Mon pc est truffer de virussss aidez moi svpp

ederson7 -
Utilisateur anonyme - 13 juil. 2009 à 09:18

Bonjour,
Voila un rapport hijack this je suis sur que mon ordi est truffer de virus il n'arrete pas de bugger svp ;( aidez moi

( sLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:21:23, on 01/06/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Users\Lefeve Catherine\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\conime.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Lefeve Catherine\Downloads\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [WarReg_PopUp] "C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe"
O4 - HKLM\..\Run: [RtHDVCpl] "C:\Windows\RtHDVCpl.exe"
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\RunOnce: [SoftwareHelper] C:\Users\Lefeve Catherine\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe -runonce
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Eset HTTP Server (EHttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\bin32\nSvcAppFlt.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - Unknown owner - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (file missing)
O23 - Service: Service Google Update (gupdate1c9a0149615d04d) (gupdate1c9a0149615d04d) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\bin32\nSvcIp.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\Windows\system32\UAService7.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Unknown owner - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe (file missing)

Afficher la suite

A voir également:

Mon pc est truffer de virussss aidez moi svpp
Mon pc est lent - Guide
Plus de son sur mon pc - Guide
Reinitialiser pc - Guide
Test performance pc - Guide
Downloader for pc - Télécharger - Téléchargement & Transfert

68 réponses

Réponse 41 / 68

Utilisateur anonyme

salut :

http://www.commentcamarche.net/telecharger/telecharger 34055356 online armor personal firewall

Réponse 42 / 68

ederson7

Salut j'ais installé le logiciel mais lorsque je vais dans l'onglet"général" la case "pare feu" n'est pas cochée et je n'y arrive pas à la cocher.Même probleme pour la partie "options" et dans l'onglet "pare feu" ou je ne peux rien coché ou décoché pouvez vous essayer de m'aider gen ou destrio

Réponse 43 / 68

Utilisateur anonyme

Télécharge OTL de OLDTimer

et enregistre le sur ton Bureau.

Double clic sur OTL.exe pour le lancer.

Coche les 2 cases Lop et Purity

Coche la case devant scan all users

Clic sur Run Scan.

A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)

Pour me le transmettre clique sur ce lien

Clique sur Parcourir et cherche le fichier ci-dessus.

Clique sur Ouvrir.

Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

hxxp://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt

est ajouté dans la page.

Copie ce lien dans ta réponse.

Réponse 44 / 68

ederson7

Salut,voici le le lien et il y a aussi un rapport extras.txt qui est apparu je le colle dans la réponse

http://www.cijoint.fr/cjlink.php?file=cj200906/cij8w7PoVd.txt

OTL Extras logfile created on: 12/06/2009 13:44:42 - Run 1
OTL by OldTimer - Version 2.1.1.0 Folder = C:\Users\Lefeve Catherine\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18783)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,56 Gb Available Physical Memory | 78,23% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 141,03 Gb Total Space | 85,99 Gb Free Space | 60,98% Space Free | Partition Type: NTFS
Drive D: | 141,06 Gb Total Space | 140,29 Gb Free Space | 99,45% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-CATHERINE
Current User Name: Lefeve Catherine
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

[color=orange]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- Reg Error: Key error. File not found
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-361662847-2979653976-3885516880-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=orange]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
File not found -- Reg Error: Unknown registry data type
File not found -- Reg Error: Unknown registry data type
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
"EnableFirewall" = 1
"DisableNotifications" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DisableNotifications" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile
"EnableFirewall" = 1
"DisableNotifications" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts\List

[color=orange]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
File not found -- C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe
File not found -- C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe
File not found -- C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe
File not found -- C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications\List]

[color=orange]========== Vista Active Open Ports Exception List ==========[/color]

{1098DF9B-5CFE-45BA-9D5B-75206189382F} = LPORT=2869 | PROTOCOL=6 | DIR=IN | APP=SYSTEM |
{365075CF-9C90-43E5-B201-462B61DC7BAE} = LPORT=1900 | PROTOCOL=17 | DIR=IN | APP=SVCHOST.EXE | SVC=SSDPSRV |
{9A526D1F-1AAB-4B14-BEFA-1CC01C14D61F} = LPORT=1900 | PROTOCOL=17 | DIR=IN | APP=SVCHOST.EXE | SVC=SSDPSRV |
{BC935F3F-D420-4E93-B51D-21BA5BA91C94} = LPORT=1900 | PROTOCOL=17 | DIR=IN | APP=SVCHOST.EXE | SVC=SSDPSRV |
{C119AC5C-A8D3-4CF4-ACE9-69FD4B8143E5} = LPORT=2869 | PROTOCOL=6 | DIR=IN | APP=SYSTEM |
{E390A0FD-8D4A-45E3-9160-8D301722D8FE} = LPORT=2869 | PROTOCOL=6 | DIR=IN | APP=SYSTEM |

[color=orange]========== Vista Active Application Exception List ==========[/color]

