Aller au contenu
  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Messages recommandés

Posté(e)

Salut Salut,j'espere que vous pouvez m'aider,mon pc lagg pendent les chargement, mais seulment apres quelque heur.

et sa me fait planter la souris la musique et tout...

 

j'ai fait un nettoyage avec antivir,avec l'anti malware,mais toujour pariel.

alor on ma conseiller combo fix, et je ne sais pas se qu'il faut que je lui demande de suprimer

donc voici le rapport,merci de votre aide et de votre patience :

 

 

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\$recycle.bin\S-1-5-21-1242926653-2254958597-335050124-500

c:\$recycle.bin\S-1-5-21-2138742642-2765880599-2234549539-500

c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500

C:\desktop.ini

c:\programdata\Microsoft\Network\Downloader\qmgr0.dat

c:\programdata\Microsoft\Network\Downloader\qmgr1.dat

c:\windows\Installer\16e10da.msi

c:\windows\Installer\18a6967.msi

c:\windows\Installer\18af775.msi

c:\windows\system32\dumphive.exe

c:\windows\system32\SrchSTS.exe

c:\windows\system32\tmp.reg

c:\windows\system32\VACFix.exe

c:\windows\system32\VCCLSID.exe

c:\windows\system32\WS2Fix.exe

 

----- BITS: Possible infected sites -----

 

hxxp://premium.virginmega.fr

.

((((((((((((((((((((((((( Files Created from 2009-08-08 to 2009-09-08 )))))))))))))))))))))))))))))))

.

 

2009-09-08 11:22 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-09-08 11:22 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-09-07 22:26 . 2009-09-08 11:37 -------- d-----w- c:\users\killer\AppData\Roaming\Moniteur neufbox

2009-09-07 22:26 . 2009-09-07 22:26 -------- d-----w- c:\program files\Moniteur neufbox

2009-09-02 20:00 . 2009-08-28 12:39 28672 ----a-w- c:\windows\system32\Apphlpdm.dll

2009-09-02 20:00 . 2009-08-28 10:15 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll

2009-09-02 16:28 . 2004-12-30 21:43 4682 ----a-w- c:\windows\system32\npptNT2.sys

2009-09-02 16:28 . 2009-09-02 16:28 -------- d-----w- c:\program files\Common Files\INCA Shared

2009-09-02 16:10 . 2009-09-02 16:10 -------- d-----w- c:\program files\gPotato.eu

2009-08-28 00:40 . 2009-06-22 10:22 2048 ----a-w- c:\windows\system32\tzres.dll

2009-08-15 05:35 . 2009-07-17 14:35 71680 ----a-w- c:\windows\system32\atl.dll

2009-08-15 05:35 . 2009-06-10 12:12 160256 ----a-w- c:\windows\system32\wkssvc.dll

2009-08-15 05:35 . 2009-06-04 12:34 2066432 ----a-w- c:\windows\system32\mstscax.dll

2009-08-15 05:35 . 2009-07-14 13:00 313344 ----a-w- c:\windows\system32\wmpdxm.dll

2009-08-15 05:35 . 2009-07-14 12:58 7680 ----a-w- c:\windows\system32\spwmp.dll

2009-08-15 05:35 . 2009-07-14 12:59 4096 ----a-w- c:\windows\system32\dxmasf.dll

2009-08-15 05:35 . 2009-07-14 10:59 8147456 ----a-w- c:\windows\system32\wmploc.DLL

2009-08-15 05:35 . 2009-06-10 11:45 206336 ----a-w- c:\windows\system32\telnet.exe

2009-08-15 05:35 . 2009-06-10 09:56 88576 ----a-w- c:\windows\system32\tlntsess.exe

2009-08-15 05:35 . 2009-06-10 12:07 91136 ----a-w- c:\windows\system32\avifil32.dll

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-09-08 11:38 . 2009-05-01 09:46 352615 ---ha-w- c:\windows\system32\drivers\vsconfig.xml

2009-09-08 11:29 . 2008-03-05 17:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2009-09-08 11:22 . 2009-09-08 11:22 687104 ----a-w- c:\windows\isRS-000.tmp

2009-09-08 09:53 . 2009-07-14 18:10 -------- d-----w- c:\users\killer\AppData\Roaming\IMVU

2009-09-07 21:00 . 2007-12-22 17:21 -------- d-----w- c:\users\killer\AppData\Roaming\uTorrent

2009-09-07 20:40 . 2008-11-25 20:48 -------- d-----w- c:\program files\Free Music Zilla

2009-09-07 10:56 . 2009-04-08 19:53 -------- d-----w- c:\program files\Steam

2009-09-06 10:37 . 2009-04-08 19:53 -------- d-----w- c:\program files\Common Files\Steam

2009-09-04 17:39 . 2008-06-04 13:39 -------- d-----w- c:\users\killer\AppData\Roaming\OpenOffice.org2

2009-09-02 18:10 . 2008-05-17 18:02 -------- d-----w- c:\users\killer\AppData\Roaming\teamspeak2

2009-09-01 18:41 . 2008-01-15 20:08 -------- d-----w- c:\program files\Navilog1

2009-09-01 16:32 . 2007-12-21 20:27 -------- d-----w- c:\programdata\Skype

2009-09-01 16:31 . 2009-03-03 17:55 -------- d-----w- c:\program files\Trials 2 Second Edition

2009-08-31 17:27 . 2007-10-16 19:32 733528 ----a-w- c:\windows\system32\perfh00C.dat

2009-08-31 17:27 . 2007-10-16 19:32 151100 ----a-w- c:\windows\system32\perfc00C.dat

2009-08-31 10:21 . 2009-01-12 11:23 -------- d-----w- c:\users\killer\AppData\Roaming\GrabIt

2009-08-31 10:04 . 2008-02-12 16:29 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2009-08-28 09:09 . 2009-07-14 18:09 -------- d-----w- c:\users\killer\AppData\Roaming\IMVUClient

2009-08-22 18:29 . 2009-05-01 10:16 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2009-08-21 16:09 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail

2009-08-07 17:51 . 2009-08-07 17:51 15308424 ----a-w- c:\windows\system32\xlive.dll

2009-08-07 17:51 . 2009-08-07 17:51 13642888 ----a-w- c:\windows\system32\xlivefnt.dll

2009-08-06 09:00 . 2008-05-12 14:57 -------- d-----w- c:\program files\Microsoft Silverlight

2009-07-30 22:51 . 2009-04-20 15:54 -------- d-----w- c:\program files\Mozilla Firefox 3.1 Beta 3

2009-07-29 20:58 . 2009-07-29 20:58 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf

2009-07-23 17:06 . 2009-07-23 17:06 -------- d-----w- c:\program files\Aspyr

2009-07-18 16:06 . 2009-07-29 10:24 827904 ----a-w- c:\windows\system32\wininet.dll

2009-07-18 16:01 . 2009-07-29 10:24 78336 ----a-w- c:\windows\system32\ieencode.dll

2009-07-18 09:46 . 2009-07-29 10:24 26624 ----a-w- c:\windows\system32\ieUnatt.exe

2009-07-16 10:07 . 2009-07-16 10:07 -------- d-----w- c:\users\killer\AppData\Roaming\vlc

2009-07-14 17:29 . 2009-07-14 17:29 -------- d-----w- c:\program files\QuickTime

2009-07-14 17:29 . 2009-07-14 17:29 -------- d-----w- c:\programdata\Apple Computer

2009-07-14 17:27 . 2009-07-14 17:27 -------- d-----w- c:\program files\Apple Software Update

2009-07-14 17:27 . 2009-07-14 17:27 -------- d-----w- c:\programdata\Apple

2009-07-14 15:18 . 2009-07-14 15:18 -------- d-----w- c:\users\killer\AppData\Roaming\dvdcss

2009-07-10 19:17 . 2007-12-21 17:52 -------- d-----w- c:\program files\Messenger Plus! Live

2009-06-30 21:48 . 2008-06-12 18:08 615424 ----a-w- c:\windows\system32\themeui.dll

2009-06-30 21:48 . 2008-06-12 18:09 240128 ----a-w- c:\windows\system32\uxtheme.dll

2009-06-15 15:24 . 2009-07-15 22:03 156672 ----a-w- c:\windows\system32\t2embed.dll

2009-06-15 15:20 . 2009-07-15 22:03 72704 ----a-w- c:\windows\system32\fontsub.dll

2009-06-15 15:20 . 2009-07-15 22:03 10240 ----a-w- c:\windows\system32\dciman32.dll

2009-06-15 12:52 . 2009-07-15 22:03 289792 ----a-w- c:\windows\system32\atmfd.dll

2007-12-02 11:36 . 2007-12-02 11:36 278528 ----a-w- c:\program files\Common Files\FDEUnInstaller.exe

2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll

2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll

2007-10-16 19:36 . 2007-10-16 19:36 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT

.

 

------- Sigcheck -------

 

 

 

 

 

 

 

[-] 2009-06-30 . 2406E3A5FAE743DCE81168A8CDB8573F . 247296 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll

[7] 2008-01-19 . 27F10F348E508243F6254846F8370D0D . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_cd305d2a1ced96e2\shsvcs.dll

[7] 2006-11-02 . B264DFA21677728613267FE63802B332 . 245248 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16386_none_caf99b2e2002860e\shsvcs.dll

 

c:\windows\system32\drivers\ip6fw.sys ... is missing !!

c:\windows\system32\msgsvc.dll ... is missing !!

c:\windows\system32\drivers\acpiec.sys ... is missing !!

c:\windows\system32\eventlog.dll ... is missing !!

c:\windows\system32\mspmsnsv.dll ... is missing !!

c:\windows\system32\xmlprov.dll ... is missing !!

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2007-08-30 205480]

"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2008-09-29 106496]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-05-05 3885408]

"Yodm3D"="c:\program files\yod\Yodm3D.exe" [2007-06-26 2058752]

"RGSC"="c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2009-04-02 306088]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-02-06 454000]

"Flashget"="c:\program files\FlashGet\flashget.exe" [2007-09-25 2007088]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-02 13683232]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-02 92704]

"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-03-03 959976]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]

 

c:\users\killer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Moniteur neufbox.lnk - c:\program files\Moniteur neufbox\Moniteur neufbox.exe [2009-2-13 589744]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3791306889-1641947110-789305838-1002]

"EnableNotificationsRef"=dword:00000003

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

"{8AC5EA2E-CD86-4E36-9E4A-279199C81C42}"= UDP:c:\program files\Skype\Phone\Skype.exe:Skype

"{100578F1-FA1E-4B77-8485-73477664AC76}"= TCP:c:\program files\Skype\Phone\Skype.exe:Skype

"{4806E01A-9C77-4772-BD62-429F06693237}"= Disabled:UDP:c:\skype\Phone\Skype.exe:Skype

"{9772019C-8C93-43EB-9EFA-0914C294CF87}"= Disabled:TCP:c:\skype\Phone\Skype.exe:Skype

"TCP Query User{B61C213E-E72E-40B9-B7E6-02633E7E8B5D}c:\\program files\\steam\\steamapps\\killeriders\\condition zero\\hl.exe"= UDP:c:\program files\steam\steamapps\killeriders\condition zero\hl.exe:Half-Life Launcher

"UDP Query User{85D2E8EA-2DEB-4B45-870B-670DC6435F35}c:\\program files\\steam\\steamapps\\killeriders\\condition zero\\hl.exe"= TCP:c:\program files\steam\steamapps\killeriders\condition zero\hl.exe:Half-Life Launcher

"TCP Query User{1DBCC857-D0AA-4F72-8A48-2FDBCCB023EC}c:\\program files\\microsoft games\\flight simulator 9\\fs9.exe"= UDP:c:\program files\microsoft games\flight simulator 9\fs9.exe:Microsoft Flight Simulator

"UDP Query User{857D29DD-59E2-449F-A30C-F51BEBF9EADF}c:\\program files\\microsoft games\\flight simulator 9\\fs9.exe"= TCP:c:\program files\microsoft games\flight simulator 9\fs9.exe:Microsoft Flight Simulator

"TCP Query User{F636588D-7F29-47B5-8080-121F16C89432}c:\\program files\\flashget\\flashget.exe"= UDP:c:\program files\flashget\flashget.exe:FlashGet

"UDP Query User{5B870C8B-4E09-400B-91EB-AEB69FA20A6A}c:\\program files\\flashget\\flashget.exe"= TCP:c:\program files\flashget\flashget.exe:FlashGet

"TCP Query User{DBB43B89-3D29-4249-BA2E-98D87D5929C4}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:uTorrent

"UDP Query User{59F44481-C787-406D-A782-B18CEDB1DE7E}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:uTorrent

"TCP Query User{14C6BC42-182D-491C-9789-D214CBABCA55}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox

"UDP Query User{0B236F6D-7609-4CEE-895E-401F47AE8A56}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox

"TCP Query User{C268F105-7A11-490B-802B-009A0A5A27B2}c:\\program files\\steam\\steamapps\\killeriders\\counter-strike\\hl.exe"= UDP:c:\program files\steam\steamapps\killeriders\counter-strike\hl.exe:Half-Life Launcher

"UDP Query User{1AD90AB9-F28F-4BDB-84C9-5322D394E4D3}c:\\program files\\steam\\steamapps\\killeriders\\counter-strike\\hl.exe"= TCP:c:\program files\steam\steamapps\killeriders\counter-strike\hl.exe:Half-Life Launcher

"TCP Query User{B65483C8-E765-4C24-A791-9BB48FFC68B4}c:\\users\\killer\\desktop\\half life\\half-life (steam-free) (hd pack) - counter-strike 1.6 - opposing force - blue shift - team fortress classic\\hl.exe"= UDP:c:\users\killer\desktop\half life\half-life (steam-free) (hd pack) - counter-strike 1.6 - opposing force - blue shift - team fortress classic\hl.exe:hl.exe

"UDP Query User{2ACA2757-CB55-4970-9822-FE3A078B245B}c:\\users\\killer\\desktop\\half life\\half-life (steam-free) (hd pack) - counter-strike 1.6 - opposing force - blue shift - team fortress classic\\hl.exe"= TCP:c:\users\killer\desktop\half life\half-life (steam-free) (hd pack) - counter-strike 1.6 - opposing force - blue shift - team fortress classic\hl.exe:hl.exe

"TCP Query User{F6FA46FA-AC51-42E4-9242-609100875546}c:\\users\\killer\\desktop\\half life\\half-life (steam-free) (hd pack) - counter-strike 1.6 - opposing force - blue shift - team fortress classic\\hltv.exe"= UDP:c:\users\killer\desktop\half life\half-life (steam-free) (hd pack) - counter-strike 1.6 - opposing force - blue shift - team fortress classic\hltv.exe:hltv.exe

"UDP Query User{AC8F8A3E-5FF1-4C70-BD02-88AF2609ED35}c:\\users\\killer\\desktop\\half life\\half-life (steam-free) (hd pack) - counter-strike 1.6 - opposing force - blue shift - team fortress classic\\hltv.exe"= TCP:c:\users\killer\desktop\half life\half-life (steam-free) (hd pack) - counter-strike 1.6 - opposing force - blue shift - team fortress classic\hltv.exe:hltv.exe

