John Fitzgerald

Bonjour, Depuis quelques jours je subis l'apparition d'annonces publicitaires BrowseFox sur la gauche de ma page + dans les moteurs de recherhce. Si ces annonces nuisent à la visibilté, elles ralentissent considérablement la vitesse de mon ordi. Pourriez-vous m'aider à les enlever ? Merci d'avance.

Bonjour, j'essaye désespérement de lancer TDSSkiller malheureusement il ne veut pas s'ouvrir. Sagissant des redirections, elles s'opèrent sur internet explorer et sur firefox.

Salut, j'ai donc suivi à la lettre tes instructions et je poste ici le rapport demandé. Dagissant des autres symptômes, je subie toujours des redirections intempestives lors de mes requêtes. All processes killed ========== OTL ========== HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultName| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultURL| /E : value set successfully! HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully! Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\crazyloader@spointer.com deleted successfully. C:\Program Files\CrazyLoader\spointer\extensions\crazyloader@spointer.com\components folder moved successfully. C:\Program Files\CrazyLoader\spointer\extensions\crazyloader@spointer.com\chrome\content folder moved successfully. C:\Program Files\CrazyLoader\spointer\extensions\crazyloader@spointer.com\chrome folder moved successfully. C:\Program Files\CrazyLoader\spointer\extensions\crazyloader@spointer.com folder moved successfully. C:\Users\Mss test\AppData\Roaming\Mozilla\Firefox\Profiles\59vvlcoe.default\searchplugins\cherche.xml moved successfully. Folder C:\PROGRAM FILES\CRAZYLOADER\SPOINTER\EXTENSIONS\CRAZYLOADER@SPOINTER.COM\ not found. C:\Program Files\mozilla firefox\components\coFFPlgn.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\ deleted successfully. C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}\ deleted successfully. C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ deleted successfully. File C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ccApp deleted successfully. C:\Program Files\Common Files\Symantec Shared\ccApp.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\isCfgWiz deleted successfully. C:\Program Files\Common Files\Symantec Shared\OPC\{C86EA115-FACD-4aa8-BFA2-398C677D0936}\SYMCUW.exe moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Recovery\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\chat-land.org\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ deleted successfully. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\GD\\http deleted successfully. C:\Users\Mss test\Desktop\aswMBR.exe moved successfully. C:\Program Files\GridinSoft Trojan Killer\updates folder moved successfully. C:\Program Files\GridinSoft Trojan Killer folder moved successfully. C:\Users\Mss test\Desktop\RK_Quarantine folder moved successfully. C:\Users\Public\Desktop\Live-Player.lnk moved successfully. C:\Users\Mss test\Application Data\Microsoft\Internet Explorer\Quick Launch\Chat-Land site de chat et de rencontre gratuit.URL moved successfully. ADS C:\Windows\System32\drivers\dkgnuahe.sys:changelist deleted successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== < ipconfig /flushdns /c > Configuration IP de Windows Cache de r‚solution DNS vid‚. C:\Users\Mss test\Desktop\cmd.bat deleted successfully. C:\Users\Mss test\Desktop\cmd.txt deleted successfully. File\Folder C:\Program Files\GridinSoft Trojan Killer not found. C:\Program Files\Live-Player\skins folder moved successfully. C:\Program Files\Live-Player\img folder moved successfully. C:\Program Files\Live-Player\data folder moved successfully. C:\Program Files\Live-Player folder moved successfully. C:\Users\Mss test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NVQ7ZR1U\java_skyline[1].htm moved successfully. C:\Users\Mss test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NVQ7ZR1U\lift[1].htm moved successfully. C:\Users\Mss test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NVQ7ZR1U\track[2].htm moved successfully. File\Folder C:\Users\Mss test\Desktop\RK_Quarantine not found. C:\Users\Mss test\Downloads\Live-Player_setup.exe moved successfully. C:\Users\Mss test\Downloads\plugin-vlc.exe moved successfully. C:\Users\Mss test\Downloads\trojankiller2095-setup.exe moved successfully. File\Folder C:\*.sqm not found. File\Folder C:\WINDOWS\System32\*.tmp not found. File\Folder C:\WINDOWS\*.tmp not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Mss test ->Temp folder emptied: 14663941 bytes ->Temporary Internet Files folder emptied: 10183120656 bytes ->Java cache emptied: 730121 bytes ->FireFox cache emptied: 75507431 bytes ->Google Chrome cache emptied: 1905008 bytes ->Flash cache emptied: 6235289 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 6341107 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 9 812,00 mb [EMPTYFLASH] User: All Users User: Default User: Default User User: Mss test ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.24.1 log created on 06192011_142957 Files\Folders moved on Reboot... C:\Users\Mss test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A98C20MO\search[1].htm moved successfully. C:\Users\Mss test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\20DGFMHL\ac3[1].htm moved successfully. C:\Users\Mss test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\20DGFMHL\MsgrConfig[1].xml moved successfully. File move failed. C:\Windows\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot. Registry entries deleted on Reboot...

Sagissant du Norton Security je l'ai supprimer par mégarde, ne sachant pas s'il est efficace ou non. N'importe quel antivirus performant fera l'affaire. Je me soumets à tes conseils. EDIT: je viens de m'apercevoir que bien qu'ayant posté en deux fois, les rapports demandés ultérieurement apparaissent sur un seul et même message.

Ok donc voici le premier rapport : OTL.txt OTL logfile created on: 18/06/2011 20:00:45 - Run 1 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Mss test\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 1,46 Gb Available Physical Memory | 48,81% Memory free 6,22 Gb Paging File | 4,49 Gb Available in Paging File | 72,09% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 453,76 Gb Total Space | 329,01 Gb Free Space | 72,51% Space Free | Partition Type: NTFS Computer Name: PC-DE-MSSTEST | User Name: Mss test | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/06/18 19:57:36 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Mss test\Desktop\OTL.exe PRC - [2011/04/29 01:24:18 | 000,019,856 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe PRC - [2011/04/29 01:24:08 | 003,373,968 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe PRC - [2010/09/06 09:11:32 | 000,217,088 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe PRC - [2009/09/05 17:10:18 | 000,122,368 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/04/11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2008/12/20 07:50:34 | 002,656,528 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe PRC - [2008/12/20 07:46:58 | 000,558,864 | ---- | M] () -- C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe PRC - [2008/12/16 21:59:50 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe PRC - [2008/10/29 18:11:14 | 000,801,544 | ---- | M] (Logitech, Inc.) -- C:\program files\logitech\quickcam\lu\LogitechUpdate.exe PRC - [2008/10/29 18:11:06 | 000,300,296 | ---- | M] (Logitech, Inc.) -- c:\program files\logitech\quickcam\lu\lulnchr.exe PRC - [2008/10/18 10:58:25 | 001,245,064 | ---- | M] () -- C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe PRC - [2008/04/07 16:09:06 | 000,306,112 | ---- | M] (Carbonite, Inc.) -- C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe PRC - [2008/02/06 21:48:00 | 000,149,864 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe PRC - [2008/02/04 12:13:36 | 001,038,136 | ---- | M] (Packard Bell BV) -- C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe PRC - [2008/01/29 19:51:52 | 004,911,104 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2007/09/14 11:24:06 | 001,695,744 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WG111v3.exe PRC - [2007/09/11 00:45:04 | 000,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ========== Modules (SafeList) ========== MOD - [2011/06/18 19:57:36 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Mss test\Desktop\OTL.exe MOD - [2010/08/31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2010/09/06 09:11:32 | 000,217,088 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2010/03/25 11:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2009/09/23 14:50:28 | 000,238,960 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice) SRV - [2008/12/16 21:59:50 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2008/10/18 10:58:25 | 001,245,064 | ---- | M] () [On_Demand | Running] -- C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe -- (Symantec Core LC) SRV - [2008/10/18 10:52:51 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2008/02/09 19:06:00 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate) SRV - [2008/02/09 19:06:00 | 000,238,968 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler) SRV - [2008/02/06 21:48:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice) SRV - [2008/02/06 21:48:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService) SRV - [2008/02/06 21:48:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr) SRV - [2008/02/06 21:48:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr) SRV - [2008/01/21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2007/09/11 00:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0) SRV - [2007/08/22 03:21:00 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost) ========== Driver Services (SafeList) ========== DRV - [2011/04/27 14:19:28 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dgderdrv.sys -- (dgderdrv) DRV - [2010/09/06 09:11:32 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2010/07/20 12:38:24 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm) DRV - [2010/07/20 12:38:24 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM) DRV - [2010/07/20 12:38:24 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter) DRV - [2010/04/27 04:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2010/04/27 04:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM) DRV - [2010/04/27 04:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2009/09/23 14:53:20 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2) DRV - [2009/06/22 16:58:24 | 000,022,016 | ---- | M] (NT Kernel Resources) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Ndisrd.sys -- (NdisrdMP) DRV - [2009/06/22 16:58:24 | 000,022,016 | ---- | M] (NT Kernel Resources) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Ndisrd.sys -- (Ndisrd) DRV - [2009/04/30 23:03:08 | 006,754,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam E3500(UVC) DRV - [2008/12/17 08:01:22 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2008/12/17 08:00:14 | 000,768,024 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS) DRV - [2008/12/16 21:58:54 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2008/10/18 11:00:18 | 000,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2008/05/02 10:58:14 | 000,020,864 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2008/05/02 10:58:12 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2008/04/03 12:56:00 | 007,444,672 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008/02/19 20:06:00 | 000,024,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM) DRV - [2008/02/05 14:34:00 | 000,188,464 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI) DRV - [2008/02/05 14:34:00 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV) DRV - [2008/01/31 20:51:00 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL) DRV - [2008/01/31 20:51:00 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP) DRV - [2008/01/31 20:51:00 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX) DRV - [2008/01/22 04:00:00 | 000,895,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20080122.037\NAVEX15.SYS -- (NAVEX15) DRV - [2008/01/22 04:00:00 | 000,385,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2008/01/22 04:00:00 | 000,082,256 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20080122.037\NAVENG.SYS -- (NAVENG) DRV - [2008/01/16 23:05:00 | 000,447,024 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv) DRV - [2007/11/06 19:07:00 | 000,180,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20071204.002\IDSvix86.sys -- (IDSvix86) DRV - [2007/10/31 12:23:22 | 000,124,960 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32) DRV - [2007/10/31 12:23:20 | 000,115,744 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32) DRV - [2007/10/12 16:53:10 | 000,013,312 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvsmu.sys -- (nvsmu) DRV - [2007/08/08 19:39:00 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CO_Mon.sys -- (CO_Mon) DRV - [2007/04/23 15:19:24 | 000,227,328 | ---- | M] (NETGEAR Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wg111v3.sys -- (RTL8187B) DRV - [2006/11/02 09:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = cherche.us IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = cherche.us IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = cherche.us IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_bak = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://www.yahoo.fr/ " FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:3.4 FF - prefs.js..extensions.enabledItems: crazyloader@spointer.com:3.4.1545.153 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3 FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=SP_ss&mntrId=5cbbb533000000000000001e90379304&tlver=1.4.19.19&instlRef=sst&ss=1&affID=18026&q=" FF - prefs.js..network.proxy.no_proxies_on: "local" FF - HKLM\software\mozilla\Firefox\Extensions\\crazyloader@spointer.com: C:\Program Files\CrazyLoader\spointer\extensions\crazyloader@spointer.com [2010/10/20 15:48:39 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/10 20:10:18 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/10 20:10:19 | 000,000,000 | ---D | M] [2010/11/16 22:38:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mss test\AppData\Roaming\mozilla\Extensions [2009/11/25 19:15:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mss test\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org [2011/06/18 19:27:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mss test\AppData\Roaming\mozilla\Firefox\Profiles\59vvlcoe.default\extensions [2011/06/06 21:07:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Mss test\AppData\Roaming\mozilla\Firefox\Profiles\59vvlcoe.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011/06/07 02:25:43 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Mss test\AppData\Roaming\mozilla\Firefox\Profiles\59vvlcoe.default\extensions\ffxtlbr@babylon.com [2011/06/06 21:07:40 | 000,000,000 | ---D | M] ("Illimitux") -- C:\Users\Mss test\AppData\Roaming\mozilla\Firefox\Profiles\59vvlcoe.default\extensions\illimitux@illimitux.net [2010/06/22 11:48:36 | 000,001,575 | ---- | M] () -- C:\Users\Mss test\AppData\Roaming\Mozilla\Firefox\Profiles\59vvlcoe.default\searchplugins\cherche.xml [2010/10/10 12:00:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2010/10/10 12:00:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/11/16 22:38:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions\talkback@mozilla.org [2010/10/20 15:48:39 | 000,000,000 | ---D | M] (Interest Recognizer for Crazyloader) -- C:\PROGRAM FILES\CRAZYLOADER\SPOINTER\EXTENSIONS\CRAZYLOADER@SPOINTER.COM [2008/02/06 23:05:00 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\mozilla firefox\components\coFFPlgn.dll [2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011/04/10 20:10:14 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2011/04/10 20:10:14 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2011/04/10 20:10:14 | 000,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml [2011/04/10 20:10:14 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2011/04/10 20:10:14 | 000,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2011/06/18 00:16:46 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll (Symantec Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll (Packard Bell) O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation) O4 - HKLM..\Run: [bCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [CarboniteSetupLite] C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe (Carbonite, Inc.) O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation) O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.) O4 - HKLM..\Run: [isCfgWiz] C:\Program Files\Common Files\Symantec Shared\OPC\{C86EA115-FACD-4aa8-BFA2-398C677D0936}\SYMCUW.exe (Symantec Corporation) O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe () O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe ( ) O4 - HKCU..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung) O4 - HKCU..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () O4 - HKCU..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKCU..\Run: [smpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe (Packard Bell BV) O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.) O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O15 - HKCU\..Trusted Domains: chat-land.org ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab (DLM Control) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maconfig/MaConfig_3_5_3_0.cab (HardwareDetection Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} http://t.live.cctv.com/ieocx/CCTVUpdateInstall.dll (CCTVUpdateInstall) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - Reg Error: Key error. File not found O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL (Google) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...com [@ = ComFile] -- Reg Error: Key error. File not found NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll () Drivers32: vidc.i420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point Unable to save MBR. Invalid drive designation: 0 ========== Files/Folders - Created Within 30 Days ========== [2011/06/18 19:57:36 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Users\Mss test\Desktop\OTL.exe [2011/06/18 14:30:23 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2011/06/18 14:23:58 | 000,581,120 | ---- | C] (AVAST Software) -- C:\Users\Mss test\Desktop\aswMBR.exe [2011/06/18 00:18:21 | 000,000,000 | ---D | C] -- C:\Windows\temp [2011/06/18 00:17:32 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2011/06/18 00:08:00 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2011/06/18 00:08:00 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2011/06/18 00:07:59 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2011/06/17 21:17:25 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2011/06/17 20:53:43 | 004,130,419 | R--- | C] (Swearware) -- C:\Users\Mss test\Desktop\ComboFix.exe [2011/06/17 19:13:42 | 000,000,000 | ---D | C] -- C:\Program Files\GridinSoft Trojan Killer [2011/06/17 19:06:19 | 000,000,000 | ---D | C] -- C:\Users\Mss test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Repair [2011/06/17 02:27:39 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011/06/17 02:27:37 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2011/06/17 02:27:37 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011/06/17 02:27:37 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011/06/07 12:28:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft [2011/06/07 12:28:29 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive [2011/06/07 12:28:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live [2011/06/07 12:27:56 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live [2011/06/07 02:25:28 | 001,266,512 | ---- | C] (Microsoft Corporation) -- C:\Users\Mss test\Desktop\wlsetup-custom.exe [2011/06/07 02:09:37 | 000,000,000 | ---D | C] -- C:\Users\Mss test\AppData\Local\Windows Live [2011/06/07 02:08:49 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll [2011/06/07 02:07:40 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2011/06/07 02:07:39 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2011/06/07 02:07:39 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011/06/07 02:07:39 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2011/06/07 02:07:39 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2011/06/07 02:07:39 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011/06/07 02:07:39 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2011/06/07 02:07:38 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011/06/07 02:07:38 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2011/06/07 02:07:38 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2011/06/07 02:07:37 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2011/06/07 02:07:37 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011/06/07 02:07:37 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2011/06/07 02:07:37 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011/06/07 02:07:37 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2011/06/07 02:07:37 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2011/06/07 02:07:37 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011/06/07 02:07:37 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011/06/07 02:07:37 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011/06/07 02:07:37 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011/06/07 02:07:36 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011/06/07 02:07:36 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011/06/07 02:07:36 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2011/06/07 02:07:36 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2011/06/07 02:07:35 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2011/06/07 02:07:35 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2011/06/07 02:07:35 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011/06/07 02:07:35 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011/06/07 02:07:35 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2011/06/07 02:07:35 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2011/06/07 02:07:35 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2011/06/07 02:07:34 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2011/06/07 02:07:34 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2011/06/07 02:07:34 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011/06/07 02:07:34 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011/06/06 22:05:14 | 012,602,568 | ---- | C] (Mozilla) -- C:\Users\Mss test\Desktop\Firefox Setup 4.0.1.exe [2011/06/06 20:14:21 | 000,000,000 | ---D | C] -- C:\Users\Mss test\Desktop\RK_Quarantine [2011/05/20 13:10:37 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [1 C:\Users\Mss test\*.tmp files -> C:\Users\Mss test\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/06/18 20:01:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/06/18 20:00:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\Recovery DVD Creator-Mss test.job [2011/06/18 20:00:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\Extension de garantie-Mss test.job [2011/06/18 19:57:36 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Mss test\Desktop\OTL.exe [2011/06/18 19:51:17 | 000,003,216 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011/06/18 19:51:17 | 000,003,216 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011/06/18 17:02:20 | 000,001,068 | ---- | M] () -- C:\Users\Mss test\Desktop\checkup rapport [2011/06/18 14:29:01 | 000,678,804 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2011/06/18 14:29:01 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011/06/18 14:29:01 | 000,126,420 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2011/06/18 14:29:01 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011/06/18 14:26:31 | 000,000,512 | ---- | M] () -- C:\Users\Mss test\Desktop\MBR.dat [2011/06/18 14:24:11 | 000,879,123 | ---- | M] () -- C:\Users\Mss test\Desktop\SecurityCheck.exe [2011/06/18 14:23:58 | 000,581,120 | ---- | M] (AVAST