{140386EE-96E0-4FEF-A02F-6FAC37BDD3A7} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\NEWTECH INFOSYSTEMS\NTI BACKUP NOW 5\CLIENT\AGENTSVC.EXE |
{1463CA75-8796-40A6-84D8-09210B23F0C4} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\PANDO NETWORKS\MEDIA BOOSTER\PMB.EXE |
{30E98B95-3083-4B41-B6D1-65DA4A32A177} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\COMMON\LEFT 4 DEAD\SRCDS.EXE |
{38BFF5AF-2C45-4A78-A138-33101997BA94} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\NEWTECH INFOSYSTEMS\NTI BACKUP NOW 5\CLIENT\AGENTSVC.EXE |
{38D9B09E-DEA4-41BD-97BF-86252E9FA398} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\THQ\FRONTLINES-FUEL OF WAR\BINARIES\FFOW.EXE |
{3B2B079D-AB92-479A-9C52-DBB5638C6474} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\THQ\FRONTLINES-FUEL OF WAR\BINARIES\FFOW.EXE |
{3CEC9A62-BD33-4047-8566-088708CCC614} = DIR=IN | APP=C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\MSNMSGR.EXE |
{3CEF4C33-C280-405D-BE24-F694C40C2BE1} = PROTOCOL=6 | DIR=IN | APP=C:\NEXON\COMBAT ARMS EU\NMSERVICE.EXE |
{42C706D2-3910-46FE-98CE-7F03D2047D4F} = DIR=IN | APP=C:\PROGRAM FILES\ACER ARCADE LIVE\ACER VIDEOMAGICIAN\ACER VIDEOMAGICIAN.EXE |
{4FEEED50-0F2A-4049-ADFC-B5E4A131093A} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\COMMON\MEN OF WAR - DEMO\MOW_DEMO.EXE |
{519B675A-3936-479B-B9D8-B5B387E9A07C} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\COMMON\MAKING HISTORY THE CALM AND THE STORM DEMO\BIN\MAKEHIST.EXE |
{51BAE3D8-02DB-48AB-977D-87107DDEC428} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAMDATA\NEXONEU\NGM\NGM.EXE |
{5201AEDA-487F-4547-A313-211B387AA20D} = DIR=IN | APP=C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\LIVECALL.EXE |
{5649A2D4-F7CA-4F7C-97E2-374C5D2FDF1C} = DIR=IN | APP=C:\PROGRAM FILES\ACER ARCADE LIVE\ACER HOMEMEDIA\ACER HOMEMEDIA.EXE |
{5858EE39-14B6-4DB1-98C2-99514727AB39} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\IDRISSIO08\STCC DEMO\CONFIG.EXE |
{5B594A7E-415D-460B-AF44-ECD848BF847C} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAMDATA\NEXONUS\NGM\NGM.EXE |
{5FFD5943-2747-46A8-B556-EC457898BCE8} = PROTOCOL=6 | DIR=IN | APP=C:\USERS\LEFEVE CATHERINE\APPDATA\LOCAL\TEMP\PURPLEBEAN.EXE |
{63C4BFA0-FCC2-4F20-A3E5-119C7BBBCDEA} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\IDRISSIO08\STCC DEMO\STCC_DEMO_STEAM.EXE |
{6A18787C-34F5-43E8-BD37-A88FF14BAB64} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\NEWTECH INFOSYSTEMS\NTI BACKUP NOW 5\BACKUPSVC.EXE |
{6AEEC8E4-82E8-4C7B-A265-0761020E8073} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\NEWTECH INFOSYSTEMS\NTI BACKUP NOW 5\SCHEDULERSVC.EXE |
{7473F943-D047-4DD5-B2B7-2D17CB7A0AE4} = PROTOCOL=6 | DIR=IN | APP=C:\WINDOWS\SYSTEM32\PNKBSTRB.EXE |
{7ACC89C8-89F3-4312-9C9F-199767E21D32} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE12\ONENOTE.EXE |
{7D8BA427-4085-40D5-80A7-A13165193E63} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\COMMON\LEFT 4 DEAD\SRCDS.EXE |
{7F0E62F7-A480-45E5-9990-9D858ECFA929} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\COMMON\MAKING HISTORY THE CALM AND THE STORM DEMO\BIN\MAKEHIST.EXE |
{84025048-6366-46CC-9B11-42098B15CF62} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\COMMON\MEN OF WAR - DEMO\MOW_DEMO.EXE |
{88149B78-7766-4162-8F83-D8B6FC8BC0C6} = DIR=IN | APP=C:\PROGRAM FILES\ACER ARCADE LIVE\ACER HOMEMEDIA TRIAL CREATOR\ACER HOMEMEDIA TRIAL CREATOR.EXE |
{88E8791F-4C2D-4A5C-992E-B887B8BFC749} = DIR=IN | APP=C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\WLCSDK.EXE |
{8C71C13C-06F1-4366-A805-2A8AE27C25C7} = DIR=IN | APP=C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\MSNMSGR.EXE |
{9CF97287-D046-4DCE-9DDC-DE10B1766E6B} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\PANDO NETWORKS\MEDIA BOOSTER\PMB.EXE |
{A344AB39-1ECE-4EC0-9777-9BDC5D6B94BF} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\COMMON\LEFT 4 DEAD\LEFT4DEAD.EXE |
{AA766C76-F16E-4FE2-A422-7D2BC7C139D9} = DIR=IN | APP=C:\PROGRAM FILES\ACER ARCADE LIVE\ACER SLIDESHOW DVD\ACER SLIDESHOW DVD.EXE |
{B1976682-1B7A-494E-9395-87FEDF95AD31} = DIR=IN | APP=C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\LIVECALL.EXE |
{B1E1D851-ED4E-43FF-BD3F-080B20BDC023} = DIR=IN | APP=C:\PROGRAM FILES\ACER ARCADE LIVE\ACER DVDIVINE\ACER DVDIVINE.EXE |
{B2D256CF-569C-4406-9E62-4508F8A21F30} = PROTOCOL=17 | DIR=IN | APP=C:\USERS\LEFEVE CATHERINE\APPDATA\LOCAL\TEMP\PURPLEBEAN.EXE |
{C1CF67FD-7437-4AAE-B954-4A091FBC5EE5} = PROTOCOL=17 | DIR=IN | APP=C:\WINDOWS\SYSTEM32\PNKBSTRA.EXE |
{C3444528-921E-4961-9600-E53559818200} = PROTOCOL=17 | DIR=IN | APP=C:\NEXON\COMBAT ARMS EU\NMSERVICE.EXE |
{C579C023-D32A-41D7-8B1A-6026E5BF1B7B} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE12\ONENOTE.EXE |
{CE0A69ED-A20B-4813-8FFB-86A467028C9F} = DIR=IN | APP=C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\MSNMSGR.EXE |
{D055F971-BEED-4CA7-A628-02D596443D79} = PROTOCOL=17 | DIR=IN | APP=C:\WINDOWS\SYSTEM32\PNKBSTRB.EXE |
{D0C4BE1C-C5B4-4EDF-8FAE-55F438D2DD45} = DIR=IN | APP=C:\PROGRAM FILES\ACER ARCADE LIVE\ACER ARCADE LIVE MAIN PAGE\ACER ARCADE LIVE.EXE |
{D6CBFD44-A447-4C1A-B9AD-778CBC89475A} = PROTOCOL=6 | DIR=IN | APP=C:\WINDOWS\SYSTEM32\PNKBSTRA.EXE |
{D90364C1-473F-4313-B223-9241901080C1} = DIR=IN | APP=C:\PROGRAM FILES\ACER ARCADE LIVE\ACER DV MAGICIAN\ACER DV MAGICIAN.EXE |
{DD76C2F8-89EE-4986-880C-2661D4ACB58C} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\NEWTECH INFOSYSTEMS\NTI BACKUP NOW 5\BACKUPSVC.EXE |
