A voir également:
- Problème d'infection trojans
- Trojans détectés ✓ - Forum Virus
- Infection ou pas? ✓ - Forum Virus
- Infection ou pas ??? - Forum Virus
- Infection url:mal - Forum Virus
- Infection pc ✓ - Forum Virus
62 réponses
OTListIt Extras logfile created on: 10/05/2009 18:56:45 - Run 1
OTListIt2 by OldTimer - Version 2.0.15.6 Folder = C:\Users\alain\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 76,97% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 80,18 Gb Free Space | 55,66% Space Free | Partition Type: NTFS
Drive D: | 140,50 Gb Total Space | 62,66 Gb Free Space | 44,60% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 3,78 Gb Total Space | 3,75 Gb Free Space | 99,41% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC-DE-ANTHONY
Current User Name: alain
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On
[color=orange]========== File Associations ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.js [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.txt [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe File not found
[color=orange]========== Security Center Settings ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
File not found -- Reg Error: Unknown registry data type
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
"EnableFirewall" = 1
"DisableNotifications" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DisableNotifications" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile
"EnableFirewall" = 1
"DisableNotifications" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts\List
[color=orange]========== Authorized Applications List ==========/color
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2008/05/14 17:05:22 | 00,650,800 | ---- | M] (Egis Incorporated.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu
[2008/05/14 17:05:36 | 00,926,256 | ---- | M] ( Egis Incorporated.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption????????
[2008/05/14 17:05:16 | 00,932,400 | ---- | M] ( Egis Incorporated.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption
File not found -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr
[2008/05/14 17:05:32 | 00,485,936 | ---- | M] (Egis Incorporated.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr
[2008/05/14 17:06:28 | 00,752,176 | ---- | M] (Egis Incorporated.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu
File not found -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption
File not found -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption
File not found -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr
[2008/05/14 17:06:30 | 00,512,048 | ---- | M] (Egis Incorporated.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications\List]
[color=orange]========== Vista Active Open Ports Exception List ==========/color
{098791A1-E4BD-4E63-8825-DA1710FAACEE} = LPORT=48113 | PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=MACONFIG_TCP |
{1A59BA56-7EA7-4EF6-91CA-69979A11DF2E} = LPORT=RPC | PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28535 | APP=%SYSTEMROOT%\SYSTEM32\SPOOLSV.EXE | SVC=SPOOLER |
{3486DC19-9D0F-4218-AD93-828894473B1A} = LPORT=48113 | PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=MACONFIG_UDP |
{437F3D07-F827-4897-A44F-11AC1E6EC433} = LPORT=137 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28519 | APP=SYSTEM |
{57E809DA-5B43-4AD8-B51C-58453DE9FC79} = RPORT=137 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28523 | APP=SYSTEM |
{5F0D9ED0-51A9-46B3-BD0F-C7E9E83FEFF6} = LPORT=RPC-EPMAP | PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28539 | SVC=RPCSS |
{6DC21704-3E30-44AD-8045-14B4BD4DA0DD} = LPORT=1900 | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE MESSENGER (SSDP-IN) | APP=SVCHOST.EXE | SVC=SSDPSRV |
{6EF9C4FA-DA41-4754-9F16-73309F436259} = RPORT=139 | PROFILE=PUBLIC | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28507 | APP=SYSTEM |
{721E28FC-DBF4-42BA-BD36-AC2DF83181E0} = LPORT=445 | PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28511 | APP=SYSTEM |
{99513783-BFE3-46BE-88A8-5B6C2B15DCE2} = LPORT=5353 | PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=ADOBE CSI CS4 |
{9BF62190-063E-47A8-9EDB-05CEE151DC37} = LPORT=86 | PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=BROADCAM WEB SERVER |
{A1523DE8-8DA1-45CF-AA80-F25BF01DCDA0} = LPORT=139 | PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28503 | APP=SYSTEM |
{B73B7AB4-DE03-4E26-8071-E29DB329C2D8} = LPORT=6004 | PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=MICROSOFT OFFICE OUTLOOK | APP=C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE12\OUTLOOK.EXE |
{C81D9884-69E3-4A9B-B568-25EF31A69EED} = LPORT=138 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28527 | APP=SYSTEM |
{D54BED02-484E-4DF1-B044-609AEF104267} = RPORT=445 | PROFILE=PUBLIC | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28515 | APP=SYSTEM |
{EB10CAF4-8350-49A5-83A4-49FC388F115F} = LPORT=2869 | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE MESSENGER (UPNP-IN) | APP=SYSTEM |
{ED7AF074-4B42-4328-A7B0-D19DCA6F2B79} = RPORT=138 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28531 | APP=SYSTEM |
[color=orange]========== Vista Active Application Exception List ==========/color
{07B2E198-C926-4F28-BABC-7116C00B1CE2} = PROFILE=PUBLIC | PROTOCOL=58 | DIR=IN | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28545 |
{0BBEAF06-0ECA-4FB6-B541-AD218F471DB1} = DIR=IN | ACTION=ALLOW | NAME=ACER PLAY MOVIE RESIDENT PROGRAM | APP=C:\PROGRAM FILES\ACER ARCADE DELUXE\PLAYMOVIE\PMVSERVICE.EXE |
{1221B880-AB91-4265-8EFD-E80243F3CC72} = DIR=IN | ACTION=ALLOW | NAME=ACER ARCADE DELUXE | APP=C:\PROGRAM FILES\ACER ARCADE DELUXE\ACER ARCADE DELUXE\ACER ARCADE DELUXE.EXE |
{1F5B8C03-1C65-4B57-80FC-4A81C39A5A0B} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=TOURNAMENT INDICATOR | APP=C:\PROGRAM FILES\TOURNAMENT INDICATOR\INDICATOR.EXE |
{22071643-7222-4164-8D62-786F5DD6C504} = DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE MESSENGER | APP=C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\MSNMSGR.EXE |
{2FCDE318-182E-4D8F-9169-FE74FBB301CE} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=MICROSOFT OFFICE ONENOTE | APP=C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE12\ONENOTE.EXE |
{30A1F990-1B0B-408D-9385-E83FF29BE07F} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=MICROSOFT OFFICE ONENOTE | APP=C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE12\ONENOTE.EXE |
{44132C7C-6906-4ED8-ABA6-2596681E8633} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=BACKUPSVC.EXE | APP=C:\PROGRAM FILES\NEWTECH INFOSYSTEMS\NTI BACKUP NOW 5\BACKUPSVC.EXE |
{55BCBF63-E742-4AE7-B721-889A3FB29EB1} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=TOURNAMENT INDICATOR | APP=C:\PROGRAM FILES\TOURNAMENT INDICATOR\INDICATOR.EXE |
{57BDCF60-2235-4679-8101-B9BD26C60ED2} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=SCHEDULERSVC.EXE | APP=C:\PROGRAM FILES\NEWTECH INFOSYSTEMS\NTI BACKUP NOW 5\SCHEDULERSVC.EXE |
{5F218593-E308-411F-936E-3736EA9FF807} = PROFILE=PUBLIC | PROTOCOL=1 | DIR=OUT | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28544 |
{630FD7A8-1246-44C3-9B80-659EF9EC2963} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=FOOTBALL MANAGER 2009 | APP=C:\PROGRAM FILES\SPORTS INTERACTIVE\FOOTBALL MANAGER 2009\FM.EXE |
{71E00646-63EC-47AC-B284-2EA545130FD0} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=AGENTSVC.EXE | APP=C:\PROGRAM FILES\NEWTECH INFOSYSTEMS\NTI BACKUP NOW 5\CLIENT\AGENTSVC.EXE |
{7217FC4C-A890-4DDB-8291-CCF107CF1488} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=ADOBE CSI CS4 | APP=C:\PROGRAM FILES\COMMON FILES\ADOBE\CS4SERVICEMANAGER\CS4SERVICEMANAGER.EXE |
{7429786E-1F75-409B-A752-107E5811C9E7} = PROFILE=PUBLIC | PROTOCOL=1 | DIR=IN | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28543 |
{74C84B0A-D181-47CC-AF69-43027E0C4755} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=FOOTBALL MANAGER 2009 | APP=C:\PROGRAM FILES\SPORTS INTERACTIVE\FOOTBALL MANAGER 2009\FM.EXE |
{89799D38-6725-4CE5-9D1E-6E30415FE623} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=SCHEDULERSVC.EXE | APP=C:\PROGRAM FILES\NEWTECH INFOSYSTEMS\NTI BACKUP NOW 5\SCHEDULERSVC.EXE |
{8DE9F673-7690-4989-9B3C-B65027B99241} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=ADOBE CSI CS4 | APP=C:\PROGRAM FILES\COMMON FILES\ADOBE\CS4SERVICEMANAGER\CS4SERVICEMANAGER.EXE |
{9DF0DBA6-E231-457F-9315-6B94D114952A} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=ΜTORRENT (UDP-IN) | APP=C:\PROGRAM FILES\UTORRENT\UTORRENT.EXE |
{A2129374-20B0-44A0-B2AF-91AEC55500E3} = DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE CALL | APP=C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\WLCSDK.EXE |
{A23BC454-822F-4BA2-B932-147886B2E0BB} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=HOLDEM INDICATOR | APP=C:\PROGRAM FILES\HOLDEM INDICATOR\HOLDEMINDICATOR.EXE |
{A5463B11-BEAF-45EA-83BA-4DF7CBA988E9} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=AGENTSVC.EXE | APP=C:\PROGRAM FILES\NEWTECH INFOSYSTEMS\NTI BACKUP NOW 5\CLIENT\AGENTSVC.EXE |
{AEE54740-0DD3-43CF-81FC-5F8DC5277A27} = DIR=IN | ACTION=ALLOW | NAME=ACER HOMEMEDIA | APP=C:\PROGRAM FILES\ACER ARCADE DELUXE\HOMEMEDIA\HOMEMEDIA.EXE |
{BAB9A079-04E4-4518-8B47-2B2DE2187FF6} = DIR=IN | ACTION=ALLOW | NAME=ACER VCM | APP=C:\PROGRAM FILES\ACER\ACER VCM\VC.EXE |
{BBEA36F6-49D1-4E9A-A131-902B1FDD0F68} = PROFILE=PUBLIC | PROTOCOL=58 | DIR=OUT | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28546 |
{BC207AFB-E6AB-4574-8B58-C8622DC2A12E} = DIR=IN | ACTION=ALLOW | NAME=ACER PLAY MOVIE | APP=C:\PROGRAM FILES\ACER ARCADE DELUXE\PLAYMOVIE\PLAYMOVIE.EXE |
{C1B783D7-0801-4E6A-A89B-5B384BAA745B} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=MACONFSERVICE | APP=C:\PROGRAM FILES\MA-CONFIG.COM\MACONFSERVICE.EXE |
{C76A6ED9-3620-48E2-9B8C-9C651369F2E5} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=HOLDEM INDICATOR | APP=C:\PROGRAM FILES\HOLDEM INDICATOR\HOLDEMINDICATOR.EXE |
{D44F326E-3D01-4696-9E32-3ED5D49B0E4B} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=BACKUPSVC.EXE | APP=C:\PROGRAM FILES\NEWTECH INFOSYSTEMS\NTI BACKUP NOW 5\BACKUPSVC.EXE |
{D6E7CB35-16B8-4D90-875F-D8C1F2C41942} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=ΜTORRENT (TCP-IN) | APP=C:\PROGRAM FILES\UTORRENT\UTORRENT.EXE |
{EAF513E9-F992-420A-9DF2-A1029CFD4735} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=MACONFSERVICE | APP=C:\PROGRAM FILES\MA-CONFIG.COM\MACONFSERVICE.EXE |
TCP Query User{085A3010-B5D2-440B-8997-E8122054AD9B}C:\program files\tvants\tvants.exe = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=TVANTS | APP=C:\PROGRAM FILES\TVANTS\TVANTS.EXE |
TCP Query User{198F1CC6-629B-460F-9B6C-F170836D021E}C:\program files\mozilla firefox\firefox.exe = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=FIREFOX | APP=C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE |
TCP Query User{3F7F242C-7B85-415A-961D-2758DBA1ED46}C:\program files\utorrent\utorrent.exe = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=ΜTORRENT | APP=C:\PROGRAM FILES\UTORRENT\UTORRENT.EXE |
TCP Query User{710DF5B8-D3E3-4F6A-A339-FCC5C3D913B4}C:\program files\sopcast\adv\sopadver.exe = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=SOPCAST ADVER | APP=C:\PROGRAM FILES\SOPCAST\ADV\SOPADVER.EXE |
TCP Query User{9D5D0207-860A-4D30-A466-C0D55C02BBDE}C:\program files\sopcast\sopcast.exe = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=SOPCAST MAIN APPLICATION | APP=C:\PROGRAM FILES\SOPCAST\SOPCAST.EXE |
TCP Query User{CB9526F3-DA4C-40B2-8E85-A2DB01955518}C:\program files\emule\emule.exe = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=EMULE | APP=C:\PROGRAM FILES\EMULE\EMULE.EXE |
UDP Query User{1E939EF3-C8F7-4B0C-9806-7F3B545964B3}C:\program files\tvants\tvants.exe = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=TVANTS | APP=C:\PROGRAM FILES\TVANTS\TVANTS.EXE |
UDP Query User{40B0A649-2DD5-4F7F-9DB3-78C61E36DF6C}C:\program files\emule\emule.exe = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=EMULE | APP=C:\PROGRAM FILES\EMULE\EMULE.EXE |
UDP Query User{425F005E-D4DF-4322-AF75-8CB89F021F82}C:\program files\sopcast\adv\sopadver.exe = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=SOPCAST ADVER | APP=C:\PROGRAM FILES\SOPCAST\ADV\SOPADVER.EXE |
UDP Query User{5820F490-0A6B-4ECA-9D6D-399683A07FD1}C:\program files\sopcast\sopcast.exe = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=SOPCAST MAIN APPLICATION | APP=C:\PROGRAM FILES\SOPCAST\SOPCAST.EXE |
UDP Query User{B034B367-3342-4F35-8CD6-E8CD891CE0BB}C:\program files\mozilla firefox\firefox.exe = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=FIREFOX | APP=C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE |
UDP Query User{E0A0A98F-39CF-4CAC-BF50-D4D7A1745DC7}C:\program files\utorrent\utorrent.exe = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=ΜTORRENT | APP=C:\PROGRAM FILES\UTORRENT\UTORRENT.EXE |
[color=orange]========== HKEY_LOCAL_MACHINE Uninstall List ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{059C042E-796A-4ACC-A81A-ECC2010BB78C}" = Windows Live Messenger
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0C8262DE-8C1C-4486-B611-FA867B53D7E5}_is1" = VerySoft WebCamSplitter Pro
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{10F498FF-5392-4DF3-8F73-FE172A9F3800}" = Winbond CIR Device Drivers
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 13
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3EE51BAD-9916-49C7-90BA-3D500B031E0C}_is1" = VSO Image Resizer 2.1.5.5c
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{548EAC70-EE00-11DD-908C-005056806466}" = Google Earth
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}" = Microsoft Works
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7370DF47-B4F9-4279-BFC3-3F09919F720D}" = Installation Windows Live
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{5A2F65A4-808F-4A1E-973E-92E17824982D}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{EC50B538-CBE1-42E6-B7FE-87AA540AADFB}" = Microsoft Office Language Pack 2007 Service Pack 1 (SP1)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.8
"{A8DB611A-D80E-450D-85F6-3ACDD164BE31}" = Pro Evolution Soccer 2009
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-A90000000001}" = Adobe Reader 9 - Français
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus(R) for Adobe
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{ECCD28B2-8798-4D16-8126-625D728294A1}" = SPBA 5.8
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"Acer Acer Bio Protection 6.0.00.17" = Acer Bio Protection
AAU 6.0.00.17
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus
"Audacity_is1" = Audacity 1.2.6
"CamStudio 2.02 Fr_is1" = CamStudio 2.02 Fr
"Capture NX 2" = Capture NX 2
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"eMule" = eMule
"FileZilla Client" = FileZilla Client 3.1.5
"Football Manager 2009" = Football Manager 2009
"Google Desktop" = Google Desktop
"Google Updater" = Outil de mise à jour Google
"GridVista" = Acer GridVista
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"Internet Download Manager" = Internet Download Manager
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"Mozilla Thunderbird (2.0.0.21)" = Mozilla Thunderbird (2.0.0.21)
"NVIDIA Drivers" = NVIDIA Drivers
"OutilsCI" = Outils Club Internet
"Pokerbility_is1" = Pokerbility 1.10.25
"PokerStars" = PokerStars
"PROPLUS" = Microsoft Office Professional Plus 2007
"Recover My Files_is1" = Recover My Files
"SFR_Kit" = SFR - Kit de connexion
"SopCast" = SopCast 2.0.4
"SPX Instant Screen Capture_is1" = SPX Instant Screen Capture
"SUPER ©" = SUPER © Version 2008.bld.33 (Sep 2, 2008)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TVAnts 1.0" = TVAnts 1.0
"UDPixel" = UDPixel.exe
"Veetle TV" = Veetle TV 0.9.14
"VLC media player" = VLC media player 0.9.8a
"Web Acappella_is1" = Web Acappella
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = Archiveur WinRAR
"Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate
[color=orange]========== HKEY_CURRENT_USER Uninstall List ==========/color
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
[color=orange]========== Last 10 Event Log Errors ==========/color
[ Application Events ]
Error - 07/05/2009 21:15:10 | Computer Name = PC-de-Anthony | Source = Application Error | ID = 1000
Description = Application défaillante vlc.exe, version 0.9.8.1, horodatage 0x493a8cbd,
module défaillant libavcodec_plugin.dll, version 0.0.0.0, horodatage 0x493a92d3,
code d’exception 0xc0000005, décalage d’erreur 0x00021464, ID du processus 0xe1c,
heure de début de l’application 0x01c9cf7a6dd47650.
Error - 07/05/2009 21:15:20 | Computer Name = PC-de-Anthony | Source = Application Error | ID = 1000
Description = Application défaillante vlc.exe, version 0.9.8.1, horodatage 0x493a8cbd,
module défaillant libavcodec_plugin.dll, version 0.0.0.0, horodatage 0x493a92d3,
code d’exception 0xc0000005, décalage d’erreur 0x00021464, ID du processus 0x17d4,
heure de début de l’application 0x01c9cf7a6ffe8240.
Error - 07/05/2009 21:40:28 | Computer Name = PC-de-Anthony | Source = Windows Search Service | ID = 3013
Description =
Error - 07/05/2009 21:40:28 | Computer Name = PC-de-Anthony | Source = Windows Search Service | ID = 3013
Description =
Error - 07/05/2009 21:40:28 | Computer Name = PC-de-Anthony | Source = Windows Search Service | ID = 3013
Description =
Error - 07/05/2009 21:40:28 | Computer Name = PC-de-Anthony | Source = Windows Search Service | ID = 3013
Description =
Error - 07/05/2009 21:40:29 | Computer Name = PC-de-Anthony | Source = Windows Search Service | ID = 3013
Description =
Error - 07/05/2009 21:40:29 | Computer Name = PC-de-Anthony | Source = Windows Search Service | ID = 3013
Description =
Error - 07/05/2009 21:40:29 | Computer Name = PC-de-Anthony | Source = Windows Search Service | ID = 3013
Description =
Error - 07/05/2009 21:40:29 | Computer Name = PC-de-Anthony | Source = Windows Search Service | ID = 3013
Description =
[ System Events ]
Error - 10/04/2009 08:16:43 | Computer Name = PC-de-Anthony | Source = bowser | ID = 8003
Description =
Error - 10/04/2009 13:40:45 | Computer Name = PC-de-Anthony | Source = bowser | ID = 8003
Description =
Error - 10/04/2009 15:55:26 | Computer Name = PC-de-Anthony | Source = DCOM | ID = 10000
Description =
Error - 11/04/2009 04:42:31 | Computer Name = PC-de-Anthony | Source = bowser | ID = 8003
Description =
Error - 11/04/2009 04:57:35 | Computer Name = PC-de-Anthony | Source = bowser | ID = 8003
Description =
Error - 11/04/2009 07:43:26 | Computer Name = PC-de-Anthony | Source = bowser | ID = 8003
Description =
Error - 11/04/2009 14:04:50 | Computer Name = PC-de-Anthony | Source = bowser | ID = 8003
Description =
Error - 11/04/2009 17:08:47 | Computer Name = PC-de-Anthony | Source = bowser | ID = 8003
Description =
Error - 12/04/2009 04:41:07 | Computer Name = PC-de-Anthony | Source = bowser | ID = 8003
Description =
Error - 13/04/2009 06:58:08 | Computer Name = PC-de-Anthony | Source = HTTP | ID = 15016
Description =
< End of report >
OTListIt2 by OldTimer - Version 2.0.15.6 Folder = C:\Users\alain\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 76,97% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 80,18 Gb Free Space | 55,66% Space Free | Partition Type: NTFS
Drive D: | 140,50 Gb Total Space | 62,66 Gb Free Space | 44,60% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 3,78 Gb Total Space | 3,75 Gb Free Space | 99,41% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC-DE-ANTHONY
Current User Name: alain
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On
[color=orange]========== File Associations ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.js [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.txt [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe File not found
[color=orange]========== Security Center Settings ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
File not found -- Reg Error: Unknown registry data type
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
"EnableFirewall" = 1
"DisableNotifications" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DisableNotifications" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile
"EnableFirewall" = 1
"DisableNotifications" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts\List
[color=orange]========== Authorized Applications List ==========/color
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2008/05/14 17:05:22 | 00,650,800 | ---- | M] (Egis Incorporated.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu
[2008/05/14 17:05:36 | 00,926,256 | ---- | M] ( Egis Incorporated.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption????????
[2008/05/14 17:05:16 | 00,932,400 | ---- | M] ( Egis Incorporated.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption
File not found -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr
[2008/05/14 17:05:32 | 00,485,936 | ---- | M] (Egis Incorporated.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr
[2008/05/14 17:06:28 | 00,752,176 | ---- | M] (Egis Incorporated.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu
File not found -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption
File not found -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption
File not found -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr
[2008/05/14 17:06:30 | 00,512,048 | ---- | M] (Egis Incorporated.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications\List]
[color=orange]========== Vista Active Open Ports Exception List ==========/color
{098791A1-E4BD-4E63-8825-DA1710FAACEE} = LPORT=48113 | PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=MACONFIG_TCP |
{1A59BA56-7EA7-4EF6-91CA-69979A11DF2E} = LPORT=RPC | PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28535 | APP=%SYSTEMROOT%\SYSTEM32\SPOOLSV.EXE | SVC=SPOOLER |
{3486DC19-9D0F-4218-AD93-828894473B1A} = LPORT=48113 | PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=MACONFIG_UDP |
{437F3D07-F827-4897-A44F-11AC1E6EC433} = LPORT=137 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28519 | APP=SYSTEM |
{57E809DA-5B43-4AD8-B51C-58453DE9FC79} = RPORT=137 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28523 | APP=SYSTEM |
{5F0D9ED0-51A9-46B3-BD0F-C7E9E83FEFF6} = LPORT=RPC-EPMAP | PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28539 | SVC=RPCSS |
{6DC21704-3E30-44AD-8045-14B4BD4DA0DD} = LPORT=1900 | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE MESSENGER (SSDP-IN) | APP=SVCHOST.EXE | SVC=SSDPSRV |
{6EF9C4FA-DA41-4754-9F16-73309F436259} = RPORT=139 | PROFILE=PUBLIC | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28507 | APP=SYSTEM |
{721E28FC-DBF4-42BA-BD36-AC2DF83181E0} = LPORT=445 | PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28511 | APP=SYSTEM |
{99513783-BFE3-46BE-88A8-5B6C2B15DCE2} = LPORT=5353 | PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=ADOBE CSI CS4 |
{9BF62190-063E-47A8-9EDB-05CEE151DC37} = LPORT=86 | PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=BROADCAM WEB SERVER |
{A1523DE8-8DA1-45CF-AA80-F25BF01DCDA0} = LPORT=139 | PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28503 | APP=SYSTEM |
{B73B7AB4-DE03-4E26-8071-E29DB329C2D8} = LPORT=6004 | PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=MICROSOFT OFFICE OUTLOOK | APP=C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE12\OUTLOOK.EXE |
{C81D9884-69E3-4A9B-B568-25EF31A69EED} = LPORT=138 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28527 | APP=SYSTEM |
{D54BED02-484E-4DF1-B044-609AEF104267} = RPORT=445 | PROFILE=PUBLIC | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28515 | APP=SYSTEM |
{EB10CAF4-8350-49A5-83A4-49FC388F115F} = LPORT=2869 | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE MESSENGER (UPNP-IN) | APP=SYSTEM |
{ED7AF074-4B42-4328-A7B0-D19DCA6F2B79} = RPORT=138 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28531 | APP=SYSTEM |
[color=orange]========== Vista Active Application Exception List ==========/color
{07B2E198-C926-4F28-BABC-7116C00B1CE2} = PROFILE=PUBLIC | PROTOCOL=58 | DIR=IN | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28545 |
{0BBEAF06-0ECA-4FB6-B541-AD218F471DB1} = DIR=IN | ACTION=ALLOW | NAME=ACER PLAY MOVIE RESIDENT PROGRAM | APP=C:\PROGRAM FILES\ACER ARCADE DELUXE\PLAYMOVIE\PMVSERVICE.EXE |
{1221B880-AB91-4265-8EFD-E80243F3CC72} = DIR=IN | ACTION=ALLOW | NAME=ACER ARCADE DELUXE | APP=C:\PROGRAM FILES\ACER ARCADE DELUXE\ACER ARCADE DELUXE\ACER ARCADE DELUXE.EXE |
{1F5B8C03-1C65-4B57-80FC-4A81C39A5A0B} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=TOURNAMENT INDICATOR | APP=C:\PROGRAM FILES\TOURNAMENT INDICATOR\INDICATOR.EXE |
{22071643-7222-4164-8D62-786F5DD6C504} = DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE MESSENGER | APP=C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\MSNMSGR.EXE |
{2FCDE318-182E-4D8F-9169-FE74FBB301CE} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=MICROSOFT OFFICE ONENOTE | APP=C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE12\ONENOTE.EXE |
{30A1F990-1B0B-408D-9385-E83FF29BE07F} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=MICROSOFT OFFICE ONENOTE | APP=C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE12\ONENOTE.EXE |
{44132C7C-6906-4ED8-ABA6-2596681E8633} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=BACKUPSVC.EXE | APP=C:\PROGRAM FILES\NEWTECH INFOSYSTEMS\NTI BACKUP NOW 5\BACKUPSVC.EXE |
{55BCBF63-E742-4AE7-B721-889A3FB29EB1} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=TOURNAMENT INDICATOR | APP=C:\PROGRAM FILES\TOURNAMENT INDICATOR\INDICATOR.EXE |
{57BDCF60-2235-4679-8101-B9BD26C60ED2} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=SCHEDULERSVC.EXE | APP=C:\PROGRAM FILES\NEWTECH INFOSYSTEMS\NTI BACKUP NOW 5\SCHEDULERSVC.EXE |
{5F218593-E308-411F-936E-3736EA9FF807} = PROFILE=PUBLIC | PROTOCOL=1 | DIR=OUT | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28544 |
{630FD7A8-1246-44C3-9B80-659EF9EC2963} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=FOOTBALL MANAGER 2009 | APP=C:\PROGRAM FILES\SPORTS INTERACTIVE\FOOTBALL MANAGER 2009\FM.EXE |
{71E00646-63EC-47AC-B284-2EA545130FD0} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=AGENTSVC.EXE | APP=C:\PROGRAM FILES\NEWTECH INFOSYSTEMS\NTI BACKUP NOW 5\CLIENT\AGENTSVC.EXE |
{7217FC4C-A890-4DDB-8291-CCF107CF1488} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=ADOBE CSI CS4 | APP=C:\PROGRAM FILES\COMMON FILES\ADOBE\CS4SERVICEMANAGER\CS4SERVICEMANAGER.EXE |
{7429786E-1F75-409B-A752-107E5811C9E7} = PROFILE=PUBLIC | PROTOCOL=1 | DIR=IN | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28543 |
{74C84B0A-D181-47CC-AF69-43027E0C4755} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=FOOTBALL MANAGER 2009 | APP=C:\PROGRAM FILES\SPORTS INTERACTIVE\FOOTBALL MANAGER 2009\FM.EXE |
{89799D38-6725-4CE5-9D1E-6E30415FE623} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=SCHEDULERSVC.EXE | APP=C:\PROGRAM FILES\NEWTECH INFOSYSTEMS\NTI BACKUP NOW 5\SCHEDULERSVC.EXE |
{8DE9F673-7690-4989-9B3C-B65027B99241} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=ADOBE CSI CS4 | APP=C:\PROGRAM FILES\COMMON FILES\ADOBE\CS4SERVICEMANAGER\CS4SERVICEMANAGER.EXE |
{9DF0DBA6-E231-457F-9315-6B94D114952A} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=ΜTORRENT (UDP-IN) | APP=C:\PROGRAM FILES\UTORRENT\UTORRENT.EXE |
{A2129374-20B0-44A0-B2AF-91AEC55500E3} = DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE CALL | APP=C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\WLCSDK.EXE |
{A23BC454-822F-4BA2-B932-147886B2E0BB} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=HOLDEM INDICATOR | APP=C:\PROGRAM FILES\HOLDEM INDICATOR\HOLDEMINDICATOR.EXE |
{A5463B11-BEAF-45EA-83BA-4DF7CBA988E9} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=AGENTSVC.EXE | APP=C:\PROGRAM FILES\NEWTECH INFOSYSTEMS\NTI BACKUP NOW 5\CLIENT\AGENTSVC.EXE |
{AEE54740-0DD3-43CF-81FC-5F8DC5277A27} = DIR=IN | ACTION=ALLOW | NAME=ACER HOMEMEDIA | APP=C:\PROGRAM FILES\ACER ARCADE DELUXE\HOMEMEDIA\HOMEMEDIA.EXE |
{BAB9A079-04E4-4518-8B47-2B2DE2187FF6} = DIR=IN | ACTION=ALLOW | NAME=ACER VCM | APP=C:\PROGRAM FILES\ACER\ACER VCM\VC.EXE |
{BBEA36F6-49D1-4E9A-A131-902B1FDD0F68} = PROFILE=PUBLIC | PROTOCOL=58 | DIR=OUT | ACTION=ALLOW | NAME=@FIREWALLAPI.DLL,-28546 |
{BC207AFB-E6AB-4574-8B58-C8622DC2A12E} = DIR=IN | ACTION=ALLOW | NAME=ACER PLAY MOVIE | APP=C:\PROGRAM FILES\ACER ARCADE DELUXE\PLAYMOVIE\PLAYMOVIE.EXE |
{C1B783D7-0801-4E6A-A89B-5B384BAA745B} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=MACONFSERVICE | APP=C:\PROGRAM FILES\MA-CONFIG.COM\MACONFSERVICE.EXE |
{C76A6ED9-3620-48E2-9B8C-9C651369F2E5} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=HOLDEM INDICATOR | APP=C:\PROGRAM FILES\HOLDEM INDICATOR\HOLDEMINDICATOR.EXE |
{D44F326E-3D01-4696-9E32-3ED5D49B0E4B} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=BACKUPSVC.EXE | APP=C:\PROGRAM FILES\NEWTECH INFOSYSTEMS\NTI BACKUP NOW 5\BACKUPSVC.EXE |
{D6E7CB35-16B8-4D90-875F-D8C1F2C41942} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=ΜTORRENT (TCP-IN) | APP=C:\PROGRAM FILES\UTORRENT\UTORRENT.EXE |
{EAF513E9-F992-420A-9DF2-A1029CFD4735} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=MACONFSERVICE | APP=C:\PROGRAM FILES\MA-CONFIG.COM\MACONFSERVICE.EXE |
TCP Query User{085A3010-B5D2-440B-8997-E8122054AD9B}C:\program files\tvants\tvants.exe = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=TVANTS | APP=C:\PROGRAM FILES\TVANTS\TVANTS.EXE |
TCP Query User{198F1CC6-629B-460F-9B6C-F170836D021E}C:\program files\mozilla firefox\firefox.exe = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=FIREFOX | APP=C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE |
TCP Query User{3F7F242C-7B85-415A-961D-2758DBA1ED46}C:\program files\utorrent\utorrent.exe = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=ΜTORRENT | APP=C:\PROGRAM FILES\UTORRENT\UTORRENT.EXE |
TCP Query User{710DF5B8-D3E3-4F6A-A339-FCC5C3D913B4}C:\program files\sopcast\adv\sopadver.exe = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=SOPCAST ADVER | APP=C:\PROGRAM FILES\SOPCAST\ADV\SOPADVER.EXE |
TCP Query User{9D5D0207-860A-4D30-A466-C0D55C02BBDE}C:\program files\sopcast\sopcast.exe = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=SOPCAST MAIN APPLICATION | APP=C:\PROGRAM FILES\SOPCAST\SOPCAST.EXE |
TCP Query User{CB9526F3-DA4C-40B2-8E85-A2DB01955518}C:\program files\emule\emule.exe = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=EMULE | APP=C:\PROGRAM FILES\EMULE\EMULE.EXE |
UDP Query User{1E939EF3-C8F7-4B0C-9806-7F3B545964B3}C:\program files\tvants\tvants.exe = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=TVANTS | APP=C:\PROGRAM FILES\TVANTS\TVANTS.EXE |
UDP Query User{40B0A649-2DD5-4F7F-9DB3-78C61E36DF6C}C:\program files\emule\emule.exe = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=EMULE | APP=C:\PROGRAM FILES\EMULE\EMULE.EXE |
UDP Query User{425F005E-D4DF-4322-AF75-8CB89F021F82}C:\program files\sopcast\adv\sopadver.exe = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=SOPCAST ADVER | APP=C:\PROGRAM FILES\SOPCAST\ADV\SOPADVER.EXE |
UDP Query User{5820F490-0A6B-4ECA-9D6D-399683A07FD1}C:\program files\sopcast\sopcast.exe = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=SOPCAST MAIN APPLICATION | APP=C:\PROGRAM FILES\SOPCAST\SOPCAST.EXE |
UDP Query User{B034B367-3342-4F35-8CD6-E8CD891CE0BB}C:\program files\mozilla firefox\firefox.exe = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=FIREFOX | APP=C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE |
UDP Query User{E0A0A98F-39CF-4CAC-BF50-D4D7A1745DC7}C:\program files\utorrent\utorrent.exe = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=ΜTORRENT | APP=C:\PROGRAM FILES\UTORRENT\UTORRENT.EXE |
[color=orange]========== HKEY_LOCAL_MACHINE Uninstall List ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{059C042E-796A-4ACC-A81A-ECC2010BB78C}" = Windows Live Messenger
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0C8262DE-8C1C-4486-B611-FA867B53D7E5}_is1" = VerySoft WebCamSplitter Pro
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{10F498FF-5392-4DF3-8F73-FE172A9F3800}" = Winbond CIR Device Drivers
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 13
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3EE51BAD-9916-49C7-90BA-3D500B031E0C}_is1" = VSO Image Resizer 2.1.5.5c
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{548EAC70-EE00-11DD-908C-005056806466}" = Google Earth
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}" = Microsoft Works
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7370DF47-B4F9-4279-BFC3-3F09919F720D}" = Installation Windows Live
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{5A2F65A4-808F-4A1E-973E-92E17824982D}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{EC50B538-CBE1-42E6-B7FE-87AA540AADFB}" = Microsoft Office Language Pack 2007 Service Pack 1 (SP1)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.8
"{A8DB611A-D80E-450D-85F6-3ACDD164BE31}" = Pro Evolution Soccer 2009
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-A90000000001}" = Adobe Reader 9 - Français
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus(R) for Adobe
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{ECCD28B2-8798-4D16-8126-625D728294A1}" = SPBA 5.8
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"Acer Acer Bio Protection 6.0.00.17" = Acer Bio Protection
AAU 6.0.00.17
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus
"Audacity_is1" = Audacity 1.2.6
"CamStudio 2.02 Fr_is1" = CamStudio 2.02 Fr
"Capture NX 2" = Capture NX 2
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"eMule" = eMule
"FileZilla Client" = FileZilla Client 3.1.5
"Football Manager 2009" = Football Manager 2009
"Google Desktop" = Google Desktop
"Google Updater" = Outil de mise à jour Google
"GridVista" = Acer GridVista
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"Internet Download Manager" = Internet Download Manager
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"Mozilla Thunderbird (2.0.0.21)" = Mozilla Thunderbird (2.0.0.21)
"NVIDIA Drivers" = NVIDIA Drivers
"OutilsCI" = Outils Club Internet
"Pokerbility_is1" = Pokerbility 1.10.25
"PokerStars" = PokerStars
"PROPLUS" = Microsoft Office Professional Plus 2007
"Recover My Files_is1" = Recover My Files
"SFR_Kit" = SFR - Kit de connexion
"SopCast" = SopCast 2.0.4
"SPX Instant Screen Capture_is1" = SPX Instant Screen Capture
"SUPER ©" = SUPER © Version 2008.bld.33 (Sep 2, 2008)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TVAnts 1.0" = TVAnts 1.0
"UDPixel" = UDPixel.exe
"Veetle TV" = Veetle TV 0.9.14
"VLC media player" = VLC media player 0.9.8a
"Web Acappella_is1" = Web Acappella
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = Archiveur WinRAR
"Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate
[color=orange]========== HKEY_CURRENT_USER Uninstall List ==========/color
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
[color=orange]========== Last 10 Event Log Errors ==========/color
[ Application Events ]
Error - 07/05/2009 21:15:10 | Computer Name = PC-de-Anthony | Source = Application Error | ID = 1000
Description = Application défaillante vlc.exe, version 0.9.8.1, horodatage 0x493a8cbd,
module défaillant libavcodec_plugin.dll, version 0.0.0.0, horodatage 0x493a92d3,
code d’exception 0xc0000005, décalage d’erreur 0x00021464, ID du processus 0xe1c,
heure de début de l’application 0x01c9cf7a6dd47650.