Software) -- C:\Users\Mss test\Desktop\aswMBR.exe [2011/06/18 11:51:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/06/18 00:19:50 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/06/18 00:19:40 | 3220,385,792 | -HS- | M] () -- C:\hiberfil.sys [2011/06/18 00:16:46 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2011/06/17 23:48:39 | 000,000,304 | ---- | M] () -- C:\Users\Mss test\Desktop\ComboFix - Raccourci.lnk [2011/06/17 23:37:14 | 000,000,176 | ---- | M] () -- C:\ProgramData\~36888312 [2011/06/17 23:37:14 | 000,000,128 | ---- | M] () -- C:\ProgramData\~36888312r [2011/06/17 21:18:48 | 000,132,608 | ---- | M] () -- C:\Users\Mss test\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/06/17 21:17:53 | 004,130,419 | R--- | M] (Swearware) -- C:\Users\Mss test\Desktop\ComboFix.exe [2011/06/17 20:50:08 | 000,606,105 | ---- | M] () -- C:\Users\Mss test\Desktop\unhide.exe [2011/06/17 20:49:58 | 001,007,120 | ---- | M] () -- C:\Users\Mss test\Desktop\rkill.exe [2011/06/17 19:06:19 | 000,000,594 | ---- | M] () -- C:\Users\Mss test\Desktop\Windows Vista Repair.lnk [2011/06/17 19:06:16 | 000,000,336 | ---- | M] () -- C:\ProgramData\36888312 [2011/06/17 12:44:14 | 019,743,024 | ---- | M] () -- C:\Users\Mss test\Desktop\Violent Arab Sex.wmv [2011/06/16 00:03:04 | 002,151,992 | ---- | M] () -- C:\Users\Mss test\Desktop\trio2.wmv [2011/06/16 00:02:30 | 002,843,062 | ---- | M] () -- C:\Users\Mss test\Desktop\F.wmv [2011/06/15 23:57:49 | 003,212,146 | ---- | M] () -- C:\Users\Mss test\Desktop\trio1.wmv [2011/06/07 12:13:11 | 000,000,946 | ---- | M] () -- C:\Users\Mss test\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2011/06/07 12:12:20 | 000,386,744 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011/06/07 02:25:29 | 001,266,512 | ---- | M] (Microsoft Corporation) -- C:\Users\Mss test\Desktop\wlsetup-custom.exe [2011/06/07 02:25:13 | 000,287,088 | ---- | M] () -- C:\Users\Mss test\Desktop\SoftonicDownloader_pour_windows-live-messenger-msn-messenger.exe [2011/06/07 02:07:51 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat [2011/06/07 02:07:51 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat [2011/06/07 02:07:40 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2011/06/07 02:07:39 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2011/06/07 02:07:39 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011/06/07 02:07:39 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2011/06/07 02:07:39 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2011/06/07 02:07:39 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011/06/07 02:07:39 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2011/06/07 02:07:38 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2011/06/07 02:07:38 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011/06/07 02:07:38 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2011/06/07 02:07:38 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2011/06/07 02:07:37 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011/06/07 02:07:37 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2011/06/07 02:07:37 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011/06/07 02:07:37 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2011/06/07 02:07:37 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2011/06/07 02:07:37 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011/06/07 02:07:37 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011/06/07 02:07:37 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [2011/06/07 02:07:37 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011/06/07 02:07:37 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011/06/07 02:07:36 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011/06/07 02:07:36 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011/06/07 02:07:36 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2011/06/07 02:07:36 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2011/06/07 02:07:35 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2011/06/07 02:07:35 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2011/06/07 02:07:35 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011/06/07 02:07:35 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011/06/07 02:07:35 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2011/06/07 02:07:35 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2011/06/07 02:07:35 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2011/06/07 02:07:34 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2011/06/07 02:07:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2011/06/07 02:07:34 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011/06/07 02:07:34 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011/06/06 22:05:23 | 012,602,568 | ---- | M] (Mozilla) -- C:\Users\Mss test\Desktop\Firefox Setup 4.0.1.exe [2011/06/06 21:16:36 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011/06/06 19:40:24 | 000,000,160 | ---- | M] () -- C:\ProgramData\~31448824r [2011/06/06 19:40:24 | 000,000,136 | ---- | M] () -- C:\ProgramData\~31448824 [2011/06/06 19:40:17 | 000,000,336 | ---- | M] () -- C:\ProgramData\31448824 [2011/06/06 15:56:14 | 002,998,765 | ---- | M] () -- C:\Users\Mss test\Desktop\cocoon comets.mp3 [2011/06/01 22:38:37 | 000,146,394 | ---- | M] () -- C:\Users\Mss test\Desktop\untitled.bmp [2011/05/27 20:59:04 | 003,575,350 | ---- | M] () -- C:\Users\Mss test\Desktop\Renaud_-_Miss_Maggie.mp3 [2011/05/24 19:14:10 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [1 C:\Users\Mss test\*.tmp files -> C:\Users\Mss test\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/06/18 17:02:20 | 000,001,068 | ---- | C] () -- C:\Users\Mss test\Desktop\checkup rapport [2011/06/18 14:26:31 | 000,000,512 | ---- | C] () -- C:\Users\Mss test\Desktop\MBR.dat [2011/06/18 14:24:11 | 000,879,123 | ---- | C] () -- C:\Users\Mss test\Desktop\SecurityCheck.exe [2011/06/18 00:19:40 | 3220,385,792 | -HS- | C] () -- C:\hiberfil.sys [2011/06/18 00:08:00 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe [2011/06/18 00:08:00 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2011/06/18 00:08:00 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2011/06/18 00:07:59 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2011/06/18 00:07:59 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2011/06/18 00:07:24 | 000,002,244 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk [2011/06/17 23:48:39 | 000,000,304 | ---- | C] () -- C:\Users\Mss test\Desktop\ComboFix - Raccourci.lnk [2011/06/17 21:16:23 | 000,002,559 | ---- | C] () -- C:\Users\Public\Desktop\Gogglebox TV.lnk [2011/06/17 21:16:23 | 000,002,071 | ---- | C] () -- C:\Users\Public\Desktop\Protégez vos données.lnk [2011/06/17 21:16:23 | 000,002,035 | ---- | C] () -- C:\Users\Public\Desktop\Nero 8 Essentials.lnk [2011/06/17 21:16:23 | 000,001,996 | ---- | C] () -- C:\Users\Public\Desktop\Kodak Gallery.lnk [2011/06/17 21:16:23 | 000,001,957 | ---- | C] () -- C:\Users\Public\Desktop\Guide de l'utilisateur (PB Infocentre).lnk [2011/06/17 21:16:23 | 000,001,938 | ---- | C] () -- C:\Users\Public\Desktop\Logitech QuickCam.lnk [2011/06/17 21:16:23 | 000,001,919 | ---- | C] () -- C:\Users\Public\Desktop\NETGEAR WG111v3 Smart Wizard.lnk [2011/06/17 21:16:23 | 000,001,917 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft® Works SE 9.lnk [2011/06/17 21:16:23 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Packard Bell Updator.lnk [2011/06/17 21:16:23 | 000,001,872 | ---- | C] () -- C:\Users\Mss test\Application Data\Microsoft\Internet Explorer\Quick Launch\eBay.lnk [2011/06/17 21:16:23 | 000,001,869 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk [2011/06/17 21:16:23 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\Neuf.lnk [2011/06/17 21:16:23 | 000,001,761 | ---- | C] () -- C:\Users\Mss test\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk [2011/06/17 21:16:23 | 000,001,751 | ---- | C] () -- C:\Users\Mss test\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011/06/17 21:16:23 | 000,001,739 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011/06/17 21:16:23 | 000,001,737 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk [2011/06/17 21:16:23 | 000,001,727 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011/06/17 21:16:23 | 000,001,671 | ---- | C] () -- C:\Users\Public\Desktop\Picasa.lnk [2011/06/17 21:16:23 | 000,000,946 | ---- | C] () -- C:\Users\Mss test\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2011/06/17 21:16:23 | 000,000,941 | ---- | C] () -- C:\Users\Mss test\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk [2011/06/17 21:16:23 | 000,000,873 | ---- | C] () -- C:\Users\Mss test\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk [2011/06/17 21:16:23 | 000,000,869 | ---- | C] () -- C:\Users\Mss test\Application Data\Microsoft\Internet Explorer\Quick Launch\ALZip.lnk [2011/06/17 21:16:23 | 000,000,862 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2011/06/17 21:16:23 | 000,000,849 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011/06/17 21:16:23 | 000,000,845 | ---- | C] () -- C:\Users\Public\Desktop\Notepad++.lnk [2011/06/17 21:16:23 | 000,000,845 | ---- | C] () -- C:\Users\Mss test\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk [2011/06/17 21:16:23 | 000,000,843 | ---- | C] () -- C:\Users\Public\Desktop\Live-Player.lnk [2011/06/17 21:16:23 | 000,000,821 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/06/17 21:16:23 | 000,000,791 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk [2011/06/17 21:16:23 | 000,000,258 | ---- | C] () -- C:\Users\Mss test\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk [2011/06/17 21:16:23 | 000,000,240 | ---- | C] () -- C:\Users\Mss test\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk [2011/06/17 21:16:23 | 000,000,114 | ---- | C] () -- C:\Users\Mss test\Application Data\Microsoft\Internet Explorer\Quick Launch\Chat-Land site de chat et de rencontre gratuit.URL [2011/06/17 21:16:22 | 000,002,146 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Premiere Elements - Installer la Version d'évaluation.lnk [2011/06/17 21:16:22 | 000,001,978 | ---- | C] () -- C:\Users\Public\Desktop\Easybits - Magic desktop.lnk [2011/06/17 21:16:22 | 000,001,890 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2011/06/17 21:16:22 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\Enregistrement Packard Bell.lnk [2011/06/17 21:16:22 | 000,001,872 | ---- | C] () -- C:\Users\Public\Desktop\eBay.lnk [2011/06/17 21:16:22 | 000,001,828 | ---- | C] () -- C:\Users\Public\Desktop\Configuration HDMI.lnk [2011/06/17 21:16:22 | 000,001,592 | ---- | C] () -- C:\Users\Public\Desktop\Choix de navigateur .lnk [2011/06/17 21:16:22 | 000,000,987 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Photoshop Elements 6.0.lnk [2011/06/17 21:16:22 | 000,000,974 | ---- | C] () -- C:\Users\Public\Desktop\DivX Converter.lnk [2011/06/17 21:16:22 | 000,000,845 | ---- | C] () -- C:\Users\Public\Desktop\ALZip.lnk [2011/06/17 21:16:22 | 000,000,807 | ---- | C] () -- C:\Users\Public\Desktop\eMule.lnk [2011/06/17 20:53:57 | 000,606,105 | ---- | C] () -- C:\Users\Mss test\Desktop\unhide.exe [2011/06/17 20:53:50 | 001,007,120 | ---- | C] () -- C:\Users\Mss test\Desktop\rkill.exe [2011/06/17 19:06:20 | 000,000,128 | ---- | C] () -- C:\ProgramData\~36888312r [2011/06/17 19:06:19 | 000,000,594 | ---- | C] () -- C:\Users\Mss test\Desktop\Windows Vista Repair.lnk [2011/06/17 19:06:19 | 000,000,176 | ---- | C] () -- C:\ProgramData\~36888312 [2011/06/17 19:06:16 | 000,000,336 | ---- | C] () -- C:\ProgramData\36888312 [2011/06/17 12:43:40 | 019,743,024 | ---- | C] () -- C:\Users\Mss test\Desktop\Violent Arab Sex.wmv [2011/06/16 00:03:04 | 002,151,992 | ---- | C] () -- C:\Users\Mss test\Desktop\trio2.wmv [2011/06/16 00:02:30 | 002,843,062 | ---- | C] () -- C:\Users\Mss test\Desktop\F.wmv [2011/06/15 23:57:49 | 003,212,146 | ---- | C] () -- C:\Users\Mss test\Desktop\trio1.wmv [2011/06/07 02:25:11 | 000,287,088 | ---- | C] () -- C:\Users\Mss test\Desktop\SoftonicDownloader_pour_windows-live-messenger-msn-messenger.exe [2011/06/07 02:07:37 