{DEDBB5C9-7C94-4700-B32A-CE4BFF5B1973} = DIR=IN | APP=C:\PROGRAM FILES\ACER ARCADE LIVE\ACER HOMEMEDIA CONNECT\ACER HOMEMEDIA CONNECT.EXE |
{E15B84F9-1FA5-49AC-991F-A202858F50C2} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\IDRISSIO08\STCC DEMO\STCC_DEMO_STEAM.EXE |
{E2ADDAC3-6E64-488C-80E2-B65CCEB15CDC} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\COMMON\LEFT 4 DEAD\LEFT4DEAD.EXE |
{E8E96C7D-52BB-47B1-95B6-E293C63C71F7} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\IDRISSIO08\STCC DEMO\CONFIG.EXE |
{EF4F573B-DB47-4635-B3BF-FEB2070B6865} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\NEWTECH INFOSYSTEMS\NTI BACKUP NOW 5\SCHEDULERSVC.EXE |
{FB16079E-B65F-45E2-8AEC-A6FAD42159A2} = DIR=IN | APP=C:\PROGRAM FILES\ACER ARCADE LIVE\ACER HOMEMEDIA CONNECT\KERNEL\DMS\CLMSSERVER.EXE |
{FD0B7739-6A50-432B-B6DC-DCBE8B63E699} = DIR=IN | APP=C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\LIVECALL.EXE |
{FDC70AA3-02AB-48A1-9FEB-355F1CF0B077} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAMDATA\NEXONUS\NGM\NGM.EXE |
{FFF78D28-7B36-4908-B770-EEAF68A0A748} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAMDATA\NEXONEU\NGM\NGM.EXE |
TCP Query User{028B9A1B-9E20-4DC7-8A16-95B008E7F673}C:\program files\steam\steamapps\idrissio08\counter-strike beta\hl.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\IDRISSIO08\COUNTER-STRIKE BETA\HL.EXE |
TCP Query User{07D4AE46-4227-40E0-8D47-75619880F624}C:\program files\incode solutions\removeit pro v4 - se\removeit.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\INCODE SOLUTIONS\REMOVEIT PRO V4 - SE\REMOVEIT.EXE |
TCP Query User{0B79107D-A6C5-4A2D-A52F-59C7FB6A7844}C:\program files\steam\steamapps\idrissio08\ricochet\hl.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\IDRISSIO08\RICOCHET\HL.EXE |
TCP Query User{16C057A2-F014-44C0-88B9-7C4BC8723EAF}C:\program files\amsn\bin\wish.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\AMSN\BIN\WISH.EXE |
TCP Query User{16CFCCB2-FA0C-4D44-90DA-2E52215096BD}C:\program files\steam\steamapps\idrissio08\deathmatch classic\hl.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\IDRISSIO08\DEATHMATCH CLASSIC\HL.EXE |
TCP Query User{31C61B21-AE01-4E77-85E9-96789B8B5A4D}C:\program files\ares\ares.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\ARES\ARES.EXE |
TCP Query User{448355FE-6F6E-411D-A615-CE5141B25116}C:\program files\valve\steam\steamapps\idrissio08\condition zero\hl.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\VALVE\STEAM\STEAMAPPS\IDRISSIO08\CONDITION ZERO\HL.EXE |
TCP Query User{49BB207A-8318-411D-A71B-451FC438C9C7}C:\program files\steam\steamapps\idrissio08\diprip warm up\hl2.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\IDRISSIO08\DIPRIP WARM UP\HL2.EXE |
TCP Query User{4E1F047D-CC1C-45C9-A37C-21DAB84AC06F}C:\program files\wolfenstein - enemy territory\et.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\WOLFENSTEIN - ENEMY TERRITORY\ET.EXE |
TCP Query User{4FCC029B-F861-46CA-8D15-31FA450B5342}C:\ijji\english\u_sf\soldierfront.exe = PROTOCOL=6 | DIR=IN | APP=C:\IJJI\ENGLISH\U_SF\SOLDIERFRONT.EXE |
TCP Query User{52541865-7E4A-4629-B907-8A6762443825}C:\ijji\english\gunz\gunz.exe = PROTOCOL=6 | DIR=IN | APP=C:\IJJI\ENGLISH\GUNZ\GUNZ.EXE |
TCP Query User{56B060FB-8999-44AF-9482-CA66EAD9B222}C:\program files\steam\steamapps\idrissio08\condition zero deleted scenes\hl.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\IDRISSIO08\CONDITION ZERO DELETED SCENES\HL.EXE |
TCP Query User{5C7CCECA-A6E7-4590-BB2B-415203FB7CB9}C:\program files\steam\steamapps\idrissio08\day of defeat\hl.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\IDRISSIO08\DAY OF DEFEAT\HL.EXE |
TCP Query User{7F978997-666C-4F8E-9AB7-2422D1B30F07}C:\program files\steam\steamapps\idrissio08\counter-strike\hl.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\IDRISSIO08\COUNTER-STRIKE\HL.EXE |
TCP Query User{8D1A648C-FA4F-411B-A679-865FA8FBE61F}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe = PROTOCOL=6 | DIR=IN | APP=C:\NEXON\NEXON_EU_DOWNLOADER\NEXON_EU_DOWNLOADER_ENGINE.EXE |
TCP Query User{D203FCA8-0B48-4579-AB85-5892A55A423D}C:\users\lefeve catherine\appdata\local\temp\low\plauncher.exe = PROTOCOL=6 | DIR=IN | APP=C:\USERS\LEFEVE CATHERINE\APPDATA\LOCAL\TEMP\LOW\PLAUNCHER.EXE |
TCP Query User{D2FAE30A-3B79-41AC-ACB2-469CD0EFC9C5}C:\program files\sierra\fearcombat\fearserver.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\SIERRA\FEARCOMBAT\FEARSERVER.EXE |
TCP Query User{D70D8BBC-65DC-4FAA-A15C-4610B2C38E18}C:\program files\xfire\xfire.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\XFIRE\XFIRE.EXE |
TCP Query User{D7546E0D-F156-4C70-B54E-C96DCB63224E}C:\ijji\english\u_gunz.exe = PROTOCOL=6 | DIR=IN | APP=C:\IJJI\ENGLISH\U_GUNZ.EXE |
TCP Query User{DEF6BC5F-1439-4EA9-8F39-CACC121C3F17}C:\program files\valve\steam\steamapps\idrissio08\team fortress 2\hl2.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\VALVE\STEAM\STEAMAPPS\IDRISSIO08\TEAM FORTRESS 2\HL2.EXE |
TCP Query User{EDC830F9-7E27-40D5-9F1D-7F819D797041}C:\program files\urbanterror\iourbanterror.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\URBANTERROR\IOURBANTERROR.EXE |
TCP Query User{EE86DC21-D52F-4515-B939-56ADFB59F97E}C:\_otmoveit\movedfiles\04052009_161220\program files\ares\ares.exe = PROTOCOL=6 | DIR=IN | APP=C:\_OTMOVEIT\MOVEDFILES\04052009_161220\PROGRAM FILES\ARES\ARES.EXE |