Error - 07/05/2009 21:15:20 | Computer Name = PC-de-Anthony | Source = Application Error | ID = 1000
Description = Application défaillante vlc.exe, version 0.9.8.1, horodatage 0x493a8cbd,
module défaillant libavcodec_plugin.dll, version 0.0.0.0, horodatage 0x493a92d3,
code d’exception 0xc0000005, décalage d’erreur 0x00021464, ID du processus 0x17d4,
heure de début de l’application 0x01c9cf7a6ffe8240.
Error - 07/05/2009 21:40:28 | Computer Name = PC-de-Anthony | Source = Windows Search Service | ID = 3013
Description =
Error - 07/05/2009 21:40:28 | Computer Name = PC-de-Anthony | Source = Windows Search Service | ID = 3013
Description =
Error - 07/05/2009 21:40:28 | Computer Name = PC-de-Anthony | Source = Windows Search Service | ID = 3013
Description =
Error - 07/05/2009 21:40:28 | Computer Name = PC-de-Anthony | Source = Windows Search Service | ID = 3013
Description =
Error - 07/05/2009 21:40:29 | Computer Name = PC-de-Anthony | Source = Windows Search Service | ID = 3013
Description =
Error - 07/05/2009 21:40:29 | Computer Name = PC-de-Anthony | Source = Windows Search Service | ID = 3013
Description =
Error - 07/05/2009 21:40:29 | Computer Name = PC-de-Anthony | Source = Windows Search Service | ID = 3013
Description =
Error - 07/05/2009 21:40:29 | Computer Name = PC-de-Anthony | Source = Windows Search Service | ID = 3013
Description =
[ System Events ]
Error - 10/04/2009 08:16:43 | Computer Name = PC-de-Anthony | Source = bowser | ID = 8003
Description =
Error - 10/04/2009 13:40:45 | Computer Name = PC-de-Anthony | Source = bowser | ID = 8003
Description =
Error - 10/04/2009 15:55:26 | Computer Name = PC-de-Anthony | Source = DCOM | ID = 10000
Description =
Error - 11/04/2009 04:42:31 | Computer Name = PC-de-Anthony | Source = bowser | ID = 8003
Description =
Error - 11/04/2009 04:57:35 | Computer Name = PC-de-Anthony | Source = bowser | ID = 8003
Description =
Error - 11/04/2009 07:43:26 | Computer Name = PC-de-Anthony | Source = bowser | ID = 8003
Description =
Error - 11/04/2009 14:04:50 | Computer Name = PC-de-Anthony | Source = bowser | ID = 8003
Description =
Error - 11/04/2009 17:08:47 | Computer Name = PC-de-Anthony | Source = bowser | ID = 8003
Description =
Error - 12/04/2009 04:41:07 | Computer Name = PC-de-Anthony | Source = bowser | ID = 8003
Description =
Error - 13/04/2009 06:58:08 | Computer Name = PC-de-Anthony | Source = HTTP | ID = 15016
Description =
< End of report >
Non je me suis planté, celui la c'etait "extra.txt"!
Là c'est le bon!
OTListIt logfile created on: 10/05/2009 18:56:44 - Run 1
OTListIt2 by OldTimer - Version 2.0.15.6 Folder = C:\Users\alain\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 76,97% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 80,18 Gb Free Space | 55,66% Space Free | Partition Type: NTFS
Drive D: | 140,50 Gb Total Space | 62,66 Gb Free Space | 44,60% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 3,78 Gb Total Space | 3,75 Gb Free Space | 99,41% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC-DE-ANTHONY
Current User Name: alain
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On
[color=orange]========== Processes (SafeList) ==========[/color]
PRC - [2008/07/18 18:23:00 | 00,196,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvvsvc.exe
PRC - [2008/10/15 13:31:25 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
PRC - [2008/03/25 15:25:06 | 00,050,952 | ---- | M] (UPEK Inc.) -- C:\Program Files\Common Files\SPBA\upeksvr.exe
PRC - [2008/10/11 02:49:45 | 03,520,512 | ---- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
PRC - [2008/03/03 13:11:14 | 00,016,384 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
PRC - [2008/01/16 18:35:02 | 00,081,504 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
PRC - [2008/05/14 17:05:30 | 00,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008/10/29 08:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2008/06/02 09:25:40 | 00,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008/07/20 11:45:06 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2009/03/30 23:51:31 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2008/07/20 11:45:06 | 00,182,808 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/05/07 10:19:26 | 06,139,904 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/04/25 04:08:40 | 01,049,896 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2008/05/14 17:05:22 | 00,526,896 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008/10/11 02:49:37 | 03,602,432 | ---- | M] () -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
PRC - [2008/05/30 12:24:30 | 00,544,768 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
PRC - [2007/01/17 11:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2007/12/06 16:15:28 | 00,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
PRC - [2008/04/25 21:36:20 | 00,045,056 | ---- | M] (NewTech InfoSystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
PRC - [2008/04/25 21:36:02 | 00,131,072 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
PRC - [2007/05/28 18:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2007/10/19 00:37:04 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\DRIVERS\xaudio.exe
PRC - [2009/03/03 04:16:04 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wbem\wmiprvse.exe
PRC - [2008/01/21 04:24:59 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WUDFHost.exe
PRC - [2008/06/04 14:03:36 | 00,817,672 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\QtZgAcer.EXE
PRC - [2008/08/01 09:51:42 | 00,405,504 | ---- | M] (Acer Inc.) -- C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2008/10/11 02:49:30 | 03,676,160 | ---- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
PRC - [2008/07/24 15:54:10 | 00,147,456 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2008/07/24 15:54:18 | 00,167,936 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
PRC - [2008/07/18 16:04:36 | 00,167,936 | ---- | M] (Acer Corp.) -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
PRC - [2009/03/09 06:19:17 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2008/09/30 14:06:50 | 00,485,208 | ---- | M] (Nikon Corporation) -- C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
PRC - [2008/01/21 04:25:11 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe
PRC - [2009/02/06 19:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2009/01/22 23:04:23 | 02,745,776 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2008/01/21 04:25:11 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe
PRC - [2008/12/04 18:02:32 | 00,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\alain\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2008/10/11 02:49:50 | 03,837,736 | ---- | M] () -- C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
PRC - [2008/01/21 04:23:52 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wbem\unsecapp.exe
PRC - [2008/02/18 15:01:01 | 00,251,312 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2008/04/25 04:08:48 | 00,103,720 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
PRC - [2009/02/06 18:07:48 | 00,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2009/04/29 11:03:26 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefo.exe
PRC - [2008/06/12 13:28:40 | 00,266,497 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
PRC - [2008/01/21 04:24:13 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\conime.exe
PRC - [2009/03/03 06:21:28 | 08,500,328 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2009/01/04 18:12:49 | 00,270,128 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2009/05/10 18:55:19 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Users\alain\Desktop\OTListIt2.exe
[color=orange]========== Win32 Services (SafeList) ==========[/color]
SRV - [2008/10/15 13:31:25 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler [Auto | Running])
SRV - [2008/10/15 13:29:28 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService [Auto | Stopped])
SRV - [2008/03/03 13:11:14 | 00,016,384 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe -- (BUNAgentSvc [Auto | Running])
SRV - [2008/01/16 18:35:02 | 00,081,504 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService [Auto | Running])
SRV - [2008/01/21 04:24:55 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/05/14 17:05:30 | 00,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service [Auto | Running])
SRV - [2008/01/21 04:25:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2006/11/02 14:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 14:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2008/06/02 09:25:40 | 00,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService [Auto | Running])
SRV - [2009/01/01 20:49:03 | 00,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2008/01/21 04:25:20 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/12/01 11:59:52 | 00,033,752 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus(R) Helper [On_Demand | Stopped])
SRV - [2008/12/25 16:38:27 | 00,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-092308-165331 [On_Demand | Stopped])
SRV - [2009/03/30 23:51:31 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9b181bfc42490 [Auto | Stopped])
SRV - [2009/03/30 23:50:29 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Stopped])
SRV - [2008/07/20 11:45:06 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON [Auto | Running])
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2008/01/21 04:25:20 | 00,864,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/10/11 02:49:37 | 03,602,432 | ---- | M] () -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe -- (IGBASVC [Auto | Running])
SRV - [2007/01/17 11:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2007/12/06 16:15:28 | 00,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService [Auto | Running])
SRV - [2008/01/21 04:25:21 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008/04/25 21:36:20 | 00,045,056 | ---- | M] (NewTech InfoSystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc [Auto | Running])
SRV - [2008/04/25 21:36:02 | 00,131,072 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc [Auto | Running])
SRV - [2008/07/18 18:23:00 | 00,196,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvvsvc.exe -- (nvsvc [Auto | Running])
SRV - [2007/08/24 04:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 15:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2007/05/28 18:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE [Auto | Running])
SRV - [2008/01/21 04:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])
SRV - [2008/01/21 04:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2007/10/19 00:37:04 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\DRIVERS\xaudio.exe -- (XAudioService [Auto | Running])
[color=orange]========== Driver Services (SafeList) ==========[/color]
DRV - [2008/01/21 04:23:21 | 00,422,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
DRV - [2008/01/21 04:23:25 | 00,300,600 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
DRV - [2008/01/21 04:23:26 | 00,101,432 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
DRV - [2008/01/21 04:23:27 | 00,149,560 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
DRV - [2006/11/02 11:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
DRV - [2008/10/11 02:49:33 | 00,042,608 | ---- | M] (Alfa Corporation) -- C:\Windows\system32\Drivers\AlfaFF.sys -- (AlfaFF [Boot | Running])
DRV - [2008/01/21 04:23:00 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
DRV - [2008/01/21 04:23:23 | 00,079,416 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped])
DRV - [2008/01/21 04:23:24 | 00,079,928 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
DRV - [2008/05/19 13:42:56 | 00,912,384 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\system32\DRIVERS\athr.sys -- (athr [On_Demand | Stopped])
DRV - [2007/02/27 14:24:55 | 00,011,840 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio [System | Running])
DRV - [2008/05/20 15:29:43 | 00,052,032 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt [On_Demand | Running])
DRV - [2008/10/30 10:21:03 | 00,075,072 | ---- | M] (Avira GmbH) -- C:\Windows\system32\DRIVERS\avipbb.sys -- (avipbb [System | Running])
DRV - [2006/11/02 10:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped])
DRV - [2006/11/02 10:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped])
DRV - [2006/11/02 10:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped])
DRV - [2006/11/02 10:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped])
DRV - [2006/11/02 10:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped])
DRV - [2006/11/02 10:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped])
DRV - [2008/01/21 04:23:00 | 00,019,000 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
DRV - [2006/11/02 15:29:38 | 00,021,264 | ---- | M] (Dritek System Inc.) -- C:\Windows\system32\DRIVERS\DKbFltr.sys -- (DKbFltr [On_Demand | Running])
DRV - [2008/01/21 04:23:24 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
DRV - [2008/01/21 04:23:22 | 00,342,584 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
DRV - [2008/01/21 04:23:26 | 00,040,504 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped])
DRV - [2008/01/21 04:23:22 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\DRIVERS\VSTAZL3.SYS -- (HSFHWAZL [On_Demand | Stopped])
DRV - [2008/03/26 00:41:30 | 00,980,992 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\DRIVERS\HSX_DPV.sys -- (HSF_DPV [On_Demand | Running])
DRV - [2008/03/26 00:39:20 | 00,207,872 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\DRIVERS\HSXHWAZL.sys -- (HSXHWAZL [On_Demand | Running])
DRV - [2008/07/20 17:44:44 | 00,324,120 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor [Boot | Running])
DRV - [2008/01/21 04:23:23 | 00,235,064 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped])
DRV - [2006/11/02 11:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
DRV - [2007/01/26 08:32:18 | 00,069,632 | ---- | M] () -- C:\Windows\system32\drivers\int15.sys -- (int15 [Auto | Running])
DRV - [2008/05/07 13:22:50 | 02,134,424 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\system32\drivers\RTKVHDA.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2006/11/02 11:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
DRV - [2006/11/02 11:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
DRV - [2008/05/19 18:23:00 | 00,047,104 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\system32\DRIVERS\L1E60x86.sys -- (L1E [On_Demand | Running])
DRV - [2008/01/21 04:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
DRV - [2008/01/21 04:23:25 | 00,089,656 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
DRV - [2008/01/21 04:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
DRV - [2006/06/19 07:26:58 | 00,012,672 | ---- | M] (Conexant) -- C:\Windows\system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2008/01/21 04:23:27 | 00,031,288 | ---- | M] (LSI Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
DRV - [2008/01/21 04:23:27 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR [Disabled | Stopped])
DRV - [2006/11/02 11:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped])
DRV - [2009/02/02 19:38:23 | 00,027,136 | ---- | M] (NCH Swift Sound) -- C:\Windows\system32\drivers\nchssvad.sys -- (NCHSSVAD [On_Demand | Stopped])
DRV - [2008/05/05 03:05:00 | 03,658,752 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\NETw5v32.sys -- (NETw5v32 [On_Demand | Running])
DRV - [2006/11/02 11:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
DRV - [2008/01/30 11:52:06 | 00,014,848 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Windows\system32\DRIVERS\NTIDrvr.sys -- (NTIDrvr [On_Demand | Running])
DRV - [2008/01/16 18:35:08 | 00,122,368 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys -- (NTIPPKernel [Auto | Running])
DRV - [2006/11/02 09:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
DRV - [2008/06/25 07:05:06 | 00,044,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvhda32v.sys -- (NVHDA [On_Demand | Running])
DRV - [2008/07/18 18:23:00 | 07,545,824 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\DRIVERS\nvlddmkm.sys -- (nvlddmkm [On_Demand | Running])
DRV - [2008/01/21 04:23:21 | 00,102,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
DRV - [2008/01/21 04:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
DRV - [2008/05/14 17:05:42 | 00,018,992 | ---- | M] (Egis Incorporated) -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter [Boot | Running])
DRV - [2008/05/14 17:05:42 | 00,016,944 | ---- | M] (Egis Incorporated) -- C:\Windows\system32\DRIVERS\PSDNServ.sys -- (PSDNServ [Auto | Running])
DRV - [2008/05/14 17:05:44 | 00,060,464 | ---- | M] (Egis Incorporated) -- C:\Windows\system32\DRIVERS\PSDVdisk.sys -- (psdvdisk [Auto | Running])
DRV - [2008/01/21 04:23:24 | 01,122,360 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
DRV - [2006/11/02 11:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
DRV - [2008/03/26 10:59:12 | 00,061,440 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\system32\drivers\RTSTOR.SYS -- (RTSTOR [On_Demand | Running])
DRV - [2006/11/02 08:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
DRV - [2008/01/21 04:23:26 | 00,074,808 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
DRV - [2008/12/26 23:08:00 | 00,717,296 | ---- | M] () -- C:\Windows\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2007/11/08 18:03:26 | 00,021,248 | ---- | M] (AVIRA GmbH) -- C:\Windows\system32\DRIVERS\ssmdrv.sys -- (ssmdrv [System | Running])
DRV - [2006/11/02 11:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
DRV - [2006/11/02 11:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
DRV - [2006/11/02 11:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
DRV - [2008/04/25 04:08:42 | 00,199,472 | ---- | M] (Synaptics, Inc.) -- C:\Windows\system32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2008/04/28 13:56:16 | 00,050,576 | ---- | M] (UPEK Inc.) -- C:\Windows\System32\Drivers\tcusb.sys -- (TcUsb [On_Demand | Running])
DRV - [2008/01/30 11:51:50 | 00,013,824 | ---- | M] (NewTech Infosystems Corporation) -- C:\Windows\System32\drivers\UBHelper.sys -- (UBHelper [Boot | Running])
DRV - [2008/01/21 04:23:20 | 00,238,648 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
DRV - [2006/11/02 11:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
DRV - [2008/01/21 04:23:23 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
DRV - [2008/01/21 04:24:12 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DRIVERS\usb8023.sys -- (USB_RNDIS_51 [On_Demand | Stopped])
DRV - [2006/06/26 12:27:14 | 00,037,120 | ---- | M] (VerySoft LLC) -- C:\Windows\system32\DRIVERS\verysplit.sys -- (VERYSPLIT [On_Demand | Stopped])
DRV - [2006/03/07 18:07:48 | 00,035,840 | -HS- | M] (VerySoft LLC) -- C:\Windows\system32\DRIVERS\verysplitpro.sys -- (VERYSPLITPRO [On_Demand | Running])
DRV - [2008/01/21 04:23:00 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
DRV - [2006/06/08 17:10:18 | 00,016,896 | ---- | M] (VerySoft LLC) -- C:\Windows\system32\drivers\vsaudio.sys -- (VSAudio [On_Demand | Stopped])
DRV - [2008/01/21 04:23:23 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
DRV - [2008/03/26 00:38:32 | 00,661,504 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\DRIVERS\HSX_CNXT.sys -- (winachsf [On_Demand | Running])
DRV - [2007/03/28 07:51:40 | 00,043,008 | ---- | M] (Winbond Electronics Corporation) -- C:\Windows\system32\DRIVERS\winbondcir.sys -- (winbondcir [On_Demand | Running])
DRV - [2007/10/19 00:36:54 | 00,008,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\DRIVERS\xaudio.sys -- (XAudio [Auto | Running])
DRV - [2008/07/18 16:05:10 | 00,061,424 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796} [Auto | Running])
[color=orange]========== Standard Registry (SafeList) ==========[/color]
Là c'est le bon!