"TCP Query User{BD95F7B8-5D2C-4C90-8873-DD27878DEA20}c:\\windows\\system32\\dpnsvr.exe"= UDP:c:\windows\system32\dpnsvr.exe:Serveur Microsoft DirectPlay 8

"UDP Query User{4B59C480-4CD3-410B-8302-719B1BEAF3CC}c:\\windows\\system32\\dpnsvr.exe"= TCP:c:\windows\system32\dpnsvr.exe:Serveur Microsoft DirectPlay 8

"TCP Query User{3EB6B3CF-B303-40B8-BB4C-BDBB58317B1F}c:\\program files\\ubisoft\\tom clancy's splinter cell chaos theory\\versus\\system\\scct_versus.ex"= UDP:c:\program files\ubisoft\tom clancy's splinter cell chaos theory\versus\system\scct_versus.ex:SCCT_Versus.ex

"UDP Query User{1E93FD61-4DA7-4232-AFA7-1051E94CBAC4}c:\\program files\\ubisoft\\tom clancy's splinter cell chaos theory\\versus\\system\\scct_versus.ex"= TCP:c:\program files\ubisoft\tom clancy's splinter cell chaos theory\versus\system\scct_versus.ex:SCCT_Versus.ex

"TCP Query User{8779561E-CBB8-4CE2-96F9-B3DF7FDD9044}c:\\program files\\inventel\\gateway\\rgwrepair.exe"= UDP:c:\program files\inventel\gateway\rgwrepair.exe:RGWRepair

"UDP Query User{45F308D7-639C-41A1-8C53-2D17CE136565}c:\\program files\\inventel\\gateway\\rgwrepair.exe"= TCP:c:\program files\inventel\gateway\rgwrepair.exe:RGWRepair

"TCP Query User{1237AFA4-369F-4E97-AE33-FDB45159F182}c:\\program files\\gamespy\\comrade\\comrade.exe"= UDP:c:\program files\gamespy\comrade\comrade.exe:Comrade

"UDP Query User{A05B1A72-23B0-4D15-BB2A-BAF08AF2F015}c:\\program files\\gamespy\\comrade\\comrade.exe"= TCP:c:\program files\gamespy\comrade\comrade.exe:Comrade

"TCP Query User{E93C6DAE-4DBD-48F8-8BED-567464AE9579}c:\\program files\\steam\\steamapps\\thebosslulu\\condition zero\\hl.exe"= UDP:c:\program files\steam\steamapps\thebosslulu\condition zero\hl.exe:Half-Life Launcher

"UDP Query User{9C5FA17C-64B7-4FEF-ACFD-6C5D714F2CB7}c:\\program files\\steam\\steamapps\\thebosslulu\\condition zero\\hl.exe"= TCP:c:\program files\steam\steamapps\thebosslulu\condition zero\hl.exe:Half-Life Launcher

"TCP Query User{4489EF0F-C32D-4E1E-96E7-D2A0FD2DC48B}c:\\program files\\steam\\steamapps\\thebosslulu\\counter-strike\\hl.exe"= UDP:c:\program files\steam\steamapps\thebosslulu\counter-strike\hl.exe:Half-Life Launcher

"UDP Query User{DB0EC54F-1CDA-4D54-B3C2-169779965B96}c:\\program files\\steam\\steamapps\\thebosslulu\\counter-strike\\hl.exe"= TCP:c:\program files\steam\steamapps\thebosslulu\counter-strike\hl.exe:Half-Life Launcher

"TCP Query User{D5183DCF-6631-423E-BADC-636BD2C529C8}c:\\users\\killer\\desktop\\h4ck0r1sus.exe"= UDP:c:\users\killer\desktop\h4ck0r1sus.exe:h4ck0r1sus.exe

"UDP Query User{2A5AB143-B0EB-45BB-9F9E-650F5313AC12}c:\\users\\killer\\desktop\\h4ck0r1sus.exe"= TCP:c:\users\killer\desktop\h4ck0r1sus.exe:h4ck0r1sus.exe

"TCP Query User{1B4EC4E4-66C4-48E2-B8FB-990267BD6C96}c:\\program files\\autodesk\\maya 8.5 personal learning edition\\bin\\maya.exe"= UDP:c:\program files\autodesk\maya 8.5 personal learning edition\bin\maya.exe:Maya

"UDP Query User{3F53A95C-ADAD-49DC-B657-E9A9AF466C46}c:\\program files\\autodesk\\maya 8.5 personal learning edition\\bin\\maya.exe"= TCP:c:\program files\autodesk\maya 8.5 personal learning edition\bin\maya.exe:Maya

"TCP Query User{BEF95DAA-572E-409B-B051-6FB236C45A4D}c:\\windows\\system32\\java.exe"= UDP:c:\windows\system32\java.exe:Java Platform SE binary

"UDP Query User{8A23FB0C-F683-4134-BB67-BCB4297E746A}c:\\windows\\system32\\java.exe"= TCP:c:\windows\system32\java.exe:Java Platform SE binary

"TCP Query User{9DECE28B-CC25-46C1-89B5-9B2CFDA5FF74}c:\\program files\\secondlife\\slvoice.exe"= UDP:c:\program files\secondlife\slvoice.exe:SLVoice

"UDP Query User{4EB819BE-89B3-4B30-971D-6B2CD9C32B18}c:\\program files\\secondlife\\slvoice.exe"= TCP:c:\program files\secondlife\slvoice.exe:SLVoice

"{B1748944-3EE4-4922-8F36-B1B0B0BDA5C5}"= UDP:5900:vnc

"TCP Query User{A41CA44F-E34E-4BBB-8B5E-658EF04F5A73}c:\\program files\\sierra entertainment\\timeshift\\bin\\timeshift.exe"= UDP:c:\program files\sierra entertainment\timeshift\bin\timeshift.exe:TimeShift

"UDP Query User{B4A13D21-847D-4F58-9920-74F7FEB0F299}c:\\program files\\sierra entertainment\\timeshift\\bin\\timeshift.exe"= TCP:c:\program files\sierra entertainment\timeshift\bin\timeshift.exe:TimeShift

"TCP Query User{A604EAF4-B6AB-4AE8-A52D-1F06433E1B43}c:\\program files\\ultravnc\\winvnc.exe"= UDP:c:\program files\ultravnc\winvnc.exe:VNC server for Win32

"UDP Query User{B6FF63A0-D577-4425-A391-F9D9E45A8856}c:\\program files\\ultravnc\\winvnc.exe"= TCP:c:\program files\ultravnc\winvnc.exe:VNC server for Win32

"TCP Query User{5A2F54BE-3E13-4864-BBA6-6C71FBB0E06E}c:\\program files\\steam\\steamapps\\thebosslulu\\dedicated server\\hlds.exe"= UDP:c:\program files\steam\steamapps\thebosslulu\dedicated server\hlds.exe:HLDS Launcher

"UDP Query User{4273C631-6EEE-4183-9C74-94E49E623856}c:\\program files\\steam\\steamapps\\thebosslulu\\dedicated server\\hlds.exe"= TCP:c:\program files\steam\steamapps\thebosslulu\dedicated server\hlds.exe:HLDS Launcher

"TCP Query User{8BC27F39-FBD3-42E6-8AEA-E4ED2A9A4CA7}c:\\program files\\world of warcraft\\wow-1.12.0-frfr-downloader.exe"= UDP:c:\program files\world of warcraft\wow-1.12.0-frfr-downloader.exe:Blizzard Downloader

"UDP Query User{274709FE-D1F9-4CB9-A170-4B2DE4835044}c:\\program files\\world of warcraft\\wow-1.12.0-frfr-downloader.exe"= TCP:c:\program files\world of warcraft\wow-1.12.0-frfr-downloader.exe:Blizzard Downloader

"TCP Query User{42B069EE-DBB9-40A4-A6BC-AFC3801FF1E7}c:\\program files\\world of warcraft\\wow-1.12.x-to-2.0.1-frfr-patch-downloader.exe"= UDP:c:\program files\world of warcraft\wow-1.12.x-to-2.0.1-frfr-patch-downloader.exe:Blizzard Downloader

"UDP Query User{AF730F62-2CC1-4FF2-A2E2-05B09574BF2C}c:\\program files\\world of warcraft\\wow-1.12.x-to-2.0.1-frfr-patch-downloader.exe"= TCP:c:\program files\world of warcraft\wow-1.12.x-to-2.0.1-frfr-patch-downloader.exe:Blizzard Downloader

"TCP Query User{8BA7E18B-FDAA-419F-A7B4-B7F46C80AAC6}c:\\users\\killer\\desktop\\media bureau\\hack\\prorat\\proconnective.exe"= UDP:c:\users\killer\desktop\media bureau\hack\prorat\proconnective.exe:proconnective.exe

"UDP Query User{FA80034D-0A0D-45CF-8924-331BA201D808}c:\\users\\killer\\desktop\\media bureau\\hack\\prorat\\proconnective.exe"= TCP:c:\users\killer\desktop\media bureau\hack\prorat\proconnective.exe:proconnective.exe

"TCP Query User{0DB4C013-E896-4B4A-88BF-2AF8FC36A48D}c:\\users\\killer\\documents\\mes fichiers reçus\\wow-burningcrusade-frfr-installer-downloader\\wow-burningcrusade-frfr-installer-downloader.exe"= UDP:c:\users\killer\documents\mes fichiers reçus\wow-burningcrusade-frfr-installer-downloader\wow-burningcrusade-frfr-installer-downloader.exe:wow-burningcrusade-frfr-installer-downloader.exe

"UDP Query User{A1031E36-CB49-41FD-9D2B-68291A0E8EB0}c:\\users\\killer\\documents\\mes fichiers reçus\\wow-burningcrusade-frfr-installer-downloader\\wow-burningcrusade-frfr-installer-downloader.exe"= TCP:c:\users\killer\documents\mes fichiers reçus\wow-burningcrusade-frfr-installer-downloader\wow-burningcrusade-frfr-installer-downloader.exe:wow-burningcrusade-frfr-installer-downloader.exe

"{79209FD0-EBB9-442B-839C-720AD12C3AC0}"= TCP:27015:dedicaced server

"{3CF96722-743F-4EE4-B528-D7C2207ED6AD}"= UDP:27015:dedicaced

"{6D2F1C1B-DBBB-4721-9031-76746593CA85}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA

"{238389C1-0C53-4600-A743-BE3E63607B98}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA

"{DF259644-E5FC-4631-96D5-6B8DDBC32BDA}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB

"{7474A9BD-A72B-4B70-ADA6-064B6980199F}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB

"TCP Query User{FCC625B5-2D89-4A7F-BB43-6BAB8E4B7DB0}c:\\users\\killer\\desktop\\nobacko\\nobacko.exe"= UDP:c:\users\killer\desktop\nobacko\nobacko.exe:nobacko.exe

"UDP Query User{BC66515F-3877-42CD-8775-AC508798E408}c:\\users\\killer\\desktop\\nobacko\\nobacko.exe"= TCP:c:\users\killer\desktop\nobacko\nobacko.exe:nobacko.exe

"TCP Query User{D2C9DEE7-BD22-4F93-859B-24FA7AE613A5}c:\\program files\\ghostsurf 2005\\proxy.exe"= UDP:c:\program files\ghostsurf 2005\proxy.exe:GhostSurf proxy

"UDP Query User{3EFAC972-7443-48F2-AABA-689EFBA6E49A}c:\\program files\\ghostsurf 2005\\proxy.exe"= TCP:c:\program files\ghostsurf 2005\proxy.exe:GhostSurf proxy

"TCP Query User{56204778-8DBD-4A6A-905F-0A7704F194CB}c:\\program files\\teamspeak2_rc2\\server_windows.exe"= UDP:c:\program files\teamspeak2_rc2\server_windows.exe:Server

"UDP Query User{1F8B7009-2D6E-482E-B010-ADFBC72695F5}c:\\program files\\teamspeak2_rc2\\server_windows.exe"= TCP:c:\program files\teamspeak2_rc2\server_windows.exe:Server

"TCP Query User{79DB7538-2851-4569-8A1C-580AB5710A73}c:\\program files\\steam\\steamapps\\thebosslulu\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\thebosslulu\counter-strike source\hl2.exe:hl2

"UDP Query User{07CC567A-85AE-43E0-B5C1-3E54D90990D6}c:\\program files\\steam\\steamapps\\thebosslulu\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\thebosslulu\counter-strike source\hl2.exe:hl2

"TCP Query User{2CE9B131-CA32-412E-85F0-82D24B1982F4}c:\\program files\\steam\\steamapps\\thebosslulu\\condition zero deleted scenes\\hl.exe"= UDP:c:\program files\steam\steamapps\thebosslulu\condition zero deleted scenes\hl.exe:Half-Life Launcher

"UDP Query User{325B0CC0-97F0-4773-B5A3-4C52348D8D1E}c:\\program files\\steam\\steamapps\\thebosslulu\\condition zero deleted scenes\\hl.exe"= TCP:c:\program files\steam\steamapps\thebosslulu\condition zero deleted scenes\hl.exe:Half-Life Launcher

"TCP Query User{DDCD7A30-715E-4875-9227-D552BEBDFCF6}c:\\program files\\steam\\steamapps\\thebosslulu\\day of defeat\\hl.exe"= UDP:c:\program files\steam\steamapps\thebosslulu\day of defeat\hl.exe:Half-Life Launcher

"UDP Query User{2D63CC16-9DD6-4871-865F-7167B19B68D1}c:\\program files\\steam\\steamapps\\thebosslulu\\day of defeat\\hl.exe"= TCP:c:\program files\steam\steamapps\thebosslulu\day of defeat\hl.exe:Half-Life Launcher

"TCP Query User{CCE13EE0-EABA-472E-A9E2-71E12AFA5C8F}c:\\program files\\flightgear\\bin\\win32\\fgfs.exe"= UDP:c:\program files\flightgear\bin\win32\fgfs.exe:fgfs

"UDP Query User{8F7978C1-ABC7-48A9-94BC-D5038493E2D9}c:\\program files\\flightgear\\bin\\win32\\fgfs.exe"= TCP:c:\program files\flightgear\bin\win32\fgfs.exe:fgfs

"TCP Query User{9E818321-79B3-4F00-81D3-8AEE2781D965}c:\\program files\\steam\\steamapps\\thebosslulu\\deathmatch classic\\hl.exe"= UDP:c:\program files\steam\steamapps\thebosslulu\deathmatch classic\hl.exe:Half-Life Launcher

"UDP Query User{FED6CBE3-AF7E-48C1-9F7C-DCEA98314067}c:\\program files\\steam\\steamapps\\thebosslulu\\deathmatch classic\\hl.exe"= TCP:c:\program files\steam\steamapps\thebosslulu\deathmatch classic\hl.exe:Half-Life Launcher