TCP Query User{F9799B34-3520-4114-93DF-7272CD4E5113}C:\program files\steam\steamapps\idrissio08\condition zero\hl.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\IDRISSIO08\CONDITION ZERO\HL.EXE |
TCP Query User{FD6CB364-4971-49C6-AAED-C03F9E93DED3}C:\program files\valve\steam\steamapps\idrissio08\day of defeat\hl.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\VALVE\STEAM\STEAMAPPS\IDRISSIO08\DAY OF DEFEAT\HL.EXE |
TCP Query User{FFC209E5-55B1-4C3D-8F66-1D72F8EB823A}C:\program files\valve\steam\steamapps\idrissio08\counter-strike\hl.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\VALVE\STEAM\STEAMAPPS\IDRISSIO08\COUNTER-STRIKE\HL.EXE |
UDP Query User{0230606C-1323-4186-B410-0EE825223FCF}C:\program files\valve\steam\steamapps\idrissio08\day of defeat\hl.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\VALVE\STEAM\STEAMAPPS\IDRISSIO08\DAY OF DEFEAT\HL.EXE |
UDP Query User{157E6E68-5186-462F-A7D9-83E7CF1F0E30}C:\ijji\english\u_sf\soldierfront.exe = PROTOCOL=17 | DIR=IN | APP=C:\IJJI\ENGLISH\U_SF\SOLDIERFRONT.EXE |
UDP Query User{16CF992D-5A24-4C8A-84F6-580B84FD6F72}C:\program files\amsn\bin\wish.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\AMSN\BIN\WISH.EXE |
UDP Query User{21FE3636-7616-49E8-A8F2-5D0DE3C67AC8}C:\program files\steam\steamapps\idrissio08\day of defeat\hl.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\IDRISSIO08\DAY OF DEFEAT\HL.EXE |
UDP Query User{2A3B242C-7ADA-4EEC-9E5C-00620A9A4B1D}C:\program files\steam\steamapps\idrissio08\counter-strike\hl.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\IDRISSIO08\COUNTER-STRIKE\HL.EXE |
UDP Query User{320D4236-59B4-460C-AF33-48CC138911E7}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe = PROTOCOL=17 | DIR=IN | APP=C:\NEXON\NEXON_EU_DOWNLOADER\NEXON_EU_DOWNLOADER_ENGINE.EXE |
UDP Query User{389F290B-DC0A-40CA-B6B7-8FF509C7591B}C:\_otmoveit\movedfiles\04052009_161220\program files\ares\ares.exe = PROTOCOL=17 | DIR=IN | APP=C:\_OTMOVEIT\MOVEDFILES\04052009_161220\PROGRAM FILES\ARES\ARES.EXE |
UDP Query User{3C85CBA6-331C-4196-8481-3B5BEB7BB406}C:\program files\wolfenstein - enemy territory\et.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\WOLFENSTEIN - ENEMY TERRITORY\ET.EXE |
UDP Query User{3FA71CD9-386C-447A-804F-6989EDF0D929}C:\program files\xfire\xfire.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\XFIRE\XFIRE.EXE |
UDP Query User{50D0F718-542A-460D-8184-1C4206EE79F3}C:\program files\ares\ares.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\ARES\ARES.EXE |
UDP Query User{5738671C-D9C2-41BD-A758-A7A222C6EE91}C:\program files\steam\steamapps\idrissio08\condition zero deleted scenes\hl.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\IDRISSIO08\CONDITION ZERO DELETED SCENES\HL.EXE |
UDP Query User{594BE223-826F-4B6D-973E-D184DE654345}C:\program files\valve\steam\steamapps\idrissio08\team fortress 2\hl2.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\VALVE\STEAM\STEAMAPPS\IDRISSIO08\TEAM FORTRESS 2\HL2.EXE |
UDP Query User{59E1386A-0AFF-4B91-97AF-E9F40F520DA6}C:\program files\sierra\fearcombat\fearserver.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\SIERRA\FEARCOMBAT\FEARSERVER.EXE |
UDP Query User{66ED51DB-1E63-4A46-830E-441E0A5E4082}C:\program files\steam\steamapps\idrissio08\counter-strike beta\hl.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\IDRISSIO08\COUNTER-STRIKE BETA\HL.EXE |
UDP Query User{66FC829C-A6A5-4EF2-814C-BAD3D0D5B719}C:\program files\steam\steamapps\idrissio08\deathmatch classic\hl.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\IDRISSIO08\DEATHMATCH CLASSIC\HL.EXE |
UDP Query User{89CF7445-3FCF-4147-9A15-A69284AF537A}C:\program files\urbanterror\iourbanterror.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\URBANTERROR\IOURBANTERROR.EXE |
UDP Query User{9E910603-92D6-4FDB-8F9E-37F2F9A5DAAD}C:\program files\steam\steamapps\idrissio08\ricochet\hl.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\IDRISSIO08\RICOCHET\HL.EXE |
UDP Query User{A00B073D-4905-4FD6-96B4-EC697A0B65E8}C:\program files\steam\steamapps\idrissio08\diprip warm up\hl2.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\IDRISSIO08\DIPRIP WARM UP\HL2.EXE |
UDP Query User{A22DEA2A-4F1A-492B-BB97-30D4D9E28C62}C:\program files\incode solutions\removeit pro v4 - se\removeit.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\INCODE SOLUTIONS\REMOVEIT PRO V4 - SE\REMOVEIT.EXE |
UDP Query User{B4A8E296-E108-45A9-86B0-7C21EEF3478F}C:\program files\steam\steamapps\idrissio08\condition zero\hl.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\STEAM\STEAMAPPS\IDRISSIO08\CONDITION ZERO\HL.EXE |
UDP Query User{BC6A6CD7-4BD1-4F77-BF77-F3F5737FA23E}C:\users\lefeve catherine\appdata\local\temp\low\plauncher.exe = PROTOCOL=17 | DIR=IN | APP=C:\USERS\LEFEVE CATHERINE\APPDATA\LOCAL\TEMP\LOW\PLAUNCHER.EXE |
UDP Query User{D04DB8F5-68B6-4EAE-AF67-629B9E335540}C:\program files\valve\steam\steamapps\idrissio08\condition zero\hl.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\VALVE\STEAM\STEAMAPPS\IDRISSIO08\CONDITION ZERO\HL.EXE |
UDP Query User{D7192344-6EF4-4C7C-92AC-CFD37C86209B}C:\ijji\english\u_gunz.exe = PROTOCOL=17 | DIR=IN | APP=C:\IJJI\ENGLISH\U_GUNZ.EXE |
UDP Query User{DB8AAD31-E5B2-41D7-BD2C-A969B8BF75B6}C:\ijji\english\gunz\gunz.exe = PROTOCOL=17 | DIR=IN | APP=C:\IJJI\ENGLISH\GUNZ\GUNZ.EXE |
UDP Query User{DC0DB72A-DAB5-4516-A6EB-3CCE3A1232FD}C:\program files\valve\steam\steamapps\idrissio08\counter-strike\hl.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\VALVE\STEAM\STEAMAPPS\IDRISSIO08\COUNTER-STRIKE\HL.EXE |

