamapps\\goltizg\\half-life 2 deathmatch\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\half-life 2 deathmatch\hl2.exe:hl2 "TCP Query User{83E60C1E-29EF-449F-BED2-1B697511E31C}c:\\users\\killer\\temp\\teamviewer3\\teamviewer.exe"= UDP:c:\users\killer\temp\teamviewer3\teamviewer.exe:teamviewer.exe "UDP Query User{3BD9F2D9-35E8-44DA-9620-934881B3ECC5}c:\\users\\killer\\temp\\teamviewer3\\teamviewer.exe"= TCP:c:\users\killer\temp\teamviewer3\teamviewer.exe:teamviewer.exe "{E349056E-A3E5-46CB-B072-1DE055BECE2D}"= UDP:1723:vpn "{13355037-1968-4CEE-AFE9-3E805BE65E84}"= TCP:1723:vpn "{12384E8F-0AF9-431D-9160-04E16049DB56}"= UDP:1701:vpn "{04F4BB5F-756E-41B0-A0BF-A32F6E3B8464}"= TCP:1701:vpn "TCP Query User{4A7904E2-9493-4AD4-803F-7E55006ABB68}c:\\program files\\steam\\steamapps\\goltizg\\day of defeat source\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\day of defeat source\hl2.exe:hl2 "UDP Query User{2276CF6F-4CA1-43E6-952B-7F7329BB5798}c:\\program files\\steam\\steamapps\\goltizg\\day of defeat source\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\day of defeat source\hl2.exe:hl2 "{69184ED1-0506-4E2B-B139-84C7DE0FBA10}"= Disabled:UDP:c:\program files\Empire Interactive\Strangelite\Starship Troopers\STGame.exe:Starship Troopers "{ED28DD4B-676F-429D-961C-0B06391493DA}"= Disabled:TCP:c:\program files\Empire Interactive\Strangelite\Starship Troopers\STGame.exe:Starship Troopers "TCP Query User{C52010F3-BE9D-485B-9AA6-24D411E68245}c:\\program files\\wolfenstein - enemy territory\\et.exe"= UDP:c:\program files\wolfenstein - enemy territory\et.exe:ET "UDP Query User{F1E6933C-3DF2-4256-8CA4-52569AC0BBC0}c:\\program files\\wolfenstein - enemy territory\\et.exe"= TCP:c:\program files\wolfenstein - enemy territory\et.exe:ET "TCP Query User{3D869DDC-40E6-44B1-9D6D-AA3E66BDF53A}c:\\program files\\steam\\steamapps\\goltizg\\synergy\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\synergy\hl2.exe:hl2 "UDP Query User{D0884577-00FF-4194-BA6D-2FADF8D16345}c:\\program files\\steam\\steamapps\\goltizg\\synergy\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\synergy\hl2.exe:hl2 "TCP Query User{BACF1F72-95BD-4E93-8B5D-60A44273121A}c:\\program files\\steam\\steamapps\\goltizg\\age of chivalry\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\age of chivalry\hl2.exe:hl2 "UDP Query User{C866394A-64CD-402A-920F-B979DDA8EB5C}c:\\program files\\steam\\steamapps\\goltizg\\age of chivalry\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\age of chivalry\hl2.exe:hl2 "TCP Query User{F6290353-B228-4227-9BA5-A4C0FE061C56}c:\\program files\\steam\\steamapps\\goltizg\\diprip warm up\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\diprip warm up\hl2.exe:hl2 "UDP Query User{EF5484C8-763D-4939-B3DE-C2D9470FE383}c:\\program files\\steam\\steamapps\\goltizg\\diprip warm up\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\diprip warm up\hl2.exe:hl2 "TCP Query User{93940591-5135-4A94-88CB-D50A28B475AC}c:\\program files\\steam\\steamapps\\goltizg\\zombie panic! source\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\zombie panic! source\hl2.exe:hl2 "UDP Query User{F9874AB2-9A13-4B80-AA8B-08B0684CEEFC}c:\\program files\\steam\\steamapps\\goltizg\\zombie panic! source\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\zombie panic! source\hl2.exe:hl2 "TCP Query User{78E13ABC-556B-453A-AAC5-161E3EF896F8}c:\\program