"TCP Query User{9EE7181A-9D11-4493-8448-151299765156}c:\\program files\\steam\\steamapps\\scauis\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\scauis\counter-strike source\hl2.exe:hl2

"UDP Query User{4F98DB9C-9510-45ED-BA72-7CBD6A79D40A}c:\\program files\\steam\\steamapps\\scauis\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\scauis\counter-strike source\hl2.exe:hl2

"TCP Query User{876F301C-8D50-4778-909A-687A9B776E63}c:\\program files\\activision value\\soldier of fortune payback\\sof3.exe"= UDP:c:\program files\activision value\soldier of fortune payback\sof3.exe:sof3

"UDP Query User{4A0A70F4-5426-44FF-BDDA-E5A53C089C60}c:\\program files\\activision value\\soldier of fortune payback\\sof3.exe"= TCP:c:\program files\activision value\soldier of fortune payback\sof3.exe:sof3

"TCP Query User{A3580BD0-1144-4A55-BB0D-A8423BE60F89}c:\\program files\\steam\\steamapps\\scauis\\condition zero\\hl.exe"= UDP:c:\program files\steam\steamapps\scauis\condition zero\hl.exe:Half-Life Launcher

"UDP Query User{551541FF-BA1B-41BD-8099-205CEB5CE368}c:\\program files\\steam\\steamapps\\scauis\\condition zero\\hl.exe"= TCP:c:\program files\steam\steamapps\scauis\condition zero\hl.exe:Half-Life Launcher

"TCP Query User{EEC2DDB8-8D82-48FD-B33E-F2A38DAB3386}c:\\program files\\steam\\steamapps\\goltizg\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\counter-strike source\hl2.exe:hl2

"UDP Query User{E497E5B0-FE99-45B5-AA91-22093EBD37AE}c:\\program files\\steam\\steamapps\\goltizg\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\counter-strike source\hl2.exe:hl2

"TCP Query User{767EA878-39D2-4820-9756-134B14EAAC00}c:\\program files\\steam\\steamapps\\goltizg\\source dedicated server\\srcds.exe"= UDP:c:\program files\steam\steamapps\goltizg\source dedicated server\srcds.exe:srcds

"UDP Query User{7CACDB5B-AC11-4827-BFA6-EBF62FB161AF}c:\\program files\\steam\\steamapps\\goltizg\\source dedicated server\\srcds.exe"= TCP:c:\program files\steam\steamapps\goltizg\source dedicated server\srcds.exe:srcds

"{E65C1690-094C-4C0D-9E7F-394A63CD0FF9}"= UDP:c:\program files\WarRock\WRLauncher.exe:Launch WRLauncher.exe

"{53050C2C-AB72-46CA-ABC6-1DE9958E58D2}"= TCP:c:\program files\WarRock\WRLauncher.exe:Launch WRLauncher.exe

"{D7813FF8-5ED1-4C65-92DF-0ADEA41D6A51}"= UDP:c:\program files\WarRock\WRUpdater.exe:Launch WRUpdater.exe

"{2402E81D-B1B2-475D-8F28-774DB2B3C844}"= TCP:c:\program files\WarRock\WRUpdater.exe:Launch WRUpdater.exe

"TCP Query User{CF6C7BB9-AC01-43A2-B273-BEC8B1A3A017}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client

"UDP Query User{72BA0BC9-13D6-4CE7-8ED4-6BE021543C12}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client

"TCP Query User{DE6D2972-2719-4FEA-84A0-62D39FFFD368}c:\\program files\\steam\\steamapps\\goltizg\\half-life 2 deathmatch\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\half-life 2 deathmatch\hl2.exe:hl2

"UDP Query User{F723381E-9167-48D1-9C40-F6BCA4E2BC99}c:\\program files\\steam\\steamapps\\goltizg\\half-life 2 deathmatch\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\half-life 2 deathmatch\hl2.exe:hl2

"TCP Query User{83E60C1E-29EF-449F-BED2-1B697511E31C}c:\\users\\killer\\temp\\teamviewer3\\teamviewer.exe"= UDP:c:\users\killer\temp\teamviewer3\teamviewer.exe:teamviewer.exe

"UDP Query User{3BD9F2D9-35E8-44DA-9620-934881B3ECC5}c:\\users\\killer\\temp\\teamviewer3\\teamviewer.exe"= TCP:c:\users\killer\temp\teamviewer3\teamviewer.exe:teamviewer.exe

"{E349056E-A3E5-46CB-B072-1DE055BECE2D}"= UDP:1723:vpn

"{13355037-1968-4CEE-AFE9-3E805BE65E84}"= TCP:1723:vpn

"{12384E8F-0AF9-431D-9160-04E16049DB56}"= UDP:1701:vpn

"{04F4BB5F-756E-41B0-A0BF-A32F6E3B8464}"= TCP:1701:vpn

"TCP Query User{4A7904E2-9493-4AD4-803F-7E55006ABB68}c:\\program files\\steam\\steamapps\\goltizg\\day of defeat source\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\day of defeat source\hl2.exe:hl2

"UDP Query User{2276CF6F-4CA1-43E6-952B-7F7329BB5798}c:\\program files\\steam\\steamapps\\goltizg\\day of defeat source\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\day of defeat source\hl2.exe:hl2

"{69184ED1-0506-4E2B-B139-84C7DE0FBA10}"= Disabled:UDP:c:\program files\Empire Interactive\Strangelite\Starship Troopers\STGame.exe:Starship Troopers

"{ED28DD4B-676F-429D-961C-0B06391493DA}"= Disabled:TCP:c:\program files\Empire Interactive\Strangelite\Starship Troopers\STGame.exe:Starship Troopers

"TCP Query User{C52010F3-BE9D-485B-9AA6-24D411E68245}c:\\program files\\wolfenstein - enemy territory\\et.exe"= UDP:c:\program files\wolfenstein - enemy territory\et.exe:ET

"UDP Query User{F1E6933C-3DF2-4256-8CA4-52569AC0BBC0}c:\\program files\\wolfenstein - enemy territory\\et.exe"= TCP:c:\program files\wolfenstein - enemy territory\et.exe:ET

"TCP Query User{3D869DDC-40E6-44B1-9D6D-AA3E66BDF53A}c:\\program files\\steam\\steamapps\\goltizg\\synergy\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\synergy\hl2.exe:hl2

"UDP Query User{D0884577-00FF-4194-BA6D-2FADF8D16345}c:\\program files\\steam\\steamapps\\goltizg\\synergy\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\synergy\hl2.exe:hl2

"TCP Query User{BACF1F72-95BD-4E93-8B5D-60A44273121A}c:\\program files\\steam\\steamapps\\goltizg\\age of chivalry\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\age of chivalry\hl2.exe:hl2

"UDP Query User{C866394A-64CD-402A-920F-B979DDA8EB5C}c:\\program files\\steam\\steamapps\\goltizg\\age of chivalry\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\age of chivalry\hl2.exe:hl2

"TCP Query User{F6290353-B228-4227-9BA5-A4C0FE061C56}c:\\program files\\steam\\steamapps\\goltizg\\diprip warm up\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\diprip warm up\hl2.exe:hl2

"UDP Query User{EF5484C8-763D-4939-B3DE-C2D9470FE383}c:\\program files\\steam\\steamapps\\goltizg\\diprip warm up\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\diprip warm up\hl2.exe:hl2

"TCP Query User{93940591-5135-4A94-88CB-D50A28B475AC}c:\\program files\\steam\\steamapps\\goltizg\\zombie panic! source\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\zombie panic! source\hl2.exe:hl2

"UDP Query User{F9874AB2-9A13-4B80-AA8B-08B0684CEEFC}c:\\program files\\steam\\steamapps\\goltizg\\zombie panic! source\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\zombie panic! source\hl2.exe:hl2

"TCP Query User{78E13ABC-556B-453A-AAC5-161E3EF896F8}c:\\program files\\steam\\steamapps\\goltizg\\insurgency\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\insurgency\hl2.exe:hl2

"UDP Query User{A6A908E6-32A3-4F5D-B615-AF20CE0D8DC7}c:\\program files\\steam\\steamapps\\goltizg\\insurgency\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\insurgency\hl2.exe:hl2

"TCP Query User{221F5A3B-4363-4676-B2B8-E14DFB05492B}c:\\program files\\steam\\steamapps\\goltizg\\source sdk base\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\source sdk base\hl2.exe:hl2

"UDP Query User{8E59C87E-73F5-41BE-806F-1A21C5BBF72C}c:\\program files\\steam\\steamapps\\goltizg\\source sdk base\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\source sdk base\hl2.exe:hl2

"TCP Query User{DD99D91C-5B72-497C-B3B8-F10EDD79618D}c:\\program files\\steam\\steamapps\\goltizg\\source sdk base 2007\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\source sdk base 2007\hl2.exe:hl2

"UDP Query User{EBF8E4D6-3F39-49A0-A407-9DDB12775774}c:\\program files\\steam\\steamapps\\goltizg\\source sdk base 2007\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\source sdk base 2007\hl2.exe:hl2

"{09CF9494-A343-40B3-9915-D8423A9627B6}"= UDP:c:\program files\SecondLife\SecondLife.exe:SecondLife

"{074E531D-D7F1-4268-A848-8F4BA88B51FD}"= TCP:c:\program files\SecondLife\SecondLife.exe:SecondLife

"TCP Query User{2D456C4C-F71C-431A-A9DA-184D49B62FF8}c:\\program files\\free music zilla\\fmzilla.exe"= UDP:c:\program files\free music zilla\fmzilla.exe:FMZilla Module

"UDP Query User{480FE489-76A5-4F8A-A410-313C11F396EE}c:\\program files\\free music zilla\\fmzilla.exe"= TCP:c:\program files\free music zilla\fmzilla.exe:FMZilla Module

"TCP Query User{E8D988C5-FBD4-43B0-AEED-483F732E67AD}c:\\program files\\tmnationsforever\\tmforever.exe"= UDP:c:\program files\tmnationsforever\tmforever.exe:TmForever

"UDP Query User{21A21C9C-DEED-4E30-8364-70A2E58CEC2C}c:\\program files\\tmnationsforever\\tmforever.exe"= TCP:c:\program files\tmnationsforever\tmforever.exe:TmForever

"TCP Query User{A2A73605-82AA-4C48-9581-8C845233E913}c:\\program files\\tmunitedforever\\tmforever.exe"= UDP:c:\program files\tmunitedforever\tmforever.exe:TmForever

"UDP Query User{3539C70E-03D8-4F74-AA33-06A5985B7600}c:\\program files\\tmunitedforever\\tmforever.exe"= TCP:c:\program files\tmunitedforever\tmforever.exe:TmForever

"TCP Query User{178B5B7B-4E91-48AF-8884-9F64E5B12F28}c:\\program files\\hand-crafted software\\freeproxy\\freeproxy.exe"= UDP:c:\program files\hand-crafted software\freeproxy\freeproxy.exe:FreeProxy

"UDP Query User{110566F0-87EF-4767-B37A-B5195F7A56B9}c:\\program files\\hand-crafted software\\freeproxy\\freeproxy.exe"= TCP:c:\program files\hand-crafted software\freeproxy\freeproxy.exe:FreeProxy

"TCP Query User{CE9D8B55-55F2-4BDA-AA28-671DA690A293}c:\\downloads\\dead.space. [pc.dvd].[gamestorrents.com]\\deadspace-clone\\dead.space.crack-darkc0der\\dead space.exe"= UDP:c:\downloads\dead.space. [pc.dvd].[gamestorrents.com]\deadspace-clone\dead.space.crack-darkc0der\dead space.exe:Dead Space

"UDP Query User{1D5CE7CE-FBE1-4FFD-86C7-1831136D0E04}c:\\downloads\\dead.space. [pc.dvd].[gamestorrents.com]\\deadspace-clone\\dead.space.crack-darkc0der\\dead space.exe"= TCP:c:\downloads\dead.space. [pc.dvd].[gamestorrents.com]\deadspace-clone\dead.space.crack-darkc0der\dead space.exe:Dead Space

"TCP Query User{DC54AA86-C372-4D53-8C48-D8237ED63540}c:\\program files\\electronic arts\\dead space\\dead space.exe"= UDP:c:\program files\electronic arts\dead space\dead space.exe:Dead Space

"UDP Query User{CD998B69-720B-4687-BA1F-C740C40ADC09}c:\\program files\\electronic arts\\dead space\\dead space.exe"= TCP:c:\program files\electronic arts\dead space\dead space.exe:Dead Space

"TCP Query User{7C7EEA62-6D21-4100-B7ED-A50FEC2A538D}x:\\program files\\empire interactive\\flatout2\\flatout2.exe"= UDP:x:\program files\empire interactive\flatout2\flatout2.exe:flatout2.exe

"UDP Query User{AEDD91AE-BA99-493B-8CFB-BD344A00C359}x:\\program files\\empire interactive\\flatout2\\flatout2.exe"= TCP:x:\program files\empire interactive\flatout2\flatout2.exe:flatout2.exe

"TCP Query User{19752DEE-3728-4B27-97A6-6120660FDC1F}c:\\program files\\unreal tournament 3\\binaries\\ut3.exe"= UDP:c:\program files\unreal tournament 3\binaries\ut3.exe:UT3

"UDP Query User{7207EF20-C687-4FEF-B4C2-7F7079165C88}c:\\program files\\unreal tournament 3\\binaries\\ut3.exe"= TCP:c:\program files\unreal tournament 3\binaries\ut3.exe:UT3

"TCP Query User{0750461A-92A8-47C5-823B-A98492CDB974}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule

"UDP Query User{32C264FC-4D1C-48C4-90C8-EFAB237CBC7D}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule

"TCP Query User{5433DB0D-1F3C-45D9-A9B6-7EBFC84034A7}x:\\program files\\codemasters\\overlord\\overlord.exe"= UDP:x:\program files\codemasters\overlord\overlord.exe:overlord.exe

"UDP Query User{C4C70453-B9F3-4CFC-88E3-3FE6AD7C30E0}x:\\program files\\codemasters\\overlord\\overlord.exe"= TCP:x:\program files\codemasters\overlord\overlord.exe:overlord.exe

"{06D62CD7-131C-4F83-A0FD-B07A22E975B8}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp

"{A40A913D-BABC-4445-831D-035B85905105}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp

"{7F74A43A-4DB1-495C-8B9C-00D2B98A1EE6}"= UDP:c:\program files\ma-config.com\maconfservice.exe:maconfservice

"{FC7FA904-4DD4-46FB-B4B1-36874BE81D0F}"= TCP:c:\program files\ma-config.com\maconfservice.exe:maconfservice

"TCP Query User{18EC1943-C429-49B4-B4CF-6194C9251819}c:\\program files\\atari\\test drive unlimited\\testdriveunlimited.exe"= UDP:c:\program files\atari\test drive unlimited\testdriveunlimited.exe:Test Drive Unlimited