[color=orange]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{2231CE39-B963-4B9D-823A-F412ECA637B1}" = Windows Live Writer
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3F5B6210-0903-4DC6-8034-8F488AA3A782}" = Spy Sweeper Core
"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD
"{44E54A81-9D91-4AA1-9417-80AFF134F5FF}" = Galerie de photos Windows Live
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{63DC2DA0-2A6C-4C38-9249-B75395458657}" = Windows Live Mail
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}" = Microsoft Works
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7AC15160-A49B-4A89-B181-D4619C025FFF}" = Samsung Samples Installer
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{944F0F77-F26F-4D17-A440-6DA4CBE05B71}" = ESET NOD32 Antivirus
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine
"{B1BDEA80-95CE-4DFB-B9D3-DC800E7F87B4}" = TRENDnet TEW-424UB Wireless USB 2.0 Adapter Vista Driver and Utility
"{B580C409-E16F-44FF-904D-3AE94E113BE0}" = Acer HomeMedia Trial Creator
"{BADF6744-3787-48F6-B8C9-4C4995401D65}" = Windows Live Messenger
"{C711E88C-9DC2-4254-A989-D6E017844DDF}" = Frontlines: Fuel of War
"{CC016F21-3970-11DE-B878-005056806466}" = Google Earth
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}" = Assistant de connexion Windows Live
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F429ED71-4A8B-457A-85E4-F6398CE73E58}" = AV Input Selection
"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician
"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician
"{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}" = Windows Live installer
"Acer GameZone Console_is1" = Acer GameZone Console DTV 2.0.1.1
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AviSynth" = AviSynth 2.5
"CCleaner" = CCleaner (remove only)
"Google Updater" = Outil de mise à jour Google
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{B1BDEA80-95CE-4DFB-B9D3-DC800E7F87B4}" = TRENDnet TEW-424UB Wireless USB 2.0 Adapter Vista Driver and Utility
"Jeu de dames v.2" = Jeu de dames v.2
"Live Media" = Todae - Live Media
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"NVIDIA Drivers" = NVIDIA Drivers
"OnlineArmor_is1" = Online Armor 3.5
"OpenAL" = OpenAL
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Steam App 500" = Left 4 Dead
"Steam App 510" = Left 4 Dead Dedicated Server
"Steam(TM)" = Steam(TM)
"SystemRequirementsLab" = System Requirements Lab
"VLC media player" = VLC media player 0.9.9

