maluko13

1- Pour le P2P, je reste dans la légalité mais j'ai 2 ados qui squattent ce Pc . 2- Les DNS : 198.168.1.1 c'est le DHCP de la neufbox et 80.118.196.36 c'est le serveur DNS le plus rapide. 3- C:\Windows\System32\%APPDATA% ? et C:\%APPDATA% contiennent tous les 2 'C:\%APPDATA%\Microsoft\Windows\IETldCache\index.dat contenant 'Client UrlCache MMF Ver 5.2 @ €. Combofix : c'est assez vieux > 4 mois 4- Rapport C\_OTL\MovedFiles : All processes killed ========== OTL ========== Service UPS stopped successfully! Service UPS deleted successfully! Service NMIndexingService stopped successfully! Service NMIndexingService deleted successfully! Service CiSvc stopped successfully! Service CiSvc deleted successfully! Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. ADS C:\ProgramData\Temp:A9662AE0 deleted successfully. ========== FILES ========== File\Folder C:\Windows\system32\drivers\akg3zvun.sys not found. ========== SERVICES/DRIVERS ========== Error: No service named akg3zvun was found to stop! Service\Driver key akg3zvun not found. Service owfzkqyg stopped successfully! Service owfzkqyg deleted successfully! ========== REGISTRY ========== ========== COMMANDS ========== [EMPTYTEMP] User: Admin ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 294871 bytes ->Flash cache emptied: 42054 bytes User: All Users User: Annie ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 294871 bytes ->Java cache emptied: 30664826 bytes ->Flash cache emptied: 1745 bytes User: Benjamin ->Temp folder emptied: 348867 bytes ->Temporary Internet Files folder emptied: 1234435594 bytes ->Java cache emptied: 45956457 bytes ->Google Chrome cache emptied: 18152539 bytes ->Flash cache emptied: 58115 bytes User: BUBULE ->Temp folder emptied: 153419 bytes ->Temporary Internet Files folder emptied: 57153884 bytes ->Java cache emptied: 1345823 bytes ->FireFox cache emptied: 61043386 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 46598 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->Flash cache emptied: 41620 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Marc ->Temp folder emptied: 13685041 bytes ->Temporary Internet Files folder emptied: 61207299 bytes ->Java cache emptied: 26056878 bytes ->FireFox cache emptied: 66335701 bytes ->Flash cache emptied: 56011 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 109440 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 106614461 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 42168268 bytes Total Files Cleaned = 1 684,00 mb [EMPTYFLASH] User: Admin ->Flash cache emptied: 0 bytes User: All Users User: Annie ->Flash cache emptied: 0 bytes User: Benjamin ->Flash cache emptied: 0 bytes User: BUBULE ->Flash cache emptied: 0 bytes User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: Marc ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.6.1 log created on 06222010_193737 Files\Folders moved on Reboot... C:\Users\Marc\AppData\Local\Temp\Low\Google Toolbar\GoogleToolbarWelcome.log moved successfully. File\Folder C:\Users\Marc\AppData\Local\Temp\~DF4CAC.tmp not found! File\Folder C:\Users\Marc\AppData\Local\Temp\~DF4CBC.tmp not found! File\Folder C:\Users\Marc\AppData\Local\Temp\~DF4D48.tmp not found! File\Folder C:\Users\Marc\AppData\Local\Temp\~DF4D58.tmp not found! File\Folder C:\Users\Marc\AppData\Local\Temp\~DF4D9A.tmp not found! File\Folder C:\Users\Marc\AppData\Local\Temp\~DF4DAC.tmp not found! C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QVDPCZ3X\01[1].htm moved successfully. C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QVDPCZ3X\v=4;m=3;l=6699;c=88902;b=903089;ts=20100622183353;p=ui=Fsa322v8rIpqwD;tr=WeG8lq6mFVE;tm=0-0[1].htm moved successfully. C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KIWN31VM\imgCAYMGM3G.htm moved successfully. C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KIWN31VM\rectangle_300x250[1].htm moved successfully. C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DYBJ94TD\imgCAE9WOJX.htm moved successfully. C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DYBJ94TD\povh[1].htm moved successfully. C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0L7XB8KU\ads[7].htm moved successfully. C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0L7XB8KU\afr[1].htm moved successfully. C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0L7XB8KU\afr[2].htm moved successfully. C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0L7XB8KU\ban_home_728x90[1].htm moved successfully. C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0L7XB8KU\quel-virus-t177561[1].html moved successfully. C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully. File move failed. C:\Windows\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot. Registry entries deleted on Reboot... Merci de ton coup de main? Marc

la suite: OTL logfile created on: 21/06/2010 18:48:01 - Run 1 OTL by OldTimer - Version 3.2.6.1 Folder = C:\Windows\system32\config\systemprofile\Desktop Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18904) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 62,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): c:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 46,19 Gb Total Space | 9,50 Gb Free Space | 20,57% Space Free | Partition Type: NTFS Drive D: | 39,08 Gb Total Space | 26,45 Gb Free Space | 67,67% Space Free | Partition Type: NTFS Drive E: | 63,77 Gb Total Space | 24,76 Gb Free Space | 38,82% Space Free | Partition Type: NTFS F: Drive not present or media not loaded Drive G: | 99,36 Gb Total Space | 70,98 Gb Free Space | 71,43% Space Free | Partition Type: NTFS Drive H: | 99,36 Gb Total Space | 99,07 Gb Free Space | 99,70% Space Free | Partition Type: NTFS Drive I: | 99,36 Gb Total Space | 19,61 Gb Free Space | 19,74% Space Free | Partition Type: NTFS Drive J: | 76,34 Gb Total Space | 39,48 Gb Free Space | 51,71% Space Free | Partition Type: NTFS Drive K: | 76,32 Gb Total Space | 11,85 Gb Free Space | 15,52% Space Free | Partition Type: NTFS Drive L: | 465,75 Gb Total Space | 58,81 Gb Free Space | 12,63% Space Free | Partition Type: NTFS Computer Name: PC-DE-MARC Current User Name: Marc Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010/06/21 18:46:42 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Windows\System32\config\systemprofile\Desktop\OTL.exe PRC - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2010/04/29 15:39:32 | 000,437,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2009/10/14 14:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe PRC - [2009/10/14 14:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe PRC - [2009/10/07 02:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe PRC - [2009/07/21 13:33:58 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2009/05/13 15:47:40 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2009/04/16 09:41:18 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/04/07 09:39:44 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe PRC - [2009/03/30 17:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2009/03/30 17:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2009/03/02 12:08:11 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe PRC - [2006/11/02 11:45:59 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe PRC - [2005/03/09 21:50:18 | 000,018,944 | ---- | M] (libusb-Win32) -- C:\Windows\System32\libusbd-nt.exe ========== Modules (SafeList) ========== MOD - [2010/06/21 18:46:42 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Windows\System32\config\systemprofile\Desktop\OTL.exe MOD - [2009/04/11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll MOD - [2008/01/19 09:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx ========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- -- (UPS) SRV - File not found [On_Demand | Stopped] -- -- (NMIndexingService) SRV - File not found [On_Demand | Stopped] -- -- (CiSvc) SRV - [2010/06/01 19:33:24 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2010/05/07 18:05:00 | 001,051,976 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2010/05/07 18:01:44 | 000,030,024 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp) SRV - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2010/04/10 17:05:58 | 000,266,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc) SRV - [2009/10/07 02:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2009/07/21 13:33:58 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009/05/13 15:47:40 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2009/04/07 09:39:44 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2009/03/30 17:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) SRV - [2008/04/07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2008/01/19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008/01/19 09:36:49 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2008/01/19 09:36:15 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2005/03/09 21:50:18 | 000,018,944 | ---- | M] (libusb-Win32) [Auto | Running] -- C:\Windows\System32\libusbd-nt.exe -- (libusbd) ========== Driver Services (SafeList) ========== DRV - [2010/06/07 14:38:40 | 000,111,312 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt) DRV - [2010/06/07 14:38:40 | 000,100,496 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV - [2010/05/09 15:56:25 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2010/02/15 14:19:57 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri) DRV - [2009/11/25 11:19:02 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009/10/25 06:11:34 | 000,077,312 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\MBR.exe -- (mbr) DRV - [2009/10/14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2009/10/07 02:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2009/05/11 09:11:52 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009/05/01 00:01:36 | 000,265,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS) DRV - [2009/04/30 23:55:58 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI) DRV - [2009/04/30 23:55:34 | 000,013,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lv302af.sys -- (pepifilter) DRV - [2009/04/11 06:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM) DRV - [2009/04/11 06:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB) DRV - [2009/04/07 09:39:44 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2009/03/30 09:32:47 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2009/02/13 11:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2008/12/02 00:14:32 | 004,179,968 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008/09/12 18:58:32 | 000,028,672 | ---- | M] (libusb-Win32) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0) DRV - [2008/09/12 18:58:30 | 000,003,328 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pspdisp.sys -- (pspdisp) DRV - [2007/12/06 10:51:00 | 000,298,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh) DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2007/07/03 16:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2007/07/03 16:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2007/07/03 16:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM) DRV - [2006/12/24 06:15:18 | 000,027,904 | ---- | M] (Compuware Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\xPADFL02.sys -- (XPADFL02) DRV - [2006/11/02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2006/11/02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2006/11/02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2006/11/02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2006/11/02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2006/11/02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2006/11/02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2006/11/02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2006/11/02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2006/11/02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2006/11/02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2006/11/02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2006/11/02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2006/11/02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2) DRV - [2006/11/02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2006/11/02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2006/11/02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2006/11/02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2006/11/02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2006/11/02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2006/11/02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2006/11/02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2006/11/02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006/11/02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel® DRV - [2004/09/17 15:56:10 | 000,381,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WlanUIG.sys -- (NBXG7031) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2895517941-1792322226-2511147505-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = SFR : Téléphone portable, mobile, forfaits portables, ADSL IE - HKU\S-1-5-21-2895517941-1792322226-2511147505-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-2895517941-1792322226-2511147505-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "SFR : Téléphone portable, mobile, forfaits portables, ADSL" FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/13 16:18:32 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/13 16:18:31 | 000,000,000 | ---D | M] [2010/06/13 16:18:48 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\mozilla\Extensions [2010/02/10 13:37:00 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org [2010/06/14 19:54:26 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\mozilla\Firefox\Profiles\6b1lgpvg.default\extensions [2010/06/14 19:54:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Marc\AppData\Roaming\mozilla\Firefox\Profiles\6b1lgpvg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/06/13 16:18:31 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010/04/01 19:07:29 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml [2010/04/01 19:07:29 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/04/01 19:07:29 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml [2010/04/01 19:07:29 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2010/04/01 19:07:29 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2010/06/20 16:11:24 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll (SFR) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-2895517941-1792322226-2511147505-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2895517941-1792322226-2511147505-1000..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2895517941-1792322226-2511147505-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2895517941-1792322226-2511147505-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0 O7 - HKU\S-1-5-21-2895517941-1792322226-2511147505-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll (Google Inc.) O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6017/mcfscan.cab (McFreeScan Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKU\.DEFAULT\...exe [@ = secfile] -- Reg Error: Key error. File not found O37 - HKU\S-1-5-18\...exe [@ = secfile] -- Reg Error: Key error. File not found ========== Files/Folders - Created Within 30 Days ========== [2010/06/21 12:56:37 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA% [2010/06/20 20:09:16 | 000,000,000 | --SD | C] -- C:\Lychen [2010/06/20 20:08:48 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe [2010/06/20 19:49:05 | 000,000,000 | ---D | C] -- C:\Qoobox [2010/06/20 19:14:42 | 000,000,000 | ---D | C] -- C:\Users\Marc\Desktop\ANTIVIR [2010/06/20 16:16:15 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2010/06/20 15:48:34 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Local\temp [2010/06/20 15:48:33 | 000,000,000 | ---D | C] -- C:\Windows\temp [2010/06/20 15:17:44 | 000,000,000 | ---D | C] -- C:\%APPDATA% [2010/06/19 19:17:15 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center [2010/06/19 16:18:21 | 000,000,000 | ---D | C] -- C:\Windows\McAfee.com [2010/06/18 19:45:13 | 007,283,496 | ---- | C] (Microsoft Corporation) -- C:\Users\Marc\Desktop\microsoft-security-essentials-mse_microsoft_se_1.0.1961.0_vista_7_32_bits_francais_291762.exe [2010/06/17 15:04:12 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Lightrock Entertainment [2010/06/16 14:45:12 | 000,000,000 | R--D | C] -- C:\Windows\System32\config\systemprofile\Videos [2010/06/16 14:45:12 | 000,000,000 | R--D | C] -- C:\Windows\System32\config\systemprofile\Saved Games [2010/06/16 14:45:12 | 000,000,000 | R--D | C] -- C:\Windows\System32\config\systemprofile\Pictures [2010/06/16 14:45:12 | 000,000,000 | R--D | C] -- C:\Windows\System32\config\systemprofile\Links [2010/06/16 14:45:12 | 000,000,000 | R--D | C] -- C:\Windows\System32\config\systemprofile\Downloads [2010/06/16 14:45:12 | 000,000,000 | R--D | C] -- C:\Windows\System32\config\systemprofile\Documents [2010/06/16 14:45:12 | 000,000,000 | R--D | C] -- C:\Windows\System32\config\systemprofile\Desktop [2010/06/16 14:45:12 | 000,000,000 | -HSD | C] -- C:\Windows\System32\config\systemprofile\Voisinage réseau [2010/06/16 14:45:12 | 000,000,000 | -HSD | C] -- C:\Windows\System32\config\systemprofile\Voisinage d'impression [2010/06/16 14:45:12 | 000,000,000 | -HSD | C] -- C:\Windows\System32\config\systemprofile\SendTo [2010/06/16 14:45:12 | 000,000,000 | -HSD | C] -- C:\Windows\System32\config\systemprofile\Recent [2010/06/16 14:45:12 | 000,000,000 | -HSD | C] -- C:\Windows\System32\config\systemprofile\Modèles [2010/06/16 14:45:12 | 000,000,000 | -HSD | C] -- C:\Windows\System32\config\systemprofile\Mes documents [2010/06/16 14:45:12 | 000,000,000 | -HSD | C] -- C:\Windows\System32\config\systemprofile\Menu Démarrer [2010/06/16 14:45:12 | 000,000,000 | -HSD | C] -- C:\Windows\System32\config\systemprofile\Local Settings [2010/06/16 14:45:12 | 000,000,000 | -HSD | C] -- C:\Windows\System32\config\systemprofile\Application Data [2010/06/16 14:45:11 | 000,000,000 | R--D | C] -- C:\Windows\System32\config\systemprofile\Searches [2010/06/15 14:29:33 | 000,000,000 | ---D | C] -- C:\Program Files\Gamigo Games [2010/06/15 13:27:51 | 000,000,000 | ---D | C] -- C:\Program Files\Neffy [2010/06/13 16:18:38 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Local\Mozilla [2010/06/13 16:18:30 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2010/06/08 20:01:48 | 000,142,928 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxDrv.sys [2010/06/08 20:01:33 | 000,041,744 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxUSBMon.sys [2010/06/07 14:38:40 | 000,111,312 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxNetFlt.sys [2010/06/07 14:38:40 | 000,100,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxNetAdp.sys [2010/06/07 14:38:38 | 000,133,648 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\VBoxNetFltNotify.dll [2010/06/06 19:10:56 | 000,000,000 | ---D | C] -- C:\rsit [2010/06/06 19:02:28 | 000,669,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet (2).dll [2010/06/06 18:56:28 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSOCK32 (2).dll [2010/06/05 11:26:04 | 000,000,000 | ---D | C] -- C:\Program Files\Sweet Home 3D [2010/06/04 14:48:12 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Local\FixItCenter [2010/06/04 14:44:31 | 000,000,000 | ---D | C] -- C:\Windows\MATS [2010/06/04 14:44:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center [2010/06/01 19:33:24 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll [2010/06/01 19:33:24 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll [2010/05/31 19:46:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\catroot2 [2010/05/28 20:22:54 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2010/05/28 19:28:18 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\initpki.dll [2010/05/28 18:38:25 | 000,000,000 | ---D | C] -- C:\Marc [2010/05/24 17:01:36 | 000,000,000 | ---D | C] -- C:\Users\Marc\Documents\Nero Home [2010/05/24 17:00:51 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Local\Ahead [2010/05/24 16:59:05 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Roaming\Ahead [2010/05/24 16:58:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Ahead [2010/05/24 16:55:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead ========== Files - Modified Within 30 Days ========== [2010/06/21 18:50:00 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{2688C223-C27B-4382-B0D3-55A9B3351058}.job [2010/06/21 18:30:00 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2895517941-1792322226-2511147505-1009UA.job [2010/06/21 18:02:00 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2895517941-1792322226-2511147505-1001UA.job [2010/06/21 18:02:00 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2895517941-1792322226-2511147505-1001Core.job [2010/06/21 17:27:30 | 000,005,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/06/21 17:27:30 | 000,005,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/06/21 13:31:44 | 001,499,290 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010/06/21 13:31:44 | 000,679,180 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2010/06/21 13:31:44 | 000,595,748 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/06/21 13:31:44 | 000,128,212 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2010/06/21 13:31:44 | 000,105,078 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/06/21 13:27:32 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010/06/21 13:27:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/06/20 21:18:32 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010/06/20 21:18:24 | 001,667,617 | -H-- | M] () -- C:\Users\Marc\AppData\Local\IconCache.db [2010/06/20 20:22:25 | 212,273,617 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010/06/20 19:54:28 | 000,524,288 | -HS- | M] () -- C:\Windows\system32\config\systemprofile\ntuser.dat{d81bcdf3-cc66-11de-883d-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms [2010/06/20 19:54:28 | 000,262,144 | ---- | M] () -- C:\Windows\system32\config\systemprofile\ntuser.dat [2010/06/20 19:54:28 | 000,065,536 | -HS- | M] () -- C:\Windows\system32\config\systemprofile\ntuser.dat{d81bcdf3-cc66-11de-883d-806e6f6e6963}.TM.blf [2010/06/20 19:45:10 | 003,716,715 | R--- | M] () -- C:\Users\Marc\Desktop\Lychen.exe [2010/06/20 19:30:00 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2895517941-1792322226-2511147505-1009Core.job [2010/06/20 16:11:58 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini [2010/06/20 16:11:24 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2010/06/19 16:26:18 | 000,040,448 | ---- | M] () -- C:\Users\Marc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/06/19 16:21:46 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi_01_00_00.Wdf [2010/06/18 19:45:24 | 007,283,496 | ---- | M] (Microsoft Corporation) -- C:\Users\Marc\Desktop\microsoft-security-essentials-mse_microsoft_se_1.0.1961.0_vista_7_32_bits_francais_291762.exe [2010/06/18 17:00:22 | 000,000,921 | ---- | M] () -- C:\Windows\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2010/06/13 16:18:33 | 000,001,690 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010/06/09 19:18:52 | 000,403,658 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100618-165248.backup [2010/06/09 19:17:10 | 000,403,658 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100609-191852.backup [2010/06/09 19:14:47 | 000,403,658 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100609-191710.backup [2010/06/08 20:01:49 | 000,000,403 | ---- | M] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk [2010/06/07 14:38:40 | 000,142,928 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxDrv.sys [2010/06/07 14:38:40 | 000,111,312 