"UDP Query User{9A4AA16F-DD40-4398-BC34-84C8D71BF21E}c:\\program files\\atari\\test drive unlimited\\testdriveunlimited.exe"= TCP:c:\program files\atari\test drive unlimited\testdriveunlimited.exe:Test Drive Unlimited

"TCP Query User{734F412F-C684-41E7-B84A-2D90AFE0C698}x:\\bos\\bos.exe"= UDP:x:\bos\bos.exe:bos.exe

"UDP Query User{A5A06849-8155-43DE-8290-12AF3DBA6ACB}x:\\bos\\bos.exe"= TCP:x:\bos\bos.exe:bos.exe

"TCP Query User{9DCCCB44-D92E-4DA3-AD6B-EE20816D862E}c:\\program files\\electronic arts\\eadm\\core.exe"= UDP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager

"UDP Query User{AFCA7027-844D-466A-B103-FCB225553978}c:\\program files\\electronic arts\\eadm\\core.exe"= TCP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager

"TCP Query User{3A39799B-FE81-4E6F-9C8A-F7B8BF75C1CA}c:\\users\\killer\\temp\\teamviewer\\version4\\teamviewer.exe"= UDP:c:\users\killer\temp\teamviewer\version4\teamviewer.exe:teamviewer.exe

"UDP Query User{3C0DA3D3-51FC-499C-AE55-BDB04E2E81A1}c:\\users\\killer\\temp\\teamviewer\\version4\\teamviewer.exe"= TCP:c:\users\killer\temp\teamviewer\version4\teamviewer.exe:teamviewer.exe

"{7BA2B58C-E485-41F5-A0BD-1A209385D771}"= UDP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player

"{3B9E9C16-1834-4DE3-8C4A-B5D8246A4F91}"= TCP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player

"TCP Query User{15BCD6DD-BB7A-40B1-855A-4969EA8D03F8}c:\\program files\\orbitdownloader\\orbitnet.exe"= UDP:c:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader

"UDP Query User{5A1AB004-938F-4001-8E0D-5DE53AF10AE5}c:\\program files\\orbitdownloader\\orbitnet.exe"= TCP:c:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader

"TCP Query User{9646F915-67D2-45C3-88D7-BDC85CC95F08}x:\\program files\\atari\\boiling point\\xenus.exe"= UDP:x:\program files\atari\boiling point\xenus.exe:xenus.exe

"UDP Query User{A03812AD-DD4C-4386-BAB8-24767E138711}x:\\program files\\atari\\boiling point\\xenus.exe"= TCP:x:\program files\atari\boiling point\xenus.exe:xenus.exe

"TCP Query User{31E4CF4E-7111-456D-B97E-034D5FF113C3}c:\\program files\\maxon\\net render r11\\net render client.exe"= UDP:c:\program files\maxon\net render r11\net render client.exe:CINEMA 4D ®

"UDP Query User{65C5CC9A-59E9-48E3-9E6E-CC2FCC5A6653}c:\\program files\\maxon\\net render r11\\net render client.exe"= TCP:c:\program files\maxon\net render r11\net render client.exe:CINEMA 4D ®

"TCP Query User{9D6D60DD-144F-4C4C-BD15-1716BF4C8A08}c:\\users\\killer\\desktop\\hack\\hack\\4_floodteamspeak\\spamer.exe"= UDP:c:\users\killer\desktop\hack\hack\4_floodteamspeak\spamer.exe:spamer.exe

"UDP Query User{903DB654-305B-4109-8624-79089C0747FB}c:\\users\\killer\\desktop\\hack\\hack\\4_floodteamspeak\\spamer.exe"= TCP:c:\users\killer\desktop\hack\hack\4_floodteamspeak\spamer.exe:spamer.exe

"{174D2FD6-93E7-46AE-9865-128A55876191}"= UDP:c:\program files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:Tom Clancy's H.A.W.X

"{ED123516-4F7D-423A-A95E-6A0A5C3D7CF6}"= TCP:c:\program files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:Tom Clancy's H.A.W.X

"{785BCCC2-B4F1-4F5D-A0C6-BAA0D7E7C1E3}"= UDP:c:\program files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe:Tom Clancy's H.A.W.X

"{01252791-6550-4069-B9F4-89F8A049DDBC}"= TCP:c:\program files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe:Tom Clancy's H.A.W.X

"{BCCC47D1-7C98-4CE5-A46A-2E594D8E5267}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync

"TCP Query User{4C686345-7D72-405C-AE43-E38F9A83E080}x:\\program files\\touchstone\\turok\\binaries\\turokgame.exe"= UDP:x:\program files\touchstone\turok\binaries\turokgame.exe:turokgame.exe

"UDP Query User{286295CE-4EEB-419A-9703-4B5F7CEE12E0}x:\\program files\\touchstone\\turok\\binaries\\turokgame.exe"= TCP:x:\program files\touchstone\turok\binaries\turokgame.exe:turokgame.exe

"TCP Query User{185BC2AF-A23E-4919-A1E5-016698444DE4}c:\\program files\\steam\\steamapps\\goltizg\\dystopia\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\dystopia\hl2.exe:hl2

"UDP Query User{A0AD447C-4610-4C58-B3B6-F8DFA511CC16}c:\\program files\\steam\\steamapps\\goltizg\\dystopia\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\dystopia\hl2.exe:hl2

"{4498F6F6-A0AD-4CC8-916B-2493E9222F15}"= UDP:c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:Rockstar Games Social Club

"{50A408D2-B4E9-4E5F-8BC7-BCE69CC5210F}"= TCP:c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:Rockstar Games Social Club

"TCP Query User{2395E823-B988-4034-8655-4F18524715F8}c:\\aeriagames\\12sky\\twelvesky.exe"= UDP:c:\aeriagames\12sky\twelvesky.exe:TwelveSky

"UDP Query User{5716F99F-1A5A-47EA-B55F-F30E14122586}c:\\aeriagames\\12sky\\twelvesky.exe"= TCP:c:\aeriagames\12sky\twelvesky.exe:TwelveSky

"{DBE98471-46BE-4B46-9D52-C716DD91B505}"= UDP:c:\gamigo\LastChaosFra\LC.exe:LastChaos

"{56FC817A-0638-4037-B8AF-6CC6F6BD0E44}"= TCP:c:\gamigo\LastChaosFra\LC.exe:LastChaos

"TCP Query User{052B0820-D556-4744-BF1D-D7502EA70407}c:\\program files\\steam\\steamapps\\goltizg\\eternal-silence\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\eternal-silence\hl2.exe:hl2

"UDP Query User{977F3062-A874-4A0D-A64E-DE1F9D99E7F4}c:\\program files\\steam\\steamapps\\goltizg\\eternal-silence\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\eternal-silence\hl2.exe:hl2

"{1E7BF51F-1440-4C4C-B81F-6770296C0F73}"= UDP:c:\program files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:Grand Theft Auto IV

"{E29923E7-E872-4238-8F58-E10D71C7D029}"= TCP:c:\program files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:Grand Theft Auto IV

"{3FB78B5D-5F74-4503-9B60-D915CB6A471C}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)

"{705C95F6-1F43-43C3-9724-FEDB2D492D38}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]

"EnableFirewall"= 0 (0x0)

 

R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [01/05/2009 12:16 108289]

R2 eID CRL Service;eID CRL Service;c:\windows\System32\beidservicecrl.exe [20/06/2006 13:38 225280]

R2 eID Privacy Service;eID Privacy Service;c:\windows\System32\beidservicepcsc.exe [21/06/2006 09:47 331776]

R2 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [11/01/2009 11:22 55264]

R2 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 19:08 533360]

R2 NPF;NetGroup Packet Filter Driver;c:\windows\System32\drivers\npf.sys [06/11/2007 22:22 34064]

R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [12/02/2008 18:29 1153368]

R2 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [28/01/2009 09:39 185640]

R2 Viewpoint Service;Viewpoint Service;c:\program files\Viewpoint\Common\ViewpointService.exe [12/10/2008 21:53 30152]

R3 PAC207;SoC PC-Camera;c:\windows\System32\drivers\PFC027.SYS [05/12/2006 12:34 507136]

S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [19/12/2008 17:54 195752]

S3 mamotou;mamotou;c:\windows\System32\drivers\mamotou.sys [27/01/2008 16:50 49399]

S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]

S3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\System32\drivers\PCAMp50.sys [10/05/2009 20:17 28224]

S3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;c:\windows\System32\drivers\sis163u.sys [20/06/2005 09:12 215040]

S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\System32\drivers\teamviewervpn.sys [07/01/2008 10:37 25088]

S4 FLMCKUSB;AuthenTec TruePrint USB Driver (AES3400, AES3500, AES4000);c:\windows\System32\drivers\FLMckUSB.sys [16/10/2007 21:29 69810]

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

.

Contents of the 'Scheduled Tasks' folder

 

2009-09-08 c:\windows\Tasks\Extension de garantie.job

- c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2007-10-16 16:38]

 

2009-09-08 c:\windows\Tasks\Recovery DVD Creator.job

- c:\program files\Packard Bell\SetupMyPc\MCDCheck.exe [2007-10-16 16:34]

.

- - - - ORPHANS REMOVED - - - -

 

Notify-WB - (no file)

 

 

.

------- Supplementary Scan -------

.

uStart Page = hxxp://search.orbitdownloader.com

mStart Page = hxxp://ads.eorezo.com/cgi-bin/advert/getads.cgi?x_dp_id=18&x_format=redirect

IE: &Tout télécharger avec FlashGet - c:\program files\FlashGet\jc_all.htm

IE: &Télécharger avec FlashGet - c:\program files\FlashGet\jc_link.htm

IE: Link to &MidpX - c:\program files\Kwyshell\MidpX\JadInvoker\Extent\jad_wrap.htm

IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\killer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk

FF - ProfilePath - c:\users\killer\AppData\Roaming\Mozilla\Firefox\Profiles\fkru03hg.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FF - prefs.js: browser.search.selectedEngine - Wikipédia (fr)

FF - prefs.js: browser.startup.homepage - hxxp://fr.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official

FF - prefs.js: keyword.URL - hxxp://search.freecause.com/search?fr=freecause&ourmark=3&type=59831&ei=utf-8&yahoo_domain=search.yahoo.com&p=

FF - component: c:\users\killer\AppData\Roaming\Mozilla\Firefox\Profiles\fkru03hg.default\extensions\piclens@cooliris.com\components\coolirisstub.dll

FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

FF - plugin: c:\program files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll

FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll

FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll

FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll

FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-09-08 14:04

Windows 6.0.6001 Service Pack 1 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

 

[HKEY_USERS\S-1-5-21-3791306889-1641947110-789305838-1002\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7F6AD234-A64A-D8FB-9111-B9B8B7DFD0B2}*]

"iajfjhmklemadnoheg"=hex:63,61,61,66,70,65,00,67

"hafgeggikcfmjlih"=hex:67,61,6d,6a,61,66,6d,61,63,6c,69,67,6a,6d,00,00

 

[HKEY_USERS\S-1-5-21-3791306889-1641947110-789305838-1002\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]

@Allowed: (Read) (RestrictedCode)

"??"=hex:78,a6,24,c4,64,22,46,76,72,7d,4f,ae,89,0b,67,10,a7,38,80,82,a2,1c,66,

f4,8e,48,38,f0,b0,5e,7e,3b,26,f4,ef,e0,c7,d3,ba,93,7e,18,4b,36,55,b8,ac,ff,\

"??"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb

 

[HKEY_USERS\S-1-5-21-3791306889-1641947110-789305838-1002\Software\SecuROM\License information*]

@Allowed: (Read) (RestrictedCode)

"datasecu"=hex:bd,93,c0,90,95,26,63,0d,48,ea,f7,68,3a,77,b6,88,af,12,71,9c,38,

59,8f,ae,6f,de,fb,bc,e1,67,a1,1d,f6,65,a5,70,54,e7,e3,01,00,7e,bb,30,f2,b5,\

"rkeysecu"=hex:f9,7d,9f,5d,26,72,89,85,3d,be,2f,36,83,23,98,69

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{21b52f18-0848-463f-9368-84968c2a61e3}]

@DACL=(02 0000)

"Dhcpv6Iaid"=dword:1700ff21

"Dhcpv6State"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{41b65253-3201-42e3-9621-ac9c7f1ed70d}]

@DACL=(02 0000)

"Dhcpv6Iaid"=dword:1200032f

"Dhcpv6State"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{449451bd-1d85-45b3-88b9-632bb8ea36d0}]

@DACL=(02 0000)

"Dhcpv6Iaid"=dword:1500032f

"Dhcpv6State"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{836f9589-7ecb-4f16-bbc2-f47f5a3e5eae}]

@DACL=(02 0000)

"Dhcpv6Iaid"=dword:0d020054

"Dhcpv6State"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{941f5e83-3d4a-48f9-ad45-a1e41619a5e8}]

@DACL=(02 0000)

"Dhcpv6Iaid"=dword:0c001c25

"Dhcpv6State"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{9c642153-bfe0-4511-a0b6-e778ddd5ea9e}]

@DACL=(02 0000)

"Dhcpv6Iaid"=dword:07001422

"Dhcpv6State"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{ae8b5f80-f531-41b4-bb40-8007528fd4a0}]

@DACL=(02 0000)

"Dhcpv6Iaid"=dword:1a00032f

"Dhcpv6State"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{ccfa2a73-61cb-4ca0-915d-ddaf98abfb43}]

@DACL=(02 0000)

"Dhcpv6Iaid"=dword:1600032f

"Dhcpv6State"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{e2d054f6-6401-4fa2-ba19-39b453a74c83}]

@DACL=(02 0000)

"Dhcpv6Iaid"=dword:1400032f

"Dhcpv6State"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{f50c0996-5b4a-4c6a-a322-6e991d4caa0e}]

@DACL=(02 0000)

"Dhcpv6Iaid"=dword:06001422

"Dhcpv6State"=dword:00000000

.

Completion time: 2009-09-08 14:28

ComboFix-quarantined-files.txt 2009-09-08 12:28

 

Pre-Run: 171 208 007 680 octets libres

Post-Run: 171 081 703 424 octets libres

 

482 --- E O F --- 2009-09-08 09:03

Posté(e)
Salut Salut,j'espere que vous pouvez m'aider,mon pc lagg pendent les chargement, mais seulment apres quelque heur.

et sa me fait planter la souris la musique et tout...

 

j'ai fait un nettoyage avec antivir,avec l'anti malware,mais toujour pariel.

alor on ma conseiller combo fix, et je ne sais pas se qu'il faut que je lui demande de suprimer

donc voici le rapport,merci de votre aide et de votre patience :

 

 

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\$recycle.bin\S-1-5-21-1242926653-2254958597-335050124-500

c:\$recycle.bin\S-1-5-21-2138742642-2765880599-2234549539-500

c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500

C:\desktop.ini

c:\programdata\Microsoft\Network\Downloader\qmgr0.dat

c:\programdata\Microsoft\Network\Downloader\qmgr1.dat

c:\windows\Installer\16e10da.msi

c:\windows\Installer\18a6967.msi

c:\windows\Installer\18af775.msi

c:\windows\system32\dumphive.exe

c:\windows\system32\SrchSTS.exe

c:\windows\system32\tmp.reg

c:\windows\system32\VACFix.exe

c:\windows\system32\VCCLSID.exe

c:\windows\system32\WS2Fix.exe

 

----- BITS: Possible infected sites -----

 

hxxp://premium.virginmega.fr

.