[color=orange]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Notification de cadeaux MSN" = Notification de cadeaux MSN

[color=orange]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-361662847-2979653976-3885516880-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Notification de cadeaux MSN" = Notification de cadeaux MSN

[color=orange]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 01/05/2009 13:06:24 | Computer Name = PC-de-Catherine | Source = LoadPerf | ID = 3012
Description =

Error - 02/05/2009 04:29:27 | Computer Name = PC-de-Catherine | Source = WinMgmt | ID = 10
Description =

Error - 02/05/2009 04:34:36 | Computer Name = PC-de-Catherine | Source = LoadPerf | ID = 3012
Description =

Error - 02/05/2009 06:41:43 | Computer Name = PC-de-Catherine | Source = WinMgmt | ID = 10
Description =

Error - 02/05/2009 06:47:58 | Computer Name = PC-de-Catherine | Source = LoadPerf | ID = 3012
Description =

Error - 02/05/2009 12:32:09 | Computer Name = PC-de-Catherine | Source = WinMgmt | ID = 10
Description =

Error - 02/05/2009 12:38:07 | Computer Name = PC-de-Catherine | Source = LoadPerf | ID = 3012
Description =

Error - 02/05/2009 13:21:37 | Computer Name = PC-de-Catherine | Source = WinMgmt | ID = 10
Description =

Error - 02/05/2009 13:23:14 | Computer Name = PC-de-Catherine | Source = Windows Search Service | ID = 3013
Description =

Error - 02/05/2009 13:26:14 | Computer Name = PC-de-Catherine | Source = LoadPerf | ID = 3012
Description =

[ Media Center Events ]
Error - 18/03/2009 08:33:01 | Computer Name = PC-de-Catherine | Source = Media Center Guide | ID = 0
Description = Info sur l’événement : ERROR: SqmApiWrapper.SqmFlushSession failed;
Win32 GetLastError returned 0D Processus : DefaultDomain Nom de l’objet : Media
Center Guide

[ System Events ]
Error - 12/06/2009 06:39:11 | Computer Name = PC-de-Catherine | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 12/06/2009 06:39:11 | Computer Name = PC-de-Catherine | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 12/06/2009 06:39:11 | Computer Name = PC-de-Catherine | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 12/06/2009 06:39:11 | Computer Name = PC-de-Catherine | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 12/06/2009 06:39:11 | Computer Name = PC-de-Catherine | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 12/06/2009 06:39:11 | Computer Name = PC-de-Catherine | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 12/06/2009 06:42:00 | Computer Name = PC-de-Catherine | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 12/06/2009 07:03:48 | Computer Name = PC-de-Catherine | Source = Service Control Manager | ID = 7000
Description =