OTListIt logfile created on: 10/05/2009 18:56:44 - Run 1
OTListIt2 by OldTimer - Version 2.0.15.6 Folder = C:\Users\alain\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 76,97% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 80,18 Gb Free Space | 55,66% Space Free | Partition Type: NTFS
Drive D: | 140,50 Gb Total Space | 62,66 Gb Free Space | 44,60% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 3,78 Gb Total Space | 3,75 Gb Free Space | 99,41% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC-DE-ANTHONY
Current User Name: alain
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On
[color=orange]========== Processes (SafeList) ==========[/color]
PRC - [2008/07/18 18:23:00 | 00,196,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvvsvc.exe
PRC - [2008/10/15 13:31:25 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
PRC - [2008/03/25 15:25:06 | 00,050,952 | ---- | M] (UPEK Inc.) -- C:\Program Files\Common Files\SPBA\upeksvr.exe
PRC - [2008/10/11 02:49:45 | 03,520,512 | ---- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
PRC - [2008/03/03 13:11:14 | 00,016,384 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
PRC - [2008/01/16 18:35:02 | 00,081,504 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
PRC - [2008/05/14 17:05:30 | 00,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008/10/29 08:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2008/06/02 09:25:40 | 00,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008/07/20 11:45:06 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2009/03/30 23:51:31 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2008/07/20 11:45:06 | 00,182,808 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/05/07 10:19:26 | 06,139,904 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/04/25 04:08:40 | 01,049,896 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2008/05/14 17:05:22 | 00,526,896 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008/10/11 02:49:37 | 03,602,432 | ---- | M] () -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
PRC - [2008/05/30 12:24:30 | 00,544,768 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
PRC - [2007/01/17 11:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2007/12/06 16:15:28 | 00,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
PRC - [2008/04/25 21:36:20 | 00,045,056 | ---- | M] (NewTech InfoSystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
PRC - [2008/04/25 21:36:02 | 00,131,072 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
PRC - [2007/05/28 18:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2007/10/19 00:37:04 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\DRIVERS\xaudio.exe
PRC - [2009/03/03 04:16:04 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wbem\wmiprvse.exe
PRC - [2008/01/21 04:24:59 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WUDFHost.exe
PRC - [2008/06/04 14:03:36 | 00,817,672 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\QtZgAcer.EXE
PRC - [2008/08/01 09:51:42 | 00,405,504 | ---- | M] (Acer Inc.) -- C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2008/10/11 02:49:30 | 03,676,160 | ---- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
PRC - [2008/07/24 15:54:10 | 00,147,456 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2008/07/24 15:54:18 | 00,167,936 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
PRC - [2008/07/18 16:04:36 | 00,167,936 | ---- | M] (Acer Corp.) -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
PRC - [2009/03/09 06:19:17 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2008/09/30 14:06:50 | 00,485,208 | ---- | M] (Nikon Corporation) -- C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
PRC - [2008/01/21 04:25:11 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe
PRC - [2009/02/06 19:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2009/01/22 23:04:23 | 02,745,776 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2008/01/21 04:25:11 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe
PRC - [2008/12/04 18:02:32 | 00,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\alain\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2008/10/11 02:49:50 | 03,837,736 | ---- | M] () -- C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
PRC - [2008/01/21 04:23:52 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wbem\unsecapp.exe
PRC - [2008/02/18 15:01:01 | 00,251,312 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2008/04/25 04:08:48 | 00,103,720 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
PRC - [2009/02/06 18:07:48 | 00,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2009/04/29 11:03:26 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefo.exe
PRC - [2008/06/12 13:28:40 | 00,266,497 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
PRC - [2008/01/21 04:24:13 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\conime.exe
PRC - [2009/03/03 06:21:28 | 08,500,328 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2009/01/04 18:12:49 | 00,270,128 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2009/05/10 18:55:19 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Users\alain\Desktop\OTListIt2.exe
[color=orange]========== Win32 Services (SafeList) ==========[/color]
SRV - [2008/10/15 13:31:25 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler [Auto | Running])
SRV - [2008/10/15 13:29:28 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService [Auto | Stopped])
SRV - [2008/03/03 13:11:14 | 00,016,384 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe -- (BUNAgentSvc [Auto | Running])
SRV - [2008/01/16 18:35:02 | 00,081,504 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService [Auto | Running])
SRV - [2008/01/21 04:24:55 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/05/14 17:05:30 | 00,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service [Auto | Running])
SRV - [2008/01/21 04:25:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2006/11/02 14:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 14:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2008/06/02 09:25:40 | 00,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService [Auto | Running])
SRV - [2009/01/01 20:49:03 | 00,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2008/01/21 04:25:20 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/12/01 11:59:52 | 00,033,752 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus(R) Helper [On_Demand | Stopped])
SRV - [2008/12/25 16:38:27 | 00,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-092308-165331 [On_Demand | Stopped])
SRV - [2009/03/30 23:51:31 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9b181bfc42490 [Auto | Stopped])
SRV - [2009/03/30 23:50:29 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Stopped])
SRV - [2008/07/20 11:45:06 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON [Auto | Running])
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2008/01/21 04:25:20 | 00,864,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/10/11 02:49:37 | 03,602,432 | ---- | M] () -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe -- (IGBASVC [Auto | Running])
SRV - [2007/01/17 11:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2007/12/06 16:15:28 | 00,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService [Auto | Running])
SRV - [2008/01/21 04:25:21 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008/04/25 21:36:20 | 00,045,056 | ---- | M] (NewTech InfoSystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc [Auto | Running])
SRV - [2008/04/25 21:36:02 | 00,131,072 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc [Auto | Running])
SRV - [2008/07/18 18:23:00 | 00,196,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvvsvc.exe -- (nvsvc [Auto | Running])
SRV - [2007/08/24 04:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 15:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2007/05/28 18:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE [Auto | Running])
SRV - [2008/01/21 04:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])
SRV - [2008/01/21 04:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2007/10/19 00:37:04 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\DRIVERS\xaudio.exe -- (XAudioService [Auto | Running])
[color=orange]========== Driver Services (SafeList) ==========[/color]
DRV - [2008/01/21 04:23:21 | 00,422,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
DRV - [2008/01/21 04:23:25 | 00,300,600 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
DRV - [2008/01/21 04:23:26 | 00,101,432 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
DRV - [2008/01/21 04:23:27 | 00,149,560 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
DRV - [2006/11/02 11:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
DRV - [2008/10/11 02:49:33 | 00,042,608 | ---- | M] (Alfa Corporation) -- C:\Windows\system32\Drivers\AlfaFF.sys -- (AlfaFF [Boot | Running])
DRV - [2008/01/21 04:23:00 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
DRV - [2008/01/21 04:23:23 | 00,079,416 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped])
DRV - [2008/01/21 04:23:24 | 00,079,928 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
DRV - [2008/05/19 13:42:56 | 00,912,384 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\system32\DRIVERS\athr.sys -- (athr [On_Demand | Stopped])
DRV - [2007/02/27 14:24:55 | 00,011,840 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio [System | Running])
DRV - [2008/05/20 15:29:43 | 00,052,032 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt [On_Demand | Running])
DRV - [2008/10/30 10:21:03 | 00,075,072 | ---- | M] (Avira GmbH) -- C:\Windows\system32\DRIVERS\avipbb.sys -- (avipbb [System | Running])
DRV - [2006/11/02 10:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped])
DRV - [2006/11/02 10:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped])
DRV - [2006/11/02 10:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped])
DRV - [2006/11/02 10:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped])
DRV - [2006/11/02 10:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped])
DRV - [2006/11/02 10:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped])
DRV - [2008/01/21 04:23:00 | 00,019,000 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
DRV - [2006/11/02 15:29:38 | 00,021,264 | ---- | M] (Dritek System Inc.) -- C:\Windows\system32\DRIVERS\DKbFltr.sys -- (DKbFltr [On_Demand | Running])
DRV - [2008/01/21 04:23:24 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
DRV - [2008/01/21 04:23:22 | 00,342,584 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
DRV - [2008/01/21 04:23:26 | 00,040,504 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped])
DRV - [2008/01/21 04:23:22 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\DRIVERS\VSTAZL3.SYS -- (HSFHWAZL [On_Demand | Stopped])
DRV - [2008/03/26 00:41:30 | 00,980,992 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\DRIVERS\HSX_DPV.sys -- (HSF_DPV [On_Demand | Running])
DRV - [2008/03/26 00:39:20 | 00,207,872 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\DRIVERS\HSXHWAZL.sys -- (HSXHWAZL [On_Demand | Running])
DRV - [2008/07/20 17:44:44 | 00,324,120 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor [Boot | Running])
DRV - [2008/01/21 04:23:23 | 00,235,064 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped])
DRV - [2006/11/02 11:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
DRV - [2007/01/26 08:32:18 | 00,069,632 | ---- | M] () -- C:\Windows\system32\drivers\int15.sys -- (int15 [Auto | Running])
DRV - [2008/05/07 13:22:50 | 02,134,424 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\system32\drivers\RTKVHDA.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2006/11/02 11:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
DRV - [2006/11/02 11:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
DRV - [2008/05/19 18:23:00 | 00,047,104 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\system32\DRIVERS\L1E60x86.sys -- (L1E [On_Demand | Running])
DRV - [2008/01/21 04:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
DRV - [2008/01/21 04:23:25 | 00,089,656 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
DRV - [2008/01/21 04:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
DRV - [2006/06/19 07:26:58 | 00,012,672 | ---- | M] (Conexant) -- C:\Windows\system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2008/01/21 04:23:27 | 00,031,288 | ---- | M] (LSI Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
DRV - [2008/01/21 04:23:27 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR [Disabled | Stopped])
DRV - [2006/11/02 11:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped])
DRV - [2009/02/02 19:38:23 | 00,027,136 | ---- | M] (NCH Swift Sound) -- C:\Windows\system32\drivers\nchssvad.sys -- (NCHSSVAD [On_Demand | Stopped])
DRV - [2008/05/05 03:05:00 | 03,658,752 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\NETw5v32.sys -- (NETw5v32 [On_Demand | Running])
DRV - [2006/11/02 11:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
DRV - [2008/01/30 11:52:06 | 00,014,848 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Windows\system32\DRIVERS\NTIDrvr.sys -- (NTIDrvr [On_Demand | Running])
DRV - [2008/01/16 18:35:08 | 00,122,368 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys -- (NTIPPKernel [Auto | Running])
DRV - [2006/11/02 09:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
DRV - [2008/06/25 07:05:06 | 00,044,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvhda32v.sys -- (NVHDA [On_Demand | Running])
DRV - [2008/07/18 18:23:00 | 07,545,824 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\DRIVERS\nvlddmkm.sys -- (nvlddmkm [On_Demand | Running])
DRV - [2008/01/21 04:23:21 | 00,102,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
DRV - [2008/01/21 04:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
DRV - [2008/05/14 17:05:42 | 00,018,992 | ---- | M] (Egis Incorporated) -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter [Boot | Running])
DRV - [2008/05/14 17:05:42 | 00,016,944 | ---- | M] (Egis Incorporated) -- C:\Windows\system32\DRIVERS\PSDNServ.sys -- (PSDNServ [Auto | Running])
DRV - [2008/05/14 17:05:44 | 00,060,464 | ---- | M] (Egis Incorporated) -- C:\Windows\system32\DRIVERS\PSDVdisk.sys -- (psdvdisk [Auto | Running])
DRV - [2008/01/21 04:23:24 | 01,122,360 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
DRV - [2006/11/02 11:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
DRV - [2008/03/26 10:59:12 | 00,061,440 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\system32\drivers\RTSTOR.SYS -- (RTSTOR [On_Demand | Running])
DRV - [2006/11/02 08:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
DRV - [2008/01/21 04:23:26 | 00,074,808 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
DRV - [2008/12/26 23:08:00 | 00,717,296 | ---- | M] () -- C:\Windows\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2007/11/08 18:03:26 | 00,021,248 | ---- | M] (AVIRA GmbH) -- C:\Windows\system32\DRIVERS\ssmdrv.sys -- (ssmdrv [System | Running])
DRV - [2006/11/02 11:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
DRV - [2006/11/02 11:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
DRV - [2006/11/02 11:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
DRV - [2008/04/25 04:08:42 | 00,199,472 | ---- | M] (Synaptics, Inc.) -- C:\Windows\system32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2008/04/28 13:56:16 | 00,050,576 | ---- | M] (UPEK Inc.) -- C:\Windows\System32\Drivers\tcusb.sys -- (TcUsb [On_Demand | Running])
DRV - [2008/01/30 11:51:50 | 00,013,824 | ---- | M] (NewTech Infosystems Corporation) -- C:\Windows\System32\drivers\UBHelper.sys -- (UBHelper [Boot | Running])
DRV - [2008/01/21 04:23:20 | 00,238,648 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
DRV - [2006/11/02 11:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
DRV - [2008/01/21 04:23:23 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
DRV - [2008/01/21 04:24:12 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DRIVERS\usb8023.sys -- (USB_RNDIS_51 [On_Demand | Stopped])
DRV - [2006/06/26 12:27:14 | 00,037,120 | ---- | M] (VerySoft LLC) -- C:\Windows\system32\DRIVERS\verysplit.sys -- (VERYSPLIT [On_Demand | Stopped])
DRV - [2006/03/07 18:07:48 | 00,035,840 | -HS- | M] (VerySoft LLC) -- C:\Windows\system32\DRIVERS\verysplitpro.sys -- (VERYSPLITPRO [On_Demand | Running])
DRV - [2008/01/21 04:23:00 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
DRV - [2006/06/08 17:10:18 | 00,016,896 | ---- | M] (VerySoft LLC) -- C:\Windows\system32\drivers\vsaudio.sys -- (VSAudio [On_Demand | Stopped])
DRV - [2008/01/21 04:23:23 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
DRV - [2008/03/26 00:38:32 | 00,661,504 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\DRIVERS\HSX_CNXT.sys -- (winachsf [On_Demand | Running])
DRV - [2007/03/28 07:51:40 | 00,043,008 | ---- | M] (Winbond Electronics Corporation) -- C:\Windows\system32\DRIVERS\winbondcir.sys -- (winbondcir [On_Demand | Running])
DRV - [2007/10/19 00:36:54 | 00,008,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\DRIVERS\xaudio.sys -- (XAudio [Auto | Running])
DRV - [2008/07/18 16:05:10 | 00,061,424 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796} [Auto | Running])
[color=orange]========== Standard Registry (SafeList) ==========[/color]
Et la suite et fin:
[color=orange]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=1008&m=aspire_6930g
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=1008&m=aspire_6930g
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=1008&m=aspire_6930g
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.microsoft.com/access/allinone.asp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/29 11:03:29 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/29 11:03:29 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.21\extensions\\Components: C:\PROGRAM FILES\MOZILLA THUNDERBIRD\COMPONENTS [2009/05/04 13:52:34 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.21\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA THUNDERBIRD\PLUGINS
[2008/12/25 04:01:54 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\mozilla\Extensions
[2008/12/25 04:01:54 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/23 19:14:38 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\mozilla\Firefox\Profiles\uv0kql7v.default\extensions
[2008/12/25 03:13:12 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\mozilla\Firefox\Profiles\wild4yxe.default\extensions
[2009/05/09 23:47:30 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/29 11:03:29 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/12/29 23:07:30 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/03/28 12:35:15 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/04/29 11:03:26 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/29 11:03:26 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/02/07 18:36:47 | 00,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2009/02/07 18:36:47 | 00,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2009/02/07 18:36:47 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/02/07 18:36:47 | 00,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml
[2009/02/07 18:36:47 | 00,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2009/02/07 18:36:47 | 00,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: (769 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - Reg Error: Key error. File not found
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - Reg Error: Key error. File not found
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min (Avira GmbH)
O4 - HKLM..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" (CyberLink)
O4 - HKLM..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe" (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup (Google)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE File not found
O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" (Acer Corp.)
O4 - HKLM..\Run: [RtHDVCpl] RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show (Arachnoid Biometrics Identification Group Corp.)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot (Tonec Inc.)
O4 - HKCU..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programmes\Microsoft Office\Office12\REFIEBAR.DLL File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] - C:\Windows\system32\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] - C:\Windows\system32\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Intranet local)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldfr-fr.cab (MSN Photo Upload Tool)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} https://www.touslesdrivers.com/index.php?v_page=29 (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab (get_atlcom Class)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programmes\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programmes\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll File not found
O18 - Protocol\Filter: - text/xml - C:\Programmes\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programmes\Google\Google Desktop Search\GoogleDesktopNetwork3.dll File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O20 - Winlogon\Notify\spba: DllName - C:\Program Files\Common Files\SPBA\homefus2.dll - C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/05/08 03:46:09 | 00,000,313 | RHS- | M] () - C:\autorun(646).inf -- [ NTFS ]
O32 - AutoRun File - [2009/05/08 11:28:44 | 00,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/05/08 11:28:44 | 00,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/05/08 11:28:46 | 00,000,000 | RHSD | M] - G:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{1c584961-f85f-11dd-b877-00238b055027}\Shell - "" = AutoRun
O33 - MountPoints2\{1c584961-f85f-11dd-b877-00238b055027}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O33 - MountPoints2\{426e8f24-dcd1-11dd-944d-00238b055027}\Shell - "" = AutoRun
O33 - MountPoints2\{426e8f24-dcd1-11dd-944d-00238b055027}\Shell\AutoRun\command - "" = E:\Autorun.exe -- File not found
O33 - MountPoints2\{c2bf36c1-e0bb-11dd-9f2a-00238b055027}\Shell - "" = AutoRun
O33 - MountPoints2\{c2bf36c1-e0bb-11dd-9f2a-00238b055027}\Shell\AutoRun\command - "" = E:\autorun.exe -- File not found
O33 - MountPoints2\{c7f2b0b2-db0c-11dd-9132-00238b055027}\Shell - "" = Autorun
O33 - MountPoints2\{c7f2b0b2-db0c-11dd-9132-00238b055027}\Shell\Open\command - "" = H:\RECYCLER\S-3-5-79-100008499-100013170-100031679-7558.com -- File not found
O33 - MountPoints2\{eb673e70-f1e4-11dd-aa11-00238b055027}\Shell\Auto\command - "" = G:\Start.exe -- File not found
O33 - MountPoints2\{f5c41698-d278-11dd-a674-00238b055027}\Shell - "" = AutoRun
O33 - MountPoints2\{f5c41698-d278-11dd-a674-00238b055027}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
[color=orange]========== Files/Folders - Created Within 30 Days ==========[/color]
[2009/05/10 18:55:16 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Users\alain\Desktop\OTListIt2.exe
[2009/05/10 18:08:33 | 00,160,256 | ---- | C] () -- C:\Users\alain\Desktop\SYS_List.exe
[2009/05/10 10:03:42 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/08 14:10:09 | 00,000,000 | ---D | C] -- C:\_OTMoveIt
[2009/05/08 13:11:03 | 00,000,000 | ---D | C] -- C:\rsit
[2009/05/08 11:28:44 | 00,000,000 | RHSD | C] -- C:\autorun.inf
[2009/05/08 11:09:43 | 00,000,000 | ---D | C] -- C:\UsbFix
[2009/05/08 10:33:57 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/05/08 09:29:59 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/05/08 09:29:59 | 00,000,822 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/08 09:29:56 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/05/07 22:20:05 | 00,037,120 | ---- | C] (VerySoft LLC) -- C:\Windows\System32\drivers\verysplit.sys
[2009/05/07 22:20:05 | 00,016,896 | ---- | C] (VerySoft LLC) -- C:\Windows\System32\drivers\vsaudio.sys
[2009/05/07 22:04:58 | 00,000,313 | RHS- | C] () -- C:\autorun(646).inf
[2009/05/07 22:04:58 | 00,000,000 | ---D | C] -- C:\RECYCLER
[2009/05/05 17:28:37 | 00,001,899 | ---- | C] () -- C:\Users\Public\Desktop\Nikon Transfer.lnk
[2009/05/05 17:28:36 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\muvee Technologies
[2009/05/05 17:28:32 | 00,000,000 | ---D | C] -- C:\ProgramData\Nikon
[2009/05/05 17:27:09 | 00,000,268 | RH-- | C] () -- C:\Users\alain\AppData\Roaming\Plug-Ins
[2009/05/05 17:27:09 | 00,000,268 | RH-- | C] () -- C:\ProgramData\Pop Kit
[2009/05/05 17:27:09 | 00,000,012 | RH-- | C] () -- C:\ProgramData\Profiles
[2009/05/05 17:27:08 | 00,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2009/05/05 17:19:27 | 00,000,268 | RH-- | C] () -- C:\Users\alain\AppData\Roaming\Utilities
[2009/05/05 17:19:27 | 00,000,268 | RH-- | C] () -- C:\ProgramData\Widgets
[2009/05/05 17:19:27 | 00,000,000 | ---D | C] -- C:\ProgramData\Sync Services
[2009/05/05 17:18:34 | 00,000,986 | ---- | C] () -- C:\Users\Public\Desktop\Capture NX 2.lnk
[2009/05/05 17:14:37 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Nikon
[2009/05/05 17:14:35 | 00,000,000 | ---D | C] -- C:\Users\alain\AppData\Roaming\Nikon
[2009/05/05 17:14:27 | 00,000,000 | ---D | C] -- C:\Program Files\Nikon
[2009/05/05 17:14:17 | 00,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLbx.DAT
[2009/05/05 17:14:17 | 00,000,000 | ---D | C] -- C:\ProgramData\Ultima_T15
[2009/05/05 17:14:17 | 00,000,000 | ---D | C] -- C:\ProgramData\EnterNHelp
[2009/05/04 13:52:37 | 00,001,794 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2009/05/04 13:52:29 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2009/05/03 19:06:46 | 00,000,000 | ---D | C] -- C:\Users\alain\AppData\Roaming\Thunderbird
[2009/05/03 18:09:44 | 00,000,000 | ---D | C] -- C:\ProgramData\IM
[2009/05/03 18:09:41 | 00,000,000 | ---D | C] -- C:\ProgramData\IncrediMail
[2009/05/03 18:09:41 | 00,000,000 | ---D | C] -- C:\Program Files\IncrediMail
[2009/04/29 16:24:21 | 00,000,786 | ---- | C] () -- C:\Users\alain\Desktop\Pokerbility.lnk
[2009/04/29 16:24:17 | 00,000,000 | ---D | C] -- C:\Program Files\Pokerbility
[2009/04/29 16:24:16 | 00,212,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\richtx32.ocx
[2009/04/29 16:15:39 | 00,000,000 | ---D | C] -- C:\Program Files\Tournament Indicator
[2009/04/29 16:15:10 | 00,000,000 | ---D | C] -- C:\Program Files\Holdem Indicator
[2009/04/27 15:54:07 | 00,001,995 | ---- | C] () -- C:\Users\Public\Desktop\AntiVir PE Classic.lnk
[2009/04/27 15:54:00 | 00,075,072 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2009/04/27 15:54:00 | 00,021,248 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2009/04/27 15:53:58 | 00,000,000 | ---D | C] -- C:\ProgramData\Avira
[2009/04/27 15:53:58 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009/04/27 14:23:14 | 00,000,000 | ---D | C] -- C:\Users\alain\AppData\Roaming\Malwarebytes
[2009/04/27 14:23:06 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/04/27 14:23:06 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/04/23 18:07:16 | 00,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2009/04/23 16:59:18 | 00,000,512 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2009/04/23 16:59:04 | 00,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2009/04/23 16:57:04 | 00,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2009/04/23 16:57:04 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2009/04/22 17:54:03 | 00,000,958 | ---- | C] () -- C:\Users\alain\Desktop\Corbeille.lnk
[2009/04/19 04:30:06 | 00,000,756 | ---- | C] () -- C:\Users\alain\Desktop\Audacity.lnk
[2009/04/16 18:46:05 | 00,000,573 | ---- | C] () -- C:\Users\alain\Desktop\SopCast.lnk
[2009/04/16 18:46:05 | 00,000,000 | ---D | C] -- C:\Program Files\SopCast
[2009/04/15 12:20:36 | 00,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll
[2009/04/15 12:20:33 | 00,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2009/04/15 12:20:32 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2009/04/15 12:20:22 | 03,599,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2009/04/15 12:20:22 | 00,551,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpcss.dll
[2009/04/15 12:20:21 | 03,547,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2009/04/15 12:20:19 | 00,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2009/04/15 12:20:19 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2009/04/15 12:20:19 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2009/04/15 12:20:19 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2009/04/15 12:20:19 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2009/04/15 12:20:19 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2009/04/15 12:20:19 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2009/04/15 12:20:12 | 01,255,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2009/04/15 12:20:12 | 00,888,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
[2009/04/15 12:20:11 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
[2009/04/15 12:20:11 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2009/04/15 12:20:11 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2009/04/15 12:19:56 | 03,580,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/04/15 12:19:54 | 06,068,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009/04/15 12:19:52 | 01,166,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009/04/15 12:19:51 | 00,827,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009/04/15 12:19:51 | 00,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/04/15 12:19:51 | 00,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/04/15 12:19:51 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2009/04/15 12:19:50 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2009/04/15 12:19:50 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2009/04/15 12:19:50 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2009/04/15 12:19:50 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/04/15 12:19:49 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2009/04/15 12:19:49 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2009/04/15 12:19:49 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/04/15 12:19:48 | 01,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/03/29 15:33:07 | 00,000,872 | ---- | C] () -- C:\Windows\wininit.ini
[2008/12/31 14:26:49 | 02,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2008/12/26 23:07:59 | 00,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008/12/25 20:08:33 | 00,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2008/12/25 16:36:18 | 00,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2008/11/21 23:47:52 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/11/21 23:45:16 | 00,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008/11/21 23:45:16 | 00,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
[2008/11/21 23:44:16 | 00,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008/10/11 02:49:58 | 00,118,784 | ---- | C] () -- C:\Windows\System32\VMC3KAPI.dll
[2008/10/11 02:35:56 | 00,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2008/10/11 02:35:56 | 00,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2008/07/25 23:57:40 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/07/25 15:16:27 | 00,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008/07/25 15:16:27 | 00,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008/07/25 14:55:07 | 00,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll
[2008/07/25 14:51:22 | 00,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008/07/25 14:40:52 | 00,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008/07/22 10:01:25 | 00,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
[2007/01/26 08:32:18 | 00,069,632 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2006/11/02 14:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 12:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 12:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 09:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001/12/26 16:12:30 | 00,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/03 23:46:38 | 00,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 16:33:56 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/23 22:04:36 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
[color=orange]========== Files - Modified Within 30 Days ==========[/color]
[2009/05/10 18:55:19 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Users\alain\Desktop\OTListIt2.exe
[2009/05/10 18:25:54 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/05/10 18:25:54 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/05/10 18:08:34 | 00,160,256 | ---- | M] () -- C:\Users\alain\Desktop\SYS_List.exe
[2009/05/10 16:33:29 | 01,470,810 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/05/10 16:33:29 | 00,669,566 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2009/05/10 16:33:29 | 00,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/05/10 16:33:29 | 00,123,556 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2009/05/10 16:33:29 | 00,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/05/10 16:31:18 | 00,001,000 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2009/05/10 16:29:13 | 00,077,029 | ---- | M] () -- C:\ProgramData\nvModes.001
[2009/05/10 16:28:54 | 00,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachine.job
[2009/05/10 16:28:33 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/05/10 16:28:28 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/05/10 16:28:12 | 32,158,47424 | -HS- | M] () -- C:\hiberfil.sys
[2009/05/09 23:31:27 | 00,077,029 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2009/05/08 08:50:20 | 00,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2009/05/08 03:46:09 | 00,000,313 | RHS- | M] () -- C:\autorun(646).inf
[2009/05/07 18:31:12 | 00,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLbx.DAT
[2009/05/07 18:06:39 | 00,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLdu.DAT
[2009/05/07 16:58:59 | 00,000,512 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2009/05/06 17:00:24 | 00,002,687 | ---- | M] () -- C:\Users\alain\Desktop\Microsoft Office Word 2007.lnk
[2009/05/05 17:28:37 | 00,001,899 | ---- | M] () -- C:\Users\Public\Desktop\Nikon Transfer.lnk
[2009/05/05 17:27:09 | 00,000,268 | RH-- | M] () -- C:\Users\alain\AppData\Roaming\Plug-Ins
[2009/05/05 17:27:09 | 00,000,268 | RH-- | M] () -- C:\ProgramData\Pop Kit
[2009/05/05 17:27:09 | 00,000,012 | RH-- | M] () -- C:\ProgramData\Profiles
[2009/05/05 17:27:02 | 00,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ATL71.DLL
[2009/05/05 17:19:27 | 00,000,268 | RH-- | M] () -- C:\Users\alain\AppData\Roaming\Utilities
[2009/05/05 17:19:27 | 00,000,268 | RH-- | M] () -- C:\ProgramData\Widgets
[2009/05/05 17:18:34 | 00,000,986 | ---- | M] () -- C:\Users\Public\Desktop\Capture NX 2.lnk
[2009/05/04 13:52:37 | 00,001,794 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2009/04/29 16:59:51 | 00,000,786 | ---- | M] () -- C:\Users\alain\Desktop\Pokerbility.lnk
[2009/04/29 16:24:17 | 00,212,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\richtx32.ocx
[2009/04/27 15:54:07 | 00,001,995 | ---- | M] () -- C:\Users\Public\Desktop\AntiVir PE Classic.lnk
[2009/04/27 14:43:10 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2009/04/27 14:23:11 | 00,000,822 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/04/25 14:31:06 | 00,000,872 | ---- | M] () -- C:\Windows\wininit.ini
[2009/04/25 04:47:53 | 43,115,2328 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009/04/22 17:54:35 | 00,000,958 | ---- | M] () -- C:\Users\alain\Desktop\Corbeille.lnk
[2009/04/19 04:30:06 | 00,000,756 | ---- | M] () -- C:\Users\alain\Desktop\Audacity.lnk
[2009/04/16 18:46:05 | 00,000,573 | ---- | M] () -- C:\Users\alain\Desktop\SopCast.lnk
[color=orange]========== LOP Check ==========[/color]
[2009/05/05 17:27:09 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming
[2008/12/25 01:41:03 | 00,000,000 | -HSD | M] -- C:\Users\alain\AppData\Roaming\.#
[2008/12/25 01:29:44 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\Acer
[2008/07/25 15:14:52 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\Acer GameZone Console
[2009/02/20 15:33:00 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\Adobe
[2008/12/25 14:10:30 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\CoSoSys
[2008/12/25 01:41:38 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\CyberLink
[2009/03/17 16:09:52 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\DivX
[2009/05/10 16:29:11 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\DMCache
[2009/05/11 02:20:34 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\dvdcss
[2008/12/25 01:50:40 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\eSobi
[2009/02/07 19:15:18 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\FileZilla
[2008/12/04 18:29:22 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\Google
[2009/05/11 02:20:34 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\gtk-2.0
[2008/12/04 18:02:06 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\Identities
[2009/02/26 21:35:49 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\IDM
[2008/12/04 18:02:43 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\Macromedia
[2009/04/27 14:23:14 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\Malwarebytes
[2006/11/02 14:37:34 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\Media Center Programs
[2009/05/05 17:16:03 | 00,000,000 | --SD | M] -- C:\Users\alain\AppData\Roaming\Microsoft
[2009/05/03 19:06:50 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\Mozilla
[2009/02/02 19:44:13 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\NCH Swift Sound
[2009/05/06 02:43:08 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\Nikon
[2009/05/06 17:36:18 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\NwDocx
[2008/12/25 01:21:31 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\PeerNetworking
[2009/01/03 15:15:37 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\Sports Interactive
[2009/03/20 21:51:35 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\Template
[2009/05/11 02:20:37 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\Thunderbird
[2009/05/10 19:01:17 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\uTorrent
[2009/05/11 02:20:37 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\vlc
[2009/05/11 02:20:37 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\VSO
[2008/12/25 03:48:15 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\WinRAR
[2009/03/31 23:30:56 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\Xilisoft Corporation
[2009/05/07 16:58:59 | 00,000,512 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2009/05/10 16:31:18 | 00,001,000 | ---- | M] () -- C:\Windows\Tasks\Google Software Updater.job
[2009/05/10 16:28:54 | 00,001,050 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachine.job
[2009/05/10 16:28:33 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/05/08 09:01:49 | 00,032,476 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[color=orange]========== Purity Check ==========[/color]
< End of report >
[color=orange]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=1008&m=aspire_6930g
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=1008&m=aspire_6930g
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=1008&m=aspire_6930g
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.microsoft.com/access/allinone.asp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/29 11:03:29 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/29 11:03:29 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.21\extensions\\Components: C:\PROGRAM FILES\MOZILLA THUNDERBIRD\COMPONENTS [2009/05/04 13:52:34 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.21\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA THUNDERBIRD\PLUGINS
[2008/12/25 04:01:54 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\mozilla\Extensions
[2008/12/25 04:01:54 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/23 19:14:38 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\mozilla\Firefox\Profiles\uv0kql7v.default\extensions
[2008/12/25 03:13:12 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\mozilla\Firefox\Profiles\wild4yxe.default\extensions
[2009/05/09 23:47:30 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/29 11:03:29 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/12/29 23:07:30 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/03/28 12:35:15 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/04/29 11:03:26 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/29 11:03:26 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/02/07 18:36:47 | 00,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2009/02/07 18:36:47 | 00,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2009/02/07 18:36:47 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/02/07 18:36:47 | 00,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml
[2009/02/07 18:36:47 | 00,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2009/02/07 18:36:47 | 00,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: (769 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - Reg Error: Key error. File not found
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - Reg Error: Key error. File not found
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min (Avira GmbH)
O4 - HKLM..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" (CyberLink)
O4 - HKLM..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe" (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup (Google)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE File not found
O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" (Acer Corp.)
O4 - HKLM..\Run: [RtHDVCpl] RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show (Arachnoid Biometrics Identification Group Corp.)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot (Tonec Inc.)