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2011/06/06 19:40:24 | 000,000,160 | ---- | C] () -- C:\ProgramData\~31448824r [2011/06/06 19:40:24 | 000,000,136 | ---- | C] () -- C:\ProgramData\~31448824 [2011/06/06 19:40:17 | 000,000,336 | ---- | C] () -- C:\ProgramData\31448824 [2011/06/06 15:56:14 | 002,998,765 | ---- | C] () -- C:\Users\Mss test\Desktop\cocoon comets.mp3 [2011/06/01 22:38:37 | 000,146,394 | ---- | C] () -- C:\Users\Mss test\Desktop\untitled.bmp [2011/05/27 20:59:04 | 003,575,350 | ---- | C] () -- C:\Users\Mss test\Desktop\Renaud_-_Miss_Maggie.mp3 [2011/05/10 22:54:11 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2011/05/10 22:54:11 | 000,036,640 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2011/04/27 14:19:32 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2011/04/27 14:19:30 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2011/04/27 14:19:30 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2011/04/27 14:19:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2011/04/27 14:19:30 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2010/09/27 23:49:51 | 000,000,680 | ---- | C] () -- C:\Users\Mss test\AppData\Local\d3d9caps.dat [2010/07/10 04:35:01 | 000,000,020 | ---- | C] () -- C:\Users\Mss test\AppData\Roaming\hwzypv.dat [2010/05/18 18:05:58 | 000,000,091 | ---- | C] () -- C:\Users\Mss test\AppData\Local\gasamfg.bat [2009/12/11 01:33:31 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat [2009/11/19 11:39:34 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2009/09/18 15:00:41 | 000,000,091 | ---- | C] () -- C:\Users\Mss test\AppData\Local\ngohohi.bat [2009/09/17 02:42:51 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/09/17 02:42:51 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009/09/08 14:04:17 | 000,081,110 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2009/08/30 22:02:08 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2009/08/16 05:47:05 | 000,000,904 | ---- | C] () -- C:\Users\Mss test\AppData\Roaming\wklnhst.dat [2009/08/06 13:06:48 | 000,059,904 | ---- | C] () -- C:\Windows\System32\zlib1.dll [2009/08/06 13:02:40 | 000,286,720 | ---- | C] () -- C:\Windows\System32\libcurl.dll [2009/08/06 13:02:22 | 000,143,360 | ---- | C] () -- C:\Windows\System32\libexpatw.dll [2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe [2009/08/02 17:08:23 | 000,024,206 | ---- | C] () -- C:\Users\Mss test\AppData\Roaming\UserTile.png [2008/12/16 21:58:54 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys [2008/12/16 21:50:56 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLgFT.dll [2008/12/11 17:12:31 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2008/12/11 17:08:36 | 000,132,608 | ---- | C] () -- C:\Users\Mss test\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008/10/27 14:33:12 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008/10/18 20:19:41 | 000,678,804 | ---- | C] () -- C:\Windows\System32\perfh00C.dat [2008/10/18 20:19:41 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.dat [2008/10/18 20:19:41 | 000,126,420 | ---- | C] () -- C:\Windows\System32\perfc00C.dat [2008/10/18 20:19:41 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.dat [2008/10/18 10:50:56 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI [2007/03/09 16:27:58 | 000,053,248 | ---- | C] () -- C:\Windows\System32\zlib.dll [2006/11/02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006/11/02 14:47:37 | 000,386,744 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 12:33:01 | 000,595,798 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006/11/02 12:33:01 | 000,103,872 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006/03/29 09:43:38 | 000,042,496 | ---- | C] () -- C:\Windows\System32\ALZZip.BIN [2006/03/29 09:43:36 | 000,062,464 | ---- | C] () -- C:\Windows\System32\ALZALZ.BIN ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2011/05/10 22:51:02 | 000,002,006 | ---- | M] () -- C:\aqua_bitmap.cpp [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009/04/11 08:36:36 | 000,333,257 | R-S- | M] () -- C:\bootmgr [2008/10/18 20:14:10 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2011/06/18 00:18:19 | 000,019,320 | ---- | M] () -- C:\ComboFix.txt [2006/09/18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2010/09/26 21:45:12 | 000,001,615 | ---- | M] () -- C:\FyK.txt [2011/06/18 00:19:40 | 3220,385,792 | -HS- | M] () -- C:\hiberfil.sys [2011/06/18 00:19:35 | 3534,237,696 | -HS- | M] () -- C:\pagefile.sys [2011/06/17 23:51:38 | 000,000,434 | ---- | M] () -- C:\rkill.log [2010/09/24 02:40:18 | 000,118,754 | ---- | M] () -- C:\TDSSKiller.2.4.2.1_24.09.2010_01.41.47_log.txt [2010/09/25 17:10:49 | 000,001,888 | ---- | M] () -- C:\TDSSKiller.2.4.2.1_25.09.2010_17.10.49_log.txt < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2008/01/21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2008/01/21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2008/01/21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006/11/02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006/11/02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\system32\drivers\*.sys /90 > [2011/04/21 15:58:27 | 000,273,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\afd.sys [2011/04/14 16:59:03 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dfsc.sys [2011/04/27 14:19:28 | 000,020,032 | ---- | M] (Devguru Co., Ltd) -- C:\Windows\System32\drivers\dgderdrv.sys [2011/05/17 09:04:41 | 000,041,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dkgnuahe.sys [2011/04/29 15:24:40 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb.sys [2011/04/29 15:24:50 | 000,214,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys [2011/04/29 15:24:42 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys [2011/04/29 15:25:10 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys [2011/04/29 15:25:09 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-06-17 11:01:06 ========== Alternate Data Streams ========== @Alternate Data Stream - 542 bytes -> C:\Windows\System32\drivers\dkgnuahe.sys:changelist < End of report > Et voici le second : Extras.txt OTL Extras logfile created on: 18/06/2011 20:00:45 - Run 1 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Mss test\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 1,46 Gb Available Physical Memory | 48,81% Memory free 6,22 Gb Paging File | 4,49 Gb Available in Paging File | 72,09% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 453,76 Gb Total Space | 329,01 Gb Free Space | 72,51% Space Free | Partition Type: NTFS Computer Name: PC-DE-MSSTEST | User Name: Mss test | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .bat [@ = batfile] -- Reg Error: Key error. File not found .cmd [@ = cmdfile] -- Reg Error: Key error. File not found .com [@ = ComFile] -- Reg Error: Key error. File not found .html [@ = htmlfile] -- Reg Error: Key error. File not found .pif [@ = piffile] -- Reg Error: Key error. File not found .vbs [@ = VBSFile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{09F2A40D-E46C-48B3-B39C-CA9A818BC799}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe | "{10031AE5-11EE-4E8B-8A4E-B11598DF7EEC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{14AD7F1D-E588-4C5B-B6D7-C81182D5652D}" = lport=2869 | protocol=6 | dir=in | app=system | "{231936EC-C6BC-4884-9995-4D217AA230DC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{2D040236-5158-4955-AD03-807AADD493A4}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe | "{36D42C8A-9F1C-42DF-B893-D5D6965F343F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{4BFA6BFA-75F2-4098-9978-9F23CAAD8D6E}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe | "{6324A855-E5B9-4F41-A6B9-54C4D7C8E96E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{66AF18BA-830B-4904-AD6A-043A46D78992}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{7379A8A1-4A94-4710-8C03-67770352C155}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp | "{7697D0AC-7C39-4565-B2CA-73A445B01447}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe | "{780AD35C-6F8C-4279-AC5D-D5259E55DB0B}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{86DAC58A-736C-402D-960D-98F6590E28C7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{8E8BB61A-1B66-41DD-97EA-16C6FC688248}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{9958C459-DDC9-4AD1-A998-83525FD21BAD}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{9E70516E-5544-468D-92D5-41B89F3CCCD8}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp | "{9F7C6494-E1E1-4833-AD55-FDD6996B93F4}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{A822419D-D5F4-4031-ADC8-1B3F88372397}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{B04FD566-748F-4922-B691-FCD9290A1F2E}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe | "{B4315CDF-ACCB-4696-BD12-1695D7C37EDA}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{BA94017E-6079-4136-BF63-9A7B63E54C0E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | "{D899C71F-A3C9-441D-AAAF-B3371560CF6C}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe | "{D8F9DF6F-1B66-4C07-91BE-EB4A1F2804DF}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe | "{EDF6C174-46D9-46EC-AEA0-9DA227DB2913}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe | "{F7CA5EE7-5543-4B2E-8151-619A4886C707}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00EF2E95-E9DD-4C66-99A1-361D631E7F22}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{0D8304D1-335A-4130-8A58-02C3F5A0F9B4}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe | "{0F114290-E54A-4BB5-B090-3BBB7FAA12AB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{1642441A-17AB-4758-862E-25ED760509EE}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{224A525F-C4AE-49D5-A3C5-F8DBA0A5CDF2}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | "{28230185-8F5F-46E3-8E44-CE05A7164B5B}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe | "{3811F919-6D1D-40A4-8CA5-D7880F55A49B}" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaws.exe | "{388C2FF2-9980-4291-A477-A3AAE52D9783}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe | "{3EAF60F7-144D-4254-9D4B-033E8CB2F23E}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe | "{3F22534B-C4BF-4A47-8E20-2E7A104EA986}" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaws.exe | "{3F802E30-1800-4AE6-A16F-1963F08016F4}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{3FE9B524-6162-4F25-AF1C-F90925C168B1}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{460FEA43-9AB8-40F7-9FE1-3E2B9790EBC5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{4970DBEB-AE24-4BF4-A920-856C3EDC098B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{49A64DE8-C7F5-40A9-876C-2DC41029E291}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe | "{4A9D89BD-1A44-4C2F-BB0E-6A47CE70AA74}" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "{4CB3D6B5-F813-4214-9A08-8BE8830A378E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{6DED106F-338F-4FC3-9405-B5EF572CEDCB}" = protocol=17 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe | "{71F02775-2F9F-45A6-B41C-DDDDD5C957B4}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{7943F166-C5F5-4EF0-A895-81A899A54778}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe | "{813CF951-3A2B-4D3D-B933-C9449F3A7D0A}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe | "{8DA6F316-D868-415A-9348-5C46F4DA8DC9}" = protocol=6 | dir=in | app=c:\program files\crazyloader\crazyloader.exe | "{A3FC823A-278D-4701-8CFE-A3B71D3250D1}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{A725879E-00C9-4A48-BF2F-0800F72B71A8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{B9D96F9A-9EFF-4E4E-833E-5C7A129A0AB6}" = protocol=6 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe | "{DA557CAD-3249-44F9-B442-EBDC83893EC5}" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "{E2CC98C2-EFCA-49D0-8F3E-725E15F42F0B}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe | "{E54A072E-C71A-483A-8ED8-C8312E93B64B}" = protocol=17 | dir=in | app=c:\program files\crazyloader\crazyloader.exe | "TCP Query User{0828E4F9-67E0-4E44-8E64-33BBA287F4F3}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe | "TCP Query User{169533BA-D8F6-46A0-9315-155221148932}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | "TCP Query User{1A134B81-BC90-4602-8F6A-89A510861BA5}C:\users\mss test\appdata\local\temp\jdic_0_9_5\ieembed.exe" = protocol=6 | dir=in | app=c:\users\mss test\appdata\local\temp\jdic_0_9_5\ieembed.exe | "TCP Query User{2444B7F4-E8A8-4764-B07C-427977C2553C}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | "TCP Query User{30DD4D66-E481-4768-AE50-7F42655505CD}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe | "TCP Query User{5E190D71-D903-4BD3-AF3E-9BD22FC5EA19}C:\program files\streamtorrent 1.0\streamtorrent.exe" = protocol=6 | dir=in | app=c:\program files\streamtorrent 1.0\streamtorrent.exe | "TCP Query User{72EE2708-A90B-44CD-8BB6-04D8DEBAADF0}C:\program files\java\jre6\launch4j-tmp\crazyloader.