((((((((((((((((((((((((( Files Created from 2009-08-08 to 2009-09-08 )))))))))))))))))))))))))))))))

.

 

2009-09-08 11:22 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-09-08 11:22 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-09-07 22:26 . 2009-09-08 11:37 -------- d-----w- c:\users\killer\AppData\Roaming\Moniteur neufbox

2009-09-07 22:26 . 2009-09-07 22:26 -------- d-----w- c:\program files\Moniteur neufbox

2009-09-02 20:00 . 2009-08-28 12:39 28672 ----a-w- c:\windows\system32\Apphlpdm.dll

2009-09-02 20:00 . 2009-08-28 10:15 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll

2009-09-02 16:28 . 2004-12-30 21:43 4682 ----a-w- c:\windows\system32\npptNT2.sys

2009-09-02 16:28 . 2009-09-02 16:28 -------- d-----w- c:\program files\Common Files\INCA Shared

2009-09-02 16:10 . 2009-09-02 16:10 -------- d-----w- c:\program files\gPotato.eu

2009-08-28 00:40 . 2009-06-22 10:22 2048 ----a-w- c:\windows\system32\tzres.dll

2009-08-15 05:35 . 2009-07-17 14:35 71680 ----a-w- c:\windows\system32\atl.dll

2009-08-15 05:35 . 2009-06-10 12:12 160256 ----a-w- c:\windows\system32\wkssvc.dll

2009-08-15 05:35 . 2009-06-04 12:34 2066432 ----a-w- c:\windows\system32\mstscax.dll

2009-08-15 05:35 . 2009-07-14 13:00 313344 ----a-w- c:\windows\system32\wmpdxm.dll

2009-08-15 05:35 . 2009-07-14 12:58 7680 ----a-w- c:\windows\system32\spwmp.dll

2009-08-15 05:35 . 2009-07-14 12:59 4096 ----a-w- c:\windows\system32\dxmasf.dll

2009-08-15 05:35 . 2009-07-14 10:59 8147456 ----a-w- c:\windows\system32\wmploc.DLL

2009-08-15 05:35 . 2009-06-10 11:45 206336 ----a-w- c:\windows\system32\telnet.exe

2009-08-15 05:35 . 2009-06-10 09:56 88576 ----a-w- c:\windows\system32\tlntsess.exe

2009-08-15 05:35 . 2009-06-10 12:07 91136 ----a-w- c:\windows\system32\avifil32.dll

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-09-08 11:38 . 2009-05-01 09:46 352615 ---ha-w- c:\windows\system32\drivers\vsconfig.xml

2009-09-08 11:29 . 2008-03-05 17:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2009-09-08 11:22 . 2009-09-08 11:22 687104 ----a-w- c:\windows\isRS-000.tmp

2009-09-08 09:53 . 2009-07-14 18:10 -------- d-----w- c:\users\killer\AppData\Roaming\IMVU

2009-09-07 21:00 . 2007-12-22 17:21 -------- d-----w- c:\users\killer\AppData\Roaming\uTorrent

2009-09-07 20:40 . 2008-11-25 20:48 -------- d-----w- c:\program files\Free Music Zilla

2009-09-07 10:56 . 2009-04-08 19:53 -------- d-----w- c:\program files\Steam

2009-09-06 10:37 . 2009-04-08 19:53 -------- d-----w- c:\program files\Common Files\Steam

2009-09-04 17:39 . 2008-06-04 13:39 -------- d-----w- c:\users\killer\AppData\Roaming\OpenOffice.org2

2009-09-02 18:10 . 2008-05-17 18:02 -------- d-----w- c:\users\killer\AppData\Roaming\teamspeak2

2009-09-01 18:41 . 2008-01-15 20:08 -------- d-----w- c:\program files\Navilog1

2009-09-01 16:32 . 2007-12-21 20:27 -------- d-----w- c:\programdata\Skype

2009-09-01 16:31 . 2009-03-03 17:55 -------- d-----w- c:\program files\Trials 2 Second Edition

2009-08-31 17:27 . 2007-10-16 19:32 733528 ----a-w- c:\windows\system32\perfh00C.dat

2009-08-31 17:27 . 2007-10-16 19:32 151100 ----a-w- c:\windows\system32\perfc00C.dat

2009-08-31 10:21 . 2009-01-12 11:23 -------- d-----w- c:\users\killer\AppData\Roaming\GrabIt

2009-08-31 10:04 . 2008-02-12 16:29 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2009-08-28 09:09 . 2009-07-14 18:09 -------- d-----w- c:\users\killer\AppData\Roaming\IMVUClient

2009-08-22 18:29 . 2009-05-01 10:16 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2009-08-21 16:09 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail

2009-08-07 17:51 . 2009-08-07 17:51 15308424 ----a-w- c:\windows\system32\xlive.dll

2009-08-07 17:51 . 2009-08-07 17:51 13642888 ----a-w- c:\windows\system32\xlivefnt.dll

2009-08-06 09:00 . 2008-05-12 14:57 -------- d-----w- c:\program files\Microsoft Silverlight

2009-07-30 22:51 . 2009-04-20 15:54 -------- d-----w- c:\program files\Mozilla Firefox 3.1 Beta 3

2009-07-29 20:58 . 2009-07-29 20:58 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf

2009-07-23 17:06 . 2009-07-23 17:06 -------- d-----w- c:\program files\Aspyr

2009-07-18 16:06 . 2009-07-29 10:24 827904 ----a-w- c:\windows\system32\wininet.dll

2009-07-18 16:01 . 2009-07-29 10:24 78336 ----a-w- c:\windows\system32\ieencode.dll

2009-07-18 09:46 . 2009-07-29 10:24 26624 ----a-w- c:\windows\system32\ieUnatt.exe

2009-07-16 10:07 . 2009-07-16 10:07 -------- d-----w- c:\users\killer\AppData\Roaming\vlc

2009-07-14 17:29 . 2009-07-14 17:29 -------- d-----w- c:\program files\QuickTime

2009-07-14 17:29 . 2009-07-14 17:29 -------- d-----w- c:\programdata\Apple Computer

2009-07-14 17:27 . 2009-07-14 17:27 -------- d-----w- c:\program files\Apple Software Update

2009-07-14 17:27 . 2009-07-14 17:27 -------- d-----w- c:\programdata\Apple

2009-07-14 15:18 . 2009-07-14 15:18 -------- d-----w- c:\users\killer\AppData\Roaming\dvdcss

2009-07-10 19:17 . 2007-12-21 17:52 -------- d-----w- c:\program files\Messenger Plus! Live

2009-06-30 21:48 . 2008-06-12 18:08 615424 ----a-w- c:\windows\system32\themeui.dll

2009-06-30 21:48 . 2008-06-12 18:09 240128 ----a-w- c:\windows\system32\uxtheme.dll

2009-06-15 15:24 . 2009-07-15 22:03 156672 ----a-w- c:\windows\system32\t2embed.dll

2009-06-15 15:20 . 2009-07-15 22:03 72704 ----a-w- c:\windows\system32\fontsub.dll

2009-06-15 15:20 . 2009-07-15 22:03 10240 ----a-w- c:\windows\system32\dciman32.dll

2009-06-15 12:52 . 2009-07-15 22:03 289792 ----a-w- c:\windows\system32\atmfd.dll

2007-12-02 11:36 . 2007-12-02 11:36 278528 ----a-w- c:\program files\Common Files\FDEUnInstaller.exe

2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll

2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll

2007-10-16 19:36 . 2007-10-16 19:36 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT

.

 

------- Sigcheck -------

 

 

 

 

 

 

 

[-] 2009-06-30 . 2406E3A5FAE743DCE81168A8CDB8573F . 247296 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll

[7] 2008-01-19 . 27F10F348E508243F6254846F8370D0D . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_cd305d2a1ced96e2\shsvcs.dll

[7] 2006-11-02 . B264DFA21677728613267FE63802B332 . 245248 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16386_none_caf99b2e2002860e\shsvcs.dll

 

c:\windows\system32\drivers\ip6fw.sys ... is missing !!

c:\windows\system32\msgsvc.dll ... is missing !!

c:\windows\system32\drivers\acpiec.sys ... is missing !!

c:\windows\system32\eventlog.dll ... is missing !!

c:\windows\system32\mspmsnsv.dll ... is missing !!

c:\windows\system32\xmlprov.dll ... is missing !!

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2007-08-30 205480]

"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2008-09-29 106496]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-05-05 3885408]

"Yodm3D"="c:\program files\yod\Yodm3D.exe" [2007-06-26 2058752]

"RGSC"="c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2009-04-02 306088]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-02-06 454000]

"Flashget"="c:\program files\FlashGet\flashget.exe" [2007-09-25 2007088]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-02 13683232]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-02 92704]

"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-03-03 959976]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]

 

c:\users\killer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Moniteur neufbox.lnk - c:\program files\Moniteur neufbox\Moniteur neufbox.exe [2009-2-13 589744]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3791306889-1641947110-789305838-1002]

"EnableNotificationsRef"=dword:00000003

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

"{8AC5EA2E-CD86-4E36-9E4A-279199C81C42}"= UDP:c:\program files\Skype\Phone\Skype.exe:Skype

"{100578F1-FA1E-4B77-8485-73477664AC76}"= TCP:c:\program files\Skype\Phone\Skype.exe:Skype

"{4806E01A-9C77-4772-BD62-429F06693237}"= Disabled:UDP:c:\skype\Phone\Skype.exe:Skype

"{9772019C-8C93-43EB-9EFA-0914C294CF87}"= Disabled:TCP:c:\skype\Phone\Skype.exe:Skype

"TCP Query User{B61C213E-E72E-40B9-B7E6-02633E7E8B5D}c:\\program files\\steam\\steamapps\\killeriders\\condition zero\\hl.exe"= UDP:c:\program files\steam\steamapps\killeriders\condition zero\hl.exe:Half-Life Launcher

"UDP Query User{85D2E8EA-2DEB-4B45-870B-670DC6435F35}c:\\program files\\steam\\steamapps\\killeriders\\condition zero\\hl.exe"= TCP:c:\program files\steam\steamapps\killeriders\condition zero\hl.exe:Half-Life Launcher

"TCP Query User{1DBCC857-D0AA-4F72-8A48-2FDBCCB023EC}c:\\program files\\microsoft games\\flight simulator 9\\fs9.exe"= UDP:c:\program files\microsoft games\flight simulator 9\fs9.exe:Microsoft Flight Simulator

"UDP Query User{857D29DD-59E2-449F-A30C-F51BEBF9EADF}c:\\program files\\microsoft games\\flight simulator 9\\fs9.exe"= TCP:c:\program files\microsoft games\flight simulator 9\fs9.exe:Microsoft Flight Simulator

"TCP Query User{F636588D-7F29-47B5-8080-121F16C89432}c:\\program files\\flashget\\flashget.exe"= UDP:c:\program files\flashget\flashget.exe:FlashGet

"UDP Query User{5B870C8B-4E09-400B-91EB-AEB69FA20A6A}c:\\program files\\flashget\\flashget.exe"= TCP:c:\program files\flashget\flashget.exe:FlashGet

"TCP Query User{DBB43B89-3D29-4249-BA2E-98D87D5929C4}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:uTorrent

"UDP Query User{59F44481-C787-406D-A782-B18CEDB1DE7E}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:uTorrent

"TCP Query User{14C6BC42-182D-491C-9789-D214CBABCA55}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox

"UDP Query User{0B236F6D-7609-4CEE-895E-401F47AE8A56}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox

"TCP Query User{C268F105-7A11-490B-802B-009A0A5A27B2}c:\\program files\\steam\\steamapps\\killeriders\\counter-strike\\hl.exe"= UDP:c:\program files\steam\steamapps\killeriders\counter-strike\hl.exe:Half-Life Launcher

"UDP Query User{1AD90AB9-F28F-4BDB-84C9-5322D394E4D3}c:\\program files\\steam\\steamapps\\killeriders\\counter-strike\\hl.exe"= TCP:c:\program files\steam\steamapps\killeriders\counter-strike\hl.exe:Half-Life Launcher

"TCP Query User{B65483C8-E765-4C24-A791-9BB48FFC68B4}c:\\users\\killer\\desktop\\half life\\half-life (steam-free) (hd pack) - counter-strike 1.6 - opposing force - blue shift - team fortress classic\\hl.exe"= UDP:c:\users\killer\desktop\half life\half-life (steam-free) (hd pack) - counter-strike 1.6 - opposing force - blue shift - team fortress classic\hl.exe:hl.exe

"UDP Query User{2ACA2757-CB55-4970-9822-FE3A078B245B}c:\\users\\killer\\desktop\\half life\\half-life (steam-free) (hd pack) - counter-strike 1.6 - opposing force - blue shift - team fortress classic\\hl.exe"= TCP:c:\users\killer\desktop\half life\half-life (steam-free) (hd pack) - counter-strike 1.6 - opposing force - blue shift - team fortress classic\hl.exe:hl.exe

"TCP Query User{F6FA46FA-AC51-42E4-9242-609100875546}c:\\users\\killer\\desktop\\half life\\half-life (steam-free) (hd pack) - counter-strike 1.6 - opposing force - blue shift - team fortress classic\\hltv.exe"= UDP:c:\users\killer\desktop\half life\half-life (steam-free) (hd pack) - counter-strike 1.6 - opposing force - blue shift - team fortress classic\hltv.exe:hltv.exe

"UDP Query User{AC8F8A3E-5FF1-4C70-BD02-88AF2609ED35}c:\\users\\killer\\desktop\\half life\\half-life (steam-free) (hd pack) - counter-strike 1.6 - opposing force - blue shift - team fortress classic\\hltv.exe"= TCP:c:\users\killer\desktop\half life\half-life (steam-free) (hd pack) - counter-strike 1.6 - opposing force - blue shift - team fortress classic\hltv.exe:hltv.exe

"TCP Query User{BD95F7B8-5D2C-4C90-8873-DD27878DEA20}c:\\windows\\system32\\dpnsvr.exe"= UDP:c:\windows\system32\dpnsvr.exe:Serveur Microsoft DirectPlay 8

"UDP Query User{4B59C480-4CD3-410B-8302-719B1BEAF3CC}c:\\windows\\system32\\dpnsvr.exe"= TCP:c:\windows\system32\dpnsvr.exe:Serveur Microsoft DirectPlay 8