O4 - HKCU..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programmes\Microsoft Office\Office12\REFIEBAR.DLL File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] - C:\Windows\system32\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] - C:\Windows\system32\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Intranet local)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldfr-fr.cab (MSN Photo Upload Tool)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} https://www.touslesdrivers.com/index.php?v_page=29 (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab (get_atlcom Class)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programmes\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programmes\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll File not found
O18 - Protocol\Filter: - text/xml - C:\Programmes\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programmes\Google\Google Desktop Search\GoogleDesktopNetwork3.dll File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O20 - Winlogon\Notify\spba: DllName - C:\Program Files\Common Files\SPBA\homefus2.dll - C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/05/08 03:46:09 | 00,000,313 | RHS- | M] () - C:\autorun(646).inf -- [ NTFS ]
O32 - AutoRun File - [2009/05/08 11:28:44 | 00,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/05/08 11:28:44 | 00,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/05/08 11:28:46 | 00,000,000 | RHSD | M] - G:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{1c584961-f85f-11dd-b877-00238b055027}\Shell - "" = AutoRun
O33 - MountPoints2\{1c584961-f85f-11dd-b877-00238b055027}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O33 - MountPoints2\{426e8f24-dcd1-11dd-944d-00238b055027}\Shell - "" = AutoRun
O33 - MountPoints2\{426e8f24-dcd1-11dd-944d-00238b055027}\Shell\AutoRun\command - "" = E:\Autorun.exe -- File not found
O33 - MountPoints2\{c2bf36c1-e0bb-11dd-9f2a-00238b055027}\Shell - "" = AutoRun
O33 - MountPoints2\{c2bf36c1-e0bb-11dd-9f2a-00238b055027}\Shell\AutoRun\command - "" = E:\autorun.exe -- File not found
O33 - MountPoints2\{c7f2b0b2-db0c-11dd-9132-00238b055027}\Shell - "" = Autorun
O33 - MountPoints2\{c7f2b0b2-db0c-11dd-9132-00238b055027}\Shell\Open\command - "" = H:\RECYCLER\S-3-5-79-100008499-100013170-100031679-7558.com -- File not found
O33 - MountPoints2\{eb673e70-f1e4-11dd-aa11-00238b055027}\Shell\Auto\command - "" = G:\Start.exe -- File not found
O33 - MountPoints2\{f5c41698-d278-11dd-a674-00238b055027}\Shell - "" = AutoRun
O33 - MountPoints2\{f5c41698-d278-11dd-a674-00238b055027}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
[color=orange]========== Files/Folders - Created Within 30 Days ==========[/color]
[2009/05/10 18:55:16 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Users\alain\Desktop\OTListIt2.exe
[2009/05/10 18:08:33 | 00,160,256 | ---- | C] () -- C:\Users\alain\Desktop\SYS_List.exe
[2009/05/10 10:03:42 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/08 14:10:09 | 00,000,000 | ---D | C] -- C:\_OTMoveIt
[2009/05/08 13:11:03 | 00,000,000 | ---D | C] -- C:\rsit
[2009/05/08 11:28:44 | 00,000,000 | RHSD | C] -- C:\autorun.inf
[2009/05/08 11:09:43 | 00,000,000 | ---D | C] -- C:\UsbFix
[2009/05/08 10:33:57 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/05/08 09:29:59 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/05/08 09:29:59 | 00,000,822 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/08 09:29:56 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/05/07 22:20:05 | 00,037,120 | ---- | C] (VerySoft LLC) -- C:\Windows\System32\drivers\verysplit.sys
[2009/05/07 22:20:05 | 00,016,896 | ---- | C] (VerySoft LLC) -- C:\Windows\System32\drivers\vsaudio.sys
[2009/05/07 22:04:58 | 00,000,313 | RHS- | C] () -- C:\autorun(646).inf
[2009/05/07 22:04:58 | 00,000,000 | ---D | C] -- C:\RECYCLER
[2009/05/05 17:28:37 | 00,001,899 | ---- | C] () -- C:\Users\Public\Desktop\Nikon Transfer.lnk
[2009/05/05 17:28:36 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\muvee Technologies
[2009/05/05 17:28:32 | 00,000,000 | ---D | C] -- C:\ProgramData\Nikon
[2009/05/05 17:27:09 | 00,000,268 | RH-- | C] () -- C:\Users\alain\AppData\Roaming\Plug-Ins
[2009/05/05 17:27:09 | 00,000,268 | RH-- | C] () -- C:\ProgramData\Pop Kit
[2009/05/05 17:27:09 | 00,000,012 | RH-- | C] () -- C:\ProgramData\Profiles
[2009/05/05 17:27:08 | 00,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2009/05/05 17:19:27 | 00,000,268 | RH-- | C] () -- C:\Users\alain\AppData\Roaming\Utilities
[2009/05/05 17:19:27 | 00,000,268 | RH-- | C] () -- C:\ProgramData\Widgets
[2009/05/05 17:19:27 | 00,000,000 | ---D | C] -- C:\ProgramData\Sync Services
[2009/05/05 17:18:34 | 00,000,986 | ---- | C] () -- C:\Users\Public\Desktop\Capture NX 2.lnk
[2009/05/05 17:14:37 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Nikon
[2009/05/05 17:14:35 | 00,000,000 | ---D | C] -- C:\Users\alain\AppData\Roaming\Nikon
[2009/05/05 17:14:27 | 00,000,000 | ---D | C] -- C:\Program Files\Nikon
[2009/05/05 17:14:17 | 00,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLbx.DAT
[2009/05/05 17:14:17 | 00,000,000 | ---D | C] -- C:\ProgramData\Ultima_T15
[2009/05/05 17:14:17 | 00,000,000 | ---D | C] -- C:\ProgramData\EnterNHelp
[2009/05/04 13:52:37 | 00,001,794 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2009/05/04 13:52:29 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2009/05/03 19:06:46 | 00,000,000 | ---D | C] -- C:\Users\alain\AppData\Roaming\Thunderbird
[2009/05/03 18:09:44 | 00,000,000 | ---D | C] -- C:\ProgramData\IM
[2009/05/03 18:09:41 | 00,000,000 | ---D | C] -- C:\ProgramData\IncrediMail
[2009/05/03 18:09:41 | 00,000,000 | ---D | C] -- C:\Program Files\IncrediMail
[2009/04/29 16:24:21 | 00,000,786 | ---- | C] () -- C:\Users\alain\Desktop\Pokerbility.lnk
[2009/04/29 16:24:17 | 00,000,000 | ---D | C] -- C:\Program Files\Pokerbility
[2009/04/29 16:24:16 | 00,212,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\richtx32.ocx
[2009/04/29 16:15:39 | 00,000,000 | ---D | C] -- C:\Program Files\Tournament Indicator
[2009/04/29 16:15:10 | 00,000,000 | ---D | C] -- C:\Program Files\Holdem Indicator
[2009/04/27 15:54:07 | 00,001,995 | ---- | C] () -- C:\Users\Public\Desktop\AntiVir PE Classic.lnk
[2009/04/27 15:54:00 | 00,075,072 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2009/04/27 15:54:00 | 00,021,248 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2009/04/27 15:53:58 | 00,000,000 | ---D | C] -- C:\ProgramData\Avira
[2009/04/27 15:53:58 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009/04/27 14:23:14 | 00,000,000 | ---D | C] -- C:\Users\alain\AppData\Roaming\Malwarebytes
[2009/04/27 14:23:06 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/04/27 14:23:06 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/04/23 18:07:16 | 00,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2009/04/23 16:59:18 | 00,000,512 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2009/04/23 16:59:04 | 00,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2009/04/23 16:57:04 | 00,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2009/04/23 16:57:04 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2009/04/22 17:54:03 | 00,000,958 | ---- | C] () -- C:\Users\alain\Desktop\Corbeille.lnk
[2009/04/19 04:30:06 | 00,000,756 | ---- | C] () -- C:\Users\alain\Desktop\Audacity.lnk
[2009/04/16 18:46:05 | 00,000,573 | ---- | C] () -- C:\Users\alain\Desktop\SopCast.lnk
[2009/04/16 18:46:05 | 00,000,000 | ---D | C] -- C:\Program Files\SopCast
[2009/04/15 12:20:36 | 00,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll
[2009/04/15 12:20:33 | 00,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2009/04/15 12:20:32 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2009/04/15 12:20:22 | 03,599,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2009/04/15 12:20:22 | 00,551,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpcss.dll
[2009/04/15 12:20:21 | 03,547,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2009/04/15 12:20:19 | 00,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2009/04/15 12:20:19 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2009/04/15 12:20:19 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2009/04/15 12:20:19 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2009/04/15 12:20:19 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2009/04/15 12:20:19 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2009/04/15 12:20:19 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2009/04/15 12:20:12 | 01,255,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2009/04/15 12:20:12 | 00,888,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
[2009/04/15 12:20:11 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
[2009/04/15 12:20:11 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2009/04/15 12:20:11 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2009/04/15 12:19:56 | 03,580,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/04/15 12:19:54 | 06,068,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009/04/15 12:19:52 | 01,166,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009/04/15 12:19:51 | 00,827,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009/04/15 12:19:51 | 00,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/04/15 12:19:51 | 00,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/04/15 12:19:51 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2009/04/15 12:19:50 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2009/04/15 12:19:50 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2009/04/15 12:19:50 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2009/04/15 12:19:50 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/04/15 12:19:49 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2009/04/15 12:19:49 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2009/04/15 12:19:49 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/04/15 12:19:48 | 01,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/03/29 15:33:07 | 00,000,872 | ---- | C] () -- C:\Windows\wininit.ini
[2008/12/31 14:26:49 | 02,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2008/12/26 23:07:59 | 00,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008/12/25 20:08:33 | 00,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2008/12/25 16:36:18 | 00,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2008/11/21 23:47:52 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/11/21 23:45:16 | 00,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008/11/21 23:45:16 | 00,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
[2008/11/21 23:44:16 | 00,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008/10/11 02:49:58 | 00,118,784 | ---- | C] () -- C:\Windows\System32\VMC3KAPI.dll
[2008/10/11 02:35:56 | 00,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2008/10/11 02:35:56 | 00,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2008/07/25 23:57:40 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/07/25 15:16:27 | 00,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008/07/25 15:16:27 | 00,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008/07/25 14:55:07 | 00,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll
[2008/07/25 14:51:22 | 00,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008/07/25 14:40:52 | 00,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008/07/22 10:01:25 | 00,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
[2007/01/26 08:32:18 | 00,069,632 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2006/11/02 14:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 12:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 12:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 09:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001/12/26 16:12:30 | 00,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/03 23:46:38 | 00,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 16:33:56 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/23 22:04:36 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
[color=orange]========== Files - Modified Within 30 Days ==========[/color]
[2009/05/10 18:55:19 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Users\alain\Desktop\OTListIt2.exe
[2009/05/10 18:25:54 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/05/10 18:25:54 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/05/10 18:08:34 | 00,160,256 | ---- | M] () -- C:\Users\alain\Desktop\SYS_List.exe
[2009/05/10 16:33:29 | 01,470,810 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/05/10 16:33:29 | 00,669,566 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2009/05/10 16:33:29 | 00,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/05/10 16:33:29 | 00,123,556 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2009/05/10 16:33:29 | 00,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/05/10 16:31:18 | 00,001,000 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2009/05/10 16:29:13 | 00,077,029 | ---- | M] () -- C:\ProgramData\nvModes.001
[2009/05/10 16:28:54 | 00,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachine.job
[2009/05/10 16:28:33 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/05/10 16:28:28 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/05/10 16:28:12 | 32,158,47424 | -HS- | M] () -- C:\hiberfil.sys
[2009/05/09 23:31:27 | 00,077,029 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2009/05/08 08:50:20 | 00,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2009/05/08 03:46:09 | 00,000,313 | RHS- | M] () -- C:\autorun(646).inf
[2009/05/07 18:31:12 | 00,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLbx.DAT
[2009/05/07 18:06:39 | 00,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLdu.DAT
[2009/05/07 16:58:59 | 00,000,512 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2009/05/06 17:00:24 | 00,002,687 | ---- | M] () -- C:\Users\alain\Desktop\Microsoft Office Word 2007.lnk
[2009/05/05 17:28:37 | 00,001,899 | ---- | M] () -- C:\Users\Public\Desktop\Nikon Transfer.lnk
[2009/05/05 17:27:09 | 00,000,268 | RH-- | M] () -- C:\Users\alain\AppData\Roaming\Plug-Ins
[2009/05/05 17:27:09 | 00,000,268 | RH-- | M] () -- C:\ProgramData\Pop Kit
[2009/05/05 17:27:09 | 00,000,012 | RH-- | M] () -- C:\ProgramData\Profiles
[2009/05/05 17:27:02 | 00,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ATL71.DLL
[2009/05/05 17:19:27 | 00,000,268 | RH-- | M] () -- C:\Users\alain\AppData\Roaming\Utilities
[2009/05/05 17:19:27 | 00,000,268 | RH-- | M] () -- C:\ProgramData\Widgets
[2009/05/05 17:18:34 | 00,000,986 | ---- | M] () -- C:\Users\Public\Desktop\Capture NX 2.lnk
[2009/05/04 13:52:37 | 00,001,794 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2009/04/29 16:59:51 | 00,000,786 | ---- | M] () -- C:\Users\alain\Desktop\Pokerbility.lnk
[2009/04/29 16:24:17 | 00,212,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\richtx32.ocx
[2009/04/27 15:54:07 | 00,001,995 | ---- | M] () -- C:\Users\Public\Desktop\AntiVir PE Classic.lnk
[2009/04/27 14:43:10 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2009/04/27 14:23:11 | 00,000,822 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/04/25 14:31:06 | 00,000,872 | ---- | M] () -- C:\Windows\wininit.ini
[2009/04/25 04:47:53 | 43,115,2328 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009/04/22 17:54:35 | 00,000,958 | ---- | M] () -- C:\Users\alain\Desktop\Corbeille.lnk
[2009/04/19 04:30:06 | 00,000,756 | ---- | M] () -- C:\Users\alain\Desktop\Audacity.lnk
[2009/04/16 18:46:05 | 00,000,573 | ---- | M] () -- C:\Users\alain\Desktop\SopCast.lnk
[color=orange]========== LOP Check ==========[/color]
[2009/05/05 17:27:09 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming
[2008/12/25 01:41:03 | 00,000,000 | -HSD | M] -- C:\Users\alain\AppData\Roaming\.#
[2008/12/25 01:29:44 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\Acer
[2008/07/25 15:14:52 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\Acer GameZone Console
[2009/02/20 15:33:00 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\Adobe
[2008/12/25 14:10:30 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\CoSoSys
[2008/12/25 01:41:38 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\CyberLink
[2009/03/17 16:09:52 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\DivX
[2009/05/10 16:29:11 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\DMCache
[2009/05/11 02:20:34 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\dvdcss
[2008/12/25 01:50:40 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\eSobi
[2009/02/07 19:15:18 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\FileZilla
[2008/12/04 18:29:22 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\Google
[2009/05/11 02:20:34 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\gtk-2.0
[2008/12/04 18:02:06 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\Identities
[2009/02/26 21:35:49 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\IDM
[2008/12/04 18:02:43 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\Macromedia
[2009/04/27 14:23:14 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\Malwarebytes
[2006/11/02 14:37:34 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\Media Center Programs
[2009/05/05 17:16:03 | 00,000,000 | --SD | M] -- C:\Users\alain\AppData\Roaming\Microsoft
[2009/05/03 19:06:50 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\Mozilla
[2009/02/02 19:44:13 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\NCH Swift Sound
[2009/05/06 02:43:08 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\Nikon
[2009/05/06 17:36:18 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\NwDocx
[2008/12/25 01:21:31 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\PeerNetworking
[2009/01/03 15:15:37 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\Sports Interactive
[2009/03/20 21:51:35 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\Template
[2009/05/11 02:20:37 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\Thunderbird
[2009/05/10 19:01:17 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\uTorrent
[2009/05/11 02:20:37 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\vlc
[2009/05/11 02:20:37 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\VSO
[2008/12/25 03:48:15 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\WinRAR
[2009/03/31 23:30:56 | 00,000,000 | ---D | M] -- C:\Users\alain\AppData\Roaming\Xilisoft Corporation
[2009/05/07 16:58:59 | 00,000,512 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2009/05/10 16:31:18 | 00,001,000 | ---- | M] () -- C:\Windows\Tasks\Google Software Updater.job
[2009/05/10 16:28:54 | 00,001,050 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachine.job
[2009/05/10 16:28:33 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/05/08 09:01:49 | 00,032,476 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[color=orange]========== Purity Check ==========[/color]
< End of report >
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Ca:
[autorun]
;njjhuivrboast
shellexecute="RECYCLER\S-3-5-79-100008499-100013170-100031679-7558.com c:\"
;lquxgysxrbfdcttmnzsxlbnxsjbasofwqedfvovrjdjdcnarazsnsswhhbkdtqmsekjklfmlbwkspyjugqumbwnxhvxvkbkc
shell\Open\command="RECYCLER\S-3-5-79-100008499-100013170-100031679-7558.com c:\"
;ihfctxlmgwto
shell=Open
[autorun]
;njjhuivrboast
shellexecute="RECYCLER\S-3-5-79-100008499-100013170-100031679-7558.com c:\"
;lquxgysxrbfdcttmnzsxlbnxsjbasofwqedfvovrjdjdcnarazsnsswhhbkdtqmsekjklfmlbwkspyjugqumbwnxhvxvkbkc
shell\Open\command="RECYCLER\S-3-5-79-100008499-100013170-100031679-7558.com c:\"
;ihfctxlmgwto
shell=Open
Utilisateur anonyme
10 mai 2009 à 19:44
10 mai 2009 à 19:44
Télécharge HostXpert sur ton Bureau :
---> Décompresse-le (Clic droit >> Extraire ici)
---> Double-clique sur HostsXpert pour le lancer
---> clique sur le bouton "Restore MS Hosts File" puis ferme le programme
PS : Avant de cliquer sur le bouton "Restore MS Hosts File", vérifie que le cadenas en haut à gauche est ouvert sinon tu vas avoir un message d'erreur.
s'il est fermé , clique dessus :)
ensuite :
essaie de faire ceci :
Clique sur le menu Demarrer /Panneau de configuration/Options des dossiers/ puis dans l'onglet Affichage
- Coche Afficher les fichiers et dossiers cachés
- Décoche Masquer les extensions des fichiers dont le type est connu
- Décoche Masquer les fichiers protégés du système d'exploitation (recommandé)
clique sur Appliquer, puis OK.
N'oublie pas de recacher à nouveau les fichiers cachés et protégés du système d'exploitation en fin de désinfection, c'est important
Fais analyser le(s) fichier(s) suivants sur Virustotal :
Virus Total
* Clique sur Parcourir en haut, choisis Poste de travail et cherche ce fichier :
C:\Windows\system32\Drivers\AlfaFF.sys
C:\Windows\system32\drivers\int15.sys
* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté
* Une nouvelle fenêtre de ton navigateur va apparaître
* Clique alors sur les deux fleches
* Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
* Enfin colle le résultat dans ta prochaine réponse.
---> Décompresse-le (Clic droit >> Extraire ici)
---> Double-clique sur HostsXpert pour le lancer
---> clique sur le bouton "Restore MS Hosts File" puis ferme le programme
PS : Avant de cliquer sur le bouton "Restore MS Hosts File", vérifie que le cadenas en haut à gauche est ouvert sinon tu vas avoir un message d'erreur.
s'il est fermé , clique dessus :)
ensuite :
essaie de faire ceci :
Clique sur le menu Demarrer /Panneau de configuration/Options des dossiers/ puis dans l'onglet Affichage
- Coche Afficher les fichiers et dossiers cachés
- Décoche Masquer les extensions des fichiers dont le type est connu
- Décoche Masquer les fichiers protégés du système d'exploitation (recommandé)
clique sur Appliquer, puis OK.
N'oublie pas de recacher à nouveau les fichiers cachés et protégés du système d'exploitation en fin de désinfection, c'est important
Fais analyser le(s) fichier(s) suivants sur Virustotal :
Virus Total
* Clique sur Parcourir en haut, choisis Poste de travail et cherche ce fichier :
C:\Windows\system32\Drivers\AlfaFF.sys
C:\Windows\system32\drivers\int15.sys
* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté
* Une nouvelle fenêtre de ton navigateur va apparaître
* Clique alors sur les deux fleches
* Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
* Enfin colle le résultat dans ta prochaine réponse.
Fichier AlfaFF.sys reçu le 2009.05.10 19:57:57 (CET)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.05.10 -
AhnLab-V3 5.0.0.2 2009.05.09 -
AntiVir 7.9.0.166 2009.05.10 -
Antiy-AVL 2.0.3.1 2009.05.08 -
Authentium 5.1.2.4 2009.05.09 -
Avast 4.8.1335.0 2009.05.09 -
AVG 8.5.0.327 2009.05.10 -
BitDefender 7.2 2009.05.10 -
CAT-QuickHeal 10.00 2009.05.09 -
ClamAV 0.94.1 2009.05.10 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.10 -
eSafe 7.0.17.0 2009.05.10 -
eTrust-Vet 31.6.6497 2009.05.08 -
F-Prot 4.4.4.56 2009.05.09 -
F-Secure 8.0.14470.0 2009.05.09 -
Fortinet 3.117.0.0 2009.05.10 -
GData 19 2009.05.10 -
Ikarus T3.1.1.49.0 2009.05.10 -
K7AntiVirus 7.10.729 2009.05.08 -
Kaspersky 7.0.0.125 2009.05.10 -
McAfee 5611 2009.05.10 -
McAfee+Artemis 5611 2009.05.10 -
McAfee-GW-Edition 6.7.6 2009.05.10 -
Microsoft 1.4602 2009.05.10 -
NOD32 4063 2009.05.08 -
Norman 6.01.05 2009.05.08 -
nProtect 2009.1.8.0 2009.05.10 -
Panda 10.0.0.14 2009.05.10 -
PCTools 4.4.2.0 2009.05.07 -
Prevx 3.0 2009.05.10 -
Rising 21.28.62.00 2009.05.10 -
Sophos 4.41.0 2009.05.10 -
Sunbelt 3.2.1858.2 2009.05.09 -
Symantec 1.4.4.12 2009.05.10 -
TheHacker 6.3.4.1.324 2009.05.09 -
TrendMicro 8.950.0.1092 2009.05.08 -
VBA32 3.12.10.4 2009.05.09 -
ViRobot 2009.5.9.1727 2009.05.09 -
VirusBuster 4.6.5.0 2009.05.10 -
Information additionnelle
File size: 42608 bytes
MD5...: 4490b8bdf38750458eb9b24835fda8fe
SHA1..: 11c5e3a880e3ec17a6c92400c3e79dc71ffe7a40
SHA256: 94c2cefaf97099843169b78d9a4d038674c2bf69816245c49ad0b5218cc03557
SHA512: e58d5f920aba9a2f2c6521d2eafd04b4b8a260e58da345109817d3cf3c2501b6<br>2ca35734972ebf6b6cdf54d7cf7c498ec2c519f7eba96fea18c9f79251b07c9d
ssdeep: 768:hn0aasn9UXMT7/Lw/rbBoaRG4gtgZRIhF0Dc88Ze/NVCwH2s8QkH8LlbFm/:<br>Z0aaM9UXO7/UDbpG46+RIhF0Dc88gVQl<br>
PEiD..: -
TrID..: File type identification<br>Win32 Executable Generic (58.4%)<br>Clipper DOS Executable (13.8%)<br>Generic Win/DOS Executable (13.7%)<br>DOS Executable Generic (13.7%)<br>VXD Driver (0.2%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x74d3<br>timedatestamp.....: 0x47c82c3a (Fri Feb 29 16:00:58 2008)<br>machinetype.......: 0x14c (I386)<br><br>( 6 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x480 0x63e8 0x6400 6.44 2ffa88aa0929ed8f690a96387c724bcc<br>.rdata 0x6880 0x3f4 0x400 3.55 74b442ecef1dd20fb9ffcbdbb6364dd1<br>.data 0x6c80 0x420 0x480 0.21 8e82dcfb8b5d743d8d0a7afdba029b70<br>INIT 0x7100 0xe7c 0xe80 5.77 c884dc28bd64939a64820d52ac07c56d<br>.rsrc 0x7f80 0x618 0x680 3.31 e8481081c8a0e1e774f6afbfbfd6f263<br>.reloc 0x8600 0x680 0x680 6.28 e5a3615b19dc0c93e4c898fc5324ced2<br><br>( 4 imports ) <br>> ntoskrnl.exe: RtlValidSecurityDescriptor, RtlCompareMemory, _allmul, ZwClose, PsGetCurrentProcessId, ZwCreateKey, ZwQueryValueKey, ZwOpenKey, KeBugCheckEx, MmMapLockedPagesSpecifyCache, SeCaptureSubjectContext, SeReleaseSubjectContext, RtlTimeToTimeFields, SeAccessCheck, KeInitializeEvent, KeWaitForSingleObject, SeQueryAuthenticationIdToken, LsaFreeReturnBuffer, KeSetEvent, SeMarkLogonSessionForTerminationNotification, sprintf, RtlAnsiStringToUnicodeString, RtlFreeUnicodeString, RtlUpcaseUnicodeChar, strncmp, KeTickCount, memmove, KeQuerySystemTime, ExSystemTimeToLocalTime, ExInitializeResourceLite, ExInitializeNPagedLookasideList, SeRegisterLogonSessionTerminatedRoutine, ExAllocatePoolWithTag, RtlInitUnicodeString, IoGetCurrentProcess, ExFreePool, ExAcquireResourceSharedLite, InterlockedDecrement, InterlockedIncrement, ExFreePoolWithTag, SeUnregisterLogonSessionTerminatedRoutine, ExDeleteNPagedLookasideList, ExDeleteResourceLite, _except_handler3, DbgPrint, KeEnterCriticalRegion, ExAcquireResourceExclusiveLite, ExReleaseResourceLite, KeLeaveCriticalRegion, ZwSetValueKey, ObfDereferenceObject<br>> HAL.dll: KeGetCurrentIrql<br>> FLTMGR.SYS: FltSetCallbackDataDirty, FltSendMessage, FltReissueSynchronousIo, FltAllocateCallbackData, FltPerformSynchronousIo, FltFreeCallbackData, FltGetFileNameInformationUnsafe, FltReferenceContext, FltGetStreamHandleContext, FltGetStreamContext, FltSetStreamHandleContext, FltSetStreamContext, FltAllocateGenericWorkItem, FltQueueGenericWorkItem, FltFreeGenericWorkItem, FltParseFileNameInformation, FltGetVolumeContext, FltReleaseContext, FltGetDestinationFileNameInformation, FltGetVolumeName, FltCancelFileOpen, FltGetRequestorProcessId, FltGetRequestorProcess, FltGetFileNameInformation, FltReleaseFileNameInformation, FltRegisterFilter, FltBuildDefaultSecurityDescriptor, FltCreateCommunicationPort, FltFreeSecurityDescriptor, FltStartFiltering, FltCloseClientPort, FltCloseCommunicationPort, FltUnregisterFilter, FltAllocateContext, FltGetVolumeProperties, FltGetVolumeGuidName, FltSetVolumeContext<br>> ksecdd.sys: GetSecurityUserInfo<br><br>( 0 exports ) <br>