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\crazyloader.exe | "TCP Query User{813A78D7-BBCE-4399-943A-ADAED440ACBE}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "TCP Query User{84606326-8CA6-43F9-B456-7C1B7481E8E0}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | "TCP Query User{8AC78366-C0DF-465A-8B58-BA29F57000B2}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "TCP Query User{A93794FF-F07A-446E-95AD-91BAB3704941}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{D3A45462-FB68-44A9-A3DE-A3B19F483D1F}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "TCP Query User{E48DE1C3-4DED-40F8-B9DD-0AFCDADD86E9}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe | "TCP Query User{E65D6E44-829A-41FD-9DFE-A68E101E163F}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{EA3C9ADA-030F-4CAE-B945-F970CBBC5AF1}C:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "TCP Query User{FC963ECA-764F-4F2B-A0D3-A1486156CA60}C:\program files\tvants\tvants.exe" = protocol=6 | dir=in | app=c:\program files\tvants\tvants.exe | "UDP Query User{06644455-3869-4878-BA35-0301A6D45A17}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe | "UDP Query User{38EEBAE7-C216-40C7-8C03-CEB24F80A2A0}C:\program files\streamtorrent 1.0\streamtorrent.exe" = protocol=17 | dir=in | app=c:\program files\streamtorrent 1.0\streamtorrent.exe | "UDP Query User{42B5A775-FA07-4C54-81DB-803B381FDEBA}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | "UDP Query User{48A0FDF3-69FD-4CEA-A18E-BF01B946A5DB}C:\program files\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "UDP Query User{5A421951-8F57-47BF-AB87-BC659693686E}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "UDP Query User{5C3F1776-972E-4E9B-81A7-4F4F0BA2D135}C:\program files\java\jre6\launch4j-tmp\crazyloader.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\crazyloader.exe | "UDP Query User{5E2D8E01-83C2-4367-9B04-49823A0A9A90}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | "UDP Query User{7547CABC-75A8-48D3-8069-920630409B7A}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "UDP Query User{79DA3E3E-4A30-4199-A2E0-91EF36039080}C:\users\mss test\appdata\local\temp\jdic_0_9_5\ieembed.exe" = protocol=17 | dir=in | app=c:\users\mss test\appdata\local\temp\jdic_0_9_5\ieembed.exe | "UDP Query User{83DFC0F2-BD7D-41BB-A441-CBBEA8FC4E28}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "UDP Query User{9312A759-9E7E-4EA3-872E-7D983B71A168}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | "UDP Query User{A345D8AC-6E44-4678-A81D-AD1A7E79C794}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe | "UDP Query User{A5188907-9468-4B44-AC8B-C805FC84C745}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{AAF01412-A4F6-4F24-BD43-003C74F2EA0D}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe | "UDP Query User{D105E7CD-DE11-4016-B47E-133CAB38CEF2}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{EB92DB0C-387F-43F7-B398-69D866E7A1C8}C:\program files\tvants\tvants.exe" = protocol=17 | dir=in | app=c:\program files\tvants\tvants.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0214A441-A4AB-43A8-8DEF-2F73C5364673}" = Microsoft Works "{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin "{0ED40D2A-7131-4FE7-941E-5C329336F712}" = HDReg France "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live "{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java 6 Update 21 "{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet "{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}" = Component Framework "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{3672B097-EA69-4BFE-B92F-29AE6D9D2B34}" = Norton Internet Security "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3CB41017-F5CA-4C56-934C-ED02156251E6}" = iTunes "{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{425FFD94-36BD-4933-881B-FE0B9DADF2B7}" = Ma-Config.com "{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger "{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter "{55A6283C-638A-4EE0-B491-51118554BDA2}" = Norton Confidential Core "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5B4383F2-37EE-4E97-AD81-F5FF76F286DA}" = OutlookAddInNet3Setup "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail "{62120008-8E1E-4807-860D-A8B48F8552DB}" = Norton Protection Center "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit "{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}" = Norton AntiVirus "{7B63B2922B174135AFC0E1377DD81EC2}" = "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0015-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0017-040C-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (French) 2007 "{90120000-0017-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CCDA3DD6-E33D-4D75-B7C9-FF585580CE83}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-0019-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007 "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007 "{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007 "{90120000-00BA-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0100-040C-0000-0000000FF1CE}" = Microsoft Office O MUI (French) 2007 "{90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0101-040C-0000-0000000FF1CE}" = Microsoft Office X MUI (French) 2007 "{90120000-0101-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90140000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2010 "{90140000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2010 "{90140000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2010 "{90140000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2010 "{90140000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2010 "{90140000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2010 "{90140000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2010 "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010 "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2010 "{90140000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2010 "{90140000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2010 "{90140000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2010 "{90140000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2010 "{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{937B232D-9776-471E-92BD-D424E514EF14}" = Logitech QuickCam "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{980B9958-1239-4FC5-8C88-AC5650321036}" = Nero 8 Essentials "{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows "{A47B07BD-C187-41F8-8AB8-38E5821BB7BF}" = Gogglebox TV "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.0 - Français "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call "{B6ACFF51-248A-4290-B50B-E50C81F25B97}" = iPod for Windows 2005-02-22 "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver "{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1 "{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser "{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}" = Symantec Real Time Storage Protection Component "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live "{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton AntiVirus Help "{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation) "{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0 "Adobe Shockwave Player" = Adobe Shockwave Player "AdobePE6" = Adobe Photoshop Elements 6 "AdobeReader" = Adobe Reader 8 "ALZip_is1" = ALZip "AUDIO_REALTEK" = Realtek HD Audio V6.0.1.5559 "AVIcodec" = AVIcodec (remove only) "Carbonite" = Carbonite "Carbonite Setup Lite" = Protégez vos données "CrazyLoader" = CrazyLoader "eMule" = eMule "ffdshow_is1" = ffdshow [rev 3119] [2009-10-27] "Google Desktop" = Google Desktop "GOOGLE_EARTH" = Google Earth "GoogleBAE" = Google BAE "GoogleDesktop" = GoogleDesktop "GoogleToolbar" = GoogleToolbar "HijackThis" = HijackThis 2.0.2 "ImageWriter" = Packard Bell ImageWriter "Infocentre" = Infocentre Rev. 2.0 "InstallShield_{3CB41017-F5CA-4C56-934C-ED02156251E6}" = iTunes "InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "InstallShield_{B6ACFF51-248A-4290-B50B-E50C81F25B97}" = iPod for Windows 2005-02-22 "JDownloader" = JDownloader "LCDTest" = Packard Bell LCD Test "LimeWire" = LimeWire 5.3.6 "Ludi" = Ludi "lvdrivers_11.90" = Coffret de pilotes Logitech QuickCam "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "METABOLI" = Metaboli "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19) "Nero8" = Nero 8 Essentials "NEUF_FR" = ADSL Neuf "NIS2008_FR" = Norton Internet Security "Notepad++" = Notepad++ "NVIDIA Drivers" = NVIDIA Drivers "Office14.PROPLUSR" = Microsoft Office Professionnel Plus 2010 "OMUI.fr-fr" = Microsoft Office Language Pack 2007 - French/Français "Picasa 3" = Picasa 3 "Picasa_2" = Picasa2 "Picasa2" = Picasa 2 "PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation) "QuickTime" = QuickTime "SETUPMYPC_FR" = SetUp My PC "SKYPE" = Skype 3.6.2.248 "SopCast" = SopCast 3.0.1 "StreamTorrent 1.0" = Stream Torrent 1.0 "SymSetup.{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security (Symantec Corporation) "tcgmtafm" = Favorit "TimeAdjuster" = Time Adjuster v2.8 (STANDARD) "TVAnts 1.0" = TVAnts 1.0 "Updator" = Packard Bell Updator "Veetle TV" = Veetle TV 0.9.18 "VIDEO_NVIDIA" = Video NVIDIA v174.90 "VLC media player" = VLC media player 1.1.7 "vShare" = vShare Plugin "WinLiveSuite_Wave3" = Installation Windows Live "works9se" = Microsoft Works 9 SE ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "UnityWebPlayer" = Unity Web Player ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 06/06/2011 14:22:44 | Computer Name = PC-de-Msstest | Source = WinMgmt | ID = 10 Description = Error - 06/06/2011 15:14:02 | Computer Name = PC-de-Msstest | Source = WinMgmt | ID = 10 Description = Error - 06/06/2011 20:10:52 | Computer Name = PC-de-Msstest | Source = Microsoft-Windows-RestartManager | ID = 10006 Description = Error - 07/06/2011 06:13:02 | Computer Name = PC-de-Msstest | Source = WinMgmt | ID = 10 Description = Error - 07/06/2011 06:13:49 | Computer Name = PC-de-Msstest | Source = SideBySide | ID = 16842785 Description = La création du contexte d’activation a échoué pour « C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\wksss.exe ». Assembly dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error - 07/06/2011 06:17:46 | Computer Name = PC-de-Msstest | Source = VSS | ID = 8194 Description = Error - 07/06/2011 06:25:35 | Computer Name = PC-de-Msstest | Source = Microsoft-Windows-RestartManager | ID = 10006 Description = Error - 07/06/2011 10:39:19 | Computer Name = PC-de-Msstest | Source = SideBySide | ID = 16842785 Description = La création du contexte d’activation a échoué pour « C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\wksss.exe ». Assembly dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error - 07/06/2011 10:39:19 | Computer Name = PC-de-Msstest | Source = SideBySide | ID = 16842785 Description = La création du contexte d’activation a échoué pour « C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\wksss.exe ». Assembly dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error - 07/06/2011 10:39:24 | Computer Name = PC-de-Msstest | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 17/06/2011 17:43:40 | Computer Name = PC-de-Msstest | Source = Service Control Manager | ID = 7011 Description = Error - 