files\\steam\\steamapps\\goltizg\\insurgency\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\insurgency\hl2.exe:hl2 "UDP Query User{A6A908E6-32A3-4F5D-B615-AF20CE0D8DC7}c:\\program files\\steam\\steamapps\\goltizg\\insurgency\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\insurgency\hl2.exe:hl2 "TCP Query User{221F5A3B-4363-4676-B2B8-E14DFB05492B}c:\\program files\\steam\\steamapps\\goltizg\\source sdk base\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\source sdk base\hl2.exe:hl2 "UDP Query User{8E59C87E-73F5-41BE-806F-1A21C5BBF72C}c:\\program files\\steam\\steamapps\\goltizg\\source sdk base\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\source sdk base\hl2.exe:hl2 "TCP Query User{DD99D91C-5B72-497C-B3B8-F10EDD79618D}c:\\program files\\steam\\steamapps\\goltizg\\source sdk base 2007\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\source sdk base 2007\hl2.exe:hl2 "UDP Query User{EBF8E4D6-3F39-49A0-A407-9DDB12775774}c:\\program files\\steam\\steamapps\\goltizg\\source sdk base 2007\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\source sdk base 2007\hl2.exe:hl2 "{09CF9494-A343-40B3-9915-D8423A9627B6}"= UDP:c:\program files\SecondLife\SecondLife.exe:SecondLife "{074E531D-D7F1-4268-A848-8F4BA88B51FD}"= TCP:c:\program files\SecondLife\SecondLife.exe:SecondLife "TCP Query User{2D456C4C-F71C-431A-A9DA-184D49B62FF8}c:\\program files\\free music zilla\\fmzilla.exe"= UDP:c:\program files\free music zilla\fmzilla.exe:FMZilla Module "UDP Query User{480FE489-76A5-4F8A-A410-313C11F396EE}c:\\program files\\free music zilla\\fmzilla.exe"= TCP:c:\program files\free music zilla\fmzilla.exe:FMZilla Module "TCP Query User{E8D988C5-FBD4-43B0-AEED-483F732E67AD}c:\\program files\\tmnationsforever\\tmforever.exe"= UDP:c:\program files\tmnationsforever\tmforever.exe:TmForever "UDP Query User{21A21C9C-DEED-4E30-8364-70A2E58CEC2C}c:\\program files\\tmnationsforever\\tmforever.exe"= TCP:c:\program files\tmnationsforever\tmforever.exe:TmForever "TCP Query User{A2A73605-82AA-4C48-9581-8C845233E913}c:\\program files\\tmunitedforever\\tmforever.exe"= UDP:c:\program files\tmunitedforever\tmforever.exe:TmForever "UDP Query User{3539C70E-03D8-4F74-AA33-06A5985B7600}c:\\program files\\tmunitedforever\\tmforever.exe"= TCP:c:\program files\tmunitedforever\tmforever.exe:TmForever "TCP Query User{178B5B7B-4E91-48AF-8884-9F64E5B12F28}c:\\program files\\hand-crafted software\\freeproxy\\freeproxy.exe"= UDP:c:\program files\hand-crafted software\freeproxy\freeproxy.exe:FreeProxy "UDP Query User{110566F0-87EF-4767-B37A-B5195F7A56B9}c:\\program files\\hand-crafted software\\freeproxy\\freeproxy.exe"= TCP:c:\program files\hand-crafted software\freeproxy\freeproxy.exe:FreeProxy "TCP Query User{CE9D8B55-55F2-4BDA-AA28-671DA690A293}c:\\downloads\\dead.space. [pc.dvd].[gamestorrents.com]\\deadspace-clone\\dead.space.crack-darkc0der\\dead space.exe"= UDP:c:\downloads\dead.space. [pc.dvd].[gamestorrents.com]\deadspace-clone\dead.space.crack-darkc0der\dead space.exe:Dead Space ™ "UDP Query User{1D5CE7CE-FBE1-4FFD-86C7-1831136D0E04}c:\\downloads\\dead.space. [pc.dvd].[gamestorrents.com]\\deadspace-clone\\dead.space.crack-darkc0der\\dead space.exe"= TCP:c:\downloads\dead.space. [pc.dvd].