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-
packers (Kaspersky): PE_Patch
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.05.10 -
AhnLab-V3 5.0.0.2 2009.05.09 -
AntiVir 7.9.0.166 2009.05.10 -
Antiy-AVL 2.0.3.1 2009.05.08 -
Authentium 5.1.2.4 2009.05.09 -
Avast 4.8.1335.0 2009.05.09 -
AVG 8.5.0.327 2009.05.10 -
BitDefender 7.2 2009.05.10 -
CAT-QuickHeal 10.00 2009.05.09 -
ClamAV 0.94.1 2009.05.10 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.10 -
eSafe 7.0.17.0 2009.05.10 -
eTrust-Vet 31.6.6497 2009.05.08 -
F-Prot 4.4.4.56 2009.05.09 -
F-Secure 8.0.14470.0 2009.05.09 -
Fortinet 3.117.0.0 2009.05.10 -
GData 19 2009.05.10 -
Ikarus T3.1.1.49.0 2009.05.10 -
K7AntiVirus 7.10.729 2009.05.08 -
Kaspersky 7.0.0.125 2009.05.10 -
McAfee 5611 2009.05.10 -
McAfee+Artemis 5611 2009.05.10 -
McAfee-GW-Edition 6.7.6 2009.05.10 -
Microsoft 1.4602 2009.05.10 -
NOD32 4063 2009.05.08 -
Norman 6.01.05 2009.05.08 -
nProtect 2009.1.8.0 2009.05.10 -
Panda 10.0.0.14 2009.05.10 -
PCTools 4.4.2.0 2009.05.07 -
Prevx 3.0 2009.05.10 -
Rising 21.28.62.00 2009.05.10 -
Sophos 4.41.0 2009.05.10 -
Sunbelt 3.2.1858.2 2009.05.09 -
Symantec 1.4.4.12 2009.05.10 -
TheHacker 6.3.4.1.324 2009.05.09 -
TrendMicro 8.950.0.1092 2009.05.08 -
VBA32 3.12.10.4 2009.05.09 -
ViRobot 2009.5.9.1727 2009.05.09 -
VirusBuster 4.6.5.0 2009.05.10 -
Information additionnelle
File size: 42608 bytes
MD5...: 4490b8bdf38750458eb9b24835fda8fe
SHA1..: 11c5e3a880e3ec17a6c92400c3e79dc71ffe7a40
SHA256: 94c2cefaf97099843169b78d9a4d038674c2bf69816245c49ad0b5218cc03557
SHA512: e58d5f920aba9a2f2c6521d2eafd04b4b8a260e58da345109817d3cf3c2501b6<br>2ca35734972ebf6b6cdf54d7cf7c498ec2c519f7eba96fea18c9f79251b07c9d
ssdeep: 768:hn0aasn9UXMT7/Lw/rbBoaRG4gtgZRIhF0Dc88Ze/NVCwH2s8QkH8LlbFm/:<br>Z0aaM9UXO7/UDbpG46+RIhF0Dc88gVQl<br>
PEiD..: -
TrID..: File type identification<br>Win32 Executable Generic (58.4%)<br>Clipper DOS Executable (13.8%)<br>Generic Win/DOS Executable (13.7%)<br>DOS Executable Generic (13.7%)<br>VXD Driver (0.2%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x74d3<br>timedatestamp.....: 0x47c82c3a (Fri Feb 29 16:00:58 2008)<br>machinetype.......: 0x14c (I386)<br><br>( 6 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x480 0x63e8 0x6400 6.44 2ffa88aa0929ed8f690a96387c724bcc<br>.rdata 0x6880 0x3f4 0x400 3.55 74b442ecef1dd20fb9ffcbdbb6364dd1<br>.data 0x6c80 0x420 0x480 0.21 8e82dcfb8b5d743d8d0a7afdba029b70<br>INIT 0x7100 0xe7c 0xe80 5.77 c884dc28bd64939a64820d52ac07c56d<br>.rsrc 0x7f80 0x618 0x680 3.31 e8481081c8a0e1e774f6afbfbfd6f263<br>.reloc 0x8600 0x680 0x680 6.28 e5a3615b19dc0c93e4c898fc5324ced2<br><br>( 4 imports ) <br>> ntoskrnl.exe: RtlValidSecurityDescriptor, RtlCompareMemory, _allmul, ZwClose, PsGetCurrentProcessId, ZwCreateKey, ZwQueryValueKey, ZwOpenKey, KeBugCheckEx, MmMapLockedPagesSpecifyCache, SeCaptureSubjectContext, SeReleaseSubjectContext, RtlTimeToTimeFields, SeAccessCheck, KeInitializeEvent, KeWaitForSingleObject, SeQueryAuthenticationIdToken, LsaFreeReturnBuffer, KeSetEvent, SeMarkLogonSessionForTerminationNotification, sprintf, RtlAnsiStringToUnicodeString, RtlFreeUnicodeString, RtlUpcaseUnicodeChar, strncmp, KeTickCount, memmove, KeQuerySystemTime, ExSystemTimeToLocalTime, ExInitializeResourceLite, ExInitializeNPagedLookasideList, SeRegisterLogonSessionTerminatedRoutine, ExAllocatePoolWithTag, RtlInitUnicodeString, IoGetCurrentProcess, ExFreePool, ExAcquireResourceSharedLite, InterlockedDecrement, InterlockedIncrement, ExFreePoolWithTag, SeUnregisterLogonSessionTerminatedRoutine, ExDeleteNPagedLookasideList, ExDeleteResourceLite, _except_handler3, DbgPrint, KeEnterCriticalRegion, ExAcquireResourceExclusiveLite, ExReleaseResourceLite, KeLeaveCriticalRegion, ZwSetValueKey, ObfDereferenceObject<br>> HAL.dll: KeGetCurrentIrql<br>> FLTMGR.SYS: FltSetCallbackDataDirty, FltSendMessage, FltReissueSynchronousIo, FltAllocateCallbackData, FltPerformSynchronousIo, FltFreeCallbackData, FltGetFileNameInformationUnsafe, FltReferenceContext, FltGetStreamHandleContext, FltGetStreamContext, FltSetStreamHandleContext, FltSetStreamContext, FltAllocateGenericWorkItem, FltQueueGenericWorkItem, FltFreeGenericWorkItem, FltParseFileNameInformation, FltGetVolumeContext, FltReleaseContext, FltGetDestinationFileNameInformation, FltGetVolumeName, FltCancelFileOpen, FltGetRequestorProcessId, FltGetRequestorProcess, FltGetFileNameInformation, FltReleaseFileNameInformation, FltRegisterFilter, FltBuildDefaultSecurityDescriptor, FltCreateCommunicationPort, FltFreeSecurityDescriptor, FltStartFiltering, FltCloseClientPort, FltCloseCommunicationPort, FltUnregisterFilter, FltAllocateContext, FltGetVolumeProperties, FltGetVolumeGuidName, FltSetVolumeContext<br>> ksecdd.sys: GetSecurityUserInfo<br><br>( 0 exports ) <br>
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-
packers (Kaspersky): PE_Patch
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.05.10 -
AhnLab-V3 5.0.0.2 2009.05.09 -
AntiVir 7.9.0.166 2009.05.10 -
Antiy-AVL 2.0.3.1 2009.05.08 -
Authentium 5.1.2.4 2009.05.09 -
Avast 4.8.1335.0 2009.05.09 -
AVG 8.5.0.327 2009.05.10 -
BitDefender 7.2 2009.05.10 -
CAT-QuickHeal 10.00 2009.05.09 -
ClamAV 0.94.1 2009.05.10 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.10 -
eSafe 7.0.17.0 2009.05.10 -
eTrust-Vet 31.6.6497 2009.05.08 -
F-Prot 4.4.4.56 2009.05.09 -
F-Secure 8.0.14470.0 2009.05.09 -
Fortinet 3.117.0.0 2009.05.10 -
GData 19 2009.05.10 -
Ikarus T3.1.1.49.0 2009.05.10 -
K7AntiVirus 7.10.729 2009.05.08 -
Kaspersky 7.0.0.125 2009.05.10 -
McAfee 5611 2009.05.10 -
McAfee+Artemis 5611 2009.05.10 -
McAfee-GW-Edition 6.7.6 2009.05.10 -
Microsoft 1.4602 2009.05.10 -
NOD32 4063 2009.05.08 -
Norman 6.01.05 2009.05.08 -
nProtect 2009.1.8.0 2009.05.10 -
Panda 10.0.0.14 2009.05.10 -
PCTools 4.4.2.0 2009.05.07 -
Prevx 3.0 2009.05.10 -
Rising 21.28.62.00 2009.05.10 -
Sophos 4.41.0 2009.05.10 -
Sunbelt 3.2.1858.2 2009.05.09 -
Symantec 1.4.4.12 2009.05.10 -
TheHacker 6.3.4.1.324 2009.05.09 -
TrendMicro 8.950.0.1092 2009.05.08 -
VBA32 3.12.10.4 2009.05.09 -
ViRobot 2009.5.9.1727 2009.05.09 -
VirusBuster 4.6.5.0 2009.05.10 -
Information additionnelle
File size: 42608 bytes
MD5...: 4490b8bdf38750458eb9b24835fda8fe
SHA1..: 11c5e3a880e3ec17a6c92400c3e79dc71ffe7a40
SHA256: 94c2cefaf97099843169b78d9a4d038674c2bf69816245c49ad0b5218cc03557
SHA512: e58d5f920aba9a2f2c6521d2eafd04b4b8a260e58da345109817d3cf3c2501b6<br>2ca35734972ebf6b6cdf54d7cf7c498ec2c519f7eba96fea18c9f79251b07c9d
ssdeep: 768:hn0aasn9UXMT7/Lw/rbBoaRG4gtgZRIhF0Dc88Ze/NVCwH2s8QkH8LlbFm/:<br>Z0aaM9UXO7/UDbpG46+RIhF0Dc88gVQl<br>
PEiD..: -
TrID..: File type identification<br>Win32 Executable Generic (58.4%)<br>Clipper DOS Executable (13.8%)<br>Generic Win/DOS Executable (13.7%)<br>DOS Executable Generic (13.7%)<br>VXD Driver (0.2%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x74d3<br>timedatestamp.....: 0x47c82c3a (Fri Feb 29 16:00:58 2008)<br>machinetype.......: 0x14c (I386)<br><br>( 6 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x480 0x63e8 0x6400 6.44 2ffa88aa0929ed8f690a96387c724bcc<br>.rdata 0x6880 0x3f4 0x400 3.55 74b442ecef1dd20fb9ffcbdbb6364dd1<br>.data 0x6c80 0x420 0x480 0.21 8e82dcfb8b5d743d8d0a7afdba029b70<br>INIT 0x7100 0xe7c 0xe80 5.77 c884dc28bd64939a64820d52ac07c56d<br>.rsrc 0x7f80 0x618 0x680 3.31 e8481081c8a0e1e774f6afbfbfd6f263<br>.reloc 0x8600 0x680 0x680 6.28 e5a3615b19dc0c93e4c898fc5324ced2<br><br>( 4 imports ) <br>> ntoskrnl.exe: RtlValidSecurityDescriptor, RtlCompareMemory, _allmul, ZwClose, PsGetCurrentProcessId, ZwCreateKey, ZwQueryValueKey, ZwOpenKey, KeBugCheckEx, MmMapLockedPagesSpecifyCache, SeCaptureSubjectContext, SeReleaseSubjectContext, RtlTimeToTimeFields, SeAccessCheck, KeInitializeEvent, KeWaitForSingleObject, SeQueryAuthenticationIdToken, LsaFreeReturnBuffer, KeSetEvent, SeMarkLogonSessionForTerminationNotification, sprintf, RtlAnsiStringToUnicodeString, RtlFreeUnicodeString, RtlUpcaseUnicodeChar, strncmp, KeTickCount, memmove, KeQuerySystemTime, ExSystemTimeToLocalTime, ExInitializeResourceLite, ExInitializeNPagedLookasideList, SeRegisterLogonSessionTerminatedRoutine, ExAllocatePoolWithTag, RtlInitUnicodeString, IoGetCurrentProcess, ExFreePool, ExAcquireResourceSharedLite, InterlockedDecrement, InterlockedIncrement, ExFreePoolWithTag, SeUnregisterLogonSessionTerminatedRoutine, ExDeleteNPagedLookasideList, ExDeleteResourceLite, _except_handler3, DbgPrint, KeEnterCriticalRegion, ExAcquireResourceExclusiveLite, ExReleaseResourceLite, KeLeaveCriticalRegion, ZwSetValueKey, ObfDereferenceObject<br>> HAL.dll: KeGetCurrentIrql<br>> FLTMGR.SYS: FltSetCallbackDataDirty, FltSendMessage, FltReissueSynchronousIo, FltAllocateCallbackData, FltPerformSynchronousIo, FltFreeCallbackData, FltGetFileNameInformationUnsafe, FltReferenceContext, FltGetStreamHandleContext, FltGetStreamContext, FltSetStreamHandleContext, FltSetStreamContext, FltAllocateGenericWorkItem, FltQueueGenericWorkItem, FltFreeGenericWorkItem, FltParseFileNameInformation, FltGetVolumeContext, FltReleaseContext, FltGetDestinationFileNameInformation, FltGetVolumeName, FltCancelFileOpen, FltGetRequestorProcessId, FltGetRequestorProcess, FltGetFileNameInformation, FltReleaseFileNameInformation, FltRegisterFilter, FltBuildDefaultSecurityDescriptor, FltCreateCommunicationPort, FltFreeSecurityDescriptor, FltStartFiltering, FltCloseClientPort, FltCloseCommunicationPort, FltUnregisterFilter, FltAllocateContext, FltGetVolumeProperties, FltGetVolumeGuidName, FltSetVolumeContext<br>> ksecdd.sys: GetSecurityUserInfo<br><br>( 0 exports ) <br>
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-
packers (Kaspersky): PE_Patch
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.05.10 -
AhnLab-V3 5.0.0.2 2009.05.09 -
AntiVir 7.9.0.166 2009.05.10 -
Antiy-AVL 2.0.3.1 2009.05.08 -
Authentium 5.1.2.4 2009.05.09 -
Avast 4.8.1335.0 2009.05.09 -
AVG 8.5.0.327 2009.05.10 -
BitDefender 7.2 2009.05.10 -
CAT-QuickHeal 10.00 2009.05.09 -
ClamAV 0.94.1 2009.05.10 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.10 -
eSafe 7.0.17.0 2009.05.10 -
eTrust-Vet 31.6.6497 2009.05.08 -
F-Prot 4.4.4.56 2009.05.09 -
F-Secure 8.0.14470.0 2009.05.09 -
Fortinet 3.117.0.0 2009.05.10 -
GData 19 2009.05.10 -
Ikarus T3.1.1.49.0 2009.05.10 -
K7AntiVirus 7.10.729 2009.05.08 -
Kaspersky 7.0.0.125 2009.05.10 -
McAfee 5611 2009.05.10 -
McAfee+Artemis 5611 2009.05.10 -
McAfee-GW-Edition 6.7.6 2009.05.10 -
Microsoft 1.4602 2009.05.10 -
NOD32 4063 2009.05.08 -
Norman 6.01.05 2009.05.08 -
nProtect 2009.1.8.0 2009.05.10 -
Panda 10.0.0.14 2009.05.10 -
PCTools 4.4.2.0 2009.05.07 -
Prevx 3.0 2009.05.10 -
Rising 21.28.62.00 2009.05.10 -
Sophos 4.41.0 2009.05.10 -
Sunbelt 3.2.1858.2 2009.05.09 -
Symantec 1.4.4.12 2009.05.10 -
TheHacker 6.3.4.1.324 2009.05.09 -
TrendMicro 8.950.0.1092 2009.05.08 -
VBA32 3.12.10.4 2009.05.09 -
ViRobot 2009.5.9.1727 2009.05.09 -
VirusBuster 4.6.5.0 2009.05.10 -
Information additionnelle
File size: 42608 bytes
MD5...: 4490b8bdf38750458eb9b24835fda8fe
SHA1..: 11c5e3a880e3ec17a6c92400c3e79dc71ffe7a40
SHA256: 94c2cefaf97099843169b78d9a4d038674c2bf69816245c49ad0b5218cc03557
SHA512: e58d5f920aba9a2f2c6521d2eafd04b4b8a260e58da345109817d3cf3c2501b6<br>2ca35734972ebf6b6cdf54d7cf7c498ec2c519f7eba96fea18c9f79251b07c9d
ssdeep: 768:hn0aasn9UXMT7/Lw/rbBoaRG4gtgZRIhF0Dc88Ze/NVCwH2s8QkH8LlbFm/:<br>Z0aaM9UXO7/UDbpG46+RIhF0Dc88gVQl<br>
PEiD..: -
TrID..: File type identification<br>Win32 Executable Generic (58.4%)<br>Clipper DOS Executable (13.8%)<br>Generic Win/DOS Executable (13.7%)<br>DOS Executable Generic (13.7%)<br>VXD Driver (0.2%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x74d3<br>timedatestamp.....: 0x47c82c3a (Fri Feb 29 16:00:58 2008)<br>machinetype.......: 0x14c (I386)<br><br>( 6 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x480 0x63e8 0x6400 6.44 2ffa88aa0929ed8f690a96387c724bcc<br>.rdata 0x6880 0x3f4 0x400 3.55 74b442ecef1dd20fb9ffcbdbb6364dd1<br>.data 0x6c80 0x420 0x480 0.21 8e82dcfb8b5d743d8d0a7afdba029b70<br>INIT 0x7100 0xe7c 0xe80 5.77 c884dc28bd64939a64820d52ac07c56d<br>.rsrc 0x7f80 0x618 0x680 3.31 e8481081c8a0e1e774f6afbfbfd6f263<br>.reloc 0x8600 0x680 0x680 6.28 e5a3615b19dc0c93e4c898fc5324ced2<br><br>( 4 imports ) <br>> ntoskrnl.exe: RtlValidSecurityDescriptor, RtlCompareMemory, _allmul, ZwClose, PsGetCurrentProcessId, ZwCreateKey, ZwQueryValueKey, ZwOpenKey, KeBugCheckEx, MmMapLockedPagesSpecifyCache, SeCaptureSubjectContext, SeReleaseSubjectContext, RtlTimeToTimeFields, SeAccessCheck, KeInitializeEvent, KeWaitForSingleObject, SeQueryAuthenticationIdToken, LsaFreeReturnBuffer, KeSetEvent, SeMarkLogonSessionForTerminationNotification, sprintf, RtlAnsiStringToUnicodeString, RtlFreeUnicodeString, RtlUpcaseUnicodeChar, strncmp, KeTickCount, memmove, KeQuerySystemTime, ExSystemTimeToLocalTime, ExInitializeResourceLite, ExInitializeNPagedLookasideList, SeRegisterLogonSessionTerminatedRoutine, ExAllocatePoolWithTag, RtlInitUnicodeString, IoGetCurrentProcess, ExFreePool, ExAcquireResourceSharedLite, InterlockedDecrement, InterlockedIncrement, ExFreePoolWithTag, SeUnregisterLogonSessionTerminatedRoutine, ExDeleteNPagedLookasideList, ExDeleteResourceLite, _except_handler3, DbgPrint, KeEnterCriticalRegion, ExAcquireResourceExclusiveLite, ExReleaseResourceLite, KeLeaveCriticalRegion, ZwSetValueKey, ObfDereferenceObject<br>> HAL.dll: KeGetCurrentIrql<br>> FLTMGR.SYS: FltSetCallbackDataDirty, FltSendMessage, FltReissueSynchronousIo, FltAllocateCallbackData, FltPerformSynchronousIo, FltFreeCallbackData, FltGetFileNameInformationUnsafe, FltReferenceContext, FltGetStreamHandleContext, FltGetStreamContext, FltSetStreamHandleContext, FltSetStreamContext, FltAllocateGenericWorkItem, FltQueueGenericWorkItem, FltFreeGenericWorkItem, FltParseFileNameInformation, FltGetVolumeContext, FltReleaseContext, FltGetDestinationFileNameInformation, FltGetVolumeName, FltCancelFileOpen, FltGetRequestorProcessId, FltGetRequestorProcess, FltGetFileNameInformation, FltReleaseFileNameInformation, FltRegisterFilter, FltBuildDefaultSecurityDescriptor, FltCreateCommunicationPort, FltFreeSecurityDescriptor, FltStartFiltering, FltCloseClientPort, FltCloseCommunicationPort, FltUnregisterFilter, FltAllocateContext, FltGetVolumeProperties, FltGetVolumeGuidName, FltSetVolumeContext<br>> ksecdd.sys: GetSecurityUserInfo<br><br>( 0 exports ) <br>
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-
packers (Kaspersky): PE_Patch
Fichier int15.sys reçu le 2009.05.10 20:01:12 (CET)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.05.10 -
AhnLab-V3 5.0.0.2 2009.05.09 -
AntiVir 7.9.0.166 2009.05.10 -
Antiy-AVL 2.0.3.1 2009.05.08 -
Authentium 5.1.2.4 2009.05.09 -
Avast 4.8.1335.0 2009.05.09 -
AVG 8.5.0.327 2009.05.10 -
BitDefender 7.2 2009.05.10 -
CAT-QuickHeal 10.00 2009.05.09 -
ClamAV 0.94.1 2009.05.10 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.10 -
eSafe 7.0.17.0 2009.05.10 -
eTrust-Vet 31.6.6497 2009.05.08 -
F-Prot 4.4.4.56 2009.05.09 -
F-Secure 8.0.14470.0 2009.05.09 -
Fortinet 3.117.0.0 2009.05.10 -
GData 19 2009.05.10 -
Ikarus T3.1.1.49.0 2009.05.10 -
K7AntiVirus 7.10.729 2009.05.08 -
Kaspersky 7.0.0.125 2009.05.10 -
McAfee 5611 2009.05.10 -
McAfee+Artemis 5611 2009.05.10 -
McAfee-GW-Edition 6.7.6 2009.05.10 -
Microsoft 1.4602 2009.05.10 -
NOD32 4063 2009.05.08 -
Norman 6.01.05 2009.05.08 -
nProtect 2009.1.8.0 2009.05.10 -
Panda 10.0.0.14 2009.05.10 -
PCTools 4.4.2.0 2009.05.07 -
Prevx 3.0 2009.05.10 -
Rising 21.28.62.00 2009.05.10 -
Sophos 4.41.0 2009.05.10 -
Sunbelt 3.2.1858.2 2009.05.09 -
Symantec 1.4.4.12 2009.05.10 -
TheHacker 6.3.4.1.324 2009.05.09 -
TrendMicro 8.950.0.1092 2009.05.08 -
VBA32 3.12.10.4 2009.05.09 -
ViRobot 2009.5.9.1727 2009.05.09 -
VirusBuster 4.6.5.0 2009.05.10 -
Information additionnelle
File size: 69632 bytes
MD5...: 4d8d5b1c895ea0f2a721b98a7ce198f1
SHA1..: dd77f613bde9a7319bd43e04512e64344262bcb7
SHA256: a7bb7060b9c5353a5edd18ee5a0950ee94e44b1b686f110f0e5bfa432d743dd1
SHA512: c0dd281450bb9384e2c7cfb12f9df8697cf2308b0b149d09279ec2a04bab41f3<br>24485edc99aaf2a604daa1d651501947871bd9b067bb65e439a92899db092054
ssdeep: 48:iiynX9MIOBjBz21TcJB0a7VK60NlhwclT8p51+ZDb5inGiTVyBwuQVrrSfGBP<br>Rr5:t8dOtlCck4AVM1+DcGTBwuQ461dn<br>
PEiD..: -
TrID..: File type identification<br>Generic Win/DOS Executable (49.9%)<br>DOS Executable Generic (49.8%)<br>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x300<br>timedatestamp.....: 0x3f7a664d (Wed Oct 01 05:29:49 2003)<br>machinetype.......: 0x14c (I386)<br><br>( 5 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x300 0x87a 0x880 6.18 d1ce012629819b91faf50e6dd74cb29e<br>.rdata 0xb80 0x83 0x100 2.84 1888efe992e0b9db0369ee91c4acc4cc<br>.data 0xc80 0x10068 0x10080 0.01 fd66baf61740aa710e01b21f3d36d627<br>INIT 0x10d00 0x12a 0x180 4.07 eb3e2f28599e24cb291e430770aa3051<br>.reloc 0x10e80 0x156 0x180 2.56 3128fb23b56dd8341d7fd9652dc59ba1<br><br>( 1 imports ) <br>> ntoskrnl.exe: IofCompleteRequest, IoDeleteDevice, IoDeleteSymbolicLink, RtlInitUnicodeString, MmFreeNonCachedMemory, DbgPrint, MmUnmapIoSpace, MmMapIoSpace, IoCreateSymbolicLink, IoCreateDevice<br><br>( 0 exports ) <br>
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=4d8d5b1c895ea0f2a721b98a7ce198f1' target='_blank'>http://research.sunbelt-software.com/...
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.05.10 -
AhnLab-V3 5.0.0.2 2009.05.09 -
AntiVir 7.9.0.166 2009.05.10 -
Antiy-AVL 2.0.3.1 2009.05.08 -
Authentium 5.1.2.4 2009.05.09 -
Avast 4.8.1335.0 2009.05.09 -
AVG 8.5.0.327 2009.05.10 -
BitDefender 7.2 2009.05.10 -
CAT-QuickHeal 10.00 2009.05.09 -
ClamAV 0.94.1 2009.05.10 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.10 -
eSafe 7.0.17.0 2009.05.10 -
eTrust-Vet 31.6.6497 2009.05.08 -
F-Prot 4.4.4.56 2009.05.09 -
F-Secure 8.0.14470.0 2009.05.09 -
Fortinet 3.117.0.0 2009.05.10 -
GData 19 2009.05.10 -
Ikarus T3.1.1.49.0 2009.05.10 -
K7AntiVirus 7.10.729 2009.05.08 -
Kaspersky 7.0.0.125 2009.05.10 -
McAfee 5611 2009.05.10 -
McAfee+Artemis 5611 2009.05.10 -
McAfee-GW-Edition 6.7.6 2009.05.10 -
Microsoft 1.4602 2009.05.10 -
NOD32 4063 2009.05.08 -
Norman 6.01.05 2009.05.08 -
nProtect 2009.1.8.0 2009.05.10 -
Panda 10.0.0.14 2009.05.10 -
PCTools 4.4.2.0 2009.05.07 -
Prevx 3.0 2009.05.10 -
Rising 21.28.62.00 2009.05.10 -
Sophos 4.41.0 2009.05.10 -
Sunbelt 3.2.1858.2 2009.05.09 -
Symantec 1.4.4.12 2009.05.10 -
TheHacker 6.3.4.1.324 2009.05.09 -
TrendMicro 8.950.0.1092 2009.05.08 -
VBA32 3.12.10.4 2009.05.09 -
ViRobot 2009.5.9.1727 2009.05.09 -
VirusBuster 4.6.5.0 2009.05.10 -
Information additionnelle
File size: 69632 bytes
MD5...: 4d8d5b1c895ea0f2a721b98a7ce198f1
SHA1..: dd77f613bde9a7319bd43e04512e64344262bcb7
SHA256: a7bb7060b9c5353a5edd18ee5a0950ee94e44b1b686f110f0e5bfa432d743dd1
SHA512: c0dd281450bb9384e2c7cfb12f9df8697cf2308b0b149d09279ec2a04bab41f3<br>24485edc99aaf2a604daa1d651501947871bd9b067bb65e439a92899db092054
ssdeep: 48:iiynX9MIOBjBz21TcJB0a7VK60NlhwclT8p51+ZDb5inGiTVyBwuQVrrSfGBP<br>Rr5:t8dOtlCck4AVM1+DcGTBwuQ461dn<br>
PEiD..: -
TrID..: File type identification<br>Generic Win/DOS Executable (49.9%)<br>DOS Executable Generic (49.8%)<br>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x300<br>timedatestamp.....: 0x3f7a664d (Wed Oct 01 05:29:49 2003)<br>machinetype.......: 0x14c (I386)<br><br>( 5 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x300 0x87a 0x880 6.18 d1ce012629819b91faf50e6dd74cb29e<br>.rdata 0xb80 0x83 0x100 2.84 1888efe992e0b9db0369ee91c4acc4cc<br>.data 0xc80 0x10068 0x10080 0.01 fd66baf61740aa710e01b21f3d36d627<br>INIT 0x10d00 0x12a 0x180 4.07 eb3e2f28599e24cb291e430770aa3051<br>.reloc 0x10e80 0x156 0x180 2.56 3128fb23b56dd8341d7fd9652dc59ba1<br><br>( 1 imports ) <br>> ntoskrnl.exe: IofCompleteRequest, IoDeleteDevice, IoDeleteSymbolicLink, RtlInitUnicodeString, MmFreeNonCachedMemory, DbgPrint, MmUnmapIoSpace, MmMapIoSpace, IoCreateSymbolicLink, IoCreateDevice<br><br>( 0 exports ) <br>
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=4d8d5b1c895ea0f2a721b98a7ce198f1' target='_blank'>http://research.sunbelt-software.com/...
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.05.10 -
AhnLab-V3 5.0.0.2 2009.05.09 -
AntiVir 7.9.0.166 2009.05.10 -
Antiy-AVL 2.0.3.1 2009.05.08 -
Authentium 5.1.2.4 2009.05.09 -
Avast 4.8.1335.0 2009.05.09 -
AVG 8.5.0.327 2009.05.10 -
BitDefender 7.2 2009.05.10 -
CAT-QuickHeal 10.00 2009.05.09 -
ClamAV 0.94.1 2009.05.10 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.10 -
eSafe 7.0.17.0 2009.05.10 -
eTrust-Vet 31.6.6497 2009.05.08 -
F-Prot 4.4.4.56 2009.05.09 -
F-Secure 8.0.14470.0 2009.05.09 -
Fortinet 3.117.0.0 2009.05.10 -
GData 19 2009.05.10 -
Ikarus T3.1.1.49.0 2009.05.10 -
K7AntiVirus 7.10.729 2009.05.08 -
Kaspersky 7.0.0.125 2009.05.10 -
McAfee 5611 2009.05.10 -
McAfee+Artemis 5611 2009.05.10 -
McAfee-GW-Edition 6.7.6 2009.05.10 -
Microsoft 1.4602 2009.05.10 -
NOD32 4063 2009.05.08 -
Norman 6.01.05 2009.05.08 -
nProtect 2009.1.8.0 2009.05.10 -
Panda 10.0.0.14 2009.05.10 -
PCTools 4.4.2.0 2009.05.07 -
Prevx 3.0 2009.05.10 -
Rising 21.28.62.00 2009.05.10 -
Sophos 4.41.0 2009.05.10 -
Sunbelt 3.2.1858.2 2009.05.09 -
Symantec 1.4.4.12 2009.05.10 -
TheHacker 6.3.4.1.324 2009.05.09 -
TrendMicro 8.950.0.1092 2009.05.08 -
VBA32 3.12.10.4 2009.05.09 -
ViRobot 2009.5.9.1727 2009.05.09 -
VirusBuster 4.6.5.0 2009.05.10 -
Information additionnelle
File size: 69632 bytes
MD5...: 4d8d5b1c895ea0f2a721b98a7ce198f1
SHA1..: dd77f613bde9a7319bd43e04512e64344262bcb7
SHA256: a7bb7060b9c5353a5edd18ee5a0950ee94e44b1b686f110f0e5bfa432d743dd1
SHA512: c0dd281450bb9384e2c7cfb12f9df8697cf2308b0b149d09279ec2a04bab41f3<br>24485edc99aaf2a604daa1d651501947871bd9b067bb65e439a92899db092054
ssdeep: 48:iiynX9MIOBjBz21TcJB0a7VK60NlhwclT8p51+ZDb5inGiTVyBwuQVrrSfGBP<br>Rr5:t8dOtlCck4AVM1+DcGTBwuQ461dn<br>
PEiD..: -
TrID..: File type identification<br>Generic Win/DOS Executable (49.9%)<br>DOS Executable Generic (49.8%)<br>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x300<br>timedatestamp.....: 0x3f7a664d (Wed Oct 01 05:29:49 2003)<br>machinetype.......: 0x14c (I386)<br><br>( 5 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x300 0x87a 0x880 6.18 d1ce012629819b91faf50e6dd74cb29e<br>.rdata 0xb80 0x83 0x100 2.84 1888efe992e0b9db0369ee91c4acc4cc<br>.data 0xc80 0x10068 0x10080 0.01 fd66baf61740aa710e01b21f3d36d627<br>INIT 0x10d00 0x12a 0x180 4.07 eb3e2f28599e24cb291e430770aa3051<br>.reloc 0x10e80 0x156 0x180 2.56 3128fb23b56dd8341d7fd9652dc59ba1<br><br>( 1 imports ) <br>> ntoskrnl.exe: IofCompleteRequest, IoDeleteDevice, IoDeleteSymbolicLink, RtlInitUnicodeString, MmFreeNonCachedMemory, DbgPrint, MmUnmapIoSpace, MmMapIoSpace, IoCreateSymbolicLink, IoCreateDevice<br><br>( 0 exports ) <br>
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=4d8d5b1c895ea0f2a721b98a7ce198f1' target='_blank'>http://research.sunbelt-software.com/...
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.05.10 -
AhnLab-V3 5.0.0.2 2009.05.09 -
AntiVir 7.9.0.166 2009.05.10 -
Antiy-AVL 2.0.3.1 2009.05.08 -
Authentium 5.1.2.4 2009.05.09 -
Avast 4.8.1335.0 2009.05.09 -
AVG 8.5.0.327 2009.05.10 -
BitDefender 7.2 2009.05.10 -
CAT-QuickHeal 10.00 2009.05.09 -
ClamAV 0.94.1 2009.05.10 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.10 -
eSafe 7.0.17.0 2009.05.10 -
eTrust-Vet 31.6.6497 2009.05.08 -
F-Prot 4.4.4.56 2009.05.09 -
F-Secure 8.0.14470.0 2009.05.09 -
Fortinet 3.117.0.0 2009.05.10 -
GData 19 2009.05.10 -
Ikarus T3.1.1.49.0 2009.05.10 -
K7AntiVirus 7.10.729 2009.05.08 -
Kaspersky 7.0.0.125 2009.05.10 -
McAfee 5611 2009.05.10 -
McAfee+Artemis 5611 2009.05.10 -
McAfee-GW-Edition 6.7.6 2009.05.10 -
Microsoft 1.4602 2009.05.10 -
NOD32 4063 2009.05.08 -
Norman 6.01.05 2009.05.08 -
nProtect 2009.1.8.0 2009.05.10 -
Panda 10.0.0.14 2009.05.10 -
PCTools 4.4.2.0 2009.05.07 -
Prevx 3.0 2009.05.10 -
Rising 21.28.62.00 2009.05.10 -
Sophos 4.41.0 2009.05.10 -
Sunbelt 3.2.1858.2 2009.05.09 -
Symantec 1.4.4.12 2009.05.10 -
TheHacker 6.3.4.1.324 2009.05.09 -
TrendMicro 8.950.0.1092 2009.05.08 -
VBA32 3.12.10.4 2009.05.09 -
ViRobot 2009.5.9.1727 2009.05.09 -
VirusBuster 4.6.5.0 2009.05.10 -
Information additionnelle
File size: 69632 bytes
MD5...: 4d8d5b1c895ea0f2a721b98a7ce198f1
SHA1..: dd77f613bde9a7319bd43e04512e64344262bcb7
SHA256: a7bb7060b9c5353a5edd18ee5a0950ee94e44b1b686f110f0e5bfa432d743dd1
SHA512: c0dd281450bb9384e2c7cfb12f9df8697cf2308b0b149d09279ec2a04bab41f3<br>24485edc99aaf2a604daa1d651501947871bd9b067bb65e439a92899db092054
ssdeep: 48:iiynX9MIOBjBz21TcJB0a7VK60NlhwclT8p51+ZDb5inGiTVyBwuQVrrSfGBP<br>Rr5:t8dOtlCck4AVM1+DcGTBwuQ461dn<br>
PEiD..: -
TrID..: File type identification<br>Generic Win/DOS Executable (49.9%)<br>DOS Executable Generic (49.8%)<br>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x300<br>timedatestamp.....: 0x3f7a664d (Wed Oct 01 05:29:49 2003)<br>machinetype.......: 0x14c (I386)<br><br>( 5 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x300 0x87a 0x880 6.18 d1ce012629819b91faf50e6dd74cb29e<br>.rdata 0xb80 0x83 0x100 2.84 1888efe992e0b9db0369ee91c4acc4cc<br>.data 0xc80 0x10068 0x10080 0.01 fd66baf61740aa710e01b21f3d36d627<br>INIT 0x10d00 0x12a 0x180 4.07 eb3e2f28599e24cb291e430770aa3051<br>.reloc 0x10e80 0x156 0x180 2.56 3128fb23b56dd8341d7fd9652dc59ba1<br><br>( 1 imports ) <br>> ntoskrnl.exe: IofCompleteRequest, IoDeleteDevice, IoDeleteSymbolicLink, RtlInitUnicodeString, MmFreeNonCachedMemory, DbgPrint, MmUnmapIoSpace, MmMapIoSpace, IoCreateSymbolicLink, IoCreateDevice<br><br>( 0 exports ) <br>
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=4d8d5b1c895ea0f2a721b98a7ce198f1' target='_blank'>http://research.sunbelt-software.com/...