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxNetFlt.sys [2010/06/07 14:38:40 | 000,100,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxNetAdp.sys [2010/06/07 14:38:40 | 000,041,744 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxUSBMon.sys [2010/06/07 14:38:38 | 000,133,648 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\VBoxNetFltNotify.dll [2010/06/06 19:10:31 | 000,824,681 | ---- | M] () -- C:\Users\Marc\Desktop\RSIT.exe [2010/06/06 18:57:17 | 000,669,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet (2).dll [2010/06/06 18:56:29 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSOCK32 (2).dll [2010/06/04 12:22:50 | 011,072,141 | ---- | M] () -- C:\Users\Marc\Documents\ssssrrr_modifié-1.jpg [2010/06/04 12:17:04 | 011,035,616 | ---- | M] () -- C:\Users\Marc\Documents\ssssrrr.jpg [2010/06/04 11:13:34 | 004,233,258 | ---- | M] () -- C:\Users\Marc\Documents\ssss.JPG [2010/06/01 19:33:15 | 000,001,875 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Maintenance en 1 clic.lnk [2010/06/01 19:33:15 | 000,001,855 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk [2010/05/28 20:48:58 | 000,053,368 | ---- | M] () -- C:\Users\Marc\Documents\cc_20100528_204851.reg [2010/05/28 19:24:06 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\initpki.dll [2010/05/28 19:07:57 | 365,277,386 | ---- | M] () -- C:\Sauv.reg [2010/05/27 20:01:16 | 000,396,225 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100609-191447.backup [2010/05/27 19:26:28 | 000,041,032 | ---- | M] () -- C:\Users\Marc\Documents\cc_20100527_192620.reg ========== Files Created - No Company Name ========== [2010/06/20 19:45:02 | 003,716,715 | R--- | C] () -- C:\Users\Marc\Desktop\Lychen.exe [2010/06/20 14:48:03 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe [2010/06/19 16:21:46 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi_01_00_00.Wdf [2010/06/18 17:00:22 | 000,000,921 | ---- | C] () -- C:\Windows\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2010/06/17 17:57:59 | 000,001,088 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2895517941-1792322226-2511147505-1001UA.job [2010/06/17 17:57:59 | 000,001,036 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2895517941-1792322226-2511147505-1001Core.job [2010/06/13 16:18:33 | 000,001,690 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010/06/10 14:53:04 | 212,273,617 | ---- | C] () -- C:\Windows\MEMORY.DMP [2010/06/08 20:01:49 | 000,000,403 | ---- | C] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk [2010/06/08 16:20:57 | 000,001,080 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2895517941-1792322226-2511147505-1009UA.job [2010/06/08 16:20:56 | 000,001,028 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2895517941-1792322226-2511147505-1009Core.job [2010/06/06 19:10:24 | 000,824,681 | ---- | C] () -- C:\Users\Marc\Desktop\RSIT.exe [2010/06/04 12:39:57 | 011,035,616 | ---- | C] () -- C:\Users\Marc\Documents\ssssrrr.jpg [2010/06/04 12:39:57 | 004,233,258 | ---- | C] () -- C:\Users\Marc\Documents\ssss.JPG [2010/06/04 12:39:56 | 011,072,141 | ---- | C] () -- C:\Users\Marc\Documents\ssssrrr_modifié-1.jpg [2010/06/01 19:33:15 | 000,001,875 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Maintenance en 1 clic.lnk [2010/05/28 20:48:54 | 000,053,368 | ---- | C] () -- C:\Users\Marc\Documents\cc_20100528_204851.reg [2010/05/28 19:07:35 | 365,277,386 | ---- | C] () -- C:\Sauv.reg [2010/05/27 19:26:25 | 000,041,032 | ---- | C] () -- C:\Users\Marc\Documents\cc_20100527_192620.reg [2010/05/23 08:43:38 | 000,005,654 | ---- | C] () -- C:\Users\Marc\AppData\Local\2AED1994-F97B-454C-8FB3-2F4C5C8F45D2.txt [2010/05/09 15:56:25 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2010/04/16 12:53:58 | 000,000,204 | ---- | C] () -- C:\Windows\System32\MRT.INI [2010/04/12 11:54:40 | 000,000,282 | ---- | C] () -- C:\Windows\game.ini [2010/03/05 13:36:50 | 000,000,077 | ---- | C] () -- C:\Windows\wininit.ini [2009/12/25 19:37:40 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2009/12/25 19:37:40 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2009/12/13 11:15:26 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/11/15 10:07:08 | 000,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en [2009/10/07 02:46:36 | 000,025,752 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys [2009/10/07 02:23:08 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll [2009/04/30 23:39:36 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2008/12/01 22:46:10 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll [2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2007/10/25 18:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2006/11/02 14:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/01/06 14:36:12 | 000,098,304 | ---- | C] () -- C:\Windows\System32\Rey_SubClasser.dll ========== LOP Check ========== [2010/04/30 14:00:01 | 000,000,000 | ---D | M] -- C:\Windows\System32\config\systemprofile\AppData\Roaming\TuneUp Software [2010/06/21 13:24:02 | 000,032,492 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010/06/21 18:50:00 | 000,000,434 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{2688C223-C27B-4382-B0D3-55A9B3351058}.job ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:A9662AE0 < End of report > merci, Marc

Bonsoir no.ppp, le 1er rapport OTL : OTL Extras logfile created on: 21/06/2010 18:48:01 - Run 1 OTL by OldTimer - Version 3.2.6.1 Folder = C:\Windows\system32\config\systemprofile\Desktop Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18904) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 62,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): c:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 46,19 Gb Total Space | 9,50 Gb Free Space | 20,57% Space Free | Partition Type: NTFS Drive D: | 39,08 Gb Total Space | 26,45 Gb Free Space | 67,67% Space Free | Partition Type: NTFS Drive E: | 63,77 Gb Total Space | 24,76 Gb Free Space | 38,82% Space Free | Partition Type: NTFS F: Drive not present or media not loaded Drive G: | 99,36 Gb Total Space | 70,98 Gb Free Space | 71,43% Space Free | Partition Type: NTFS Drive H: | 99,36 Gb Total Space | 99,07 Gb Free Space | 99,70% Space Free | Partition Type: NTFS Drive I: | 99,36 Gb Total Space | 19,61 Gb Free Space | 19,74% Space Free | Partition Type: NTFS Drive J: | 76,34 Gb Total Space | 39,48 Gb Free Space | 51,71% Space Free | Partition Type: NTFS Drive K: | 76,32 Gb Total Space | 11,85 Gb Free Space | 15,52% Space Free | Partition Type: NTFS Drive L: | 465,75 Gb Total Space | 58,81 Gb Free Space | 12,63% Space Free | Partition Type: NTFS Computer Name: PC-DE-MARC Current User Name: Marc Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>] .exe [@ = secfile] -- Reg Error: Key error. File not found [HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>] .exe [@ = secfile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "AntiVirusDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2895517941-1792322226-2511147505-1000] "EnableNotifications" = 1 "EnableNotificationsRef" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{247B6728-33FC-4D2E-BD14-62FF683C9AEF}" = rport=10243 | protocol=6 | dir=out | app=system | "{52AF2E91-521A-4E7A-AE98-4BCA9503508C}" = lport=10243 | protocol=6 | dir=in | app=system | "{59B283C0-9F21-4C92-B686-56B7757143ED}" = lport=2869 | protocol=6 | dir=in | app=system | "{643434A6-AC8C-4598-9954-EF3B2C2829EF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{76B7E5B6-A5B6-48E5-8BC8-3F0ECDD73CE2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{7F94D116-FA9D-40A8-836D-E82F172399E1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{8BB5AB72-15A2-4B02-B4EA-DEA6F7633860}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{8EF7E884-58CE-4A06-9889-FC5B45B6ACD9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{A1788F99-3105-408E-BF7E-0AAF479E07BB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{B787003F-2CE0-484F-AAB7-133E9BBA1AC7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{BE5BBEC1-8810-4F9B-A108-B1766E929633}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C33D7CB1-F976-40E4-B843-920DE2E230E2}" = lport=2869 | protocol=6 | dir=in | app=system | "{CEB7847F-04CF-4AF0-ADF9-981B5B7FBC68}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{E0F1EEDE-31A0-4A63-989F-D77DBDB96318}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{E4582109-C819-4EC0-B60E-FD99B431BA46}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{EFCA04F7-EA93-4F6E-9D4E-6DDE5393915A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{F4BCB7A7-FAF0-4AE4-AEAC-0D7AA4C96AE3}" = lport=2869 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{025B2A1B-91E4-4D18-9788-E362E6D90714}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\update.exe | "{03D2221F-308F-4EDC-8AF0-B9695B4FA292}" = protocol=6 | dir=in | app=c:\program files\malwarebytes' anti-malware\mbam.exe | "{0507AB4F-C870-4D6C-8C52-16E1618C95D9}" = protocol=6 | dir=in | app=c:\program files\windows mail\winmail.exe | "{080609A2-D5CB-4A30-A3FA-271438F97F75}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "{0885F258-A0A8-4DC7-90D5-3B9C8C24A7F4}" = protocol=6 | dir=in | app=c:\windows\system32\wuapp.exe | "{089F3707-68D4-46D5-B071-210FE96E6901}" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "{1A61801A-66FD-468C-86F2-8143BD78721C}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | "{27479516-22F7-42BB-8F9A-AD05DDE7DD79}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe | "{2CB0003C-A732-4BBE-A818-61638D13CC55}" = protocol=17 | dir=in | app=c:\program files\malwarebytes' anti-malware\mbam.exe | "{31692C3E-72EF-4A5F-B436-03B5FF06BEC9}" = protocol=6 | dir=in | app=c:\program files\malwarebytes' anti-malware\mbam.exe | "{31D630E7-3465-4B1B-B28A-BEF465E088B4}" = protocol=6 | dir=in | app=c:\program files\windows defender\msascui.exe | "{32C872E2-B742-40CF-9768-14376395C6C3}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe | "{40F273E0-E2DF-4B6B-8658-EC7677257D45}" = protocol=17 | dir=in | app=c:\program files\malwarebytes' anti-malware\mbam.exe | "{49F8E489-40D4-4752-BF15-5EA13A9DA29B}" = protocol=6 | dir=in | app=c:\program files\windows mail\winmail.exe | "{4D81A6E7-F464-4F8A-849B-279321763095}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{5474F0AA-66ED-46D5-B17C-97CA58A5808B}" = protocol=17 | dir=in | app=c:\program files\windows mail\winmail.exe | "{5A3CD355-4EA9-4063-8192-0CE49036A624}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe | "{5C4C928D-086E-406D-A0E8-4EF64D2C63D0}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe | "{5CB4CE00-5BB6-4A35-8ACE-75E34532E832}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\update.exe | "{611B3280-0E26-4129-8BFF-479BE9F06A7B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{622F0A5D-8154-4D26-9253-E8720403BD0F}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | "{714F091B-71A9-4215-88EA-C686058BA548}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | "{74E9D4AB-4CA7-4E52-8DCF-DEDFAA9FE4D5}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe | "{76174DA1-E732-4E35-9651-88795D08B58A}" = protocol=6 | dir=in | app=c:\program files\gamigo games\levelr\levelr.bin | "{77B2B717-CCF6-4BA9-993A-C3D1577F1595}" = protocol=17 | dir=in | app=c:\program files\gamigo games\levelr\levelr.bin | "{7C49EA16-D5EE-4F64-81F7-387FAAA9D2B2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{86FEDEC1-5717-424B-B858-703DD92B84F0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{8917458F-964A-4381-A149-C26DA84FC78E}" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "{8B51D1A8-38EB-4962-BE8D-B7025C509D86}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe | "{8E6B48F6-B390-460D-8E71-3CF81EC89462}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | "{909A2CA8-7FD7-4854-A681-0F2BA06D7313}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{927F7236-3DA4-4D11-A1A7-BB486B3C5EDF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{AD68ED77-835E-4C34-BE4E-EE2A2CF0E2AD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{AEEBC46A-D33F-4831-ADB1-A1BE1297B8AD}" = protocol=6 | dir=out | app=system | "{AFA84B3F-E0A7-4BB9-8022-C96C37BC4DB5}" = protocol=6 | dir=in | app=c:\program files\7-zip\7zfm.exe | "{B4DD3FE2-6146-4EBA-A74A-F304B0ED7876}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{B6C14752-5AD0-4BB6-B330-3C1168DE8A6A}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe | "{BB354EED-57DD-4BD4-9FA9-4B0298391495}" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "{BBA0D354-0506-4437-B29B-A405668FB61B}" = protocol=17 | dir=in | app=c:\windows\system32\wuapp.exe | "{C14C14BC-E759-4119-B0EE-C71D085C8E8A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C2D87F54-8410-4675-A728-7F35DC13060C}" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "{C427633B-DE3F-4D7E-8555-ED30D9736FA0}" = protocol=17 | dir=in | app=c:\program files\windows mail\winmail.exe | "{C5BDE236-EF20-47A2-8A25-88444C981A9C}" = protocol=17 | dir=in | app=c:\program files\7-zip\7zfm.exe | "{CA264218-128C-4E64-8D94-2464D41F85A8}" = protocol=17 | dir=in | app=c:\program files\windows defender\msascui.exe | "{CEE62028-22F7-4380-B1AF-5D30A7A5E716}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{D655F3C1-C48E-4C0C-856D-5814348612D5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{E0098B65-62D1-4516-ABCE-12316039A0E3}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{E67A20B5-3A07-4431-AFB6-CB0083EF25E3}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | "{EC5773FE-93CB-4D56-B266-F122E828E1F1}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe | "{EF0D8417-8C60-49F8-A4D0-8B66E25DD3FB}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe | "{F86D6279-9027-40B8-8483-E25ADD265289}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "{F8EDB0BD-26AF-4FA8-9726-479CCF171D88}" = protocol=6 | dir=out | app=system | "{FFFA8F8C-6924-4CA7-A2AB-5992B617ED13}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe | "TCP Query User{1CBBDA99-B920-4A25-B9E0-36BC964ED849}C:\program files\nero\nero 7\nero home\nerohome.exe" = protocol=6 | dir=in | app=c:\program files\nero\nero 7\nero home\nerohome.exe | "TCP Query User{3B235853-36A7-41D6-8F04-EDD2ED175DA1}C:\users\marc\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\marc\program files\dna\btdna.exe | "TCP Query User{546ABAFC-0169-468C-8366-7A01CB2B7E79}C:\program files\microsoft games\age of empires iii\age3.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe | "TCP Query User{61415722-5DC2-43DA-850E-4FD36CC93B99}L:\xbox360\pc » left 4 dead 2 full game directplay by globe@\left 4 dead 2\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=l:\xbox360\pc » left 4 dead 2 full game directplay by globe@\left 4 dead 2\left 4 dead 2\left4dead2.exe | "TCP Query User{7389BBF4-F9F3-427F-A6AF-381A3663AF0F}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "TCP Query User{76C816A2-C0A6-408D-9A8D-3B21425B48CE}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "TCP Query User{779250F3-3FCA-498E-811F-C87B5A40BE28}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe | "TCP Query User{988C29D6-188F-451B-8363-4CE96C85E201}C:\program files\sony ericsson\update service\update service.exe" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe | "TCP Query User{B87308D4-DDE5-40C8-A412-9B9EE0258B35}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe | "TCP Query User{F32A50F0-5749-4C95-9D7B-F74FAC19E953}L:\xbox360\[pc] test drive unlimited [proper] [rip] [dopeman]\tdu\tdu\testdriveunlimited.exe" = protocol=6 | dir=in | app=l:\xbox360\[pc] test drive unlimited [proper] [rip] [dopeman]\tdu\tdu\testdriveunlimited.exe | "TCP Query User{F76145B7-063A-41B6-B384-8CD1DE449D28}C:\users\florent\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\florent\appdata\local\google\chrome\application\chrome.exe | "TCP Query User{FB0B9A91-66DE-41DF-BC73-82448204693E}L:\v8\launcher.exe" = protocol=6 | dir=in | app=l:\v8\launcher.exe | "TCP Query User{FEC39CB2-F74B-45C3-9952-3CB59DF0E2DB}L:\v8\launcher.exe" = protocol=6 | dir=in | app=l:\v8\launcher.exe | "UDP Query User{0CD1198B-B37F-42B8-86F8-1F2C62D37029}L:\xbox360\[pc] test drive unlimited [proper] [rip] [dopeman]\tdu\tdu\testdriveunlimited.exe" = protocol=17 | dir=in | app=l:\xbox360\[pc] test drive unlimited [proper] [rip] [dopeman]\tdu\tdu\testdriveunlimited.exe | "UDP Query User{135A02B6-6199-48BA-9142-3BF46FF57873}C:\program files\nero\nero 7\nero home\nerohome.exe" = protocol=17 | dir=in | app=c:\program files\nero\nero 7\nero home\nerohome.exe | "UDP Query User{2770888D-3FFF-4AA5-AC6F-9AB05390F434}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "UDP Query User{39041500-EDA8-4152-914C-638291EFBEA5}C:\program files\microsoft games\age of empires iii\age3.