17/06/2011 17:46:20 | Computer Name = PC-de-Msstest | Source = DCOM | ID = 10005 Description = Error - 17/06/2011 17:46:30 | Computer Name = PC-de-Msstest | Source = DCOM | ID = 10005 Description = Error - 17/06/2011 17:46:35 | Computer Name = PC-de-Msstest | Source = DCOM | ID = 10005 Description = Error - 17/06/2011 17:46:43 | Computer Name = PC-de-Msstest | Source = DCOM | ID = 10005 Description = Error - 17/06/2011 17:46:58 | Computer Name = PC-de-Msstest | Source = Service Control Manager | ID = 7001 Description = Error - 17/06/2011 17:46:58 | Computer Name = PC-de-Msstest | Source = Service Control Manager | ID = 7026 Description = Error - 17/06/2011 18:09:03 | Computer Name = PC-de-Msstest | Source = Service Control Manager | ID = 7030 Description = Error - 17/06/2011 18:12:51 | Computer Name = PC-de-Msstest | Source = Service Control Manager | ID = 7030 Description = Error - 17/06/2011 18:16:48 | Computer Name = PC-de-Msstest | Source = Service Control Manager | ID = 7030 Description = < End of report > Et voici le second: Extras.txt OTL Extras logfile created on: 18/06/2011 20:00:45 - Run 1 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Mss test\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 1,46 Gb Available Physical Memory | 48,81% Memory free 6,22 Gb Paging File | 4,49 Gb Available in Paging File | 72,09% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 453,76 Gb Total Space | 329,01 Gb Free Space | 72,51% Space Free | Partition Type: NTFS Computer Name: PC-DE-MSSTEST | User Name: Mss test | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .bat [@ = batfile] -- Reg Error: Key error. File not found .cmd [@ = cmdfile] -- Reg Error: Key error. File not found .com [@ = ComFile] -- Reg Error: Key error. File not found .html [@ = htmlfile] -- Reg Error: Key error. File not found .pif [@ = piffile] -- Reg Error: Key error. File not found .vbs [@ = VBSFile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{09F2A40D-E46C-48B3-B39C-CA9A818BC799}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe | "{10031AE5-11EE-4E8B-8A4E-B11598DF7EEC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{14AD7F1D-E588-4C5B-B6D7-C81182D5652D}" = lport=2869 | protocol=6 | dir=in | app=system | "{231936EC-C6BC-4884-9995-4D217AA230DC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{2D040236-5158-4955-AD03-807AADD493A4}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe | "{36D42C8A-9F1C-42DF-B893-D5D6965F343F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{4BFA6BFA-75F2-4098-9978-9F23CAAD8D6E}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe | "{6324A855-E5B9-4F41-A6B9-54C4D7C8E96E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{66AF18BA-830B-4904-AD6A-043A46D78992}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{7379A8A1-4A94-4710-8C03-67770352C155}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp | "{7697D0AC-7C39-4565-B2CA-73A445B01447}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe | "{780AD35C-6F8C-4279-AC5D-D5259E55DB0B}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{86DAC58A-736C-402D-960D-98F6590E28C7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{8E8BB61A-1B66-41DD-97EA-16C6FC688248}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{9958C459-DDC9-4AD1-A998-83525FD21BAD}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{9E70516E-5544-468D-92D5-41B89F3CCCD8}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp | "{9F7C6494-E1E1-4833-AD55-FDD6996B93F4}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{A822419D-D5F4-4031-ADC8-1B3F88372397}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{B04FD566-748F-4922-B691-FCD9290A1F2E}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe | "{B4315CDF-ACCB-4696-BD12-1695D7C37EDA}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{BA94017E-6079-4136-BF63-9A7B63E54C0E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | "{D899C71F-A3C9-441D-AAAF-B3371560CF6C}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe | "{D8F9DF6F-1B66-4C07-91BE-EB4A1F2804DF}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe | "{EDF6C174-46D9-46EC-AEA0-9DA227DB2913}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe | "{F7CA5EE7-5543-4B2E-8151-619A4886C707}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00EF2E95-E9DD-4C66-99A1-361D631E7F22}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{0D8304D1-335A-4130-8A58-02C3F5A0F9B4}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe | "{0F114290-E54A-4BB5-B090-3BBB7FAA12AB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{1642441A-17AB-4758-862E-25ED760509EE}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{224A525F-C4AE-49D5-A3C5-F8DBA0A5CDF2}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | "{28230185-8F5F-46E3-8E44-CE05A7164B5B}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe | "{3811F919-6D1D-40A4-8CA5-D7880F55A49B}" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaws.exe | "{388C2FF2-9980-4291-A477-A3AAE52D9783}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe | "{3EAF60F7-144D-4254-9D4B-033E8CB2F23E}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe | "{3F22534B-C4BF-4A47-8E20-2E7A104EA986}" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaws.exe | "{3F802E30-1800-4AE6-A16F-1963F08016F4}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{3FE9B524-6162-4F25-AF1C-F90925C168B1}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{460FEA43-9AB8-40F7-9FE1-3E2B9790EBC5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{4970DBEB-AE24-4BF4-A920-856C3EDC098B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{49A64DE8-C7F5-40A9-876C-2DC41029E291}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe | "{4A9D89BD-1A44-4C2F-BB0E-6A47CE70AA74}" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "{4CB3D6B5-F813-4214-9A08-8BE8830A378E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{6DED106F-338F-4FC3-9405-B5EF572CEDCB}" = protocol=17 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe | "{71F02775-2F9F-45A6-B41C-DDDDD5C957B4}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{7943F166-C5F5-4EF0-A895-81A899A54778}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe | "{813CF951-3A2B-4D3D-B933-C9449F3A7D0A}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe | "{8DA6F316-D868-415A-9348-5C46F4DA8DC9}" = protocol=6 | dir=in | app=c:\program files\crazyloader\crazyloader.exe | "{A3FC823A-278D-4701-8CFE-A3B71D3250D1}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{A725879E-00C9-4A48-BF2F-0800F72B71A8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{B9D96F9A-9EFF-4E4E-833E-5C7A129A0AB6}" = protocol=6 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe | "{DA557CAD-3249-44F9-B442-EBDC83893EC5}" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "{E2CC98C2-EFCA-49D0-8F3E-725E15F42F0B}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe | "{E54A072E-C71A-483A-8ED8-C8312E93B64B}" = protocol=17 | dir=in | app=c:\program files\crazyloader\crazyloader.exe | "TCP Query User{0828E4F9-67E0-4E44-8E64-33BBA287F4F3}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe | "TCP Query User{169533BA-D8F6-46A0-9315-155221148932}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | "TCP Query User{1A134B81-BC90-4602-8F6A-89A510861BA5}C:\users\mss test\appdata\local\temp\jdic_0_9_5\ieembed.exe" = protocol=6 | dir=in | app=c:\users\mss test\appdata\local\temp\jdic_0_9_5\ieembed.exe | "TCP Query User{2444B7F4-E8A8-4764-B07C-427977C2553C}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | "TCP Query User{30DD4D66-E481-4768-AE50-7F42655505CD}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe | "TCP Query User{5E190D71-D903-4BD3-AF3E-9BD22FC5EA19}C:\program files\streamtorrent 1.0\streamtorrent.exe" = protocol=6 | dir=in | app=c:\program files\streamtorrent 1.0\streamtorrent.exe | "TCP Query User{72EE2708-A90B-44CD-8BB6-04D8DEBAADF0}C:\program files\java\jre6\launch4j-tmp\crazyloader.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\crazyloader.exe | "TCP Query User{813A78D7-BBCE-4399-943A-ADAED440ACBE}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "TCP Query User{84606326-8CA6-43F9-B456-7C1B7481E8E0}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | "TCP Query User{8AC78366-C0DF-465A-8B58-BA29F57000B2}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "TCP Query User{A93794FF-F07A-446E-95AD-91BAB3704941}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{D3A45462-FB68-44A9-A3DE-A3B19F483D1F}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "TCP Query User{E48DE1C3-4DED-40F8-B9DD-0AFCDADD86E9}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe | "TCP Query User{E65D6E44-829A-41FD-9DFE-A68E101E163F}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{EA3C9ADA-030F-4CAE-B945-F970CBBC5AF1}C:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "TCP Query User{FC963ECA-764F-4F2B-A0D3-A1486156CA60}C:\program files\tvants\tvants.exe" = protocol=6 | dir=in | app=c:\program files\tvants\tvants.exe | "UDP Query User{06644455-3869-4878-BA35-0301A6D45A17}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe | "UDP Query User{38EEBAE7-C216-40C7-8C03-CEB24F80A2A0}C:\program files\streamtorrent 1.0\streamtorrent.exe" = protocol=17 | dir=in | app=c:\program files\streamtorrent 1.0\streamtorrent.exe | "UDP Query User{42B5A775-FA07-4C54-81DB-803B381FDEBA}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | "UDP Query User{48A0FDF3-69FD-4CEA-A18E-BF01B946A5DB}C:\program files\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "UDP Query User{5A421951-8F57-47BF-AB87-BC659693686E}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "UDP Query User{5C3F1776-972E-4E9B-81A7-4F4F0BA2D135}C:\program files\java\jre6\launch4j-tmp\crazyloader.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\launch4j-tmp\crazyloader.exe | "UDP Query User{5E2D8E01-83C2-4367-9B04-49823A0A9A90}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | "UDP Query User{7547CABC-75A8-48D3-8069-920630409B7A}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "UDP Query User{79DA3E3E-4A30-4199-A2E0-91EF36039080}C:\users\mss test\appdata\local\temp\jdic_0_9_5\ieembed.exe" = protocol=17 | dir=in | app=c:\users\mss test\appdata\local\temp\jdic_0_9_5\ieembed.exe | "UDP Query User{83DFC0F2-BD7D-41BB-A441-CBBEA8FC4E28}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "UDP Query User{9312A759-9E7E-4EA3-872E-7D983B71A168}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | "UDP Query User{A345D8AC-6E44-4678-A81D-AD1A7E79C794}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe | "UDP Query User{A5188907-9468-4B44-AC8B-C805FC84C745}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{AAF01412-A4F6-4F24-BD43-003C74F2EA0D}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe | "UDP Query User{D105E7CD-DE11-4016-B47E-133CAB38CEF2}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{EB92DB0C-387F-43F7-B398-69D866E7A1C8}C:\program files\tvants\tvants.exe" = protocol=17 | dir=in | app=c:\program files\tvants\tvants.