Utilisateur anonyme
10 mai 2009 à 20:52
10 mai 2009 à 20:52
supprime l autorun(646).inf
tu télécharge LOP S&D sur ton Bureau.
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
tu télécharge LOP S&D sur ton Bureau.
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz )
BIOS : ZK2 v0.3121 3A21
USER : alain ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:144 Go (Free:79 Go)
D:\ (Local Disk) - NTFS - Total:140 Go (Free:62 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (USB) - FAT32 - Total:3868 Mo (Free:3 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 10/05/2009|20:54 )
[ UAC => 0 ]
--------------------\\ Listing des dossiers dans Local
[11/05/2009|02:20] C:\Users\alain\AppData\Local\{02D6B647-B652-4FF2-875E-268CD3382FB2}
[25/12/2008|01:41] C:\Users\alain\AppData\Local\Acer Arcade Deluxe
[12/01/2009|18:56] C:\Users\alain\AppData\Local\Adobe
[04/12/2008|18:00] C:\Users\alain\AppData\Local\Application Data
[25/12/2008|01:41] C:\Users\alain\AppData\Local\CyberLink
[08/04/2009|10:45] C:\Users\alain\AppData\Local\d3d9caps.dat
[07/05/2009|22:22] C:\Users\alain\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[25/12/2008|03:04] C:\Users\alain\AppData\Local\eMule
[06/05/2009|00:34] C:\Users\alain\AppData\Local\Google
[04/12/2008|18:00] C:\Users\alain\AppData\Local\Historique
[10/05/2009|14:27] C:\Users\alain\AppData\Local\IconCache.db
[03/05/2009|18:12] C:\Users\alain\AppData\Local\IM
[07/03/2009|21:47] C:\Users\alain\AppData\Local\Microsoft
[07/01/2009|10:19] C:\Users\alain\AppData\Local\Microsoft Games
[26/12/2008|23:27] C:\Users\alain\AppData\Local\Microsoft Help
[25/12/2008|01:00] C:\Users\alain\AppData\Local\MigWiz
[26/12/2008|02:05] C:\Users\alain\AppData\Local\Moodysoft
[25/12/2008|03:12] C:\Users\alain\AppData\Local\Mozilla
[05/05/2009|17:19] C:\Users\alain\AppData\Local\Nikon
[23/04/2009|18:30] C:\Users\alain\AppData\Local\Pando
[11/05/2009|02:20] C:\Users\alain\AppData\Local\PlayMovie
[11/05/2009|02:20] C:\Users\alain\AppData\Local\PokerStars
[11/05/2009|02:20] C:\Users\alain\AppData\Local\PokerStars.NET
[11/05/2009|02:20] C:\Users\alain\AppData\Local\PowerCinema
[11/05/2009|02:20] C:\Users\alain\AppData\Local\SoftDMA
[10/05/2009|20:53] C:\Users\alain\AppData\Local\Temp
[04/12/2008|18:00] C:\Users\alain\AppData\Local\Temporary Internet Files
[03/05/2009|19:07] C:\Users\alain\AppData\Local\Thunderbird
[25/12/2008|13:43] C:\Users\alain\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[07/05/2009 16:58][--a------] C:\Windows\tasks\Ad-Aware Update (Weekly).job
[10/05/2009 16:28][--a------] C:\Windows\tasks\GoogleUpdateTaskMachine.job
[10/05/2009 16:31][--a------] C:\Windows\tasks\Google Software Updater.job
[10/05/2009 16:28][--ah-----] C:\Windows\tasks\SA.DAT
[08/05/2009 09:01][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[25/07/2008|15:22] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[01/01/2009|22:09] C:\ProgramData\Adobe
[02/11/2006|15:02] C:\ProgramData\Application Data
[11/10/2008|02:54] C:\ProgramData\ArcadeDeluxe2.log
[27/04/2009|15:53] C:\ProgramData\Avira
[04/12/2008|17:56] C:\ProgramData\Bureau
[07/04/2009|10:58] C:\ProgramData\CyberLink
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[25/12/2008|04:35] C:\ProgramData\eMule
[05/05/2009|17:27] C:\ProgramData\EnterNHelp
[25/12/2008|01:49] C:\ProgramData\eSobi
[04/12/2008|17:56] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[11/05/2009|02:20] C:\ProgramData\FLEXnet
[25/07/2008|15:05] C:\ProgramData\FloodLightGames
[25/12/2008|01:17] C:\ProgramData\Google
[10/05/2009|16:31] C:\ProgramData\Google Updater
[03/05/2009|18:11] C:\ProgramData\IM
[03/05/2009|18:09] C:\ProgramData\IncrediMail
[07/01/2009|20:26] C:\ProgramData\KONAMI
[27/04/2009|13:04] C:\ProgramData\Lavasoft
[27/04/2009|14:18] C:\ProgramData\ma-config.com
[27/04/2009|14:23] C:\ProgramData\Malwarebytes
[05/03/2009|11:14] C:\ProgramData\McAfee
[04/12/2008|17:56] C:\ProgramData\Menu D‚marrer
[07/05/2009|03:40] C:\ProgramData\Messenger Plus!
[14/03/2009|00:59] C:\ProgramData\Microsoft
[04/05/2009|03:01] C:\ProgramData\Microsoft Help
[04/12/2008|17:56] C:\ProgramData\ModŠles
[29/03/2009|15:28] C:\ProgramData\Motive
[02/02/2009|19:43] C:\ProgramData\NCH Software
[02/02/2009|19:41] C:\ProgramData\NCH Swift Sound
[05/05/2009|17:28] C:\ProgramData\Nikon
[25/12/2008|16:00] C:\ProgramData\NOS
[25/12/2008|19:52] C:\ProgramData\ntuser.pol
[11/10/2008|03:05] C:\ProgramData\NVIDIA
[10/05/2009|16:29] C:\ProgramData\nvModes.001
[09/05/2009|23:31] C:\ProgramData\nvModes.dat
[07/05/2009|18:31] C:\ProgramData\PKP_DLbx.DAT
[07/05/2009|18:06] C:\ProgramData\PKP_DLdu.DAT
[05/05/2009|17:27] C:\ProgramData\Pop Kit
[05/05/2009|17:27] C:\ProgramData\Profiles
[26/12/2008|11:10] C:\ProgramData\SiteAdvisor
[29/03/2009|17:46] C:\ProgramData\Sports Interactive
[02/11/2006|15:02] C:\ProgramData\Start Menu
[05/05/2009|17:19] C:\ProgramData\Sync Services
[24/03/2009|10:47] C:\ProgramData\Temp
[02/11/2006|15:02] C:\ProgramData\Templates
[11/10/2008|02:48] C:\ProgramData\UIB
[05/05/2009|17:27] C:\ProgramData\Ultima_T15
[05/05/2009|17:19] C:\ProgramData\Widgets
[02/01/2009|18:29] C:\ProgramData\WindowsSearch
[25/12/2008|02:39] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[25/12/2008|01:35] C:\Program Files\Acer
[11/10/2008|02:54] C:\Program Files\Acer Arcade Deluxe
[25/12/2008|01:52] C:\Program Files\Acer GameZone
[11/10/2008|02:39] C:\Program Files\Acer Inc
[11/10/2008|03:01] C:\Program Files\Acer Incorporated
[25/07/2008|15:22] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[15/02/2009|22:18] C:\Program Files\Adobe
[25/12/2008|02:56] C:\Program Files\Adobe1
[26/12/2008|11:52] C:\Program Files\Alcohol Soft
[14/03/2009|00:50] C:\Program Files\Alwil Software
[19/04/2009|04:30] C:\Program Files\Audacity
[27/04/2009|15:53] C:\Program Files\Avira
[25/12/2008|20:08] C:\Program Files\AviSynth 2.5
[27/12/2008|16:39] C:\Program Files\CamStudio
[29/03/2009|15:27] C:\Program Files\Club-Internet
[05/05/2009|17:28] C:\Program Files\Common Files
[25/07/2008|14:42] C:\Program Files\CONEXANT
[25/07/2008|15:18] C:\Program Files\Convesoft
[25/12/2008|01:59] C:\Program Files\Cyberlink
[27/04/2009|14:17] C:\Program Files\DivX
[25/12/2008|16:37] C:\Program Files\eMule
[09/02/2009|00:27] C:\Program Files\Eraser
[25/12/2008|20:06] C:\Program Files\eRightSoft
[04/12/2008|17:56] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[07/02/2009|19:09] C:\Program Files\FileZilla FTP Client
[29/12/2008|19:03] C:\Program Files\GetData
[30/03/2009|23:52] C:\Program Files\Google
[29/04/2009|17:01] C:\Program Files\Holdem Indicator
[03/05/2009|18:52] C:\Program Files\IncrediMail
[08/05/2009|09:02] C:\Program Files\InstallShield Installation Information
[25/07/2008|14:38] C:\Program Files\Intel
[22/01/2009|23:04] C:\Program Files\Internet Download Manager
[16/04/2009|03:10] C:\Program Files\Internet Explorer
[18/02/2009|14:13] C:\Program Files\Intuisphere
[28/03/2009|12:35] C:\Program Files\Java
[07/01/2009|20:18] C:\Program Files\KONAMI
[25/12/2008|02:18] C:\Program Files\Launch Manager
[27/04/2009|13:04] C:\Program Files\Lavasoft
[27/04/2009|14:18] C:\Program Files\ma-config.com
[10/05/2009|19:28] C:\Program Files\Malwarebytes' Anti-Malware
[05/03/2009|21:16] C:\Program Files\Messenger Plus! Live
[01/03/2009|22:05] C:\Program Files\Microsoft
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[26/12/2008|23:33] C:\Program Files\Microsoft Office
[26/12/2008|23:33] C:\Program Files\Microsoft Visual Studio
[26/12/2008|23:28] C:\Program Files\Microsoft Visual Studio 8
[26/12/2008|23:34] C:\Program Files\Microsoft Works
[26/12/2008|23:32] C:\Program Files\Microsoft.NET
[26/12/2008|02:05] C:\Program Files\Moodysoft
[21/01/2008|04:35] C:\Program Files\Movie Maker
[10/05/2009|16:34] C:\Program Files\Mozilla Firefox
[04/05/2009|18:59] C:\Program Files\Mozilla Thunderbird
[26/12/2008|23:33] C:\Program Files\MSBuild
[25/12/2008|22:59] C:\Program Files\MSXML 4.0
[02/02/2009|19:50] C:\Program Files\NCH Software
[25/07/2008|15:16] C:\Program Files\NewTech Infosystems
[05/05/2009|17:28] C:\Program Files\Nikon
[25/12/2008|04:43] C:\Program Files\NOS
[03/03/2009|01:25] C:\Program Files\Oberon Media
[23/04/2009|18:30] C:\Program Files\Pando Networks
[04/01/2009|18:15] C:\Program Files\Pcsx2_0.9.4
[25/12/2008|16:36] C:\Program Files\PDFCreator
[29/04/2009|16:59] C:\Program Files\Pokerbility
[23/04/2009|23:45] C:\Program Files\PokerStars
[29/12/2008|19:56] C:\Program Files\PSCS2Updater
[25/07/2008|14:40] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[29/03/2009|14:29] C:\Program Files\SFR
[26/12/2008|20:58] C:\Program Files\SiteAdvisor
[16/04/2009|18:48] C:\Program Files\SopCast
[03/01/2009|11:46] C:\Program Files\Sports Interactive
[25/07/2008|14:44] C:\Program Files\Synaptics
[29/04/2009|17:01] C:\Program Files\Tournament Indicator
[08/05/2009|10:33] C:\Program Files\Trend Micro
[31/01/2009|20:37] C:\Program Files\TVAnts
[25/12/2008|19:57] C:\Program Files\UDPixel
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[04/01/2009|18:12] C:\Program Files\uTorrent
[15/03/2009|21:50] C:\Program Files\Veetle
[25/12/2008|03:05] C:\Program Files\VideoLAN
[25/12/2008|19:22] C:\Program Files\VSO
[08/05/2009|19:40] C:\Program Files\WebCamSplitter Pro
[25/07/2008|14:44] C:\Program Files\Winbond Electronics Corporation
[21/01/2008|04:35] C:\Program Files\Windows Calendar
[21/01/2008|04:35] C:\Program Files\Windows Collaboration
[21/01/2008|04:35] C:\Program Files\Windows Defender
[21/01/2008|04:35] C:\Program Files\Windows Journal
[01/03/2009|22:04] C:\Program Files\Windows Live
[11/05/2009|02:20] C:\Program Files\Windows Live Safety Center
[01/03/2009|22:05] C:\Program Files\Windows Live SkyDrive
[16/04/2009|03:10] C:\Program Files\Windows Mail
[12/03/2009|04:06] C:\Program Files\Windows Media Player
[04/12/2008|17:56] C:\Program Files\Windows NT
[21/01/2008|04:35] C:\Program Files\Windows Photo Gallery
[21/01/2008|04:35] C:\Program Files\Windows Sidebar
[25/12/2008|19:47] C:\Program Files\WinRAR
[01/04/2009|00:50] C:\Program Files\Xilisoft
[03/01/2009|11:51] C:\Program Files\Zero G Registry
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[01/01/2009|22:49] C:\Program Files\Common Files\Adobe
[26/12/2008|23:33] C:\Program Files\Common Files\DESIGNER
[05/05/2009|17:15] C:\Program Files\Common Files\InstallShield
[25/07/2008|15:16] C:\Program Files\Common Files\LightScribe
[31/12/2008|14:15] C:\Program Files\Common Files\Macrovision Shared
[01/03/2009|22:05] C:\Program Files\Common Files\microsoft shared
[05/05/2009|17:28] C:\Program Files\Common Files\muvee Technologies
[05/05/2009|17:29] C:\Program Files\Common Files\Nikon
[27/04/2009|14:17] C:\Program Files\Common Files\PX Storage Engine
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[11/10/2008|02:49] C:\Program Files\Common Files\SPBA
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[25/12/2008|01:40] C:\Program Files\Common Files\SWF Studio
[26/12/2008|23:28] C:\Program Files\Common Files\System
[01/03/2009|21:59] C:\Program Files\Common Files\Windows Live
[25/12/2008|02:44] C:\Program Files\Common Files\WindowsLiveInstaller
--------------------\\ Process
( 85 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\Users\alain\AppData\Local\Temp\nsb764.tmp
C:\Users\alain\AppData\Local\Temp\nsfF5E2.tmp
C:\Users\alain\AppData\Local\Temp\nsiC4E3.tmp
C:\Users\alain\AppData\Local\Temp\nsk3741.tmp
C:\Users\alain\AppData\Local\Temp\nslF768.tmp
C:\Users\alain\AppData\Local\Temp\nsm6E19.tmp
C:\Users\alain\AppData\Local\Temp\nsr425C.tmp
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-10 20:56:07
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
disk error: C:\Windows\System32\
please note that you need administrator rights to perform deep scan
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:416][D:157]-> C:\Users\alain\AppData\Local\Temp
[F:18][D:1]-> C:\Users\alain\AppData\Roaming\MICROS~1\Windows\Cookies
[F:139][D:9]-> C:\Users\alain\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:347][D:13]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 10/05/2009|20:57 - Option : [1]
--------------------\\ Fin du rapport a 20:57:17
[ UAC => 1 ]
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz )
BIOS : ZK2 v0.3121 3A21
USER : alain ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:144 Go (Free:79 Go)
D:\ (Local Disk) - NTFS - Total:140 Go (Free:62 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (USB) - FAT32 - Total:3868 Mo (Free:3 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 10/05/2009|20:54 )
[ UAC => 0 ]
--------------------\\ Listing des dossiers dans Local
[11/05/2009|02:20] C:\Users\alain\AppData\Local\{02D6B647-B652-4FF2-875E-268CD3382FB2}
[25/12/2008|01:41] C:\Users\alain\AppData\Local\Acer Arcade Deluxe
[12/01/2009|18:56] C:\Users\alain\AppData\Local\Adobe
[04/12/2008|18:00] C:\Users\alain\AppData\Local\Application Data
[25/12/2008|01:41] C:\Users\alain\AppData\Local\CyberLink
[08/04/2009|10:45] C:\Users\alain\AppData\Local\d3d9caps.dat
[07/05/2009|22:22] C:\Users\alain\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[25/12/2008|03:04] C:\Users\alain\AppData\Local\eMule
[06/05/2009|00:34] C:\Users\alain\AppData\Local\Google
[04/12/2008|18:00] C:\Users\alain\AppData\Local\Historique
[10/05/2009|14:27] C:\Users\alain\AppData\Local\IconCache.db
[03/05/2009|18:12] C:\Users\alain\AppData\Local\IM
[07/03/2009|21:47] C:\Users\alain\AppData\Local\Microsoft
[07/01/2009|10:19] C:\Users\alain\AppData\Local\Microsoft Games
[26/12/2008|23:27] C:\Users\alain\AppData\Local\Microsoft Help
[25/12/2008|01:00] C:\Users\alain\AppData\Local\MigWiz
[26/12/2008|02:05] C:\Users\alain\AppData\Local\Moodysoft
[25/12/2008|03:12] C:\Users\alain\AppData\Local\Mozilla
[05/05/2009|17:19] C:\Users\alain\AppData\Local\Nikon
[23/04/2009|18:30] C:\Users\alain\AppData\Local\Pando
[11/05/2009|02:20] C:\Users\alain\AppData\Local\PlayMovie
[11/05/2009|02:20] C:\Users\alain\AppData\Local\PokerStars
[11/05/2009|02:20] C:\Users\alain\AppData\Local\PokerStars.NET
[11/05/2009|02:20] C:\Users\alain\AppData\Local\PowerCinema
[11/05/2009|02:20] C:\Users\alain\AppData\Local\SoftDMA
[10/05/2009|20:53] C:\Users\alain\AppData\Local\Temp
[04/12/2008|18:00] C:\Users\alain\AppData\Local\Temporary Internet Files
[03/05/2009|19:07] C:\Users\alain\AppData\Local\Thunderbird
[25/12/2008|13:43] C:\Users\alain\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[07/05/2009 16:58][--a------] C:\Windows\tasks\Ad-Aware Update (Weekly).job
[10/05/2009 16:28][--a------] C:\Windows\tasks\GoogleUpdateTaskMachine.job
[10/05/2009 16:31][--a------] C:\Windows\tasks\Google Software Updater.job
[10/05/2009 16:28][--ah-----] C:\Windows\tasks\SA.DAT
[08/05/2009 09:01][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[25/07/2008|15:22] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[01/01/2009|22:09] C:\ProgramData\Adobe
[02/11/2006|15:02] C:\ProgramData\Application Data
[11/10/2008|02:54] C:\ProgramData\ArcadeDeluxe2.log
[27/04/2009|15:53] C:\ProgramData\Avira
[04/12/2008|17:56] C:\ProgramData\Bureau
[07/04/2009|10:58] C:\ProgramData\CyberLink
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[25/12/2008|04:35] C:\ProgramData\eMule
[05/05/2009|17:27] C:\ProgramData\EnterNHelp
[25/12/2008|01:49] C:\ProgramData\eSobi
[04/12/2008|17:56] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[11/05/2009|02:20] C:\ProgramData\FLEXnet
[25/07/2008|15:05] C:\ProgramData\FloodLightGames
[25/12/2008|01:17] C:\ProgramData\Google
[10/05/2009|16:31] C:\ProgramData\Google Updater
[03/05/2009|18:11] C:\ProgramData\IM
[03/05/2009|18:09] C:\ProgramData\IncrediMail
[07/01/2009|20:26] C:\ProgramData\KONAMI
[27/04/2009|13:04] C:\ProgramData\Lavasoft
[27/04/2009|14:18] C:\ProgramData\ma-config.com
[27/04/2009|14:23] C:\ProgramData\Malwarebytes
[05/03/2009|11:14] C:\ProgramData\McAfee
[04/12/2008|17:56] C:\ProgramData\Menu D‚marrer
[07/05/2009|03:40] C:\ProgramData\Messenger Plus!
[14/03/2009|00:59] C:\ProgramData\Microsoft
[04/05/2009|03:01] C:\ProgramData\Microsoft Help
[04/12/2008|17:56] C:\ProgramData\ModŠles
[29/03/2009|15:28] C:\ProgramData\Motive
[02/02/2009|19:43] C:\ProgramData\NCH Software
[02/02/2009|19:41] C:\ProgramData\NCH Swift Sound
[05/05/2009|17:28] C:\ProgramData\Nikon
[25/12/2008|16:00] C:\ProgramData\NOS
[25/12/2008|19:52] C:\ProgramData\ntuser.pol
[11/10/2008|03:05] C:\ProgramData\NVIDIA
[10/05/2009|16:29] C:\ProgramData\nvModes.001
[09/05/2009|23:31] C:\ProgramData\nvModes.dat
[07/05/2009|18:31] C:\ProgramData\PKP_DLbx.DAT
[07/05/2009|18:06] C:\ProgramData\PKP_DLdu.DAT
[05/05/2009|17:27] C:\ProgramData\Pop Kit
[05/05/2009|17:27] C:\ProgramData\Profiles
[26/12/2008|11:10] C:\ProgramData\SiteAdvisor
[29/03/2009|17:46] C:\ProgramData\Sports Interactive
[02/11/2006|15:02] C:\ProgramData\Start Menu
[05/05/2009|17:19] C:\ProgramData\Sync Services
[24/03/2009|10:47] C:\ProgramData\Temp
[02/11/2006|15:02] C:\ProgramData\Templates
[11/10/2008|02:48] C:\ProgramData\UIB
[05/05/2009|17:27] C:\ProgramData\Ultima_T15
[05/05/2009|17:19] C:\ProgramData\Widgets
[02/01/2009|18:29] C:\ProgramData\WindowsSearch
[25/12/2008|02:39] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[25/12/2008|01:35] C:\Program Files\Acer
[11/10/2008|02:54] C:\Program Files\Acer Arcade Deluxe
[25/12/2008|01:52] C:\Program Files\Acer GameZone
[11/10/2008|02:39] C:\Program Files\Acer Inc
[11/10/2008|03:01] C:\Program Files\Acer Incorporated
[25/07/2008|15:22] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[15/02/2009|22:18] C:\Program Files\Adobe
[25/12/2008|02:56] C:\Program Files\Adobe1
[26/12/2008|11:52] C:\Program Files\Alcohol Soft
[14/03/2009|00:50] C:\Program Files\Alwil Software
[19/04/2009|04:30] C:\Program Files\Audacity
[27/04/2009|15:53] C:\Program Files\Avira
[25/12/2008|20:08] C:\Program Files\AviSynth 2.5
[27/12/2008|16:39] C:\Program Files\CamStudio
[29/03/2009|15:27] C:\Program Files\Club-Internet
[05/05/2009|17:28] C:\Program Files\Common Files
[25/07/2008|14:42] C:\Program Files\CONEXANT
[25/07/2008|15:18] C:\Program Files\Convesoft
[25/12/2008|01:59] C:\Program Files\Cyberlink
[27/04/2009|14:17] C:\Program Files\DivX
[25/12/2008|16:37] C:\Program Files\eMule
[09/02/2009|00:27] C:\Program Files\Eraser
[25/12/2008|20:06] C:\Program Files\eRightSoft
[04/12/2008|17:56] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[07/02/2009|19:09] C:\Program Files\FileZilla FTP Client
[29/12/2008|19:03] C:\Program Files\GetData
[30/03/2009|23:52] C:\Program Files\Google
[29/04/2009|17:01] C:\Program Files\Holdem Indicator
[03/05/2009|18:52] C:\Program Files\IncrediMail
[08/05/2009|09:02] C:\Program Files\InstallShield Installation Information
[25/07/2008|14:38] C:\Program Files\Intel
[22/01/2009|23:04] C:\Program Files\Internet Download Manager
[16/04/2009|03:10] C:\Program Files\Internet Explorer
[18/02/2009|14:13] C:\Program Files\Intuisphere
[28/03/2009|12:35] C:\Program Files\Java
[07/01/2009|20:18] C:\Program Files\KONAMI
[25/12/2008|02:18] C:\Program Files\Launch Manager
[27/04/2009|13:04] C:\Program Files\Lavasoft
[27/04/2009|14:18] C:\Program Files\ma-config.com
[10/05/2009|19:28] C:\Program Files\Malwarebytes' Anti-Malware
[05/03/2009|21:16] C:\Program Files\Messenger Plus! Live
[01/03/2009|22:05] C:\Program Files\Microsoft
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[26/12/2008|23:33] C:\Program Files\Microsoft Office
[26/12/2008|23:33] C:\Program Files\Microsoft Visual Studio
[26/12/2008|23:28] C:\Program Files\Microsoft Visual Studio 8
[26/12/2008|23:34] C:\Program Files\Microsoft Works
[26/12/2008|23:32] C:\Program Files\Microsoft.NET
[26/12/2008|02:05] C:\Program Files\Moodysoft
[21/01/2008|04:35] C:\Program Files\Movie Maker
[10/05/2009|16:34] C:\Program Files\Mozilla Firefox
[04/05/2009|18:59] C:\Program Files\Mozilla Thunderbird
[26/12/2008|23:33] C:\Program Files\MSBuild
[25/12/2008|22:59] C:\Program Files\MSXML 4.0
[02/02/2009|19:50] C:\Program Files\NCH Software
[25/07/2008|15:16] C:\Program Files\NewTech Infosystems
[05/05/2009|17:28] C:\Program Files\Nikon
[25/12/2008|04:43] C:\Program Files\NOS
[03/03/2009|01:25] C:\Program Files\Oberon Media
[23/04/2009|18:30] C:\Program Files\Pando Networks
[04/01/2009|18:15] C:\Program Files\Pcsx2_0.9.4
[25/12/2008|16:36] C:\Program Files\PDFCreator
[29/04/2009|16:59] C:\Program Files\Pokerbility
[23/04/2009|23:45] C:\Program Files\PokerStars
[29/12/2008|19:56] C:\Program Files\PSCS2Updater
[25/07/2008|14:40] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[29/03/2009|14:29] C:\Program Files\SFR
[26/12/2008|20:58] C:\Program Files\SiteAdvisor
[16/04/2009|18:48] C:\Program Files\SopCast
[03/01/2009|11:46] C:\Program Files\Sports Interactive
[25/07/2008|14:44] C:\Program Files\Synaptics
[29/04/2009|17:01] C:\Program Files\Tournament Indicator
[08/05/2009|10:33] C:\Program Files\Trend Micro
[31/01/2009|20:37] C:\Program Files\TVAnts
[25/12/2008|19:57] C:\Program Files\UDPixel
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[04/01/2009|18:12] C:\Program Files\uTorrent
[15/03/2009|21:50] C:\Program Files\Veetle
[25/12/2008|03:05] C:\Program Files\VideoLAN
[25/12/2008|19:22] C:\Program Files\VSO
[08/05/2009|19:40] C:\Program Files\WebCamSplitter Pro
[25/07/2008|14:44] C:\Program Files\Winbond Electronics Corporation
[21/01/2008|04:35] C:\Program Files\Windows Calendar
[21/01/2008|04:35] C:\Program Files\Windows Collaboration
[21/01/2008|04:35] C:\Program Files\Windows Defender
[21/01/2008|04:35] C:\Program Files\Windows Journal
[01/03/2009|22:04] C:\Program Files\Windows Live
[11/05/2009|02:20] C:\Program Files\Windows Live Safety Center
[01/03/2009|22:05] C:\Program Files\Windows Live SkyDrive
[16/04/2009|03:10] C:\Program Files\Windows Mail
[12/03/2009|04:06] C:\Program Files\Windows Media Player
[04/12/2008|17:56] C:\Program Files\Windows NT
[21/01/2008|04:35] C:\Program Files\Windows Photo Gallery
[21/01/2008|04:35] C:\Program Files\Windows Sidebar
[25/12/2008|19:47] C:\Program Files\WinRAR
[01/04/2009|00:50] C:\Program Files\Xilisoft
[03/01/2009|11:51] C:\Program Files\Zero G Registry
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[01/01/2009|22:49] C:\Program Files\Common Files\Adobe
[26/12/2008|23:33] C:\Program Files\Common Files\DESIGNER
[05/05/2009|17:15] C:\Program Files\Common Files\InstallShield
[25/07/2008|15:16] C:\Program Files\Common Files\LightScribe
[31/12/2008|14:15] C:\Program Files\Common Files\Macrovision Shared
[01/03/2009|22:05] C:\Program Files\Common Files\microsoft shared
[05/05/2009|17:28] C:\Program Files\Common Files\muvee Technologies
[05/05/2009|17:29] C:\Program Files\Common Files\Nikon
[27/04/2009|14:17] C:\Program Files\Common Files\PX Storage Engine
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[11/10/2008|02:49] C:\Program Files\Common Files\SPBA
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[25/12/2008|01:40] C:\Program Files\Common Files\SWF Studio
[26/12/2008|23:28] C:\Program Files\Common Files\System
[01/03/2009|21:59] C:\Program Files\Common Files\Windows Live
[25/12/2008|02:44] C:\Program Files\Common Files\WindowsLiveInstaller
--------------------\\ Process
( 85 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\Users\alain\AppData\Local\Temp\nsb764.tmp
C:\Users\alain\AppData\Local\Temp\nsfF5E2.tmp
C:\Users\alain\AppData\Local\Temp\nsiC4E3.tmp
C:\Users\alain\AppData\Local\Temp\nsk3741.tmp
C:\Users\alain\AppData\Local\Temp\nslF768.tmp
C:\Users\alain\AppData\Local\Temp\nsm6E19.tmp
C:\Users\alain\AppData\Local\Temp\nsr425C.tmp
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-10 20:56:07
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
disk error: C:\Windows\System32\
please note that you need administrator rights to perform deep scan
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:416][D:157]-> C:\Users\alain\AppData\Local\Temp
[F:18][D:1]-> C:\Users\alain\AppData\Roaming\MICROS~1\Windows\Cookies
[F:139][D:9]-> C:\Users\alain\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:347][D:13]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 10/05/2009|20:57 - Option : [1]
--------------------\\ Fin du rapport a 20:57:17
[ UAC => 1 ]
Utilisateur anonyme
10 mai 2009 à 21:42
10 mai 2009 à 21:42
double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option "Suppression + Hosts"
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
* Séléctionne la langue souhaitée , puis choisis l'option "Suppression + Hosts"
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz )
BIOS : ZK2 v0.3121 3A21
USER : alain ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:144 Go (Free:78 Go)
D:\ (Local Disk) - NTFS - Total:140 Go (Free:62 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (USB) - FAT32 - Total:3868 Mo (Free:3 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 10/05/2009|22:02 )
[ UAC => 1 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\Users\alain\AppData\Local\Temp\nsb764.tmp
Supprime! - C:\Users\alain\AppData\Local\Temp\nsfF5E2.tmp
Supprime! - C:\Users\alain\AppData\Local\Temp\nsiC4E3.tmp
Supprime! - C:\Users\alain\AppData\Local\Temp\nsk3741.tmp
Supprime! - C:\Users\alain\AppData\Local\Temp\nslF768.tmp
Supprime! - C:\Users\alain\AppData\Local\Temp\nsm6E19.tmp
Supprime! - C:\Users\alain\AppData\Local\Temp\nsr425C.tmp
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans Local
[11/05/2009|02:20] C:\Users\alain\AppData\Local\{02D6B647-B652-4FF2-875E-268CD3382FB2}
[25/12/2008|01:41] C:\Users\alain\AppData\Local\Acer Arcade Deluxe
[12/01/2009|18:56] C:\Users\alain\AppData\Local\Adobe
[04/12/2008|18:00] C:\Users\alain\AppData\Local\Application Data
[25/12/2008|01:41] C:\Users\alain\AppData\Local\CyberLink
[08/04/2009|10:45] C:\Users\alain\AppData\Local\d3d9caps.dat
[07/05/2009|22:22] C:\Users\alain\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[25/12/2008|03:04] C:\Users\alain\AppData\Local\eMule
[06/05/2009|00:34] C:\Users\alain\AppData\Local\Google
[04/12/2008|18:00] C:\Users\alain\AppData\Local\Historique
[10/05/2009|14:27] C:\Users\alain\AppData\Local\IconCache.db
[03/05/2009|18:12] C:\Users\alain\AppData\Local\IM
[07/03/2009|21:47] C:\Users\alain\AppData\Local\Microsoft
[07/01/2009|10:19] C:\Users\alain\AppData\Local\Microsoft Games
[26/12/2008|23:27] C:\Users\alain\AppData\Local\Microsoft Help
[25/12/2008|01:00] C:\Users\alain\AppData\Local\MigWiz
[26/12/2008|02:05] C:\Users\alain\AppData\Local\Moodysoft
[25/12/2008|03:12] C:\Users\alain\AppData\Local\Mozilla
[05/05/2009|17:19] C:\Users\alain\AppData\Local\Nikon
[23/04/2009|18:30] C:\Users\alain\AppData\Local\Pando
[11/05/2009|02:20] C:\Users\alain\AppData\Local\PlayMovie
[11/05/2009|02:20] C:\Users\alain\AppData\Local\PokerStars
[11/05/2009|02:20] C:\Users\alain\AppData\Local\PokerStars.NET
[11/05/2009|02:20] C:\Users\alain\AppData\Local\PowerCinema
[11/05/2009|02:20] C:\Users\alain\AppData\Local\SoftDMA
[10/05/2009|22:02] C:\Users\alain\AppData\Local\Temp
[04/12/2008|18:00] C:\Users\alain\AppData\Local\Temporary Internet Files
[03/05/2009|19:07] C:\Users\alain\AppData\Local\Thunderbird
[25/12/2008|13:43] C:\Users\alain\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[07/05/2009 16:58][--a------] C:\Windows\tasks\Ad-Aware Update (Weekly).job
[10/05/2009 16:28][--a------] C:\Windows\tasks\GoogleUpdateTaskMachine.job
[10/05/2009 16:31][--a------] C:\Windows\tasks\Google Software Updater.job
[10/05/2009 16:28][--ah-----] C:\Windows\tasks\SA.DAT
[08/05/2009 09:01][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[25/07/2008|15:22] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[01/01/2009|22:09] C:\ProgramData\Adobe
[02/11/2006|15:02] C:\ProgramData\Application Data
[11/10/2008|02:54] C:\ProgramData\ArcadeDeluxe2.log
[27/04/2009|15:53] C:\ProgramData\Avira
[04/12/2008|17:56] C:\ProgramData\Bureau
[07/04/2009|10:58] C:\ProgramData\CyberLink
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[25/12/2008|04:35] C:\ProgramData\eMule
[05/05/2009|17:27] C:\ProgramData\EnterNHelp
[25/12/2008|01:49] C:\ProgramData\eSobi
[04/12/2008|17:56] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[11/05/2009|02:20] C:\ProgramData\FLEXnet
[25/07/2008|15:05] C:\ProgramData\FloodLightGames
[25/12/2008|01:17] C:\ProgramData\Google
[10/05/2009|16:31] C:\ProgramData\Google Updater
[03/05/2009|18:11] C:\ProgramData\IM
[03/05/2009|18:09] C:\ProgramData\IncrediMail
[07/01/2009|20:26] C:\ProgramData\KONAMI
[27/04/2009|13:04] C:\ProgramData\Lavasoft
[27/04/2009|14:18] C:\ProgramData\ma-config.com
[27/04/2009|14:23] C:\ProgramData\Malwarebytes
[05/03/2009|11:14] C:\ProgramData\McAfee
[04/12/2008|17:56] C:\ProgramData\Menu D‚marrer
[07/05/2009|03:40] C:\ProgramData\Messenger Plus!