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe | "UDP Query User{3C3BF043-73C8-4B2C-B91C-1DBE7C864501}L:\v8\launcher.exe" = protocol=17 | dir=in | app=l:\v8\launcher.exe | "UDP Query User{4FED875C-C52D-40EB-8322-4F473B6677A9}C:\users\florent\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\florent\appdata\local\google\chrome\application\chrome.exe | "UDP Query User{51CA9910-1CE4-449E-9919-F238CB10686D}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe | "UDP Query User{539A8EA9-1F65-4686-B066-8A2D32DCD8BA}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "UDP Query User{594E0CEE-DE47-42D9-8C19-AAF8D79D6627}C:\program files\sony ericsson\update service\update service.exe" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe | "UDP Query User{6527574A-AB59-4673-9643-A932ECBE35DA}C:\users\marc\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\marc\program files\dna\btdna.exe | "UDP Query User{7FEE7A2F-FBA1-4D4C-B61E-0CAFEF142C90}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe | "UDP Query User{88D47BBE-C650-48EC-BB4A-642413C1ADE2}L:\xbox360\pc » left 4 dead 2 full game directplay by globe@\left 4 dead 2\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=l:\xbox360\pc » left 4 dead 2 full game directplay by globe@\left 4 dead 2\left 4 dead 2\left4dead2.exe | "UDP Query User{AA7058AF-4109-425E-9E96-77AC2D689AF9}L:\v8\launcher.exe" = protocol=17 | dir=in | app=l:\v8\launcher.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{02EBDBB9-4600-41D3-B566-40CB861511D2}" = World of Warcraft FREE Trial "{10A44844-4465-456E-8C97-80BDD4F68845}" = Assistant de connexion Windows Live ID "{1102B81E-73F2-339C-E299-C48D7CA32441}" = Catalyst Control Center Graphics Full Existing "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP5200" = Canon iP5200 "{153C7D89-9CF4-4719-A551-C5BF45236DB5}" = redist "{15422767-809D-8D9C-140D-99B39C9683DA}" = Catalyst Control Center Graphics Full New "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{186DB7E2-1C55-0715-12E1-7FC473D30A4C}" = Catalyst Control Center Graphics Previews Common "{1943A043-5C85-4A16-A0D0-D687B2C1A40F}" = VirtualCom driver "{1C87A9F3-D01A-F4DA-F3DF-6ED7DB9EEBE1}" = CCC Help French "{1DE0F8B5-763F-395F-56F3-98F8D9E0492D}" = HydraVision "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{254BEB3E-1085-4D66-9CDC-0152C0DC2E93}" = EPSON TWAIN 5 "{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java 6 Update 19 "{27DC856A-0916-4988-8198-8714DDD3183D}" = AGEIA PhysX v7.05.17 "{3248F0A8-6813-11D6-A77B-00B0D0150010}" = J2SE Runtime Environment 5.0 Update 1 "{3516C69A-024D-42A8-B948-FFAA7B9CC49A}" = Windows SideShow Managed Runtime 1.0 "{3A1BBC38-2602-B555-24D3-942F01D8DC39}" = CCC Help English "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer "{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{53B20C18-D8D4-4588-8737-9BBFE303C354}" = Windows Live Movie Maker "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{597DE5BD-C24B-4D0F-BA2D-F5D591D800DA}" = AccuWeather SideShow Gadget "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail "{5F778DA4-7CDF-435C-9650-0201FCAD8DAE}" = Superstars® V8 Racing "{6419FBF5-2DB7-FF43-EE67-5448F868D080}" = Catalyst Control Center Core Implementation "{6530EB5E-F2BE-45D3-906B-E4AFFF2D1588}" = Gestionnaire de périphériques de Windows Live "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = AusLogics BoostSpeed "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger "{7B0A8F0E-3672-4DA5-9540-A8D0171C38D8}" = TuneUp Utilities Language Pack (fr-FR) "{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007 "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}" = Microsoft Games for Windows - LIVE Redistributable "{92E4CCD6-CB9A-951B-E333-78A8BC6BA8E2}" = Catalyst Control Center Localization French "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9FA7B446-0DE0-C883-9DB4-AC9A35D60735}" = Catalyst Control Center HydraVision Full "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}" = Epson Copy Utility 3.5 "{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution "{AC76BA86-7AD7-1036-7B44-A93000000001}" = Adobe Reader 9.3.1 - Français "{ACB91656-A3D1-4E5F-82F0-D3E5200F1D06}" = Skins "{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4 "{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center "{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX "{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software "{C3F7C6EB-B6AD-CE5E-46BD-E6DE8EBB6E5A}" = Catalyst Control Center Graphics Previews Vista "{C8E9FBF9-6CBE-AE9B-C8AB-2C8F5E32140C}" = ccc-core-static "{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb" = Microsoft Automated Troubleshooting Services Shim "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities "{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding "{D484F0BE-2429-4B3F-97C0-ADDA10F3EA4A}" = Oracle VM VirtualBox 3.2.4 "{D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}" = SAMSUNG SYMBIAN USB Download Driver "{DDACB061-0C85-8A15-45C9-28415476762B}" = Catalyst Control Center Graphics Light "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{ECE1F718-CDFD-7A05-BDB9-4D33BFE67D9C}" = ccc-utility "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth "{FC5A7E9B-2CAC-6261-7F34-817C6547ABF3}" = Catalyst Control Center InstallProxy "{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner "3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0) "7-Zip" = 7-Zip 9.07 beta "Action Replay Code Manager_is1" = Action Replay Code Manager "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "ATRAC3" = Sony ATRAC3 Audio Codec (remove only) "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "AviSynth" = AviSynth 2.5 "CCleaner" = CCleaner "Clean Virus MSN_is1" = Clean Virus MSN "D'Fusion @Home Web Plug-In" = Total Immersion D'Fusion @Home Web Plug-In "Free 3GP Video Converter_is1" = Free 3GP Video Converter version 3.2 "GameSaike SixaxisDriver_is1" = SixaxisDriver 0.91 "InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "LibUSB-Win32_is1" = LibUSB-Win32-0.1.10.1 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3) "Neuf_TV_PC" = TV sur PC "OpenAL" = OpenAL "PROPLUS" = Microsoft Office Professional Plus 2007 "PSPdisp" = PSPdisp 0.1 "SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software "SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set "Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software "Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software "SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software "SFR_Kit" = SFR - Kit de connexion "Sweet Home 3D_is1" = Sweet Home 3D version 2.4 "TuneUp Utilities" = TuneUp Utilities "UltSounds" = Modèles de sons Windows "UltSounds2" = Ultimate Extras sounds from Microsoft® Tinker™ "uTorrent" = µTorrent "VLC media player" = VLC media player 1.0.5 "WinLiveSuite_Wave3" = Installation Windows Live "WinRAR archiver" = WinRAR archiver "Xilisoft PSP Video Converter" = Xilisoft PSP Video Converter ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2895517941-1792322226-2511147505-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "BitTorrent" = BitTorrent "BitTorrent DNA" = DNA ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 20/06/2010 14:24:23 | Computer Name = PC-de-Marc | Source = Microsoft-Windows-CAPI2 | ID = 131329 Description = Error - 20/06/2010 15:08:47 | Computer Name = PC-de-Marc | Source = SPP | ID = 16387 Description = Error - 20/06/2010 15:08:47 | Computer Name = PC-de-Marc | Source = System Restore | ID = 8193 Description = Error - 20/06/2010 15:08:47 | Computer Name = PC-de-Marc | Source = System Restore | ID = 8210 Description = Error - 21/06/2010 06:44:07 | Computer Name = PC-de-Marc | Source = ESENT | ID = 488 Description = Catalog Database (1540) Catalog Database: Une tentative de création du fichier "C:\Windows\system32\CatRoot2\edbtmp.log" a échoué en indiquant l'erreur système 5 (0x00000005) : "Accès refusé. ". L'opération de création de dossier échouera en indiquant l'erreur -1032 (0xfffffbf8). Error - 21/06/2010 06:44:07 | Computer Name = PC-de-Marc | Source = ESENT | ID = 413 Description = Catalog Database (1540) Catalog Database: Impossible de créer un nouveau journal car la base de données ne peut pas écrire sur le lecteur de journalisation. Le lecteur est probablement en lecture seule, mal configuré ou endommagé. Erreur -1032. Error - 21/06/2010 06:44:07 | Computer Name = PC-de-Marc | Source = Microsoft-Windows-CAPI2 | ID = 131329 Description = Error - 21/06/2010 06:44:17 | Computer Name = PC-de-Marc | Source = ESENT | ID = 488 Description = Catalog Database (1540) Catalog Database: Une tentative de création du fichier "C:\Windows\system32\CatRoot2\edbtmp.log" a échoué en indiquant l'erreur système 5 (0x00000005) : "Accès refusé. ". L'opération de création de dossier échouera en indiquant l'erreur -1032 (0xfffffbf8). Error - 21/06/2010 06:44:17 | Computer Name = PC-de-Marc | Source = ESENT | ID = 413 Description = Catalog Database (1540) Catalog Database: Impossible de créer un nouveau journal car la base de données ne peut pas écrire sur le lecteur de journalisation. Le lecteur est probablement en lecture seule, mal configuré ou endommagé. Erreur -1032. Error - 21/06/2010 06:44:17 | Computer Name = PC-de-Marc | Source = Microsoft-Windows-CAPI2 | ID = 131329 Description = [ System Events ] Error - 21/06/2010 07:27:28 | Computer Name = PC-de-Marc | Source = EventLog | ID = 6008 Description = L'arrêt système précédant à 13:25:24 le 21/06/2010 n'était pas prévu. Error - 21/06/2010 07:27:35 | Computer Name = PC-de-Marc | Source = Service Control Manager | ID = 7009 Description = Error - 21/06/2010 07:27:35 | Computer Name = PC-de-Marc | Source = Service Control Manager | ID = 7000 Description = Error - 21/06/2010 07:27:35 | Computer Name = PC-de-Marc | Source = Service Control Manager | ID = 7001 Description = Error - 21/06/2010 07:27:35 | Computer Name = PC-de-Marc | Source = Service Control Manager | ID = 7009 Description = Error - 21/06/2010 07:27:35 | Computer Name = PC-de-Marc | Source = Service Control Manager | ID = 7000 Description = Error - 21/06/2010 07:27:35 | Computer Name = PC-de-Marc | Source = Service Control Manager | ID = 7000 Description = Error - 21/06/2010 07:27:35 | Computer Name = PC-de-Marc | Source = Service Control Manager | ID = 7023 Description = Error - 21/06/2010 07:29:47 | Computer Name = PC-de-Marc | Source = WMPNetworkSvc | ID = 866312 Description = Error - 21/06/2010 07:29:47 | Computer Name = PC-de-Marc | Source = WMPNetworkSvc | ID = 866312 Description = < End of report >

Bonsoir à tous(tes) je ne m'en sors plus help me please, ci joint mon rapport RSIT pour commencer: Logfile of random's system information tool 1.07 (written by random/random) Run by Marc at 2010-06-20 19:03:16 Microsoft® Windows Vista™ Édition Intégrale Service Pack 2 System drive C: has 10 GB (21%) free of 47 GB Total RAM: 2046 MB (61% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:03:26, on 20/06/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18904) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\WindowsMobile\wmdSync.exe C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Marc\Desktop\RSIT.exe C:\Program Files\trend micro\Marc.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = SFR : Téléphone portable, mobile, forfaits portables, ADSL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6017/mcfscan.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{BC0E4D39-11F1-4ADB-8EDD-909A9FB064A1}: NameServer = 80.118.192.100,80.118.196.36 O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (BthServ) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: CryptSvc - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: ERSvc - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: helpsvc - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - libusb-Win32 - C:\Windows\system32\libusbd-nt.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Brother USB Mass-Storage Upper Filter Helper (owfzkqyg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\WindowsMobile\rapimgr.dll,-104 (RapiMgr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Secondary Logon (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe O23 - Service: srservice - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Panneau de saisie Tablet PC (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: UPS - Unknown owner - (no file) O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: TuneUp Extension de thème (UxTuneUp) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe O23 - Service: @%windir%\WindowsMobile\wcescomm.dll,-40079 (WcesComm) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Windows Update (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 21033 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2895517941-1792322226-2511147505-1001Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2895517941-1792322226-2511147505-1001UA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2895517941-1792322226-2511147505-1009Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2895517941-1792322226-2511147505-1009UA.job C:\Windows\tasks\User_Feed_Synchronization-{2688C223-C27B-4382-B0D3-55A9B3351058}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] Objet d'aide à la navigation SFR - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll [2009-10-15 165184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-05-28 278128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-05-28 814648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-05-28 278128] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584] "Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 215552] "LogitechQuickCamRibbon"=C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-04-16 102400] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-11-09 39408] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PowerReg Scheduler V3.exe] [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler] Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2009-11-08 233888] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorUser"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 "EnableLUA"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoLogOff"=0 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 months====== 2010-06-20 16:17:25 ----A---- C:\ComboFix.txt 2010-06-20 16:16:15 ----SHD---- C:\$RECYCLE.BIN 2010-06-20 15:48:33 ----D---- C:\Windows\temp 2010-06-20 15:17:44 ----D---- C:\%APPDATA% 2010-06-20 15:17:43 ----A---- C:\Windows\SWXCACLS.exe 2010-06-20 14:48:03 ----A---- C:\Windows\MBR.exe 2010-06-20 14:43:45 ----D---- C:\Qoobox 2010-06-19 19:17:15 ----D---- C:\Program Files\Windows Live Safety Center 2010-06-19 16:18:21 ----D---- C:\Windows\McAfee.com 2010-06-18 16:57:30 ----A---- C:\Windows\ntbtlog.txt 2010-06-15 14:29:33 ----D---- C:\Program Files\Gamigo Games 2010-06-15 13:27:51 ----D---- C:\Program Files\Neffy 2010-06-13 16:18:30 ----D---- C:\Program Files\Mozilla Firefox 2010-06-07 14:38:38 ----A---- C:\Windows\system32\VBoxNetFltNotify.dll 2010-06-06 19:10:56 ----D---- C:\rsit 2010-06-06 19:02:28 ----A---- C:\Windows\system32\wininet (2).dll 2010-06-06 18:56:28 ----A---- C:\Windows\system32\WSOCK32 (2).dll 2010-06-05 