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0214A441-A4AB-43A8-8DEF-2F73C5364673}" = Microsoft Works "{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin "{0ED40D2A-7131-4FE7-941E-5C329336F712}" = HDReg France "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live "{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java 6 Update 21 "{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet "{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}" = Component Framework "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{3672B097-EA69-4BFE-B92F-29AE6D9D2B34}" = Norton Internet Security "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3CB41017-F5CA-4C56-934C-ED02156251E6}" = iTunes "{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{425FFD94-36BD-4933-881B-FE0B9DADF2B7}" = Ma-Config.com "{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger "{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter "{55A6283C-638A-4EE0-B491-51118554BDA2}" = Norton Confidential Core "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5B4383F2-37EE-4E97-AD81-F5FF76F286DA}" = OutlookAddInNet3Setup "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail "{62120008-8E1E-4807-860D-A8B48F8552DB}" = Norton Protection Center "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit "{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}" = Norton AntiVirus "{7B63B2922B174135AFC0E1377DD81EC2}" = "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0015-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0017-040C-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (French) 2007 "{90120000-0017-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CCDA3DD6-E33D-4D75-B7C9-FF585580CE83}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-0019-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007 "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007 "{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007 "{90120000-00BA-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0100-040C-0000-0000000FF1CE}" = Microsoft Office O MUI (French) 2007 "{90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0101-040C-0000-0000000FF1CE}" = Microsoft Office X MUI (French) 2007 "{90120000-0101-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90140000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2010 "{90140000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2010 "{90140000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2010 "{90140000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2010 "{90140000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2010 "{90140000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2010 "{90140000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2010 "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010 "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2010 "{90140000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2010 "{90140000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2010 "{90140000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2010 "{90140000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2010 "{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{937B232D-9776-471E-92BD-D424E514EF14}" = Logitech QuickCam "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{980B9958-1239-4FC5-8C88-AC5650321036}" = Nero 8 Essentials "{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows "{A47B07BD-C187-41F8-8AB8-38E5821BB7BF}" = Gogglebox TV "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.0 - Français "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call "{B6ACFF51-248A-4290-B50B-E50C81F25B97}" = iPod for Windows 2005-02-22 "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver "{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1 "{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser "{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}" = Symantec Real Time Storage Protection Component "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live "{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton AntiVirus Help "{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation) "{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0 "Adobe Shockwave Player" = Adobe Shockwave Player "AdobePE6" = Adobe Photoshop Elements 6 "AdobeReader" = Adobe Reader 8 "ALZip_is1" = ALZip "AUDIO_REALTEK" = Realtek HD Audio V6.0.1.5559 "AVIcodec" = AVIcodec (remove only) "Carbonite" = Carbonite "Carbonite Setup Lite" = Protégez vos données "CrazyLoader" = CrazyLoader "eMule" = eMule "ffdshow_is1" = ffdshow [rev 3119] [2009-10-27] "Google Desktop" = Google Desktop "GOOGLE_EARTH" = Google Earth "GoogleBAE" = Google BAE "GoogleDesktop" = GoogleDesktop "GoogleToolbar" = GoogleToolbar "HijackThis" = HijackThis 2.0.2 "ImageWriter" = Packard Bell ImageWriter "Infocentre" = Infocentre Rev. 2.0 "InstallShield_{3CB41017-F5CA-4C56-934C-ED02156251E6}" = iTunes "InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "InstallShield_{B6ACFF51-248A-4290-B50B-E50C81F25B97}" = iPod for Windows 2005-02-22 "JDownloader" = JDownloader "LCDTest" = Packard Bell LCD Test "LimeWire" = LimeWire 5.3.6 "Ludi" = Ludi "lvdrivers_11.90" = Coffret de pilotes Logitech QuickCam "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "METABOLI" = Metaboli "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19) "Nero8" = Nero 8 Essentials "NEUF_FR" = ADSL Neuf "NIS2008_FR" = Norton Internet Security "Notepad++" = Notepad++ "NVIDIA Drivers" = NVIDIA Drivers "Office14.PROPLUSR" = Microsoft Office Professionnel Plus 2010 "OMUI.fr-fr" = Microsoft Office Language Pack 2007 - French/Français "Picasa 3" = Picasa 3 "Picasa_2" = Picasa2 "Picasa2" = Picasa 2 "PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation) "QuickTime" = QuickTime "SETUPMYPC_FR" = SetUp My PC "SKYPE" = Skype 3.6.2.248 "SopCast" = SopCast 3.0.1 "StreamTorrent 1.0" = Stream Torrent 1.0 "SymSetup.{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security (Symantec Corporation) "tcgmtafm" = Favorit "TimeAdjuster" = Time Adjuster v2.8 (STANDARD) "TVAnts 1.0" = TVAnts 1.0 "Updator" = Packard Bell Updator "Veetle TV" = Veetle TV 0.9.18 "VIDEO_NVIDIA" = Video NVIDIA v174.90 "VLC media player" = VLC media player 1.1.7 "vShare" = vShare Plugin "WinLiveSuite_Wave3" = Installation Windows Live "works9se" = Microsoft Works 9 SE ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "UnityWebPlayer" = Unity Web Player ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 06/06/2011 14:22:44 | Computer Name = PC-de-Msstest | Source = WinMgmt | ID = 10 Description = Error - 06/06/2011 15:14:02 | Computer Name = PC-de-Msstest | Source = WinMgmt | ID = 10 Description = Error - 06/06/2011 20:10:52 | Computer Name = PC-de-Msstest | Source = Microsoft-Windows-RestartManager | ID = 10006 Description = Error - 07/06/2011 06:13:02 | Computer Name = PC-de-Msstest | Source = WinMgmt | ID = 10 Description = Error - 07/06/2011 06:13:49 | Computer Name = PC-de-Msstest | Source = SideBySide | ID = 16842785 Description = La création du contexte d’activation a échoué pour « C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\wksss.exe ». Assembly dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error - 07/06/2011 06:17:46 | Computer Name = PC-de-Msstest | Source = VSS | ID = 8194 Description = Error - 07/06/2011 06:25:35 | Computer Name = PC-de-Msstest | Source = Microsoft-Windows-RestartManager | ID = 10006 Description = Error - 07/06/2011 10:39:19 | Computer Name = PC-de-Msstest | Source = SideBySide | ID = 16842785 Description = La création du contexte d’activation a échoué pour « C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\wksss.exe ». Assembly dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error - 07/06/2011 10:39:19 | Computer Name = PC-de-Msstest | Source = SideBySide | ID = 16842785 Description = La création du contexte d’activation a échoué pour « C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\wksss.exe ». Assembly dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error - 07/06/2011 10:39:24 | Computer Name = PC-de-Msstest | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 17/06/2011 17:43:40 | Computer Name = PC-de-Msstest | Source = Service Control Manager | ID = 7011 Description = Error - 17/06/2011 17:46:20 | Computer Name = PC-de-Msstest | Source = DCOM | ID = 10005 Description = Error - 17/06/2011 17:46:30 | Computer Name = PC-de-Msstest | Source = DCOM | ID = 10005 Description = Error - 17/06/2011 17:46:35 | Computer Name = PC-de-Msstest | Source = DCOM | ID = 10005 Description = Error - 17/06/2011 17:46:43 | Computer Name = PC-de-Msstest | Source = DCOM | ID = 10005 Description = Error - 17/06/2011 17:46:58 | Computer Name = PC-de-Msstest | Source = Service Control Manager | ID = 7001 Description = Error - 17/06/2011 17:46:58 | Computer Name = PC-de-Msstest | Source = Service Control Manager | ID = 7026 Description = Error - 17/06/2011 18:09:03 | Computer Name = PC-de-Msstest | Source = Service Control Manager | ID = 7030 Description = Error - 17/06/2011 18:12:51 | Computer Name = PC-de-Msstest | Source = Service Control Manager | ID = 7030 Description = Error - 17/06/2011 18:16:48 | Computer Name = PC-de-Msstest | Source = Service Control Manager | ID = 7030 Description = < End of report >

Ok, après pas mal de temps à attendre je te livre les rapports demandés. •aswmbr.txt : aswMBR version 0.9.6.399 Copyright© 2011 AVAST Software Run date: 2011-06-18 14:25:06 ----------------------------- 14:25:06.182 OS Version: Windows 6.0.6002 Service Pack 2 14:25:06.183 Number of processors: 2 586 0xF0D 14:25:06.184 ComputerName: PC-DE-MSSTEST UserName: Mss test 14:25:29.798 Initialize success 14:25:47.253 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000066 14:25:47.256 Disk 0 Vendor: ST350083 3.AA Size: 476940MB BusType: 6 14:25:49.280 Disk 0 MBR read successfully 14:25:49.284 Disk 0 MBR scan 14:25:49.287 Disk 0 unknown MBR code 14:25:51.292 Disk 0 scanning sectors +976771120 14:25:51.321 Disk 0 scanning C:\Windows\system32\drivers 14:26:00.837 Service scanning 14:26:01.961 Disk 0 trace - called modules: 14:26:01.975 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x86c901ed]<< 14:26:01.979 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x865621f0] 14:26:01.985 3 CLASSPNP.SYS[807b68b3] -> nt!IofCallDriver -> [0x85916a60] 14:26:01.989 5 acpi.sys[806936bc] -> nt!IofCallDriver -> \Device\00000066[0x85925418] 14:26:01.993 \Driver\nvstor32[0x859489d8] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0x86c901ed 14:26:02.001 Scan finished successfully 14:26:31.729 Disk 0 MBR has been saved successfully to "C:\Users\Mss test\Desktop\MBR.dat" 14:26:31.739 The log file has been saved successfully to "C:\Users\Mss test\Desktop\aswMBR rapport.txt" •scan-results.txt : C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe une variante de Win32/1AntiVirus application C:\Program Files\Live-Player\live-player.exe Win32/Adware.LivePlayer.AA application C:\Program Files\Live-Player\uninst.exe une variante de Win32/Adware.Agent.NMZ application C:\Qoobox\Quarantine\C\Users\Mss test\binternet.exe.vir une variante de Win32/BInternet.AA application C:\Qoobox\Quarantine\C\Users\Mss test\AppData\Local\3210643462.exe.vir Win32/Kryptik.GYK.Gen cheval de troie C:\Users\Mss test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NVQ7ZR1U\java_skyline[1].htm JS/Kryptik.AQ.Gen cheval de troie C:\Users\Mss test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NVQ7ZR1U\lift[1].htm JS/Kryptik.AQ.Gen cheval de troie C:\Users\Mss test\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NVQ7ZR1U\track[2].htm HTML/Iframe.B.Gen virus C:\Users\Mss test\Desktop\RK_Quarantine\exktsjdkrdaqskx.exe.vir une variante de Win32/Kryptik.OSJ cheval de troie C:\Users\Mss test\Downloads\Live-Player_setup.exe une variante de Win32/Skintrim.FD cheval de troie C:\Users\Mss test\Downloads\plugin-vlc.exe Win32/Adware.OfferBox application C:\Users\Mss test\Downloads\trojankiller2095-setup.exe une variante de Win32/1AntiVirus application •checkup.txt : Results of screen317's Security Check version 0.99.14 Windows Vista Service Pack 2 (UAC is enabled) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Norton AntiVirus Norton AntiVirus Help Norton Internet Security Norton Internet Security (Symantec Corporation) Norton Internet Security WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware HijackThis 2.0.2 Java 6 Update 21 Out of date Java installed! Flash Player Out of Date! Adobe Flash Player 10.0.32.18 Mozilla Firefox (3.0.19) Firefox Out of Date! ```````````````````````````````` Process Check: objlist.exe by Laurent Norton ccSvcHst.exe Packard Bell Carbonite CarboniteSetupLitePBPreInstaller.exe ``````````End of Log````````````

Bonjour, oui pardon j'ai omis de dire que mon pc à retrouver ses icônes, qu'il a retrouvé de sa vitesse mais l'icone de windows media repair est toujours présente bien qu'elle ne se manifeste pas pour le moment. Effectivement je n'ai pas d'antivirus et il se peut que dans le passé j'ai supprimé le norton antivirus (mauvaise manip'. Autre chose, quand je fais une requête google ou autre, et que je désire accéder à un site, je suis redirigé vers une page de pub ou d'erreur. Il faut que je refasse 3 ou 4 fois l'opération pour accéder à la page voulue.