[14/03/2009|00:59] C:\ProgramData\Microsoft
[04/05/2009|03:01] C:\ProgramData\Microsoft Help
[04/12/2008|17:56] C:\ProgramData\ModŠles
[29/03/2009|15:28] C:\ProgramData\Motive
[02/02/2009|19:43] C:\ProgramData\NCH Software
[02/02/2009|19:41] C:\ProgramData\NCH Swift Sound
[05/05/2009|17:28] C:\ProgramData\Nikon
[25/12/2008|16:00] C:\ProgramData\NOS
[25/12/2008|19:52] C:\ProgramData\ntuser.pol
[11/10/2008|03:05] C:\ProgramData\NVIDIA
[10/05/2009|16:29] C:\ProgramData\nvModes.001
[09/05/2009|23:31] C:\ProgramData\nvModes.dat
[07/05/2009|18:31] C:\ProgramData\PKP_DLbx.DAT
[07/05/2009|18:06] C:\ProgramData\PKP_DLdu.DAT
[05/05/2009|17:27] C:\ProgramData\Pop Kit
[05/05/2009|17:27] C:\ProgramData\Profiles
[26/12/2008|11:10] C:\ProgramData\SiteAdvisor
[29/03/2009|17:46] C:\ProgramData\Sports Interactive
[02/11/2006|15:02] C:\ProgramData\Start Menu
[05/05/2009|17:19] C:\ProgramData\Sync Services
[24/03/2009|10:47] C:\ProgramData\Temp
[02/11/2006|15:02] C:\ProgramData\Templates
[11/10/2008|02:48] C:\ProgramData\UIB
[05/05/2009|17:27] C:\ProgramData\Ultima_T15
[05/05/2009|17:19] C:\ProgramData\Widgets
[02/01/2009|18:29] C:\ProgramData\WindowsSearch
[25/12/2008|02:39] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[25/12/2008|01:35] C:\Program Files\Acer
[11/10/2008|02:54] C:\Program Files\Acer Arcade Deluxe
[25/12/2008|01:52] C:\Program Files\Acer GameZone
[11/10/2008|02:39] C:\Program Files\Acer Inc
[11/10/2008|03:01] C:\Program Files\Acer Incorporated
[25/07/2008|15:22] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[15/02/2009|22:18] C:\Program Files\Adobe
[25/12/2008|02:56] C:\Program Files\Adobe1
[26/12/2008|11:52] C:\Program Files\Alcohol Soft
[14/03/2009|00:50] C:\Program Files\Alwil Software
[19/04/2009|04:30] C:\Program Files\Audacity
[27/04/2009|15:53] C:\Program Files\Avira
[25/12/2008|20:08] C:\Program Files\AviSynth 2.5
[27/12/2008|16:39] C:\Program Files\CamStudio
[29/03/2009|15:27] C:\Program Files\Club-Internet
[05/05/2009|17:28] C:\Program Files\Common Files
[25/07/2008|14:42] C:\Program Files\CONEXANT
[25/07/2008|15:18] C:\Program Files\Convesoft
[25/12/2008|01:59] C:\Program Files\Cyberlink
[27/04/2009|14:17] C:\Program Files\DivX
[25/12/2008|16:37] C:\Program Files\eMule
[09/02/2009|00:27] C:\Program Files\Eraser
[25/12/2008|20:06] C:\Program Files\eRightSoft
[04/12/2008|17:56] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[07/02/2009|19:09] C:\Program Files\FileZilla FTP Client
[29/12/2008|19:03] C:\Program Files\GetData
[30/03/2009|23:52] C:\Program Files\Google
[29/04/2009|17:01] C:\Program Files\Holdem Indicator
[03/05/2009|18:52] C:\Program Files\IncrediMail
[08/05/2009|09:02] C:\Program Files\InstallShield Installation Information
[25/07/2008|14:38] C:\Program Files\Intel
[22/01/2009|23:04] C:\Program Files\Internet Download Manager
[16/04/2009|03:10] C:\Program Files\Internet Explorer
[18/02/2009|14:13] C:\Program Files\Intuisphere
[28/03/2009|12:35] C:\Program Files\Java
[07/01/2009|20:18] C:\Program Files\KONAMI
[25/12/2008|02:18] C:\Program Files\Launch Manager
[27/04/2009|13:04] C:\Program Files\Lavasoft
[27/04/2009|14:18] C:\Program Files\ma-config.com
[10/05/2009|19:28] C:\Program Files\Malwarebytes' Anti-Malware
[05/03/2009|21:16] C:\Program Files\Messenger Plus! Live
[01/03/2009|22:05] C:\Program Files\Microsoft
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[26/12/2008|23:33] C:\Program Files\Microsoft Office
[26/12/2008|23:33] C:\Program Files\Microsoft Visual Studio
[26/12/2008|23:28] C:\Program Files\Microsoft Visual Studio 8
[26/12/2008|23:34] C:\Program Files\Microsoft Works
[26/12/2008|23:32] C:\Program Files\Microsoft.NET
[26/12/2008|02:05] C:\Program Files\Moodysoft
[21/01/2008|04:35] C:\Program Files\Movie Maker
[10/05/2009|16:34] C:\Program Files\Mozilla Firefox
[04/05/2009|18:59] C:\Program Files\Mozilla Thunderbird
[26/12/2008|23:33] C:\Program Files\MSBuild
[25/12/2008|22:59] C:\Program Files\MSXML 4.0
[02/02/2009|19:50] C:\Program Files\NCH Software
[25/07/2008|15:16] C:\Program Files\NewTech Infosystems
[05/05/2009|17:28] C:\Program Files\Nikon
[25/12/2008|04:43] C:\Program Files\NOS
[03/03/2009|01:25] C:\Program Files\Oberon Media
[23/04/2009|18:30] C:\Program Files\Pando Networks
[04/01/2009|18:15] C:\Program Files\Pcsx2_0.9.4
[25/12/2008|16:36] C:\Program Files\PDFCreator
[29/04/2009|16:59] C:\Program Files\Pokerbility
[23/04/2009|23:45] C:\Program Files\PokerStars
[29/12/2008|19:56] C:\Program Files\PSCS2Updater
[25/07/2008|14:40] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[29/03/2009|14:29] C:\Program Files\SFR
[26/12/2008|20:58] C:\Program Files\SiteAdvisor
[16/04/2009|18:48] C:\Program Files\SopCast
[03/01/2009|11:46] C:\Program Files\Sports Interactive
[25/07/2008|14:44] C:\Program Files\Synaptics
[29/04/2009|17:01] C:\Program Files\Tournament Indicator
[08/05/2009|10:33] C:\Program Files\Trend Micro
[31/01/2009|20:37] C:\Program Files\TVAnts
[25/12/2008|19:57] C:\Program Files\UDPixel
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[04/01/2009|18:12] C:\Program Files\uTorrent
[15/03/2009|21:50] C:\Program Files\Veetle
[25/12/2008|03:05] C:\Program Files\VideoLAN
[25/12/2008|19:22] C:\Program Files\VSO
[08/05/2009|19:40] C:\Program Files\WebCamSplitter Pro
[25/07/2008|14:44] C:\Program Files\Winbond Electronics Corporation
[21/01/2008|04:35] C:\Program Files\Windows Calendar
[21/01/2008|04:35] C:\Program Files\Windows Collaboration
[21/01/2008|04:35] C:\Program Files\Windows Defender
[21/01/2008|04:35] C:\Program Files\Windows Journal
[01/03/2009|22:04] C:\Program Files\Windows Live
[11/05/2009|02:20] C:\Program Files\Windows Live Safety Center
[01/03/2009|22:05] C:\Program Files\Windows Live SkyDrive
[16/04/2009|03:10] C:\Program Files\Windows Mail
[12/03/2009|04:06] C:\Program Files\Windows Media Player
[04/12/2008|17:56] C:\Program Files\Windows NT
[21/01/2008|04:35] C:\Program Files\Windows Photo Gallery
[21/01/2008|04:35] C:\Program Files\Windows Sidebar
[25/12/2008|19:47] C:\Program Files\WinRAR
[01/04/2009|00:50] C:\Program Files\Xilisoft
[03/01/2009|11:51] C:\Program Files\Zero G Registry
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[01/01/2009|22:49] C:\Program Files\Common Files\Adobe
[26/12/2008|23:33] C:\Program Files\Common Files\DESIGNER
[05/05/2009|17:15] C:\Program Files\Common Files\InstallShield
[25/07/2008|15:16] C:\Program Files\Common Files\LightScribe
[31/12/2008|14:15] C:\Program Files\Common Files\Macrovision Shared
[01/03/2009|22:05] C:\Program Files\Common Files\microsoft shared
[05/05/2009|17:28] C:\Program Files\Common Files\muvee Technologies
[05/05/2009|17:29] C:\Program Files\Common Files\Nikon
[27/04/2009|14:17] C:\Program Files\Common Files\PX Storage Engine
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[11/10/2008|02:49] C:\Program Files\Common Files\SPBA
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[25/12/2008|01:40] C:\Program Files\Common Files\SWF Studio
[26/12/2008|23:28] C:\Program Files\Common Files\System
[01/03/2009|21:59] C:\Program Files\Common Files\Windows Live
[25/12/2008|02:44] C:\Program Files\Common Files\WindowsLiveInstaller
--------------------\\ Process
( 84 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-10 22:03:22
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
disk error: C:\Windows\System32\
please note that you need administrator rights to perform deep scan
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:412][D:151]-> C:\Users\alain\AppData\Local\Temp
[F:18][D:1]-> C:\Users\alain\AppData\Roaming\MICROS~1\Windows\Cookies
[F:140][D:9]-> C:\Users\alain\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:347][D:13]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 10/05/2009|20:57 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 10/05/2009|22:04 - Option : [2]
--------------------\\ Fin du rapport a 22:04:01
[ UAC => 1 ]
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz )
BIOS : ZK2 v0.3121 3A21
USER : alain ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:144 Go (Free:78 Go)
D:\ (Local Disk) - NTFS - Total:140 Go (Free:62 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (USB) - FAT32 - Total:3868 Mo (Free:3 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 10/05/2009|22:02 )
[ UAC => 1 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\Users\alain\AppData\Local\Temp\nsb764.tmp
Supprime! - C:\Users\alain\AppData\Local\Temp\nsfF5E2.tmp
Supprime! - C:\Users\alain\AppData\Local\Temp\nsiC4E3.tmp
Supprime! - C:\Users\alain\AppData\Local\Temp\nsk3741.tmp
Supprime! - C:\Users\alain\AppData\Local\Temp\nslF768.tmp
Supprime! - C:\Users\alain\AppData\Local\Temp\nsm6E19.tmp
Supprime! - C:\Users\alain\AppData\Local\Temp\nsr425C.tmp
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans Local
[11/05/2009|02:20] C:\Users\alain\AppData\Local\{02D6B647-B652-4FF2-875E-268CD3382FB2}
[25/12/2008|01:41] C:\Users\alain\AppData\Local\Acer Arcade Deluxe
[12/01/2009|18:56] C:\Users\alain\AppData\Local\Adobe
[04/12/2008|18:00] C:\Users\alain\AppData\Local\Application Data
[25/12/2008|01:41] C:\Users\alain\AppData\Local\CyberLink
[08/04/2009|10:45] C:\Users\alain\AppData\Local\d3d9caps.dat
[07/05/2009|22:22] C:\Users\alain\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[25/12/2008|03:04] C:\Users\alain\AppData\Local\eMule
[06/05/2009|00:34] C:\Users\alain\AppData\Local\Google
[04/12/2008|18:00] C:\Users\alain\AppData\Local\Historique
[10/05/2009|14:27] C:\Users\alain\AppData\Local\IconCache.db
[03/05/2009|18:12] C:\Users\alain\AppData\Local\IM
[07/03/2009|21:47] C:\Users\alain\AppData\Local\Microsoft
[07/01/2009|10:19] C:\Users\alain\AppData\Local\Microsoft Games
[26/12/2008|23:27] C:\Users\alain\AppData\Local\Microsoft Help
[25/12/2008|01:00] C:\Users\alain\AppData\Local\MigWiz
[26/12/2008|02:05] C:\Users\alain\AppData\Local\Moodysoft
[25/12/2008|03:12] C:\Users\alain\AppData\Local\Mozilla
[05/05/2009|17:19] C:\Users\alain\AppData\Local\Nikon
[23/04/2009|18:30] C:\Users\alain\AppData\Local\Pando
[11/05/2009|02:20] C:\Users\alain\AppData\Local\PlayMovie
[11/05/2009|02:20] C:\Users\alain\AppData\Local\PokerStars
[11/05/2009|02:20] C:\Users\alain\AppData\Local\PokerStars.NET
[11/05/2009|02:20] C:\Users\alain\AppData\Local\PowerCinema
[11/05/2009|02:20] C:\Users\alain\AppData\Local\SoftDMA
[10/05/2009|22:02] C:\Users\alain\AppData\Local\Temp
[04/12/2008|18:00] C:\Users\alain\AppData\Local\Temporary Internet Files
[03/05/2009|19:07] C:\Users\alain\AppData\Local\Thunderbird
[25/12/2008|13:43] C:\Users\alain\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[07/05/2009 16:58][--a------] C:\Windows\tasks\Ad-Aware Update (Weekly).job
[10/05/2009 16:28][--a------] C:\Windows\tasks\GoogleUpdateTaskMachine.job
[10/05/2009 16:31][--a------] C:\Windows\tasks\Google Software Updater.job
[10/05/2009 16:28][--ah-----] C:\Windows\tasks\SA.DAT
[08/05/2009 09:01][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[25/07/2008|15:22] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[01/01/2009|22:09] C:\ProgramData\Adobe
[02/11/2006|15:02] C:\ProgramData\Application Data
[11/10/2008|02:54] C:\ProgramData\ArcadeDeluxe2.log
[27/04/2009|15:53] C:\ProgramData\Avira
[04/12/2008|17:56] C:\ProgramData\Bureau
[07/04/2009|10:58] C:\ProgramData\CyberLink
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[25/12/2008|04:35] C:\ProgramData\eMule
[05/05/2009|17:27] C:\ProgramData\EnterNHelp
[25/12/2008|01:49] C:\ProgramData\eSobi
[04/12/2008|17:56] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[11/05/2009|02:20] C:\ProgramData\FLEXnet
[25/07/2008|15:05] C:\ProgramData\FloodLightGames
[25/12/2008|01:17] C:\ProgramData\Google
[10/05/2009|16:31] C:\ProgramData\Google Updater
[03/05/2009|18:11] C:\ProgramData\IM
[03/05/2009|18:09] C:\ProgramData\IncrediMail
[07/01/2009|20:26] C:\ProgramData\KONAMI
[27/04/2009|13:04] C:\ProgramData\Lavasoft
[27/04/2009|14:18] C:\ProgramData\ma-config.com
[27/04/2009|14:23] C:\ProgramData\Malwarebytes
[05/03/2009|11:14] C:\ProgramData\McAfee
[04/12/2008|17:56] C:\ProgramData\Menu D‚marrer
[07/05/2009|03:40] C:\ProgramData\Messenger Plus!
[14/03/2009|00:59] C:\ProgramData\Microsoft
[04/05/2009|03:01] C:\ProgramData\Microsoft Help
[04/12/2008|17:56] C:\ProgramData\ModŠles
[29/03/2009|15:28] C:\ProgramData\Motive
[02/02/2009|19:43] C:\ProgramData\NCH Software
[02/02/2009|19:41] C:\ProgramData\NCH Swift Sound
[05/05/2009|17:28] C:\ProgramData\Nikon
[25/12/2008|16:00] C:\ProgramData\NOS
[25/12/2008|19:52] C:\ProgramData\ntuser.pol
[11/10/2008|03:05] C:\ProgramData\NVIDIA
[10/05/2009|16:29] C:\ProgramData\nvModes.001
[09/05/2009|23:31] C:\ProgramData\nvModes.dat
[07/05/2009|18:31] C:\ProgramData\PKP_DLbx.DAT
[07/05/2009|18:06] C:\ProgramData\PKP_DLdu.DAT
[05/05/2009|17:27] C:\ProgramData\Pop Kit
[05/05/2009|17:27] C:\ProgramData\Profiles
[26/12/2008|11:10] C:\ProgramData\SiteAdvisor
[29/03/2009|17:46] C:\ProgramData\Sports Interactive
[02/11/2006|15:02] C:\ProgramData\Start Menu
[05/05/2009|17:19] C:\ProgramData\Sync Services
[24/03/2009|10:47] C:\ProgramData\Temp
[02/11/2006|15:02] C:\ProgramData\Templates
[11/10/2008|02:48] C:\ProgramData\UIB
[05/05/2009|17:27] C:\ProgramData\Ultima_T15
[05/05/2009|17:19] C:\ProgramData\Widgets
[02/01/2009|18:29] C:\ProgramData\WindowsSearch
[25/12/2008|02:39] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[25/12/2008|01:35] C:\Program Files\Acer
[11/10/2008|02:54] C:\Program Files\Acer Arcade Deluxe
[25/12/2008|01:52] C:\Program Files\Acer GameZone
[11/10/2008|02:39] C:\Program Files\Acer Inc
[11/10/2008|03:01] C:\Program Files\Acer Incorporated
[25/07/2008|15:22] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[15/02/2009|22:18] C:\Program Files\Adobe
[25/12/2008|02:56] C:\Program Files\Adobe1
[26/12/2008|11:52] C:\Program Files\Alcohol Soft
[14/03/2009|00:50] C:\Program Files\Alwil Software
[19/04/2009|04:30] C:\Program Files\Audacity
[27/04/2009|15:53] C:\Program Files\Avira
[25/12/2008|20:08] C:\Program Files\AviSynth 2.5
[27/12/2008|16:39] C:\Program Files\CamStudio
[29/03/2009|15:27] C:\Program Files\Club-Internet
[05/05/2009|17:28] C:\Program Files\Common Files
[25/07/2008|14:42] C:\Program Files\CONEXANT
[25/07/2008|15:18] C:\Program Files\Convesoft
[25/12/2008|01:59] C:\Program Files\Cyberlink
[27/04/2009|14:17] C:\Program Files\DivX
[25/12/2008|16:37] C:\Program Files\eMule
[09/02/2009|00:27] C:\Program Files\Eraser
[25/12/2008|20:06] C:\Program Files\eRightSoft
[04/12/2008|17:56] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[07/02/2009|19:09] C:\Program Files\FileZilla FTP Client
[29/12/2008|19:03] C:\Program Files\GetData
[30/03/2009|23:52] C:\Program Files\Google
[29/04/2009|17:01] C:\Program Files\Holdem Indicator
[03/05/2009|18:52] C:\Program Files\IncrediMail
[08/05/2009|09:02] C:\Program Files\InstallShield Installation Information
[25/07/2008|14:38] C:\Program Files\Intel
[22/01/2009|23:04] C:\Program Files\Internet Download Manager
[16/04/2009|03:10] C:\Program Files\Internet Explorer
[18/02/2009|14:13] C:\Program Files\Intuisphere
[28/03/2009|12:35] C:\Program Files\Java
[07/01/2009|20:18] C:\Program Files\KONAMI
[25/12/2008|02:18] C:\Program Files\Launch Manager
[27/04/2009|13:04] C:\Program Files\Lavasoft
[27/04/2009|14:18] C:\Program Files\ma-config.com
[10/05/2009|19:28] C:\Program Files\Malwarebytes' Anti-Malware
[05/03/2009|21:16] C:\Program Files\Messenger Plus! Live
[01/03/2009|22:05] C:\Program Files\Microsoft
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[26/12/2008|23:33] C:\Program Files\Microsoft Office
[26/12/2008|23:33] C:\Program Files\Microsoft Visual Studio
[26/12/2008|23:28] C:\Program Files\Microsoft Visual Studio 8
[26/12/2008|23:34] C:\Program Files\Microsoft Works
[26/12/2008|23:32] C:\Program Files\Microsoft.NET
[26/12/2008|02:05] C:\Program Files\Moodysoft
[21/01/2008|04:35] C:\Program Files\Movie Maker
[10/05/2009|16:34] C:\Program Files\Mozilla Firefox
[04/05/2009|18:59] C:\Program Files\Mozilla Thunderbird
[26/12/2008|23:33] C:\Program Files\MSBuild
[25/12/2008|22:59] C:\Program Files\MSXML 4.0
[02/02/2009|19:50] C:\Program Files\NCH Software
[25/07/2008|15:16] C:\Program Files\NewTech Infosystems
[05/05/2009|17:28] C:\Program Files\Nikon
[25/12/2008|04:43] C:\Program Files\NOS
[03/03/2009|01:25] C:\Program Files\Oberon Media
[23/04/2009|18:30] C:\Program Files\Pando Networks
[04/01/2009|18:15] C:\Program Files\Pcsx2_0.9.4
[25/12/2008|16:36] C:\Program Files\PDFCreator
[29/04/2009|16:59] C:\Program Files\Pokerbility
[23/04/2009|23:45] C:\Program Files\PokerStars
[29/12/2008|19:56] C:\Program Files\PSCS2Updater
[25/07/2008|14:40] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[29/03/2009|14:29] C:\Program Files\SFR
[26/12/2008|20:58] C:\Program Files\SiteAdvisor
[16/04/2009|18:48] C:\Program Files\SopCast
[03/01/2009|11:46] C:\Program Files\Sports Interactive
[25/07/2008|14:44] C:\Program Files\Synaptics
[29/04/2009|17:01] C:\Program Files\Tournament Indicator
[08/05/2009|10:33] C:\Program Files\Trend Micro
[31/01/2009|20:37] C:\Program Files\TVAnts
[25/12/2008|19:57] C:\Program Files\UDPixel
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[04/01/2009|18:12] C:\Program Files\uTorrent
[15/03/2009|21:50] C:\Program Files\Veetle
[25/12/2008|03:05] C:\Program Files\VideoLAN
[25/12/2008|19:22] C:\Program Files\VSO
[08/05/2009|19:40] C:\Program Files\WebCamSplitter Pro
[25/07/2008|14:44] C:\Program Files\Winbond Electronics Corporation
[21/01/2008|04:35] C:\Program Files\Windows Calendar
[21/01/2008|04:35] C:\Program Files\Windows Collaboration
[21/01/2008|04:35] C:\Program Files\Windows Defender
[21/01/2008|04:35] C:\Program Files\Windows Journal
[01/03/2009|22:04] C:\Program Files\Windows Live
[11/05/2009|02:20] C:\Program Files\Windows Live Safety Center
[01/03/2009|22:05] C:\Program Files\Windows Live SkyDrive
[16/04/2009|03:10] C:\Program Files\Windows Mail
[12/03/2009|04:06] C:\Program Files\Windows Media Player
[04/12/2008|17:56] C:\Program Files\Windows NT
[21/01/2008|04:35] C:\Program Files\Windows Photo Gallery
[21/01/2008|04:35] C:\Program Files\Windows Sidebar
[25/12/2008|19:47] C:\Program Files\WinRAR
[01/04/2009|00:50] C:\Program Files\Xilisoft
[03/01/2009|11:51] C:\Program Files\Zero G Registry
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[01/01/2009|22:49] C:\Program Files\Common Files\Adobe
[26/12/2008|23:33] C:\Program Files\Common Files\DESIGNER
[05/05/2009|17:15] C:\Program Files\Common Files\InstallShield
[25/07/2008|15:16] C:\Program Files\Common Files\LightScribe
[31/12/2008|14:15] C:\Program Files\Common Files\Macrovision Shared
[01/03/2009|22:05] C:\Program Files\Common Files\microsoft shared
[05/05/2009|17:28] C:\Program Files\Common Files\muvee Technologies
[05/05/2009|17:29] C:\Program Files\Common Files\Nikon
[27/04/2009|14:17] C:\Program Files\Common Files\PX Storage Engine
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[11/10/2008|02:49] C:\Program Files\Common Files\SPBA
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[25/12/2008|01:40] C:\Program Files\Common Files\SWF Studio
[26/12/2008|23:28] C:\Program Files\Common Files\System
[01/03/2009|21:59] C:\Program Files\Common Files\Windows Live
[25/12/2008|02:44] C:\Program Files\Common Files\WindowsLiveInstaller
--------------------\\ Process
( 84 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-10 22:03:22
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
disk error: C:\Windows\System32\
please note that you need administrator rights to perform deep scan
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:412][D:151]-> C:\Users\alain\AppData\Local\Temp
[F:18][D:1]-> C:\Users\alain\AppData\Roaming\MICROS~1\Windows\Cookies
[F:140][D:9]-> C:\Users\alain\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:347][D:13]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 10/05/2009|20:57 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 10/05/2009|22:04 - Option : [2]
--------------------\\ Fin du rapport a 22:04:01
[ UAC => 1 ]
Utilisateur anonyme
10 mai 2009 à 22:18
10 mai 2009 à 22:18
-> Scan BitDefender
Fais une analyse antivirus en ligne sur BitDefender on line avec Internet Explorer
* Clique en bas à gauche sur Scan on line.
* Accepte la licence et laisse-le installer l'Active x..
* Laisse-toi guider. Colle son rapport ici.
Aide
Fais une analyse antivirus en ligne sur BitDefender on line avec Internet Explorer
* Clique en bas à gauche sur Scan on line.
* Accepte la licence et laisse-le installer l'Active x..
* Laisse-toi guider. Colle son rapport ici.
Aide
Utilisateur anonyme
10 mai 2009 à 22:29
10 mai 2009 à 22:29
essaie de faire ceci :
Clique sur le menu Demarrer /Panneau de configuration/Options des dossiers/ puis dans l'onglet Affichage
- Coche Afficher les fichiers et dossiers cachés
- Décoche Masquer les extensions des fichiers dont le type est connu
- Décoche Masquer les fichiers protégés du système d'exploitation (recommandé)
clique sur Appliquer, puis OK.