[gamestorrents.com]\deadspace-clone\dead.space.crack-darkc0der\dead space.exe:Dead Space ™ "TCP Query User{DC54AA86-C372-4D53-8C48-D8237ED63540}c:\\program files\\electronic arts\\dead space\\dead space.exe"= UDP:c:\program files\electronic arts\dead space\dead space.exe:Dead Space ™ "UDP Query User{CD998B69-720B-4687-BA1F-C740C40ADC09}c:\\program files\\electronic arts\\dead space\\dead space.exe"= TCP:c:\program files\electronic arts\dead space\dead space.exe:Dead Space ™ "TCP Query User{7C7EEA62-6D21-4100-B7ED-A50FEC2A538D}x:\\program files\\empire interactive\\flatout2\\flatout2.exe"= UDP:x:\program files\empire interactive\flatout2\flatout2.exe:flatout2.exe "UDP Query User{AEDD91AE-BA99-493B-8CFB-BD344A00C359}x:\\program files\\empire interactive\\flatout2\\flatout2.exe"= TCP:x:\program files\empire interactive\flatout2\flatout2.exe:flatout2.exe "TCP Query User{19752DEE-3728-4B27-97A6-6120660FDC1F}c:\\program files\\unreal tournament 3\\binaries\\ut3.exe"= UDP:c:\program files\unreal tournament 3\binaries\ut3.exe:UT3 "UDP Query User{7207EF20-C687-4FEF-B4C2-7F7079165C88}c:\\program files\\unreal tournament 3\\binaries\\ut3.exe"= TCP:c:\program files\unreal tournament 3\binaries\ut3.exe:UT3 "TCP Query User{0750461A-92A8-47C5-823B-A98492CDB974}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule "UDP Query User{32C264FC-4D1C-48C4-90C8-EFAB237CBC7D}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule "TCP Query User{5433DB0D-1F3C-45D9-A9B6-7EBFC84034A7}x:\\program files\\codemasters\\overlord\\overlord.exe"= UDP:x:\program files\codemasters\overlord\overlord.exe:overlord.exe "UDP Query User{C4C70453-B9F3-4CFC-88E3-3FE6AD7C30E0}x:\\program files\\codemasters\\overlord\\overlord.exe"= TCP:x:\program files\codemasters\overlord\overlord.exe:overlord.exe "{06D62CD7-131C-4F83-A0FD-B07A22E975B8}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp "{A40A913D-BABC-4445-831D-035B85905105}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp "{7F74A43A-4DB1-495C-8B9C-00D2B98A1EE6}"= UDP:c:\program files\ma-config.com\maconfservice.exe:maconfservice "{FC7FA904-4DD4-46FB-B4B1-36874BE81D0F}"= TCP:c:\program files\ma-config.com\maconfservice.exe:maconfservice "TCP Query User{18EC1943-C429-49B4-B4CF-6194C9251819}c:\\program files\\atari\\test drive unlimited\\testdriveunlimited.exe"= UDP:c:\program files\atari\test drive unlimited\testdriveunlimited.exe:Test Drive Unlimited "UDP Query User{9A4AA16F-DD40-4398-BC34-84C8D71BF21E}c:\\program files\\atari\\test drive unlimited\\testdriveunlimited.exe"= TCP:c:\program files\atari\test drive unlimited\testdriveunlimited.exe:Test Drive Unlimited "TCP Query User{734F412F-C684-41E7-B84A-2D90AFE0C698}x:\\bos\\bos.exe"= UDP:x:\bos\bos.exe:bos.exe "UDP Query User{A5A06849-8155-43DE-8290-12AF3DBA6ACB}x:\\bos\\bos.exe"= TCP:x:\bos\bos.exe:bos.exe "TCP Query User{9DCCCB44-D92E-4DA3-AD6B-EE20816D862E}c:\\program files\\electronic arts\\eadm\\core.exe"= UDP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager "UDP Query User{AFCA7027-844D-466A-B103-FCB225553978}c:\\program files\\electronic arts\\eadm\\core.exe"= TCP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager "TCP Query User{3A39799B-FE81-4E6F-9C8A-F7B8BF75C1CA}c:\\users\\killer\\temp\\teamviewer\\version4\\teamviewer.exe"= UDP:c:\users\killer\temp\teamviewer\version4\teamviewer.exe:teamviewer.exe "UDP Query User{3C0DA3D3-51FC-499C-AE55-BDB04E2E81A1}c:\\users\\killer\\temp\\teamviewer\\version4\\teamviewer.exe"= TCP:c:\users\killer\temp\teamviewer\version4\teamviewer.exe:teamviewer.exe "{7BA2B58C-E485-41F5-A0BD-1A209385D771}"= UDP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player "{3B9E9C16-1834-4DE3-8C4A-B5D8246A4F91}"= TCP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player "TCP Query User{15BCD6DD-BB7A-40B1-855A-4969EA8D03F8}c:\\program files\\orbitdownloader\\orbitnet.exe"= UDP:c:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader "UDP Query User{5A1AB004-938F-4001-8E0D-5DE53AF10AE5}c:\\program files\\orbitdownloader\\orbitnet.exe"= TCP:c:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader "TCP Query User{9646F915-67D2-45C3-88D7-BDC85CC95F08}x:\\program files\\atari\\boiling point\\xenus.exe"= UDP:x:\program files\atari\boiling point\xenus.exe:xenus.exe "UDP Query User{A03812AD-DD4C-4386-BAB8-24767E138711}x:\\program files\\atari\\boiling point\\xenus.exe"= TCP:x:\program files\atari\boiling point\xenus.exe:xenus.exe "TCP Query User{31E4CF4E-7111-456D-B97E-034D5FF113C3}c:\\program files\\maxon\\net render r11\\net render client.exe"= UDP:c:\program files\maxon\net render r11\net render client.exe:CINEMA 4D ® "UDP Query User{65C5CC9A-59E9-48E3-9E6E-CC2FCC5A6653}c:\\program files\\maxon\\net render r11\\net render client.exe"= TCP:c:\program files\maxon\net render r11\net render client.exe:CINEMA 4D ® "TCP Query User{9D6D60DD-144F-4C4C-BD15-1716BF4C8A08}c:\\users\\killer\\desktop\\hack\\hack\\4_floodteamspeak\\spamer.exe"= UDP:c:\users\killer\desktop\hack\hack\4_floodteamspeak\spamer.exe:spamer.exe "UDP Query User{903DB654-305B-4109-8624-79089C0747FB}c:\\users\\killer\\desktop\\hack\\hack\\4_floodteamspeak\\spamer.exe"= TCP:c:\users\killer\desktop\hack\hack\4_floodteamspeak\spamer.exe:spamer.exe "{174D2FD6-93E7-46AE-9865-128A55876191}"= UDP:c:\program files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:Tom Clancy's H.A.W.X "{ED123516-4F7D-423A-A95E-6A0A5C3D7CF6}"= TCP:c:\program files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:Tom Clancy's H.A.W.X "{785BCCC2-B4F1-4F5D-A0C6-BAA0D7E7C1E3}"= UDP:c:\program files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe:Tom Clancy's H.A.W.X "{01252791-6550-4069-B9F4-89F8A049DDBC}"= TCP:c:\program files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe:Tom Clancy's H.A.W.X "{BCCC47D1-7C98-4CE5-A46A-2E594D8E5267}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync "TCP Query User{4C686345-7D72-405C-AE43-E38F9A83E080}x:\\program files\\touchstone\\turok\\binaries\\turokgame.exe"= UDP:x:\program files\touchstone\turok\binaries\turokgame.exe:turokgame.exe "UDP Query User{286295CE-4EEB-419A-9703-4B5F7CEE12E0}x:\\program files\\touchstone\\turok\\binaries\\turokgame.exe"= TCP:x:\program files\touchstone\turok\binaries\turokgame.exe:turokgame.exe "TCP Query User{185BC2AF-A23E-4919-A1E5-016698444DE4}c:\\program files\\steam\\steamapps\\goltizg\\dystopia\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\dystopia\hl2.exe:hl2 "UDP Query User{A0AD447C-4610-4C58-B3B6-F8DFA511CC16}c:\\program files\\steam\\steamapps\\goltizg\\dystopia\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\dystopia\hl2.exe:hl2 "{4498F6F6-A0AD-4CC8-916B-2493E9222F15}"= UDP:c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:Rockstar Games Social Club "{50A408D2-B4E9-4E5F-8BC7-BCE69CC5210F}"= TCP:c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:Rockstar Games Social Club "TCP Query User{2395E823-B988-4034-8655-4F18524715F8}c:\\aeriagames\\12sky\\twelvesky.exe"= UDP:c:\aeriagames\12sky\twelvesky.exe:TwelveSky "UDP Query User{5716F99F-1A5A-47EA-B55F-F30E14122586}c:\\aeriagames\\12sky\\twelvesky.exe"= TCP:c:\aeriagames\12sky\twelvesky.exe:TwelveSky "{DBE98471-46BE-4B46-9D52-C716DD91B505}"= UDP:c:\gamigo\LastChaosFra\LC.exe:LastChaos "{56FC817A-0638-4037-B8AF-6CC6F6BD0E44}"= TCP:c:\gamigo\LastChaosFra\LC.exe:LastChaos "TCP Query User{052B0820-D556-4744-BF1D-D7502EA70407}c:\\program files\\steam\\steamapps\\goltizg\\eternal-silence\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\eternal-silence\hl2.exe:hl2 "UDP Query User{977F3062-A874-4A0D-A64E-DE1F9D99E7F4}c:\\program files\\steam\\steamapps\\goltizg\\eternal-silence\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\eternal-silence\hl2.exe:hl2 "{1E7BF51F-1440-4C4C-B81F-6770296C0F73}"= UDP:c:\program files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:Grand Theft Auto IV "{E29923E7-E872-4238-8F58-E10D71C7D029}"= TCP:c:\program files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:Grand Theft Auto IV "{3FB78B5D-5F74-4503-9B60-D915CB6A471C}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In) "{705C95F6-1F43-43C3-9724-FEDB2D492D38}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [01/05/2009 12:16 108289] R2 eID CRL Service;eID CRL Service;c:\windows\System32\beidservicecrl.exe [20/06/2006 13:38 225280] R2 eID Privacy Service;eID Privacy Service;c:\windows\System32\beidservicepcsc.exe [21/06/2006 09:47 331776] R2 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [11/01/2009 11:22 55264] R2 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 19:08 533360] R2 NPF;NetGroup Packet Filter Driver;c:\windows\System32\drivers\npf.sys [06/11/2007 22:22 34064] R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [12/02/2008 18:29 1153368] R2 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [28/01/2009 09:39 185640] R2 Viewpoint Service;Viewpoint Service;c:\program files\Viewpoint\Common\ViewpointService.exe [12/10/2008 21:53 30152] R3 PAC207;SoC PC-Camera;c:\windows\System32\drivers\PFC027.SYS [05/12/2006 12:34 507136] S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [19/12/2008 17:54 195752] S3 mamotou;mamotou;c:\windows\System32\drivers\mamotou.sys [27/01/2008 16:50 49399] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?] S3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\System32\drivers\PCAMp50.sys [10/05/2009 20:17 28224] S3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;c:\windows\System32\drivers\sis163u.sys [20/06/2005 09:12 215040] S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\System32\drivers\teamviewervpn.sys [07/01/2008 10:37 25088] S4 FLMCKUSB;AuthenTec TruePrint USB Driver (AES3400, AES3500, AES4000);c:\windows\System32\drivers\FLMckUSB.sys [16/10/2007 21:29 69810] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Contents of the 'Scheduled Tasks' folder 2009-09-08 c:\windows\Tasks\Extension de garantie.job - c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2007-10-16 16:38] 2009-09-08 c:\windows\Tasks\Recovery DVD Creator.job - c:\program files\Packard Bell\SetupMyPc\MCDCheck.exe [2007-10-16 16:34] . - - - - ORPHANS REMOVED - - - - Notify-WB - (no file) . ------- Supplementary Scan ------- . uStart Page = hxxp://search.orbitdownloader.com mStart Page = hxxp://ads.eorezo.com/cgi-bin/advert/getads.cgi?x_dp_id=18&x_format=redirect IE: &Tout télécharger avec FlashGet - c:\program files\FlashGet\jc_all.htm IE: &Télécharger avec FlashGet - c:\program files\FlashGet\jc_link.htm IE: Link to &MidpX - c:\program files\Kwyshell\MidpX\JadInvoker\Extent\jad_wrap.htm IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\killer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk FF - ProfilePath - c:\users\killer\AppData\Roaming\Mozilla\Firefox\Profiles\fkru03hg.