Bon, il a quand même fini par rendre son rapport. Le voici : ComboFix 11-06-17.04 - Mss test 18/06/2011 0:10.1.2 - x86 NETWORK Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3071.2290 [GMT 2:00] Lancé depuis: c:\users\Mss test\Desktop\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\OfferBox c:\program files\OfferBox\OfferBoxBHO.dll c:\programdata\36888312.exe c:\programdata\JtSWvJfiQpeA.exe c:\users\Mss test\AppData\Roaming\OfferBox c:\users\Mss test\AppData\Roaming\OfferBox\config.xml c:\users\Mss test\binternet.exe c:\windows\system32\drivers\snetcfg.exe c:\windows\system32\muzapp.exe c:\windows\system32\ndisapi.dll . . ((((((((((((((((((((((((((((( Fichiers créés du 2011-05-17 au 2011-06-17 )))))))))))))))))))))))))))))))))))) . . 2011-06-17 22:14 . 2011-06-17 22:14 -------- d-----w- c:\users\Public\AppData\Local\temp 2011-06-17 22:14 . 2011-06-17 22:14 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-06-17 17:13 . 2011-06-17 17:14 -------- d-----w- c:\program files\GridinSoft Trojan Killer 2011-06-17 11:00 . 2011-05-24 17:12 6962000 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8B2F4A79-178F-496A-838F-8A5F7EFCDEAF}\mpengine.dll 2011-06-17 00:27 . 2011-04-22 23:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-06-17 00:27 . 2011-04-25 15:29 141104 ----a-w- c:\program files\Internet Explorer\sqmapi.dll 2011-06-17 00:27 . 2011-04-22 23:35 1797632 ----a-w- c:\windows\system32\jscript9.dll 2011-06-16 17:17 . 2011-04-14 14:59 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys 2011-06-16 17:17 . 2011-04-21 13:58 273408 ----a-w- c:\windows\system32\drivers\afd.sys 2011-06-16 17:17 . 2011-04-29 13:25 146432 ----a-w- c:\windows\system32\drivers\srv2.sys 2011-06-16 17:17 . 2011-04-29 13:25 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys 2011-06-16 17:17 . 2010-12-20 16:35 563712 ----a-w- c:\windows\system32\oleaut32.dll 2011-06-16 17:17 . 2011-05-02 17:16 739328 ----a-w- c:\windows\system32\inetcomm.dll 2011-06-16 17:16 . 2011-04-29 13:24 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-06-16 17:15 . 2011-04-29 13:24 79872 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2011-06-16 17:15 . 2011-04-29 13:24 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-06-16 17:15 . 2011-05-02 12:02 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2011-06-07 10:28 . 2011-06-07 10:28 -------- d-----w- c:\program files\Microsoft 2011-06-07 10:28 . 2011-06-07 10:28 -------- d-----w- c:\program files\Windows Live SkyDrive 2011-06-07 10:27 . 2011-06-07 10:29 -------- d-----w- c:\program files\Windows Live 2011-06-07 00:09 . 2011-06-07 00:16 -------- d-----w- c:\users\Mss test\AppData\Local\Windows Live 2011-06-07 00:08 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll 2011-05-20 11:10 . 2011-06-06 19:16 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2011-05-24 17:14 . 2009-10-03 07:42 222080 ------w- c:\windows\system32\MpSigStub.exe 2011-05-17 07:04 . 2011-05-17 07:04 41680 ----a-w- c:\windows\system32\drivers\dkgnuahe.sys 2011-05-01 00:22 . 2011-05-10 21:14 79929616 ----a-w- c:\users\Mss test\AppData\Roaming\Microsoft\Windows\Templates\SamsungKiesSetup.exe 2011-04-27 12:20 . 2011-05-10 21:18 4659712 ----a-w- c:\windows\system32\Redemption.dll 2011-04-27 12:19 . 2011-04-27 12:19 90112 ----a-w- c:\windows\MAMCityDownload.ocx 2011-04-27 12:19 . 2011-04-27 12:19 325552 ----a-w- c:\windows\MASetupCaller.dll 2011-04-27 12:19 . 2011-04-27 12:19 30568 ----a-w- c:\windows\MusiccityDownload.exe 2011-04-27 12:19 . 2011-04-27 12:19 974848 ----a-w- c:\windows\system32\cis-2.4.dll 2011-04-27 12:19 . 2011-04-27 12:19 81920 ----a-w- c:\windows\system32\issacapi_bs-2.3.dll 2011-04-27 12:19 . 2011-04-27 12:19 65536 ----a-w- c:\windows\system32\issacapi_pe-2.3.dll 2011-04-27 12:19 . 2011-04-27 12:19 57344 ----a-w- c:\windows\system32\MTXSYNCICON.dll 2011-04-27 12:19 . 2011-04-27 12:19 57344 ----a-w- c:\windows\system32\MK_Lyric.dll 2011-04-27 12:19 . 2011-04-27 12:19 57344 ----a-w- c:\windows\system32\issacapi_se-2.3.dll 2011-04-27 12:19 . 2011-04-27 12:19 569344 ----a-w- c:\windows\system32\muzdecode.ax 2011-04-27 12:19 . 2011-04-27 12:19 491520 ----a-w- c:\windows\system32\muzapp.dll 2011-04-27 12:19 . 2011-04-27 12:19 49152 ----a-w- c:\windows\system32\MaJGUILib.dll 2011-04-27 12:19 . 2011-04-27 12:19 45056 ----a-w- c:\windows\system32\MaXMLProto.dll 2011-04-27 12:19 . 2011-04-27 12:19 45056 ----a-w- c:\windows\system32\MACXMLProto.dll 2011-04-27 12:19 . 2011-04-27 12:19 40960 ----a-w- c:\windows\system32\MTTELECHIP.dll 2011-04-27 12:19 . 2011-04-27 12:19 40960 ----a-w- c:\windows\system32\MAMACExtract.dll 2011-04-27 12:19 . 2011-04-27 12:19 352256 ----a-w- c:\windows\system32\MSLUR71.dll 2011-04-27 12:19 . 2011-04-27 12:19 258048 ----a-w- c:\windows\system32\muzoggsp.ax 2011-04-27 12:19 . 2011-04-27 12:19 245760 ----a-w- c:\windows\system32\MSCLib.dll 2011-04-27 12:19 . 2011-04-27 12:19 24576 ----a-w- c:\windows\system32\MASetupCleaner.exe 2011-04-27 12:19 . 2011-04-27 12:19 200704 ----a-w- c:\windows\system32\muzwmts.dll 2011-04-27 12:19 . 2011-04-27 12:19 155648 ----a-w- c:\windows\system32\MSFLib.dll 2011-04-27 12:19 . 2011-04-27 12:19 143360 ----a-w- c:\windows\system32\3DAudio.ax 2011-04-27 12:19 . 2011-04-27 12:19 135168 ----a-w- c:\windows\system32\muzaf1.dll 2011-04-27 12:19 . 2011-04-27 12:19 131072 ----a-w- c:\windows\system32\muzmpgsp.ax 2011-04-27 12:19 . 2011-04-27 12:19 122880 ----a-w- c:\windows\system32\muzeffect.ax 2011-04-27 12:19 . 2011-04-27 12:19 118784 ----a-w- c:\windows\system32\MaDRM.dll 2011-04-27 12:19 . 2011-04-27 12:19 110592 ----a-w- c:\windows\system32\muzmp4sp.ax 2011-04-27 12:19 . 2011-05-10 21:17 821824 ----a-w- c:\windows\system32\dgderapi.dll 2011-04-27 12:19 . 2011-05-10 21:17 319456 ----a-w- c:\windows\system32\DIFxAPI.dll 2011-04-27 12:19 . 2011-05-10 21:17 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys 2011-04-10 16:03 . 2011-04-10 16:03 653576 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll 2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll 2008-02-06 21:05 . 2009-08-30 20:02 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll 2009-11-06 11:09 . 2009-11-06 11:09 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472] "SmpcSys"="c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe" [2008-02-04 1038136] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-19 39408] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2011-04-28 934800] "KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2011-04-28 3373968] "KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-04-28 19856] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2008-01-29 4911104] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-04-03 13535776] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-04-03 92704] "CarboniteSetupLite"="c:\program files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe" [2008-04-07 306112] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-11-06 30192] "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-02-06 51048] "isCfgWiz"="c:\program files\Common Files\Symantec Shared\OPC\{C86EA115-FACD-4aa8-BFA2-398C677D0936}\SYMCUW.exe" [2008-02-23 611712] "toolbar_eula_launcher"="c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 28672] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-21 98304] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2004-12-17 278528] "Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-09-05 122368] "LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-12-20 2656528] "Skytel"="Skytel.exe" [2007-11-20 1826816] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "GrpConv"="grpconv -o" [X] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ NETGEAR WG111v3 Smart Wizard.lnk - c:\program files\NETGEAR\WG111v3\WG111v3.exe [2007-9-14 1695744] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GOEC62~1.DLL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-09-06 217088] R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 135664] R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\ccSvcHst.exe [2008-02-06 149864] R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2011-04-27 20032] R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-09-06 36640] R3 GoogleDesktopManager-093009-130223;Google Desktop Manager 5.9.909.30391;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-06 30192] R3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 135664] R3 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\ipsdefs\20071204.002\IDSvix86.sys [2007-11-06 180272] R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2009-09-23 238960] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208] R3 Ndisrd;WinpkFilter Service;c:\windows\system32\DRIVERS\ndisrd.sys [2009-06-22 22016] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] R3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v3.sys [2007-04-23 227328] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2010-07-20 96488] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2010-07-20 12776] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2010-07-20 121576] R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S3 NdisrdMP;NdisrdMP;c:\windows\system32\DRIVERS\ndisrd.sys [2009-06-22 22016] . . --- Autres Services/Pilotes en mémoire --- . *NewlyCreated* - COMHOST *NewlyCreated* - ECACHE . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contenu du dossier 'Tâches planifiées' . 2011-06-17 c:\windows\Tasks\Extension de garantie-Mss test.job - c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2008-10-18 10:13] . 2011-06-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 19:30] . 2011-06-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 19:30] . 2011-06-17 c:\windows\Tasks\Recovery DVD Creator-Mss test.job - c:\program files\Packard Bell\SetupMyPc\MCDCheck.exe [2008-10-18 10:13] . . ------- Examen supplémentaire ------- . uSearchMigratedDefaultURL = hxxp://www.cherche.us/Result.php?cx=partner-pub-0420647136319153%3A5n6ugpjrdrh&cof=GIMP%3ACCCCCC%3BT%3A000000%3BALC%3A551a8b%3BGFNT%3AB7B7B7%3BLC%3A2200cc%3BBGC%3AFFFFFF%3BVLC%3A551a8b%3BGALT%3A008B45%3BFORID%3A10%3BDIV%3A%23FFFFF0%3B&q={searchTerms} uStart Page = hxxp://www.google.com uDefault_Search_URL = hxxp://www.google.com uInternet Settings,ProxyOverride = local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.cherche.us/keyword/%s IE: &Envoyer à OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html Trusted Zone: chat-land.org TCP: DhcpNameServer = 212.27.40.240 212.27.40.241 DPF: {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} - hxxp://t.live.cctv.com/ieocx/CCTVUpdateInstall.dll FF - ProfilePath - c:\users\Mss test\AppData\Roaming\Mozilla\Firefox\Profiles\59vvlcoe.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.fr/ FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=5cbbb533000000000000001e90379304&tlver=1.4.19.19&instlRef=sst&ss=1&affID=18026&q= FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Babylon: ffxtlbr@babylon.com - %profile%\extensions\ffxtlbr@babylon.com FF - Ext: Illimitux: illimitux@illimitux.net - %profile%\extensions\illimitux@illimitux.net FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: Interest Recognizer for Crazyloader: crazyloader@spointer.com - c:\program files\CrazyLoader\spointer\extensions\crazyloader@spointer.com FF - user.js: general.useragent.extra.ludi - LUDI2 . - - - - ORPHELINS SUPPRIMES - - - - . HKCU-Run-JtSWvJfiQpeA - c:\programdata\JtSWvJfiQpeA.exe HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-06-18 00:16 Windows 6.0.6002 Service Pack 2 NTFS . Recherche de processus cachés ... . Recherche d'éléments en démarrage automatique cachés ... . Recherche de fichiers cachés ... . Scan terminé avec succès Fichiers cachés: 0 . ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Heure de fin: 2011-06-18 00:18:19 ComboFix-quarantined-files.txt 2011-06-17 22:18 ComboFix2.txt 2010-09-25 21:08 . Avant-CF: 357 578 043 392 octets libres Après-CF: 358 820 270 080 octets libres . - - End Of File - - A23621705B2E9AD4FBA0335DD9027D04

Salut et merci de me répondre. J'ai suivi tes instructions et pour l'instant j'attends que combofix veuille bien terminer et livrer son rapport mais il m'a l'air vraiment bloqué là. Plus de deux heures qu'il est lancé et l'image est totalement figée. Qie dois-je faire ? Je précise que je n'écris pas du pc infecté.

Bonjour à tous les membres, comme mentionné dans le titre mon PC est infecté par un "programme" dénommé Windows Vista Repair qui se déclenche systématiquement à l'ouverture de chaque session et qui m'indique que mon disque dur est rempli de virus etc etc. Mon bureau est devenu complétement noir avec impossibilité d'avoir accès à aucunes icônes, celles-ci étant devenues invisibles. Pouvez-vous m'aider s'il vous plaît. Merci d'avance.