"TCP Query User{3EB6B3CF-B303-40B8-BB4C-BDBB58317B1F}c:\\program files\\ubisoft\\tom clancy's splinter cell chaos theory\\versus\\system\\scct_versus.ex"= UDP:c:\program files\ubisoft\tom clancy's splinter cell chaos theory\versus\system\scct_versus.ex:SCCT_Versus.ex

"UDP Query User{1E93FD61-4DA7-4232-AFA7-1051E94CBAC4}c:\\program files\\ubisoft\\tom clancy's splinter cell chaos theory\\versus\\system\\scct_versus.ex"= TCP:c:\program files\ubisoft\tom clancy's splinter cell chaos theory\versus\system\scct_versus.ex:SCCT_Versus.ex

"TCP Query User{8779561E-CBB8-4CE2-96F9-B3DF7FDD9044}c:\\program files\\inventel\\gateway\\rgwrepair.exe"= UDP:c:\program files\inventel\gateway\rgwrepair.exe:RGWRepair

"UDP Query User{45F308D7-639C-41A1-8C53-2D17CE136565}c:\\program files\\inventel\\gateway\\rgwrepair.exe"= TCP:c:\program files\inventel\gateway\rgwrepair.exe:RGWRepair

"TCP Query User{1237AFA4-369F-4E97-AE33-FDB45159F182}c:\\program files\\gamespy\\comrade\\comrade.exe"= UDP:c:\program files\gamespy\comrade\comrade.exe:Comrade

"UDP Query User{A05B1A72-23B0-4D15-BB2A-BAF08AF2F015}c:\\program files\\gamespy\\comrade\\comrade.exe"= TCP:c:\program files\gamespy\comrade\comrade.exe:Comrade

"TCP Query User{E93C6DAE-4DBD-48F8-8BED-567464AE9579}c:\\program files\\steam\\steamapps\\thebosslulu\\condition zero\\hl.exe"= UDP:c:\program files\steam\steamapps\thebosslulu\condition zero\hl.exe:Half-Life Launcher

"UDP Query User{9C5FA17C-64B7-4FEF-ACFD-6C5D714F2CB7}c:\\program files\\steam\\steamapps\\thebosslulu\\condition zero\\hl.exe"= TCP:c:\program files\steam\steamapps\thebosslulu\condition zero\hl.exe:Half-Life Launcher

"TCP Query User{4489EF0F-C32D-4E1E-96E7-D2A0FD2DC48B}c:\\program files\\steam\\steamapps\\thebosslulu\\counter-strike\\hl.exe"= UDP:c:\program files\steam\steamapps\thebosslulu\counter-strike\hl.exe:Half-Life Launcher

"UDP Query User{DB0EC54F-1CDA-4D54-B3C2-169779965B96}c:\\program files\\steam\\steamapps\\thebosslulu\\counter-strike\\hl.exe"= TCP:c:\program files\steam\steamapps\thebosslulu\counter-strike\hl.exe:Half-Life Launcher

"TCP Query User{D5183DCF-6631-423E-BADC-636BD2C529C8}c:\\users\\killer\\desktop\\h4ck0r1sus.exe"= UDP:c:\users\killer\desktop\h4ck0r1sus.exe:h4ck0r1sus.exe

"UDP Query User{2A5AB143-B0EB-45BB-9F9E-650F5313AC12}c:\\users\\killer\\desktop\\h4ck0r1sus.exe"= TCP:c:\users\killer\desktop\h4ck0r1sus.exe:h4ck0r1sus.exe

"TCP Query User{1B4EC4E4-66C4-48E2-B8FB-990267BD6C96}c:\\program files\\autodesk\\maya 8.5 personal learning edition\\bin\\maya.exe"= UDP:c:\program files\autodesk\maya 8.5 personal learning edition\bin\maya.exe:Maya

"UDP Query User{3F53A95C-ADAD-49DC-B657-E9A9AF466C46}c:\\program files\\autodesk\\maya 8.5 personal learning edition\\bin\\maya.exe"= TCP:c:\program files\autodesk\maya 8.5 personal learning edition\bin\maya.exe:Maya

"TCP Query User{BEF95DAA-572E-409B-B051-6FB236C45A4D}c:\\windows\\system32\\java.exe"= UDP:c:\windows\system32\java.exe:Java Platform SE binary

"UDP Query User{8A23FB0C-F683-4134-BB67-BCB4297E746A}c:\\windows\\system32\\java.exe"= TCP:c:\windows\system32\java.exe:Java Platform SE binary

"TCP Query User{9DECE28B-CC25-46C1-89B5-9B2CFDA5FF74}c:\\program files\\secondlife\\slvoice.exe"= UDP:c:\program files\secondlife\slvoice.exe:SLVoice

"UDP Query User{4EB819BE-89B3-4B30-971D-6B2CD9C32B18}c:\\program files\\secondlife\\slvoice.exe"= TCP:c:\program files\secondlife\slvoice.exe:SLVoice

"{B1748944-3EE4-4922-8F36-B1B0B0BDA5C5}"= UDP:5900:vnc

"TCP Query User{A41CA44F-E34E-4BBB-8B5E-658EF04F5A73}c:\\program files\\sierra entertainment\\timeshift\\bin\\timeshift.exe"= UDP:c:\program files\sierra entertainment\timeshift\bin\timeshift.exe:TimeShift

"UDP Query User{B4A13D21-847D-4F58-9920-74F7FEB0F299}c:\\program files\\sierra entertainment\\timeshift\\bin\\timeshift.exe"= TCP:c:\program files\sierra entertainment\timeshift\bin\timeshift.exe:TimeShift

"TCP Query User{A604EAF4-B6AB-4AE8-A52D-1F06433E1B43}c:\\program files\\ultravnc\\winvnc.exe"= UDP:c:\program files\ultravnc\winvnc.exe:VNC server for Win32

"UDP Query User{B6FF63A0-D577-4425-A391-F9D9E45A8856}c:\\program files\\ultravnc\\winvnc.exe"= TCP:c:\program files\ultravnc\winvnc.exe:VNC server for Win32

"TCP Query User{5A2F54BE-3E13-4864-BBA6-6C71FBB0E06E}c:\\program files\\steam\\steamapps\\thebosslulu\\dedicated server\\hlds.exe"= UDP:c:\program files\steam\steamapps\thebosslulu\dedicated server\hlds.exe:HLDS Launcher

"UDP Query User{4273C631-6EEE-4183-9C74-94E49E623856}c:\\program files\\steam\\steamapps\\thebosslulu\\dedicated server\\hlds.exe"= TCP:c:\program files\steam\steamapps\thebosslulu\dedicated server\hlds.exe:HLDS Launcher

"TCP Query User{8BC27F39-FBD3-42E6-8AEA-E4ED2A9A4CA7}c:\\program files\\world of warcraft\\wow-1.12.0-frfr-downloader.exe"= UDP:c:\program files\world of warcraft\wow-1.12.0-frfr-downloader.exe:Blizzard Downloader

"UDP Query User{274709FE-D1F9-4CB9-A170-4B2DE4835044}c:\\program files\\world of warcraft\\wow-1.12.0-frfr-downloader.exe"= TCP:c:\program files\world of warcraft\wow-1.12.0-frfr-downloader.exe:Blizzard Downloader

"TCP Query User{42B069EE-DBB9-40A4-A6BC-AFC3801FF1E7}c:\\program files\\world of warcraft\\wow-1.12.x-to-2.0.1-frfr-patch-downloader.exe"= UDP:c:\program files\world of warcraft\wow-1.12.x-to-2.0.1-frfr-patch-downloader.exe:Blizzard Downloader

"UDP Query User{AF730F62-2CC1-4FF2-A2E2-05B09574BF2C}c:\\program files\\world of warcraft\\wow-1.12.x-to-2.0.1-frfr-patch-downloader.exe"= TCP:c:\program files\world of warcraft\wow-1.12.x-to-2.0.1-frfr-patch-downloader.exe:Blizzard Downloader

"TCP Query User{8BA7E18B-FDAA-419F-A7B4-B7F46C80AAC6}c:\\users\\killer\\desktop\\media bureau\\hack\\prorat\\proconnective.exe"= UDP:c:\users\killer\desktop\media bureau\hack\prorat\proconnective.exe:proconnective.exe

"UDP Query User{FA80034D-0A0D-45CF-8924-331BA201D808}c:\\users\\killer\\desktop\\media bureau\\hack\\prorat\\proconnective.exe"= TCP:c:\users\killer\desktop\media bureau\hack\prorat\proconnective.exe:proconnective.exe

"TCP Query User{0DB4C013-E896-4B4A-88BF-2AF8FC36A48D}c:\\users\\killer\\documents\\mes fichiers reçus\\wow-burningcrusade-frfr-installer-downloader\\wow-burningcrusade-frfr-installer-downloader.exe"= UDP:c:\users\killer\documents\mes fichiers reçus\wow-burningcrusade-frfr-installer-downloader\wow-burningcrusade-frfr-installer-downloader.exe:wow-burningcrusade-frfr-installer-downloader.exe

"UDP Query User{A1031E36-CB49-41FD-9D2B-68291A0E8EB0}c:\\users\\killer\\documents\\mes fichiers reçus\\wow-burningcrusade-frfr-installer-downloader\\wow-burningcrusade-frfr-installer-downloader.exe"= TCP:c:\users\killer\documents\mes fichiers reçus\wow-burningcrusade-frfr-installer-downloader\wow-burningcrusade-frfr-installer-downloader.exe:wow-burningcrusade-frfr-installer-downloader.exe

"{79209FD0-EBB9-442B-839C-720AD12C3AC0}"= TCP:27015:dedicaced server

"{3CF96722-743F-4EE4-B528-D7C2207ED6AD}"= UDP:27015:dedicaced

"{6D2F1C1B-DBBB-4721-9031-76746593CA85}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA

"{238389C1-0C53-4600-A743-BE3E63607B98}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA

"{DF259644-E5FC-4631-96D5-6B8DDBC32BDA}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB

"{7474A9BD-A72B-4B70-ADA6-064B6980199F}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB

"TCP Query User{FCC625B5-2D89-4A7F-BB43-6BAB8E4B7DB0}c:\\users\\killer\\desktop\\nobacko\\nobacko.exe"= UDP:c:\users\killer\desktop\nobacko\nobacko.exe:nobacko.exe

"UDP Query User{BC66515F-3877-42CD-8775-AC508798E408}c:\\users\\killer\\desktop\\nobacko\\nobacko.exe"= TCP:c:\users\killer\desktop\nobacko\nobacko.exe:nobacko.exe

"TCP Query User{D2C9DEE7-BD22-4F93-859B-24FA7AE613A5}c:\\program files\\ghostsurf 2005\\proxy.exe"= UDP:c:\program files\ghostsurf 2005\proxy.exe:GhostSurf proxy

"UDP Query User{3EFAC972-7443-48F2-AABA-689EFBA6E49A}c:\\program files\\ghostsurf 2005\\proxy.exe"= TCP:c:\program files\ghostsurf 2005\proxy.exe:GhostSurf proxy

"TCP Query User{56204778-8DBD-4A6A-905F-0A7704F194CB}c:\\program files\\teamspeak2_rc2\\server_windows.exe"= UDP:c:\program files\teamspeak2_rc2\server_windows.exe:Server

"UDP Query User{1F8B7009-2D6E-482E-B010-ADFBC72695F5}c:\\program files\\teamspeak2_rc2\\server_windows.exe"= TCP:c:\program files\teamspeak2_rc2\server_windows.exe:Server

"TCP Query User{79DB7538-2851-4569-8A1C-580AB5710A73}c:\\program files\\steam\\steamapps\\thebosslulu\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\thebosslulu\counter-strike source\hl2.exe:hl2

"UDP Query User{07CC567A-85AE-43E0-B5C1-3E54D90990D6}c:\\program files\\steam\\steamapps\\thebosslulu\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\thebosslulu\counter-strike source\hl2.exe:hl2

"TCP Query User{2CE9B131-CA32-412E-85F0-82D24B1982F4}c:\\program files\\steam\\steamapps\\thebosslulu\\condition zero deleted scenes\\hl.exe"= UDP:c:\program files\steam\steamapps\thebosslulu\condition zero deleted scenes\hl.exe:Half-Life Launcher

"UDP Query User{325B0CC0-97F0-4773-B5A3-4C52348D8D1E}c:\\program files\\steam\\steamapps\\thebosslulu\\condition zero deleted scenes\\hl.exe"= TCP:c:\program files\steam\steamapps\thebosslulu\condition zero deleted scenes\hl.exe:Half-Life Launcher

"TCP Query User{DDCD7A30-715E-4875-9227-D552BEBDFCF6}c:\\program files\\steam\\steamapps\\thebosslulu\\day of defeat\\hl.exe"= UDP:c:\program files\steam\steamapps\thebosslulu\day of defeat\hl.exe:Half-Life Launcher

"UDP Query User{2D63CC16-9DD6-4871-865F-7167B19B68D1}c:\\program files\\steam\\steamapps\\thebosslulu\\day of defeat\\hl.exe"= TCP:c:\program files\steam\steamapps\thebosslulu\day of defeat\hl.exe:Half-Life Launcher

"TCP Query User{CCE13EE0-EABA-472E-A9E2-71E12AFA5C8F}c:\\program files\\flightgear\\bin\\win32\\fgfs.exe"= UDP:c:\program files\flightgear\bin\win32\fgfs.exe:fgfs

"UDP Query User{8F7978C1-ABC7-48A9-94BC-D5038493E2D9}c:\\program files\\flightgear\\bin\\win32\\fgfs.exe"= TCP:c:\program files\flightgear\bin\win32\fgfs.exe:fgfs

"TCP Query User{9E818321-79B3-4F00-81D3-8AEE2781D965}c:\\program files\\steam\\steamapps\\thebosslulu\\deathmatch classic\\hl.exe"= UDP:c:\program files\steam\steamapps\thebosslulu\deathmatch classic\hl.exe:Half-Life Launcher

"UDP Query User{FED6CBE3-AF7E-48C1-9F7C-DCEA98314067}c:\\program files\\steam\\steamapps\\thebosslulu\\deathmatch classic\\hl.exe"= TCP:c:\program files\steam\steamapps\thebosslulu\deathmatch classic\hl.exe:Half-Life Launcher

"TCP Query User{9EE7181A-9D11-4493-8448-151299765156}c:\\program files\\steam\\steamapps\\scauis\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\scauis\counter-strike source\hl2.exe:hl2

"UDP Query User{4F98DB9C-9510-45ED-BA72-7CBD6A79D40A}c:\\program files\\steam\\steamapps\\scauis\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\scauis\counter-strike source\hl2.exe:hl2

"TCP Query User{876F301C-8D50-4778-909A-687A9B776E63}c:\\program files\\activision value\\soldier of fortune payback\\sof3.exe"= UDP:c:\program files\activision value\soldier of fortune payback\sof3.exe:sof3

"UDP Query User{4A0A70F4-5426-44FF-BDDA-E5A53C089C60}c:\\program files\\activision value\\soldier of fortune payback\\sof3.exe"= TCP:c:\program files\activision value\soldier of fortune payback\sof3.exe:sof3