11:26:04 ----D---- C:\Program Files\Sweet Home 3D 2010-06-04 14:44:31 ----D---- C:\Windows\MATS 2010-06-04 14:44:30 ----D---- C:\Program Files\Microsoft Fix it Center 2010-06-01 19:33:24 ----A---- C:\Windows\system32\uxtuneup.dll 2010-06-01 19:33:24 ----A---- C:\Windows\system32\authuitu.dll 2010-05-31 19:46:50 ----D---- C:\Windows\system32\catroot2 2010-05-28 20:22:54 ----D---- C:\Windows\SoftwareDistribution 2010-05-28 19:28:18 ----A---- C:\Windows\system32\initpki.dll 2010-05-28 18:38:25 ----D---- C:\Marc 2010-05-24 16:59:05 ----D---- C:\Users\Marc\AppData\Roaming\Ahead 2010-05-24 16:58:30 ----D---- C:\ProgramData\Ahead 2010-05-24 16:55:44 ----D---- C:\Program Files\Common Files\Ahead 2010-05-21 06:55:15 ----A---- C:\Windows\system32\2AED1994-F97B-454C-8FB3-2F4C5C8F45D2.txt ======List of files/folders modified in the last 1 months====== 2010-06-20 19:03:18 ----D---- C:\Program Files\trend micro 2010-06-20 18:56:33 ----D---- C:\Windows\Prefetch 2010-06-20 18:55:01 ----SHD---- C:\Windows\Installer 2010-06-20 18:55:01 ----D---- C:\Program Files 2010-06-20 18:54:59 ----D---- C:\Windows\system32\drivers 2010-06-20 18:54:59 ----D---- C:\ProgramData\Microsoft 2010-06-20 18:46:54 ----D---- C:\Windows\System32 2010-06-20 18:46:54 ----D---- C:\Windows\inf 2010-06-20 18:46:54 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-06-20 16:11:58 ----D---- C:\Windows 2010-06-20 16:11:58 ----A---- C:\Windows\system.ini 2010-06-20 15:45:11 ----D---- C:\Windows\AppPatch 2010-06-20 15:45:10 ----D---- C:\Program Files\Common Files 2010-06-20 06:35:53 ----SD---- C:\Windows\Downloaded Program Files 2010-06-18 20:58:54 ----D---- C:\Windows\Microsoft.NET 2010-06-18 20:39:05 ----D---- C:\Program Files\CCleaner 2010-06-18 20:28:36 ----D---- C:\Program Files\TuneUp Utilities 2010 2010-06-18 20:07:21 ----RSD---- C:\Windows\assembly 2010-06-18 20:06:14 ----D---- C:\Windows\winsxs 2010-06-18 16:57:19 ----D---- C:\Windows\ShellNew 2010-06-18 16:48:07 ----D---- C:\ProgramData\Spybot - Search & Destroy 2010-06-17 17:57:59 ----D---- C:\Windows\Tasks 2010-06-17 15:08:13 ----D---- C:\Program Files\Common Files\Wise Installation Wizard 2010-06-17 15:07:57 ----D---- C:\Program Files\AGEIA Technologies 2010-06-16 16:25:01 ----D---- C:\Users\Marc\AppData\Roaming\uTorrent 2010-06-16 15:02:37 ----HD---- C:\Program Files\InstallShield Installation Information 2010-06-16 14:56:52 ----D---- C:\Windows\system32\Tasks 2010-06-16 14:46:49 ----D---- C:\Program Files\Microsoft Games 2010-06-15 14:28:41 ----D---- C:\Program Files\Common Files\InstallShield 2010-06-14 13:21:48 ----SHD---- C:\System Volume Information 2010-06-13 16:18:38 ----D---- C:\Users\Marc\AppData\Roaming\Mozilla 2010-06-10 14:53:10 ----D---- C:\Windows\Minidump 2010-06-10 13:00:40 ----D---- C:\ProgramData\Test Drive Unlimited 2010-06-08 20:01:48 ----DC---- C:\Windows\system32\DRVSTORE 2010-06-06 19:30:35 ----RD---- C:\Users 2010-06-06 19:30:25 ----D---- C:\Windows\system32\appmgmt 2010-06-04 11:25:49 ----D---- C:\Users\Marc\AppData\Roaming\vlc 2010-06-04 11:19:18 ----D---- C:\Users\Marc\AppData\Roaming\dvdcss 2010-06-01 15:20:20 ----D---- C:\Users\Marc\AppData\Roaming\Notepad++ 2010-06-01 15:20:20 ----D---- C:\Program Files\Notepad++ 2010-05-28 20:44:30 ----D---- C:\Windows\system32\catroot2.bak 2010-05-27 19:23:51 ----D---- C:\Windows\Globalization 2010-05-27 07:35:22 ----D---- C:\Windows\system32\catroot 2010-05-24 17:11:05 ----D---- C:\ProgramData 2010-05-24 17:10:59 ----D---- C:\Windows\ehome 2010-05-23 08:53:36 ----D---- C:\Windows\DigitalLocker 2010-05-21 06:53:11 ----D---- C:\Windows\ERDNT ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2009-04-11 351744] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-11-25 56816] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-12-02 4179968] R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-04-07 36608] R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544] R3 libusb0;LibUsb-Win32 - Kernel Driver 11/20/2005, 20051120; C:\Windows\system32\drivers\libusb0.sys [2008-09-12 28672] R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2010-04-29 20952] R3 NBXG7031;NB 802.11g XG703 SP1 Driver; C:\Windows\system32\DRIVERS\WlanUIG.sys [2004-09-17 381312] R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2010-02-15 27632] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 298496] S1 PCIDump;PCIDump; C:\Windows\system32\drivers\PCIDump.sys [] S3 akg3zvun;akg3zvun; C:\Windows\system32\drivers\akg3zvun.sys [] S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528] S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160] S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904] S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696] S3 catchme;catchme; \??\C:\Marc23130M\catchme.sys [] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2009-05-01 265496] S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\Windows\system32\DRIVERS\ManyCam.sys [] S3 mbr;mbr; \??\C:\Users\Marc\AppData\Local\Temp\mbr.sys [] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632] S3 pepifilter;Volume Adapter; C:\Windows\system32\DRIVERS\lv302af.sys [2009-04-30 13976] S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2009-04-30 2687512] S3 pspdisp;pspdisp; C:\Windows\system32\DRIVERS\pspdisp.sys [2008-09-12 3328] S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992] S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2007-07-03 80552] S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944] S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064] S3 usb_rndisx;Carte RNDIS USB; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-11 15872] S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216] S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328] S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2010-06-07 100496] S3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2010-06-07 111312] S3 WinUSB;PS3Eye Camera; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-04-11 31616] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328] S3 XPADFL02;XPAD Filter Service 02; C:\Windows\system32\DRIVERS\xpadfl02.sys [2006-12-24 27904] S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089] R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-12-01 720896] R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-19 21504] R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2009-04-07 233472] R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1; C:\Windows\system32\libusbd-nt.exe [2005-03-09 18944] R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136] R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464] R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808] S2 ERSvc;ERSvc; C:\Windows\System32\svchost.exe [2008-01-19 21504] S2 helpsvc;helpsvc; C:\Windows\System32\svchost.exe [2008-01-19 21504] S2 owfzkqyg;Brother USB Mass-Storage Upper Filter Helper; C:\Windows\System32\svchost.exe [2008-01-19 21504] S2 srservice;srservice; C:\Windows\system32\svchost.exe [2008-01-19 21504] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-19 21504] S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048] S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-19 523776] S3 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-30 135664] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-11-09 182768] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 MatSvc;@%ProgramFiles%\Microsoft Fix it Center\MatsRes.dll,-9000; C:\Program Files\Microsoft Fix it Center\Matsvc.exe [2010-04-10 266544] S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592] S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-06-01 435016] S3 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-05-07 1051976] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-19 21504] S3 UxTuneUp;TuneUp Extension de thème; C:\Windows\System32\svchost.exe [2008-01-19 21504] S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-04-11 918528] -----------------EOF----------------- Merci, Marc