N'oublie pas de recacher à nouveau les fichiers cachés et protégés du système d'exploitation en fin de désinfection, c'est important
Fais analyser le(s) fichier(s) suivants sur Virustotal :
Virus Total
* Clique sur Parcourir en haut, choisis Poste de travail et cherche ce fichier :
C:\Program Files\Internet Explorer\iexplore.exe
* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté
* Une nouvelle fenêtre de ton navigateur va apparaître
* Clique alors sur les deux fleches
* Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
* Enfin colle le résultat dans ta prochaine réponse.
Clique sur le menu Demarrer /Panneau de configuration/Options des dossiers/ puis dans l'onglet Affichage
- Coche Afficher les fichiers et dossiers cachés
- Décoche Masquer les extensions des fichiers dont le type est connu
- Décoche Masquer les fichiers protégés du système d'exploitation (recommandé)
clique sur Appliquer, puis OK.
N'oublie pas de recacher à nouveau les fichiers cachés et protégés du système d'exploitation en fin de désinfection, c'est important
Fais analyser le(s) fichier(s) suivants sur Virustotal :
Virus Total
* Clique sur Parcourir en haut, choisis Poste de travail et cherche ce fichier :
C:\Program Files\Internet Explorer\iexplore.exe
* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté
* Une nouvelle fenêtre de ton navigateur va apparaître
* Clique alors sur les deux fleches
* Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
* Enfin colle le résultat dans ta prochaine réponse.
Fichier iexplore.exe reçu le 2009.05.10 22:34:34 (CET)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.05.10 -
AhnLab-V3 5.0.0.2 2009.05.09 -
AntiVir 7.9.0.166 2009.05.10 -
Antiy-AVL 2.0.3.1 2009.05.08 -
Authentium 5.1.2.4 2009.05.09 -
Avast 4.8.1335.0 2009.05.10 -
BitDefender 7.2 2009.05.10 -
CAT-QuickHeal 10.00 2009.05.09 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.10 -
eTrust-Vet 31.6.6497 2009.05.08 -
F-Prot 4.4.4.56 2009.05.09 -
GData 19 2009.05.10 -
Ikarus T3.1.1.49.0 2009.05.10 -
K7AntiVirus 7.10.729 2009.05.08 -
Kaspersky 7.0.0.125 2009.05.10 -
McAfee 5611 2009.05.10 -
McAfee+Artemis 5611 2009.05.10 -
Microsoft 1.4602 2009.05.10 -
NOD32 4063 2009.05.08 -
Norman 6.01.05 2009.05.08 -
nProtect 2009.1.8.0 2009.05.10 -
Panda 10.0.0.14 2009.05.10 -
Prevx 3.0 2009.05.10 -
Rising 21.28.62.00 2009.05.10 -
Sophos 4.41.0 2009.05.10 -
Sunbelt 3.2.1858.2 2009.05.09 -
Symantec 1.4.4.12 2009.05.10 -
TheHacker 6.3.4.1.324 2009.05.09 -
TrendMicro 8.950.0.1092 2009.05.08 -
ViRobot 2009.5.9.1727 2009.05.09 -
VirusBuster 4.6.5.0 2009.05.10 -
Information additionnelle
File size: 636072 bytes
MD5...: 9e6c1527d9a2c64bfd780aa23075380f
SHA1..: c4e18a4b7bd9467472951bf405fe75145f781332
SHA256: 42334132c98173002d6d888529811dd0595f26b1e3c1afee998bb9de81bce95f
SHA512: d0ac393a7aeaa6c81f8651aa007afa5f621232ed61e341fcba0f383bbf6c4f5d<br>cd64de480945b825fb1425bb7b3f2866d6256d2d43d22202903475a0f5d0a4c3
ssdeep: 12288:ibX+pd167QhE0s7+jM+M6ugRfMMkIM7tX+pd167QhE0S7+LI:UE6Ehg7mM<br>+M6RkMkIM7tE6Ehm7r<br>
PEiD..: -
TrID..: File type identification<br>Win64 Executable Generic (59.6%)<br>Win32 Executable MS Visual C++ (generic) (26.2%)<br>Win32 Executable Generic (5.9%)<br>Win32 Dynamic Link Library (generic) (5.2%)<br>Generic Win/DOS Executable (1.3%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x30dd<br>timedatestamp.....: 0x49ac95d6 (Tue Mar 03 02:28:38 2009)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0xeea5 0xf000 5.87 e22b43517f36340bc1de8605db6019bb<br>.data 0x10000 0x1020 0xe00 1.82 7e1c58dc94b91b164795ed38c51da1d0<br>.rsrc 0x12000 0x883e0 0x88400 6.87 14e29232fdc8378dad2b7403a84d875b<br>.reloc 0x9b000 0xdd0 0xe00 6.47 b2c707685292072544e6aa47ed4f54df<br><br>( 12 imports ) <br>> ADVAPI32.dll: RegCloseKey, RegQueryValueExW, RegOpenKeyExW, RegEnumValueW, RegEnumKeyW, RegSetValueExW, RegCreateKeyExW, RegDeleteValueW, RegDeleteKeyW, RegQueryInfoKeyW, RegQueryValueW<br>> KERNEL32.dll: InitializeCriticalSection, SetErrorMode, HeapSetInformation, SetUnhandledExceptionFilter, DeleteCriticalSection, GetCommandLineW, LocalAlloc, ExpandEnvironmentStringsW, LocalFree, CreateMutexW, GetLastError, RaiseException, LoadLibraryA, WaitForSingleObjectEx, CreateFileMappingW, GetLongPathNameW, GetFileAttributesExW, CompareFileTime, lstrcmpW, LoadLibraryW, InitializeCriticalSectionAndSpinCount, GetCurrentDirectoryW, WaitForSingleObject, GetSystemDefaultLCID, GetUserDefaultLCID, EnterCriticalSection, LeaveCriticalSection, SearchPathW, FindResourceW, GetUserDefaultUILanguage, GetSystemDefaultUILanguage, FreeLibrary, GetLocaleInfoW, CreateFileW, LoadLibraryExW, FindResourceExW, LoadResource, UnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, GetSystemTimeAsFileTime, GetTickCount, QueryPerformanceCounter, GetModuleHandleA, OutputDebugStringA, GetStartupInfoW, InterlockedCompareExchange, Sleep, InterlockedExchange, MapViewOfFile, GetCurrentProcessId, OpenProcess, CreateEventW, GetCurrentThreadId, CreateProcessW, WaitForMultipleObjects, UnmapViewOfFile, lstrlenW, GetModuleHandleW, GetProcAddress, SetDllDirectoryW, SetLastError, CloseHandle, ReleaseMutex, GetVersionExW, GetModuleFileNameW, CompareStringW<br>> GDI32.dll: CreateFontIndirectW, GetObjectW, DeleteObject<br>> USER32.dll: SendMessageW, CharNextW, CharUpperW, GetUserObjectInformationW, GetThreadDesktop, DialogBoxParamW, IsDlgButtonChecked, EnableWindow, EndDialog, SetDlgItemTextW, GetDlgItem, LoadStringW, MessageBoxW, AllowSetForegroundWindow, SendDlgItemMessageW, GetParent<br>> msvcrt.dll: __wgetmainargs, _cexit, _exit, _XcptFilter, exit, _wcmdln, _initterm, _amsg_exit, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, memcpy, memmove, _terminate@@YAXXZ, _controlfp, _unlock, _lock, _onexit, _errno, __2@YAPAXI@Z, __3@YAXPAX@Z, wcsstr, memset, wcsncmp, _vsnwprintf, _wcsicmp, _wcsnicmp, bsearch, _wtoi, wcschr, __dllonexit<br>> ntdll.dll: RtlUnwind<br>> SHLWAPI.dll: -, -, PathRemoveFileSpecW, PathAppendW, PathQuoteSpacesW, SHGetValueW, StrStrW, UrlApplySchemeW, UrlCreateFromPathW, PathCombineW, UrlCanonicalizeW, -, PathIsURLW, PathAddBackslashW, -, SHEnumValueW, SHQueryValueExW, -, SHRegGetValueW, SHSetValueW, StrToIntExW, SHDeleteKeyW, PathUnquoteSpacesW, PathFindFileNameW<br>> SHELL32.dll: -, CommandLineToArgvW<br>> ole32.dll: CoInitialize, CoTaskMemFree, CoUninitialize, CoTaskMemAlloc, CoCreateInstance, StringFromGUID2, CoGetTreatAsClass<br>> urlmon.dll: -<br>> iertutil.dll: -, -, -, -, -, -, -, -, -, -, -, -<br>> VERSION.dll: GetFileVersionInfoSizeW, GetFileVersionInfoW, VerQueryValueW<br><br>( 0 exports ) <br>
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=9e6c1527d9a2c64bfd780aa23075380f' target='_blank'>http://research.sunbelt-software.com/...
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.05.10 -
AhnLab-V3 5.0.0.2 2009.05.09 -
AntiVir 7.9.0.166 2009.05.10 -
Antiy-AVL 2.0.3.1 2009.05.08 -
Authentium 5.1.2.4 2009.05.09 -
Avast 4.8.1335.0 2009.05.10 -
BitDefender 7.2 2009.05.10 -
CAT-QuickHeal 10.00 2009.05.09 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.10 -
eTrust-Vet 31.6.6497 2009.05.08 -
F-Prot 4.4.4.56 2009.05.09 -
GData 19 2009.05.10 -
Ikarus T3.1.1.49.0 2009.05.10 -
K7AntiVirus 7.10.729 2009.05.08 -
Kaspersky 7.0.0.125 2009.05.10 -
McAfee 5611 2009.05.10 -
McAfee+Artemis 5611 2009.05.10 -
Microsoft 1.4602 2009.05.10 -
NOD32 4063 2009.05.08 -
Norman 6.01.05 2009.05.08 -
nProtect 2009.1.8.0 2009.05.10 -
Panda 10.0.0.14 2009.05.10 -
Prevx 3.0 2009.05.10 -
Rising 21.28.62.00 2009.05.10 -
Sophos 4.41.0 2009.05.10 -
Sunbelt 3.2.1858.2 2009.05.09 -
Symantec 1.4.4.12 2009.05.10 -
TheHacker 6.3.4.1.324 2009.05.09 -
TrendMicro 8.950.0.1092 2009.05.08 -
ViRobot 2009.5.9.1727 2009.05.09 -
VirusBuster 4.6.5.0 2009.05.10 -
Information additionnelle
File size: 636072 bytes
MD5...: 9e6c1527d9a2c64bfd780aa23075380f
SHA1..: c4e18a4b7bd9467472951bf405fe75145f781332
SHA256: 42334132c98173002d6d888529811dd0595f26b1e3c1afee998bb9de81bce95f
SHA512: d0ac393a7aeaa6c81f8651aa007afa5f621232ed61e341fcba0f383bbf6c4f5d<br>cd64de480945b825fb1425bb7b3f2866d6256d2d43d22202903475a0f5d0a4c3
ssdeep: 12288:ibX+pd167QhE0s7+jM+M6ugRfMMkIM7tX+pd167QhE0S7+LI:UE6Ehg7mM<br>+M6RkMkIM7tE6Ehm7r<br>
PEiD..: -
TrID..: File type identification<br>Win64 Executable Generic (59.6%)<br>Win32 Executable MS Visual C++ (generic) (26.2%)<br>Win32 Executable Generic (5.9%)<br>Win32 Dynamic Link Library (generic) (5.2%)<br>Generic Win/DOS Executable (1.3%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x30dd<br>timedatestamp.....: 0x49ac95d6 (Tue Mar 03 02:28:38 2009)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0xeea5 0xf000 5.87 e22b43517f36340bc1de8605db6019bb<br>.data 0x10000 0x1020 0xe00 1.82 7e1c58dc94b91b164795ed38c51da1d0<br>.rsrc 0x12000 0x883e0 0x88400 6.87 14e29232fdc8378dad2b7403a84d875b<br>.reloc 0x9b000 0xdd0 0xe00 6.47 b2c707685292072544e6aa47ed4f54df<br><br>( 12 imports ) <br>> ADVAPI32.dll: RegCloseKey, RegQueryValueExW, RegOpenKeyExW, RegEnumValueW, RegEnumKeyW, RegSetValueExW, RegCreateKeyExW, RegDeleteValueW, RegDeleteKeyW, RegQueryInfoKeyW, RegQueryValueW<br>> KERNEL32.dll: InitializeCriticalSection, SetErrorMode, HeapSetInformation, SetUnhandledExceptionFilter, DeleteCriticalSection, GetCommandLineW, LocalAlloc, ExpandEnvironmentStringsW, LocalFree, CreateMutexW, GetLastError, RaiseException, LoadLibraryA, WaitForSingleObjectEx, CreateFileMappingW, GetLongPathNameW, GetFileAttributesExW, CompareFileTime, lstrcmpW, LoadLibraryW, InitializeCriticalSectionAndSpinCount, GetCurrentDirectoryW, WaitForSingleObject, GetSystemDefaultLCID, GetUserDefaultLCID, EnterCriticalSection, LeaveCriticalSection, SearchPathW, FindResourceW, GetUserDefaultUILanguage, GetSystemDefaultUILanguage, FreeLibrary, GetLocaleInfoW, CreateFileW, LoadLibraryExW, FindResourceExW, LoadResource, UnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, GetSystemTimeAsFileTime, GetTickCount, QueryPerformanceCounter, GetModuleHandleA, OutputDebugStringA, GetStartupInfoW, InterlockedCompareExchange, Sleep, InterlockedExchange, MapViewOfFile, GetCurrentProcessId, OpenProcess, CreateEventW, GetCurrentThreadId, CreateProcessW, WaitForMultipleObjects, UnmapViewOfFile, lstrlenW, GetModuleHandleW, GetProcAddress, SetDllDirectoryW, SetLastError, CloseHandle, ReleaseMutex, GetVersionExW, GetModuleFileNameW, CompareStringW<br>> GDI32.dll: CreateFontIndirectW, GetObjectW, DeleteObject<br>> USER32.dll: SendMessageW, CharNextW, CharUpperW, GetUserObjectInformationW, GetThreadDesktop, DialogBoxParamW, IsDlgButtonChecked, EnableWindow, EndDialog, SetDlgItemTextW, GetDlgItem, LoadStringW, MessageBoxW, AllowSetForegroundWindow, SendDlgItemMessageW, GetParent<br>> msvcrt.dll: __wgetmainargs, _cexit, _exit, _XcptFilter, exit, _wcmdln, _initterm, _amsg_exit, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, memcpy, memmove, _terminate@@YAXXZ, _controlfp, _unlock, _lock, _onexit, _errno, __2@YAPAXI@Z, __3@YAXPAX@Z, wcsstr, memset, wcsncmp, _vsnwprintf, _wcsicmp, _wcsnicmp, bsearch, _wtoi, wcschr, __dllonexit<br>> ntdll.dll: RtlUnwind<br>> SHLWAPI.dll: -, -, PathRemoveFileSpecW, PathAppendW, PathQuoteSpacesW, SHGetValueW, StrStrW, UrlApplySchemeW, UrlCreateFromPathW, PathCombineW, UrlCanonicalizeW, -, PathIsURLW, PathAddBackslashW, -, SHEnumValueW, SHQueryValueExW, -, SHRegGetValueW, SHSetValueW, StrToIntExW, SHDeleteKeyW, PathUnquoteSpacesW, PathFindFileNameW<br>> SHELL32.dll: -, CommandLineToArgvW<br>> ole32.dll: CoInitialize, CoTaskMemFree, CoUninitialize, CoTaskMemAlloc, CoCreateInstance, StringFromGUID2, CoGetTreatAsClass<br>> urlmon.dll: -<br>> iertutil.dll: -, -, -, -, -, -, -, -, -, -, -, -<br>> VERSION.dll: GetFileVersionInfoSizeW, GetFileVersionInfoW, VerQueryValueW<br><br>( 0 exports ) <br>
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=9e6c1527d9a2c64bfd780aa23075380f' target='_blank'>http://research.sunbelt-software.com/...
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.05.10 -
AhnLab-V3 5.0.0.2 2009.05.09 -
AntiVir 7.9.0.166 2009.05.10 -
Antiy-AVL 2.0.3.1 2009.05.08 -
Authentium 5.1.2.4 2009.05.09 -
Avast 4.8.1335.0 2009.05.10 -
BitDefender 7.2 2009.05.10 -
CAT-QuickHeal 10.00 2009.05.09 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.10 -
eTrust-Vet 31.6.6497 2009.05.08 -
F-Prot 4.4.4.56 2009.05.09 -
GData 19 2009.05.10 -
Ikarus T3.1.1.49.0 2009.05.10 -
K7AntiVirus 7.10.729 2009.05.08 -
Kaspersky 7.0.0.125 2009.05.10 -
McAfee 5611 2009.05.10 -
McAfee+Artemis 5611 2009.05.10 -
Microsoft 1.4602 2009.05.10 -
NOD32 4063 2009.05.08 -
Norman 6.01.05 2009.05.08 -
nProtect 2009.1.8.0 2009.05.10 -
Panda 10.0.0.14 2009.05.10 -
Prevx 3.0 2009.05.10 -
Rising 21.28.62.00 2009.05.10 -
Sophos 4.41.0 2009.05.10 -
Sunbelt 3.2.1858.2 2009.05.09 -
Symantec 1.4.4.12 2009.05.10 -
TheHacker 6.3.4.1.324 2009.05.09 -
TrendMicro 8.950.0.1092 2009.05.08 -
ViRobot 2009.5.9.1727 2009.05.09 -
VirusBuster 4.6.5.0 2009.05.10 -
Information additionnelle
File size: 636072 bytes
MD5...: 9e6c1527d9a2c64bfd780aa23075380f
SHA1..: c4e18a4b7bd9467472951bf405fe75145f781332
SHA256: 42334132c98173002d6d888529811dd0595f26b1e3c1afee998bb9de81bce95f
SHA512: d0ac393a7aeaa6c81f8651aa007afa5f621232ed61e341fcba0f383bbf6c4f5d<br>cd64de480945b825fb1425bb7b3f2866d6256d2d43d22202903475a0f5d0a4c3
ssdeep: 12288:ibX+pd167QhE0s7+jM+M6ugRfMMkIM7tX+pd167QhE0S7+LI:UE6Ehg7mM<br>+M6RkMkIM7tE6Ehm7r<br>
PEiD..: -
TrID..: File type identification<br>Win64 Executable Generic (59.6%)<br>Win32 Executable MS Visual C++ (generic) (26.2%)<br>Win32 Executable Generic (5.9%)<br>Win32 Dynamic Link Library (generic) (5.2%)<br>Generic Win/DOS Executable (1.3%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x30dd<br>timedatestamp.....: 0x49ac95d6 (Tue Mar 03 02:28:38 2009)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0xeea5 0xf000 5.87 e22b43517f36340bc1de8605db6019bb<br>.data 0x10000 0x1020 0xe00 1.82 7e1c58dc94b91b164795ed38c51da1d0<br>.rsrc 0x12000 0x883e0 0x88400 6.87 14e29232fdc8378dad2b7403a84d875b<br>.reloc 0x9b000 0xdd0 0xe00 6.47 b2c707685292072544e6aa47ed4f54df<br><br>( 12 imports ) <br>> ADVAPI32.dll: RegCloseKey, RegQueryValueExW, RegOpenKeyExW, RegEnumValueW, RegEnumKeyW, RegSetValueExW, RegCreateKeyExW, RegDeleteValueW, RegDeleteKeyW, RegQueryInfoKeyW, RegQueryValueW<br>> KERNEL32.dll: InitializeCriticalSection, SetErrorMode, HeapSetInformation, SetUnhandledExceptionFilter, DeleteCriticalSection, GetCommandLineW, LocalAlloc, ExpandEnvironmentStringsW, LocalFree, CreateMutexW, GetLastError, RaiseException, LoadLibraryA, WaitForSingleObjectEx, CreateFileMappingW, GetLongPathNameW, GetFileAttributesExW, CompareFileTime, lstrcmpW, LoadLibraryW, InitializeCriticalSectionAndSpinCount, GetCurrentDirectoryW, WaitForSingleObject, GetSystemDefaultLCID, GetUserDefaultLCID, EnterCriticalSection, LeaveCriticalSection, SearchPathW, FindResourceW, GetUserDefaultUILanguage, GetSystemDefaultUILanguage, FreeLibrary, GetLocaleInfoW, CreateFileW, LoadLibraryExW, FindResourceExW, LoadResource, UnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, GetSystemTimeAsFileTime, GetTickCount, QueryPerformanceCounter, GetModuleHandleA, OutputDebugStringA, GetStartupInfoW, InterlockedCompareExchange, Sleep, InterlockedExchange, MapViewOfFile, GetCurrentProcessId, OpenProcess, CreateEventW, GetCurrentThreadId, CreateProcessW, WaitForMultipleObjects, UnmapViewOfFile, lstrlenW, GetModuleHandleW, GetProcAddress, SetDllDirectoryW, SetLastError, CloseHandle, ReleaseMutex, GetVersionExW, GetModuleFileNameW, CompareStringW<br>> GDI32.dll: CreateFontIndirectW, GetObjectW, DeleteObject<br>> USER32.dll: SendMessageW, CharNextW, CharUpperW, GetUserObjectInformationW, GetThreadDesktop, DialogBoxParamW, IsDlgButtonChecked, EnableWindow, EndDialog, SetDlgItemTextW, GetDlgItem, LoadStringW, MessageBoxW, AllowSetForegroundWindow, SendDlgItemMessageW, GetParent<br>> msvcrt.dll: __wgetmainargs, _cexit, _exit, _XcptFilter, exit, _wcmdln, _initterm, _amsg_exit, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, memcpy, memmove, _terminate@@YAXXZ, _controlfp, _unlock, _lock, _onexit, _errno, __2@YAPAXI@Z, __3@YAXPAX@Z, wcsstr, memset, wcsncmp, _vsnwprintf, _wcsicmp, _wcsnicmp, bsearch, _wtoi, wcschr, __dllonexit<br>> ntdll.dll: RtlUnwind<br>> SHLWAPI.dll: -, -, PathRemoveFileSpecW, PathAppendW, PathQuoteSpacesW, SHGetValueW, StrStrW, UrlApplySchemeW, UrlCreateFromPathW, PathCombineW, UrlCanonicalizeW, -, PathIsURLW, PathAddBackslashW, -, SHEnumValueW, SHQueryValueExW, -, SHRegGetValueW, SHSetValueW, StrToIntExW, SHDeleteKeyW, PathUnquoteSpacesW, PathFindFileNameW<br>> SHELL32.dll: -, CommandLineToArgvW<br>> ole32.dll: CoInitialize, CoTaskMemFree, CoUninitialize, CoTaskMemAlloc, CoCreateInstance, StringFromGUID2, CoGetTreatAsClass<br>> urlmon.dll: -<br>> iertutil.dll: -, -, -, -, -, -, -, -, -, -, -, -<br>> VERSION.dll: GetFileVersionInfoSizeW, GetFileVersionInfoW, VerQueryValueW<br><br>( 0 exports ) <br>
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=9e6c1527d9a2c64bfd780aa23075380f' target='_blank'>http://research.sunbelt-software.com/...
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.05.10 -
AhnLab-V3 5.0.0.2 2009.05.09 -
AntiVir 7.9.0.166 2009.05.10 -
Antiy-AVL 2.0.3.1 2009.05.08 -
Authentium 5.1.2.4 2009.05.09 -
Avast 4.8.1335.0 2009.05.10 -
BitDefender 7.2 2009.05.10 -
CAT-QuickHeal 10.00 2009.05.09 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.10 -
eTrust-Vet 31.6.6497 2009.05.08 -
F-Prot 4.4.4.56 2009.05.09 -
GData 19 2009.05.10 -
Ikarus T3.1.1.49.0 2009.05.10 -
K7AntiVirus 7.10.729 2009.05.08 -
Kaspersky 7.0.0.125 2009.05.10 -
McAfee 5611 2009.05.10 -
McAfee+Artemis 5611 2009.05.10 -
Microsoft 1.4602 2009.05.10 -
NOD32 4063 2009.05.08 -
Norman 6.01.05 2009.05.08 -
nProtect 2009.1.8.0 2009.05.10 -
Panda 10.0.0.14 2009.05.10 -
Prevx 3.0 2009.05.10 -
Rising 21.28.62.00 2009.05.10 -
Sophos 4.41.0 2009.05.10 -
Sunbelt 3.2.1858.2 2009.05.09 -
Symantec 1.4.4.12 2009.05.10 -
TheHacker 6.3.4.1.324 2009.05.09 -
TrendMicro 8.950.0.1092 2009.05.08 -
ViRobot 2009.5.9.1727 2009.05.09 -
VirusBuster 4.6.5.0 2009.05.10 -
Information additionnelle
File size: 636072 bytes
MD5...: 9e6c1527d9a2c64bfd780aa23075380f
SHA1..: c4e18a4b7bd9467472951bf405fe75145f781332
SHA256: 42334132c98173002d6d888529811dd0595f26b1e3c1afee998bb9de81bce95f
SHA512: d0ac393a7aeaa6c81f8651aa007afa5f621232ed61e341fcba0f383bbf6c4f5d<br>cd64de480945b825fb1425bb7b3f2866d6256d2d43d22202903475a0f5d0a4c3
ssdeep: 12288:ibX+pd167QhE0s7+jM+M6ugRfMMkIM7tX+pd167QhE0S7+LI:UE6Ehg7mM<br>+M6RkMkIM7tE6Ehm7r<br>
PEiD..: -
TrID..: File type identification<br>Win64 Executable Generic (59.6%)<br>Win32 Executable MS Visual C++ (generic) (26.2%)<br>Win32 Executable Generic (5.9%)<br>Win32 Dynamic Link Library (generic) (5.2%)<br>Generic Win/DOS Executable (1.3%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x30dd<br>timedatestamp.....: 0x49ac95d6 (Tue Mar 03 02:28:38 2009)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0xeea5 0xf000 5.87 e22b43517f36340bc1de8605db6019bb<br>.data 0x10000 0x1020 0xe00 1.82 7e1c58dc94b91b164795ed38c51da1d0<br>.rsrc 0x12000 0x883e0 0x88400 6.87 14e29232fdc8378dad2b7403a84d875b<br>.reloc 0x9b000 0xdd0 0xe00 6.47 b2c707685292072544e6aa47ed4f54df<br><br>( 12 imports ) <br>> ADVAPI32.dll: RegCloseKey, RegQueryValueExW, RegOpenKeyExW, RegEnumValueW, RegEnumKeyW, RegSetValueExW, RegCreateKeyExW, RegDeleteValueW, RegDeleteKeyW, RegQueryInfoKeyW, RegQueryValueW<br>> KERNEL32.dll: InitializeCriticalSection, SetErrorMode, HeapSetInformation, SetUnhandledExceptionFilter, DeleteCriticalSection, GetCommandLineW, LocalAlloc, ExpandEnvironmentStringsW, LocalFree, CreateMutexW, GetLastError, RaiseException, LoadLibraryA, WaitForSingleObjectEx, CreateFileMappingW, GetLongPathNameW, GetFileAttributesExW, CompareFileTime, lstrcmpW, LoadLibraryW, InitializeCriticalSectionAndSpinCount, GetCurrentDirectoryW, WaitForSingleObject, GetSystemDefaultLCID, GetUserDefaultLCID, EnterCriticalSection, LeaveCriticalSection, SearchPathW, FindResourceW, GetUserDefaultUILanguage, GetSystemDefaultUILanguage, FreeLibrary, GetLocaleInfoW, CreateFileW, LoadLibraryExW, FindResourceExW, LoadResource, UnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, GetSystemTimeAsFileTime, GetTickCount, QueryPerformanceCounter, GetModuleHandleA, OutputDebugStringA, GetStartupInfoW, InterlockedCompareExchange, Sleep, InterlockedExchange, MapViewOfFile, GetCurrentProcessId, OpenProcess, CreateEventW, GetCurrentThreadId, CreateProcessW, WaitForMultipleObjects, UnmapViewOfFile, lstrlenW, GetModuleHandleW, GetProcAddress, SetDllDirectoryW, SetLastError, CloseHandle, ReleaseMutex, GetVersionExW, GetModuleFileNameW, CompareStringW<br>> GDI32.dll: CreateFontIndirectW, GetObjectW, DeleteObject<br>> USER32.dll: SendMessageW, CharNextW, CharUpperW, GetUserObjectInformationW, GetThreadDesktop, DialogBoxParamW, IsDlgButtonChecked, EnableWindow, EndDialog, SetDlgItemTextW, GetDlgItem, LoadStringW, MessageBoxW, AllowSetForegroundWindow, SendDlgItemMessageW, GetParent<br>> msvcrt.dll: __wgetmainargs, _cexit, _exit, _XcptFilter, exit, _wcmdln, _initterm, _amsg_exit, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, memcpy, memmove, _terminate@@YAXXZ, _controlfp, _unlock, _lock, _onexit, _errno, __2@YAPAXI@Z, __3@YAXPAX@Z, wcsstr, memset, wcsncmp, _vsnwprintf, _wcsicmp, _wcsnicmp, bsearch, _wtoi, wcschr, __dllonexit<br>> ntdll.dll: RtlUnwind<br>> SHLWAPI.dll: -, -, PathRemoveFileSpecW, PathAppendW, PathQuoteSpacesW, SHGetValueW, StrStrW, UrlApplySchemeW, UrlCreateFromPathW, PathCombineW, UrlCanonicalizeW, -, PathIsURLW, PathAddBackslashW, -, SHEnumValueW, SHQueryValueExW, -, SHRegGetValueW, SHSetValueW, StrToIntExW, SHDeleteKeyW, PathUnquoteSpacesW, PathFindFileNameW<br>> SHELL32.dll: -, CommandLineToArgvW<br>> ole32.dll: CoInitialize, CoTaskMemFree, CoUninitialize, CoTaskMemAlloc, CoCreateInstance, StringFromGUID2, CoGetTreatAsClass<br>> urlmon.dll: -<br>> iertutil.dll: -, -, -, -, -, -, -, -, -, -, -, -<br>> VERSION.dll: GetFileVersionInfoSizeW, GetFileVersionInfoW, VerQueryValueW<br><br>( 0 exports ) <br>
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=9e6c1527d9a2c64bfd780aa23075380f' target='_blank'>http://research.sunbelt-software.com/...
Utilisateur anonyme
10 mai 2009 à 22:46
10 mai 2009 à 22:46
dis moi exactement il ne se passe rien du tout ??
quand tu cliques sur IE ?
quand tu cliques sur IE ?
Ca se lance, la fenetre reste une seconde, et ca se ferme immédiatement.
Mozilla, pareil, et ca me met le message d'erreur disant que mozilla a du fermer.
Malwarebytes, il se lance même pas.
...
Mozilla, pareil, et ca me met le message d'erreur disant que mozilla a du fermer.
Malwarebytes, il se lance même pas.
...