"TCP Query User{A3580BD0-1144-4A55-BB0D-A8423BE60F89}c:\\program files\\steam\\steamapps\\scauis\\condition zero\\hl.exe"= UDP:c:\program files\steam\steamapps\scauis\condition zero\hl.exe:Half-Life Launcher

"UDP Query User{551541FF-BA1B-41BD-8099-205CEB5CE368}c:\\program files\\steam\\steamapps\\scauis\\condition zero\\hl.exe"= TCP:c:\program files\steam\steamapps\scauis\condition zero\hl.exe:Half-Life Launcher

"TCP Query User{EEC2DDB8-8D82-48FD-B33E-F2A38DAB3386}c:\\program files\\steam\\steamapps\\goltizg\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\counter-strike source\hl2.exe:hl2

"UDP Query User{E497E5B0-FE99-45B5-AA91-22093EBD37AE}c:\\program files\\steam\\steamapps\\goltizg\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\counter-strike source\hl2.exe:hl2

"TCP Query User{767EA878-39D2-4820-9756-134B14EAAC00}c:\\program files\\steam\\steamapps\\goltizg\\source dedicated server\\srcds.exe"= UDP:c:\program files\steam\steamapps\goltizg\source dedicated server\srcds.exe:srcds

"UDP Query User{7CACDB5B-AC11-4827-BFA6-EBF62FB161AF}c:\\program files\\steam\\steamapps\\goltizg\\source dedicated server\\srcds.exe"= TCP:c:\program files\steam\steamapps\goltizg\source dedicated server\srcds.exe:srcds

"{E65C1690-094C-4C0D-9E7F-394A63CD0FF9}"= UDP:c:\program files\WarRock\WRLauncher.exe:Launch WRLauncher.exe

"{53050C2C-AB72-46CA-ABC6-1DE9958E58D2}"= TCP:c:\program files\WarRock\WRLauncher.exe:Launch WRLauncher.exe

"{D7813FF8-5ED1-4C65-92DF-0ADEA41D6A51}"= UDP:c:\program files\WarRock\WRUpdater.exe:Launch WRUpdater.exe

"{2402E81D-B1B2-475D-8F28-774DB2B3C844}"= TCP:c:\program files\WarRock\WRUpdater.exe:Launch WRUpdater.exe

"TCP Query User{CF6C7BB9-AC01-43A2-B273-BEC8B1A3A017}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client

"UDP Query User{72BA0BC9-13D6-4CE7-8ED4-6BE021543C12}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client

"TCP Query User{DE6D2972-2719-4FEA-84A0-62D39FFFD368}c:\\program files\\steam\\steamapps\\goltizg\\half-life 2 deathmatch\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\half-life 2 deathmatch\hl2.exe:hl2

"UDP Query User{F723381E-9167-48D1-9C40-F6BCA4E2BC99}c:\\program files\\steam\\steamapps\\goltizg\\half-life 2 deathmatch\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\half-life 2 deathmatch\hl2.exe:hl2

"TCP Query User{83E60C1E-29EF-449F-BED2-1B697511E31C}c:\\users\\killer\\temp\\teamviewer3\\teamviewer.exe"= UDP:c:\users\killer\temp\teamviewer3\teamviewer.exe:teamviewer.exe

"UDP Query User{3BD9F2D9-35E8-44DA-9620-934881B3ECC5}c:\\users\\killer\\temp\\teamviewer3\\teamviewer.exe"= TCP:c:\users\killer\temp\teamviewer3\teamviewer.exe:teamviewer.exe

"{E349056E-A3E5-46CB-B072-1DE055BECE2D}"= UDP:1723:vpn

"{13355037-1968-4CEE-AFE9-3E805BE65E84}"= TCP:1723:vpn

"{12384E8F-0AF9-431D-9160-04E16049DB56}"= UDP:1701:vpn

"{04F4BB5F-756E-41B0-A0BF-A32F6E3B8464}"= TCP:1701:vpn

"TCP Query User{4A7904E2-9493-4AD4-803F-7E55006ABB68}c:\\program files\\steam\\steamapps\\goltizg\\day of defeat source\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\day of defeat source\hl2.exe:hl2

"UDP Query User{2276CF6F-4CA1-43E6-952B-7F7329BB5798}c:\\program files\\steam\\steamapps\\goltizg\\day of defeat source\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\day of defeat source\hl2.exe:hl2

"{69184ED1-0506-4E2B-B139-84C7DE0FBA10}"= Disabled:UDP:c:\program files\Empire Interactive\Strangelite\Starship Troopers\STGame.exe:Starship Troopers

"{ED28DD4B-676F-429D-961C-0B06391493DA}"= Disabled:TCP:c:\program files\Empire Interactive\Strangelite\Starship Troopers\STGame.exe:Starship Troopers

"TCP Query User{C52010F3-BE9D-485B-9AA6-24D411E68245}c:\\program files\\wolfenstein - enemy territory\\et.exe"= UDP:c:\program files\wolfenstein - enemy territory\et.exe:ET

"UDP Query User{F1E6933C-3DF2-4256-8CA4-52569AC0BBC0}c:\\program files\\wolfenstein - enemy territory\\et.exe"= TCP:c:\program files\wolfenstein - enemy territory\et.exe:ET

"TCP Query User{3D869DDC-40E6-44B1-9D6D-AA3E66BDF53A}c:\\program files\\steam\\steamapps\\goltizg\\synergy\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\synergy\hl2.exe:hl2

"UDP Query User{D0884577-00FF-4194-BA6D-2FADF8D16345}c:\\program files\\steam\\steamapps\\goltizg\\synergy\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\synergy\hl2.exe:hl2

"TCP Query User{BACF1F72-95BD-4E93-8B5D-60A44273121A}c:\\program files\\steam\\steamapps\\goltizg\\age of chivalry\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\age of chivalry\hl2.exe:hl2

"UDP Query User{C866394A-64CD-402A-920F-B979DDA8EB5C}c:\\program files\\steam\\steamapps\\goltizg\\age of chivalry\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\age of chivalry\hl2.exe:hl2

"TCP Query User{F6290353-B228-4227-9BA5-A4C0FE061C56}c:\\program files\\steam\\steamapps\\goltizg\\diprip warm up\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\diprip warm up\hl2.exe:hl2

"UDP Query User{EF5484C8-763D-4939-B3DE-C2D9470FE383}c:\\program files\\steam\\steamapps\\goltizg\\diprip warm up\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\diprip warm up\hl2.exe:hl2

"TCP Query User{93940591-5135-4A94-88CB-D50A28B475AC}c:\\program files\\steam\\steamapps\\goltizg\\zombie panic! source\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\zombie panic! source\hl2.exe:hl2

"UDP Query User{F9874AB2-9A13-4B80-AA8B-08B0684CEEFC}c:\\program files\\steam\\steamapps\\goltizg\\zombie panic! source\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\zombie panic! source\hl2.exe:hl2

"TCP Query User{78E13ABC-556B-453A-AAC5-161E3EF896F8}c:\\program files\\steam\\steamapps\\goltizg\\insurgency\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\insurgency\hl2.exe:hl2

"UDP Query User{A6A908E6-32A3-4F5D-B615-AF20CE0D8DC7}c:\\program files\\steam\\steamapps\\goltizg\\insurgency\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\insurgency\hl2.exe:hl2

"TCP Query User{221F5A3B-4363-4676-B2B8-E14DFB05492B}c:\\program files\\steam\\steamapps\\goltizg\\source sdk base\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\source sdk base\hl2.exe:hl2

"UDP Query User{8E59C87E-73F5-41BE-806F-1A21C5BBF72C}c:\\program files\\steam\\steamapps\\goltizg\\source sdk base\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\source sdk base\hl2.exe:hl2

"TCP Query User{DD99D91C-5B72-497C-B3B8-F10EDD79618D}c:\\program files\\steam\\steamapps\\goltizg\\source sdk base 2007\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\source sdk base 2007\hl2.exe:hl2

"UDP Query User{EBF8E4D6-3F39-49A0-A407-9DDB12775774}c:\\program files\\steam\\steamapps\\goltizg\\source sdk base 2007\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\source sdk base 2007\hl2.exe:hl2

"{09CF9494-A343-40B3-9915-D8423A9627B6}"= UDP:c:\program files\SecondLife\SecondLife.exe:SecondLife

"{074E531D-D7F1-4268-A848-8F4BA88B51FD}"= TCP:c:\program files\SecondLife\SecondLife.exe:SecondLife

"TCP Query User{2D456C4C-F71C-431A-A9DA-184D49B62FF8}c:\\program files\\free music zilla\\fmzilla.exe"= UDP:c:\program files\free music zilla\fmzilla.exe:FMZilla Module

"UDP Query User{480FE489-76A5-4F8A-A410-313C11F396EE}c:\\program files\\free music zilla\\fmzilla.exe"= TCP:c:\program files\free music zilla\fmzilla.exe:FMZilla Module

"TCP Query User{E8D988C5-FBD4-43B0-AEED-483F732E67AD}c:\\program files\\tmnationsforever\\tmforever.exe"= UDP:c:\program files\tmnationsforever\tmforever.exe:TmForever

"UDP Query User{21A21C9C-DEED-4E30-8364-70A2E58CEC2C}c:\\program files\\tmnationsforever\\tmforever.exe"= TCP:c:\program files\tmnationsforever\tmforever.exe:TmForever

"TCP Query User{A2A73605-82AA-4C48-9581-8C845233E913}c:\\program files\\tmunitedforever\\tmforever.exe"= UDP:c:\program files\tmunitedforever\tmforever.exe:TmForever

"UDP Query User{3539C70E-03D8-4F74-AA33-06A5985B7600}c:\\program files\\tmunitedforever\\tmforever.exe"= TCP:c:\program files\tmunitedforever\tmforever.exe:TmForever

"TCP Query User{178B5B7B-4E91-48AF-8884-9F64E5B12F28}c:\\program files\\hand-crafted software\\freeproxy\\freeproxy.exe"= UDP:c:\program files\hand-crafted software\freeproxy\freeproxy.exe:FreeProxy

"UDP Query User{110566F0-87EF-4767-B37A-B5195F7A56B9}c:\\program files\\hand-crafted software\\freeproxy\\freeproxy.exe"= TCP:c:\program files\hand-crafted software\freeproxy\freeproxy.exe:FreeProxy

"TCP Query User{CE9D8B55-55F2-4BDA-AA28-671DA690A293}c:\\downloads\\dead.space. [pc.dvd].[gamestorrents.com]\\deadspace-clone\\dead.space.crack-darkc0der\\dead space.exe"= UDP:c:\downloads\dead.space. [pc.dvd].[gamestorrents.com]\deadspace-clone\dead.space.crack-darkc0der\dead space.exe:Dead Space

"UDP Query User{1D5CE7CE-FBE1-4FFD-86C7-1831136D0E04}c:\\downloads\\dead.space. [pc.dvd].[gamestorrents.com]\\deadspace-clone\\dead.space.crack-darkc0der\\dead space.exe"= TCP:c:\downloads\dead.space. [pc.dvd].[gamestorrents.com]\deadspace-clone\dead.space.crack-darkc0der\dead space.exe:Dead Space

"TCP Query User{DC54AA86-C372-4D53-8C48-D8237ED63540}c:\\program files\\electronic arts\\dead space\\dead space.exe"= UDP:c:\program files\electronic arts\dead space\dead space.exe:Dead Space

"UDP Query User{CD998B69-720B-4687-BA1F-C740C40ADC09}c:\\program files\\electronic arts\\dead space\\dead space.exe"= TCP:c:\program files\electronic arts\dead space\dead space.exe:Dead Space

"TCP Query User{7C7EEA62-6D21-4100-B7ED-A50FEC2A538D}x:\\program files\\empire interactive\\flatout2\\flatout2.exe"= UDP:x:\program files\empire interactive\flatout2\flatout2.exe:flatout2.exe

"UDP Query User{AEDD91AE-BA99-493B-8CFB-BD344A00C359}x:\\program files\\empire interactive\\flatout2\\flatout2.exe"= TCP:x:\program files\empire interactive\flatout2\flatout2.exe:flatout2.exe

"TCP Query User{19752DEE-3728-4B27-97A6-6120660FDC1F}c:\\program files\\unreal tournament 3\\binaries\\ut3.exe"= UDP:c:\program files\unreal tournament 3\binaries\ut3.exe:UT3

"UDP Query User{7207EF20-C687-4FEF-B4C2-7F7079165C88}c:\\program files\\unreal tournament 3\\binaries\\ut3.exe"= TCP:c:\program files\unreal tournament 3\binaries\ut3.exe:UT3

"TCP Query User{0750461A-92A8-47C5-823B-A98492CDB974}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule

"UDP Query User{32C264FC-4D1C-48C4-90C8-EFAB237CBC7D}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule

"TCP Query User{5433DB0D-1F3C-45D9-A9B6-7EBFC84034A7}x:\\program files\\codemasters\\overlord\\overlord.exe"= UDP:x:\program files\codemasters\overlord\overlord.exe:overlord.exe

"UDP Query User{C4C70453-B9F3-4CFC-88E3-3FE6AD7C30E0}x:\\program files\\codemasters\\overlord\\overlord.exe"= TCP:x:\program files\codemasters\overlord\overlord.exe:overlord.exe

"{06D62CD7-131C-4F83-A0FD-B07A22E975B8}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp

"{A40A913D-BABC-4445-831D-035B85905105}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp

"{7F74A43A-4DB1-495C-8B9C-00D2B98A1EE6}"= UDP:c:\program files\ma-config.com\maconfservice.exe:maconfservice

"{FC7FA904-4DD4-46FB-B4B1-36874BE81D0F}"= TCP:c:\program files\ma-config.com\maconfservice.exe:maconfservice

"TCP Query User{18EC1943-C429-49B4-B4CF-6194C9251819}c:\\program files\\atari\\test drive unlimited\\testdriveunlimited.exe"= UDP:c:\program files\atari\test drive unlimited\testdriveunlimited.exe:Test Drive Unlimited

"UDP Query User{9A4AA16F-DD40-4398-BC34-84C8D71BF21E}c:\\program files\\atari\\test drive unlimited\\testdriveunlimited.exe"= TCP:c:\program files\atari\test drive unlimited\testdriveunlimited.exe:Test Drive Unlimited

"TCP Query User{734F412F-C684-41E7-B84A-2D90AFE0C698}x:\\bos\\bos.exe"= UDP:x:\bos\bos.exe:bos.exe

"UDP Query User{A5A06849-8155-43DE-8290-12AF3DBA6ACB}x:\\bos\\bos.exe"= TCP:x:\bos\bos.exe:bos.exe

"TCP Query User{9DCCCB44-D92E-4DA3-AD6B-EE20816D862E}c:\\program files\\electronic arts\\eadm\\core.exe"= UDP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager

"UDP Query User{AFCA7027-844D-466A-B103-FCB225553978}c:\\program files\\electronic arts\\eadm\\core.exe"= TCP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager

"TCP Query User{3A39799B-FE81-4E6F-9C8A-F7B8BF75C1CA}c:\\users\\killer\\temp\\teamviewer\\version4\\teamviewer.exe"= UDP:c:\users\killer\temp\teamviewer\version4\teamviewer.exe:teamviewer.exe

"UDP Query User{3C0DA3D3-51FC-499C-AE55-BDB04E2E81A1}c:\\users\\killer\\temp\\teamviewer\\version4\\teamviewer.exe"= TCP:c:\users\killer\temp\teamviewer\version4\teamviewer.exe:teamviewer.exe

"{7BA2B58C-E485-41F5-A0BD-1A209385D771}"= UDP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player

"{3B9E9C16-1834-4DE3-8C4A-B5D8246A4F91}"= TCP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player

"TCP Query User{15BCD6DD-BB7A-40B1-855A-4969EA8D03F8}c:\\program files\\orbitdownloader\\orbitnet.exe"= UDP:c:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader

"UDP Query User{5A1AB004-938F-4001-8E0D-5DE53AF10AE5}c:\\program files\\orbitdownloader\\orbitnet.exe"= TCP:c:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader

"TCP Query User{9646F915-67D2-45C3-88D7-BDC85CC95F08}x:\\program files\\atari\\boiling point\\xenus.exe"= UDP:x:\program files\atari\boiling point\xenus.exe:xenus.exe

"UDP Query User{A03812AD-DD4C-4386-BAB8-24767E138711}x:\\program files\\atari\\boiling point\\xenus.exe"= TCP:x:\program files\atari\boiling point\xenus.exe:xenus.exe

"TCP Query User{31E4CF4E-7111-456D-B97E-034D5FF113C3}c:\\program files\\maxon\\net render r11\\net render client.exe"= UDP:c:\program files\maxon\net render r11\net render client.exe:CINEMA 4D ®

"UDP Query User{65C5CC9A-59E9-48E3-9E6E-CC2FCC5A6653}c:\\program files\\maxon\\net render r11\\net render client.exe"= TCP:c:\program files\maxon\net render r11\net render client.exe:CINEMA 4D ®

"TCP Query User{9D6D60DD-144F-4C4C-BD15-1716BF4C8A08}c:\\users\\killer\\desktop\\hack\\hack\\4_floodteamspeak\\spamer.exe"= UDP:c:\users\killer\desktop\hack\hack\4_floodteamspeak\spamer.exe:spamer.exe

"UDP Query User{903DB654-305B-4109-8624-79089C0747FB}c:\\users\\killer\\desktop\\hack\\hack\\4_floodteamspeak\\spamer.exe"= TCP:c:\users\killer\desktop\hack\hack\4_floodteamspeak\spamer.exe:spamer.exe

"{174D2FD6-93E7-46AE-9865-128A55876191}"= UDP:c:\program files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:Tom Clancy's H.A.W.X

"{ED123516-4F7D-423A-A95E-6A0A5C3D7CF6}"= TCP:c:\program files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:Tom Clancy's H.A.W.X

"{785BCCC2-B4F1-4F5D-A0C6-BAA0D7E7C1E3}"= UDP:c:\program files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe:Tom Clancy's H.A.W.X

"{01252791-6550-4069-B9F4-89F8A049DDBC}"= TCP:c:\program files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe:Tom Clancy's H.A.W.X

"{BCCC47D1-7C98-4CE5-A46A-2E594D8E5267}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync

"TCP Query User{4C686345-7D72-405C-AE43-E38F9A83E080}x:\\program files\\touchstone\\turok\\binaries\\turokgame.exe"= UDP:x:\program files\touchstone\turok\binaries\turokgame.exe:turokgame.exe

"UDP Query User{286295CE-4EEB-419A-9703-4B5F7CEE12E0}x:\\program files\\touchstone\\turok\\binaries\\turokgame.exe"= TCP:x:\program files\touchstone\turok\binaries\turokgame.exe:turokgame.exe

"TCP Query User{185BC2AF-A23E-4919-A1E5-016698444DE4}c:\\program files\\steam\\steamapps\\goltizg\\dystopia\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\dystopia\hl2.exe:hl2

"UDP Query User{A0AD447C-4610-4C58-B3B6-F8DFA511CC16}c:\\program files\\steam\\steamapps\\goltizg\\dystopia\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\dystopia\hl2.exe:hl2

"{4498F6F6-A0AD-4CC8-916B-2493E9222F15}"= UDP:c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:Rockstar Games Social Club

"{50A408D2-B4E9-4E5F-8BC7-BCE69CC5210F}"= TCP:c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:Rockstar Games Social Club

"TCP Query User{2395E823-B988-4034-8655-4F18524715F8}c:\\aeriagames\\12sky\\twelvesky.exe"= UDP:c:\aeriagames\12sky\twelvesky.exe:TwelveSky

"UDP Query User{5716F99F-1A5A-47EA-B55F-F30E14122586}c:\\aeriagames\\12sky\\twelvesky.exe"= TCP:c:\aeriagames\12sky\twelvesky.exe:TwelveSky

"{DBE98471-46BE-4B46-9D52-C716DD91B505}"= UDP:c:\gamigo\LastChaosFra\LC.exe:LastChaos

"{56FC817A-0638-4037-B8AF-6CC6F6BD0E44}"= TCP:c:\gamigo\LastChaosFra\LC.exe:LastChaos

"TCP Query User{052B0820-D556-4744-BF1D-D7502EA70407}c:\\program files\\steam\\steamapps\\goltizg\\eternal-silence\\hl2.exe"= UDP:c:\program files\steam\steamapps\goltizg\eternal-silence\hl2.exe:hl2

"UDP Query User{977F3062-A874-4A0D-A64E-DE1F9D99E7F4}c:\\program files\\steam\\steamapps\\goltizg\\eternal-silence\\hl2.exe"= TCP:c:\program files\steam\steamapps\goltizg\eternal-silence\hl2.exe:hl2

"{1E7BF51F-1440-4C4C-B81F-6770296C0F73}"= UDP:c:\program files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:Grand Theft Auto IV

"{E29923E7-E872-4238-8F58-E10D71C7D029}"= TCP:c:\program files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:Grand Theft Auto IV

"{3FB78B5D-5F74-4503-9B60-D915CB6A471C}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)

"{705C95F6-1F43-43C3-9724-FEDB2D492D38}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]

"EnableFirewall"= 0 (0x0)

 

R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [01/05/2009 12:16 108289]

R2 eID CRL Service;eID CRL Service;c:\windows\System32\beidservicecrl.exe [20/06/2006 13:38 225280]

R2 eID Privacy Service;eID Privacy Service;c:\windows\System32\beidservicepcsc.exe [21/06/2006 09:47 331776]

R2 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [11/01/2009 11:22 55264]

R2 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 19:08 533360]

R2 NPF;NetGroup Packet Filter Driver;c:\windows\System32\drivers\npf.sys [06/11/2007 22:22 34064]

R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [12/02/2008 18:29 1153368]

R2 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [28/01/2009 09:39 185640]

R2 Viewpoint Service;Viewpoint Service;c:\program files\Viewpoint\Common\ViewpointService.exe [12/10/2008 21:53 30152]

R3 PAC207;SoC PC-Camera;c:\windows\System32\drivers\PFC027.SYS [05/12/2006 12:34 507136]

S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [19/12/2008 17:54 195752]

S3 mamotou;mamotou;c:\windows\System32\drivers\mamotou.sys [27/01/2008 16:50 49399]

S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]

S3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\System32\drivers\PCAMp50.sys [10/05/2009 20:17 28224]

S3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;c:\windows\System32\drivers\sis163u.sys [20/06/2005 09:12 215040]

S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\System32\drivers\teamviewervpn.sys [07/01/2008 10:37 25088]

S4 FLMCKUSB;AuthenTec TruePrint USB Driver (AES3400, AES3500, AES4000);c:\windows\System32\drivers\FLMckUSB.sys [16/10/2007 21:29 69810]

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

.

Contents of the 'Scheduled Tasks' folder

 

2009-09-08 c:\windows\Tasks\Extension de garantie.job

- c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2007-10-16 16:38]

 

2009-09-08 c:\windows\Tasks\Recovery DVD Creator.job

- c:\program files\Packard Bell\SetupMyPc\MCDCheck.exe [2007-10-16 16:34]

.

- - - - ORPHANS REMOVED - - - -

 

Notify-WB - (no file)

 

 

.

------- Supplementary Scan -------

.

uStart Page = hxxp://search.orbitdownloader.com

mStart Page = hxxp://ads.eorezo.com/cgi-bin/advert/getads.cgi?x_dp_id=18&x_format=redirect

IE: &Tout télécharger avec FlashGet - c:\program files\FlashGet\jc_all.htm

IE: &Télécharger avec FlashGet - c:\program files\FlashGet\jc_link.htm

IE: Link to &MidpX - c:\program files\Kwyshell\MidpX\JadInvoker\Extent\jad_wrap.htm

IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\killer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk

FF - ProfilePath - c:\users\killer\AppData\Roaming\Mozilla\Firefox\Profiles\fkru03hg.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FF - prefs.js: browser.search.selectedEngine - Wikipédia (fr)

FF - prefs.js: browser.startup.homepage - hxxp://fr.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official

FF - prefs.js: keyword.URL - hxxp://search.freecause.com/search?fr=freecause&ourmark=3&type=59831&ei=utf-8&yahoo_domain=search.yahoo.com&p=

FF - component: c:\users\killer\AppData\Roaming\Mozilla\Firefox\Profiles\fkru03hg.default\extensions\piclens@cooliris.com\components\coolirisstub.dll

FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

FF - plugin: c:\program files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll

FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll

FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll

FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll

FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-09-08 14:04

Windows 6.0.6001 Service Pack 1 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

 

[HKEY_USERS\S-1-5-21-3791306889-1641947110-789305838-1002\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7F6AD234-A64A-D8FB-9111-B9B8B7DFD0B2}*]

"iajfjhmklemadnoheg"=hex:63,61,61,66,70,65,00,67

"hafgeggikcfmjlih"=hex:67,61,6d,6a,61,66,6d,61,63,6c,69,67,6a,6d,00,00

 

[HKEY_USERS\S-1-5-21-3791306889-1641947110-789305838-1002\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]

@Allowed: (Read) (RestrictedCode)

"??"=hex:78,a6,24,c4,64,22,46,76,72,7d,4f,ae,89,0b,67,10,a7,38,80,82,a2,1c,66,

f4,8e,48,38,f0,b0,5e,7e,3b,26,f4,ef,e0,c7,d3,ba,93,7e,18,4b,36,55,b8,ac,ff,\

"??"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb

 

[HKEY_USERS\S-1-5-21-3791306889-1641947110-789305838-1002\Software\SecuROM\License information*]

@Allowed: (Read) (RestrictedCode)

"datasecu"=hex:bd,93,c0,90,95,26,63,0d,48,ea,f7,68,3a,77,b6,88,af,12,71,9c,38,

59,8f,ae,6f,de,fb,bc,e1,67,a1,1d,f6,65,a5,70,54,e7,e3,01,00,7e,bb,30,f2,b5,\

"rkeysecu"=hex:f9,7d,9f,5d,26,72,89,85,3d,be,2f,36,83,23,98,69

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{21b52f18-0848-463f-9368-84968c2a61e3}]

@DACL=(02 0000)

"Dhcpv6Iaid"=dword:1700ff21

"Dhcpv6State"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{41b65253-3201-42e3-9621-ac9c7f1ed70d}]

@DACL=(02 0000)

"Dhcpv6Iaid"=dword:1200032f

"Dhcpv6State"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{449451bd-1d85-45b3-88b9-632bb8ea36d0}]

@DACL=(02 0000)

"Dhcpv6Iaid"=dword:1500032f

"Dhcpv6State"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{836f9589-7ecb-4f16-bbc2-f47f5a3e5eae}]

@DACL=(02 0000)

"Dhcpv6Iaid"=dword:0d020054

"Dhcpv6State"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{941f5e83-3d4a-48f9-ad45-a1e41619a5e8}]

@DACL=(02 0000)

"Dhcpv6Iaid"=dword:0c001c25

"Dhcpv6State"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{9c642153-bfe0-4511-a0b6-e778ddd5ea9e}]

@DACL=(02 0000)

"Dhcpv6Iaid"=dword:07001422

"Dhcpv6State"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{ae8b5f80-f531-41b4-bb40-8007528fd4a0}]

@DACL=(02 0000)

"Dhcpv6Iaid"=dword:1a00032f

"Dhcpv6State"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{ccfa2a73-61cb-4ca0-915d-ddaf98abfb43}]

@DACL=(02 0000)

"Dhcpv6Iaid"=dword:1600032f

"Dhcpv6State"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{e2d054f6-6401-4fa2-ba19-39b453a74c83}]

@DACL=(02 0000)

"Dhcpv6Iaid"=dword:1400032f

"Dhcpv6State"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip6\Parameters\Interfaces\{f50c0996-5b4a-4c6a-a322-6e991d4caa0e}]

@DACL=(02 0000)

"Dhcpv6Iaid"=dword:06001422

"Dhcpv6State"=dword:00000000

.

Completion time: 2009-09-08 14:28

ComboFix-quarantined-files.txt 2009-09-08 12:28

 

Pre-Run: 171 208 007 680 octets libres

Post-Run: 171 081 703 424 octets libres

 

482 --- E O F --- 2009-09-08 09:03

 

 

UP j'ai besoin d'aide :P

Posté(e)

Salut et bienvenue sur le forum :P

 

Quelques liens pour t'aider à commencer :

 

On va voir ensemble ce qui se passe sur ton PC ; comme tous les intervenants ici, nous aidons bénévolement en fonction de nos activités personnelles. On va essayer d'aller au plus vite, mais il faudra peut-être parfois être patient pour attendre une réponse, pas d'affolement :P

 

Pour répondre ou ajouter un post, un rapport, etc, utilise le bouton t_reply.gif. :P

(bouton qui se trouve entre "Flash" et "Nouveau")

 

*********

 

killeriders, il nous faut l'entête du rapport que tu as posté. Je vais donc te demander de poster le rapport de nouveau mais dans son intégralité. Les premières lignes du rapport sont très importantes.

Le rapport se nomme Combofix.txt et se trouve dans le lecteur C:\

 

Est ce toi qui as installé nProtect GameGuard Service ?

Posté(e)

Merciiii =)

 

j'avais peur de poster les premiere ligne car il y avait des clé et que je vouler pas perdre mon window !! =)

 

ComboFix 09-09-07.05 - killer 08/09/2009 13:50.1.2 - NTFSx86

Microsoft® Windows Vista Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.2047.1009 [GMT 2:00]

Running from: c:\users\killer\Desktop\ComboFix.exe

FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

SP: Avira AntiVir PersonalEdition *enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}

SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...