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Wikipédia (fr) FF - prefs.js: browser.startup.homepage - hxxp://fr.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official FF - prefs.js: keyword.URL - hxxp://search.freecause.com/search?fr=freecause&ourmark=3&type=59831&ei=utf-8&yahoo_domain=search.yahoo.com&p= FF - component: c:\users\killer\AppData\Roaming\Mozilla\Firefox\Profiles\fkru03hg.default\extensions\piclens@cooliris.com\components\coolirisstub.dll FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-09-08 14:04 Windows 6.0.6001 Service Pack 1 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-3791306889-1641947110-789305838-1002\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7F6AD234-A64A-D8FB-9111-B9B8B7DFD0B2}*] "iajfjhmklemadnoheg"=hex:63,61,61,66,70,65,00,67 "hafgeggikcfmjlih"=hex:67,61,6d,6a,61,66,6d,61,63,6c,69,67,6a,6d,00,00 [HKEY_USERS\S-1-5-21-3791306889-1641947110-789305838-1002\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] @Allowed: (Read) (RestrictedCode) "??"=hex:78,a6,24,c4,64,22,46,76,72,7d,4f,ae,89,0b,67,10,a7,38,80,82,a2,1c,66, f4,8e,48,38,f0,b0,5e,7e,3b,26,f4,ef,e0,c7,d3,ba,93,7e,18,4b,36,55,b8,ac,ff,\ "??"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb [HKEY_USERS\S-1-5-21-3791306889-1641947110-789305838-1002\Software\SecuROM\License information*] @Allowed: (Read) (RestrictedCode) "datasecu"=hex:bd,93,c0,90,95,26,63,0d,48,ea,f7,68,3a,77,b6,88,af,12,71,9c,38, 59,8f,ae,6f,de,fb,bc,e1,67,a1,1d,f6,65,a5,70,54,e7,e3,01,00,7e,bb,30,f2,b5,\ "rkeysecu"=hex:f9,7d,9f,5d,26,72,89,85,3d,be,2f,36,83,23,98,69 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{21b52f18-0848-463f-9368-84968c2a61e3}] @DACL=(02 0000) "Dhcpv6Iaid"=dword:1700ff21 "Dhcpv6State"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{41b65253-3201-42e3-9621-ac9c7f1ed70d}] @DACL=(02 0000) "Dhcpv6Iaid"=dword:1200032f "Dhcpv6State"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{449451bd-1d85-45b3-88b9-632bb8ea36d0}] @DACL=(02 0000) "Dhcpv6Iaid"=dword:1500032f "Dhcpv6State"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{836f9589-7ecb-4f16-bbc2-f47f5a3e5eae}] @DACL=(02 0000) "Dhcpv6Iaid"=dword:0d020054 "Dhcpv6State"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{941f5e83-3d4a-48f9-ad45-a1e41619a5e8}] @DACL=(02 0000) "Dhcpv6Iaid"=dword:0c001c25 "Dhcpv6State"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{9c642153-bfe0-4511-a0b6-e778ddd5ea9e}] @DACL=(02 0000) "Dhcpv6Iaid"=dword:07001422 "Dhcpv6State"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{ae8b5f80-f531-41b4-bb40-8007528fd4a0}] @DACL=(02 0000) "Dhcpv6Iaid"=dword:1a00032f "Dhcpv6State"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{ccfa2a73-61cb-4ca0-915d-ddaf98abfb43}] @DACL=(02 0000) "Dhcpv6Iaid"=dword:1600032f "Dhcpv6State"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{e2d054f6-6401-4fa2-ba19-39b453a74c83}] @DACL=(02 0000) "Dhcpv6Iaid"=dword:1400032f "Dhcpv6State"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{f50c0996-5b4a-4c6a-a322-6e991d4caa0e}] @DACL=(02 0000) "Dhcpv6Iaid"=dword:06001422 "Dhcpv6State"=dword:00000000 . Completion time: 2009-09-08 14:28 ComboFix-quarantined-files.txt 2009-09-08 12:28 Pre-Run: 171 208 007 680 octets libres Post-Run: 171 081 703 424 octets libres 482 --- E O F --- 2009-09-08 09:03