Error - 12/06/2009 07:10:24 | Computer Name = PC-de-Catherine | Source = Service Control Manager | ID = 7000
Description =

Error - 12/06/2009 07:40:01 | Computer Name = PC-de-Catherine | Source = Service Control Manager | ID = 7000
Description =

< End of report >

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 45 / 68

Utilisateur anonyme

Télécharge Zeb-Restore http://telechargement.zebulon.fr/zeb-restore.html enregistre ce fichier sur le bureau.

-Clic droit Zeb-Restore.zip ==> Extraire tout choisis comme lieu d'enregistrement le bureau.
-Ouvre le dossier ZR_1.0.0.37 ==> double clic sur Zeb-Restore.exe
- Coche la case devant :sites de confiance
- Ne coche aucune autre case
-Clique sur Restaurer
-Redémarre ton PC

ensuite :

Télécharge HostXpert sur ton Bureau :

---> Décompresse-le (Clic droit >> Extraire ici)

---> Double-clique sur HostsXpert pour le lancer

---> clique sur le bouton "Restore MS Hosts File" puis ferme le programme

PS : Avant de cliquer sur le bouton "Restore MS Hosts File", vérifie que le cadenas en haut à gauche est ouvert sinon tu vas avoir un message d'erreur.

s'il est fermé , clique dessus :)

ensuite :

Clique sur le menu Demarrer /Panneau de configuration/Options des dossiers/ puis dans l'onglet Affichage
- Coche Afficher les fichiers et dossiers cachés
- Décoche Masquer les extensions des fichiers dont le type est connu
- Décoche Masquer les fichiers protégés du système d'exploitation (recommandé)
clique sur Appliquer, puis OK.

N'oublie pas de recacher à nouveau les fichiers cachés et protégés du système d'exploitation en fin de désinfection, c'est important

Fais analyser le(s) fichier(s) suivants sur Virustotal :

Virus Total

* Clique sur Parcourir en haut, choisis Poste de travail et cherche ces fichiers :

C:\Windows\System32\RES32.sys
C:\Windows\System32\WFP.TMF
C:\Windows\System32\sysmon.ocx
C:\Windows\System32\temp.001
C:\Windows\System32\temp.000
C:\Windows\patchw32.dll
C:\Users\Lefeve Catherine\AppData\Roaming\wklnhst.dat

* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté
* Une nouvelle fenêtre de ton navigateur va apparaître
* Clique alors sur les deux fleches
* Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
* Enfin colle le résultat dans ta prochaine réponse.

ensuite :

Double clic sur OTL.exe pour le lancer.

Copie la liste qui se trouve en gras ci-dessous,

et colle-la dans la zone sous Customs Scans/Fixes

:processes
explorer.exe
iexplore.exe
firefox.exe

:OTL
O33 - MountPoints2\{a6a5858a-0b2e-11de-aae3-001d72a8274c}\Shell - "" = AutoRun
O33 - MountPoints2\{a6a585ab-0b2e-11de-aae3-001d72a8274c}\Shell - "" = AutoRun
O33 - MountPoints2\{e25758dd-0b36-11de-a31c-001d72a8274c}\Shell - "" = AutoRun
O33 - MountPoints2\{e25758df-0b36-11de-a31c-001d72a8274c}\Shell - "" = AutoRun

:files
C:\*.sqm
C:\Windows\System32\reg.exe
C:\Windows\Tasks\Norton Security Scan for Lefeve Catherine.job

:commands
[Purity]
[emptytemp]
[reboot]

Clique sur RunFix pour lancer la suppression.

Poste le rapport.

==========

Réponse 46 / 68

ederson7

re:cela va dans l'ordre de ta reponses:
Fichier RES32.sys reçu le 2009.06.12 23:02:50 (UTC)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.18 2009.06.12 -
AhnLab-V3 5.0.0.2 2009.06.12 -
AntiVir 7.9.0.187 2009.06.12 -
Antiy-AVL 2.0.3.1 2009.06.12 -
Authentium 5.1.2.4 2009.06.12 -
Avast 4.8.1335.0 2009.06.12 -
AVG 8.5.0.339 2009.06.12 -
BitDefender 7.2 2009.06.13 -
CAT-QuickHeal 10.00 2009.06.12 -
ClamAV 0.94.1 2009.06.12 -
Comodo 1323 2009.06.12 -
DrWeb 5.0.0.12182 2009.06.13 -
eSafe 7.0.17.0 2009.06.11 -
eTrust-Vet 31.6.6556 2009.06.12 -
F-Prot 4.4.4.56 2009.06.12 -
F-Secure 8.0.14470.0 2009.06.12 -
Fortinet 3.117.0.0 2009.06.12 -
GData 19 2009.06.13 -
Ikarus T3.1.1.59.0 2009.06.12 -
K7AntiVirus 7.10.762 2009.06.12 -
Kaspersky 7.0.0.125 2009.06.13 -
McAfee 5644 2009.06.12 -
McAfee+Artemis 5644 2009.06.12 -
McAfee-GW-Edition 6.7.6 2009.06.12 -
Microsoft 1.4701 2009.06.12 -
NOD32 4152 2009.06.13 -
Norman 6.01.09 2009.06.12 -
nProtect 2009.1.8.0 2009.06.12 -
Panda 10.0.0.14 2009.06.12 -
PCTools 4.4.2.0 2009.06.12 -
Prevx 3.0 2009.06.13 -
Rising 21.33.44.00 2009.06.12 -
Sophos 4.42.0 2009.06.12 -
Sunbelt 3.2.1858.2 2009.06.12 -
Symantec 1.4.4.12 2009.06.13 -
TheHacker 6.3.4.3.344 2009.06.11 -
TrendMicro 8.950.0.1092 2009.06.12 -
VBA32 3.12.10.7 2009.06.12 -
ViRobot 2009.6.12.1783 2009.06.12 -
Information additionnelle
File size: 25 bytes
MD5...: 51c26c576020502daf10192055c1a26c
SHA1..: 72940d93c32f1ff3becb01bd9a9c6e5905898952
SHA256: c1f54901e42e26490d5e03651e68d942ccd3e8103c70532b91a419377d1bbb0f
ssdeep: - 
PEiD..: -
TrID..: File type identification Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set -

Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.18 2009.06.12 -
AhnLab-V3 5.0.0.2 2009.06.12 -
AntiVir 7.9.0.187 2009.06.12 -
Antiy-AVL 2.0.3.1 2009.06.12 -
Authentium 5.1.2.4 2009.06.12 -
Avast 4.8.1335.0 2009.06.12 -
AVG 8.5.0.339 2009.06.12 -
BitDefender 7.2 2009.06.13 -
CAT-QuickHeal 10.00 2009.06.12 -
ClamAV 0.94.1 2009.06.12 -
Comodo 1323 2009.06.12 -
DrWeb 5.0.0.12182 2009.06.13 -
eSafe 7.0.17.0 2009.06.11 -
eTrust-Vet 31.6.6556 2009.06.12 -
F-Prot 4.4.4.56 2009.06.12 -
F-Secure 8.0.14470.0 2009.06.12 -
Fortinet 3.117.0.0 2009.06.12 -
GData 19 2009.06.13 -
Ikarus T3.1.1.59.0 2009.06.12 -
K7AntiVirus 7.10.762 2009.06.12 -
Kaspersky 7.0.0.125 2009.06.13 -
McAfee 5644 2009.06.12 -
McAfee+Artemis 5644 2009.06.12 -
McAfee-GW-Edition 6.7.6 2009.06.12 -
Microsoft 1.4701 2009.06.12 -
NOD32 4152 2009.06.13 -
Norman 6.01.09 2009.06.12 -
nProtect 2009.1.8.0 2009.06.12 -
Panda 10.0.0.14 2009.06.12 -
PCTools 4.4.2.0 2009.06.12 -
Prevx 3.0 2009.06.13 -
Rising 21.33.44.00 2009.06.12 -
Sophos 4.42.0 2009.06.12 -
Sunbelt 3.2.1858.2 2009.06.12 -
Symantec 1.4.4.12 2009.06.13 -
TheHacker 6.3.4.3.344 2009.06.11 -
TrendMicro 8.950.0.1092 2009.06.12 -
VBA32 3.12.10.7 2009.06.12 -
ViRobot 2009.6.12.1783 2009.06.12 -

Information additionnelle
File size: 25 bytes
MD5...: 51c26c576020502daf10192055c1a26c
SHA1..: 72940d93c32f1ff3becb01bd9a9c6e5905898952
SHA256: c1f54901e42e26490d5e03651e68d942ccd3e8103c70532b91a419377d1bbb0f
ssdeep: - 
PEiD..: -
TrID..: File type identification Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set -

Réponse 47 / 68

ederson7

pour le rste des fichiers je n'ais rien trouvé je fais la suite

Réponse 48 / 68

ederson7

et voici le rapport OTL:

========== PROCESSES ==========
Process explorer.exe killed successfully!
No active process named iexplore.exe was found!
Process firefox.exe killed successfully!
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a6a5858a-0b2e-11de-aae3-001d72a8274c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a6a5858a-0b2e-11de-aae3-001d72a8274c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a6a585ab-0b2e-11de-aae3-001d72a8274c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a6a585ab-0b2e-11de-aae3-001d72a8274c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e25758dd-0b36-11de-a31c-001d72a8274c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e25758dd-0b36-11de-a31c-001d72a8274c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e25758df-0b36-11de-a31c-001d72a8274c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e25758df-0b36-11de-a31c-001d72a8274c}\ not found.
========== FILES ==========
C:\sqmdata00.sqm moved successfully.
C:\sqmnoopt00.sqm moved successfully.
C:\Windows\System32\reg.exe moved successfully.
C:\Windows\Tasks\Norton Security Scan for Lefeve Catherine.job moved successfully.
========== COMMANDS ==========
User's Internet Explorer cache folder emptied.
User's Temporary Internet Files folder emptied.
File delete failed. C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\CLDigitalHome\PCMMediaServer.log scheduled to be deleted on reboot.
Windows Temp folder emptied.
Temp folders emptied.

OTL by OldTimer - Version 2.1.1.0 log created on 06132009_011519

Files moved on Reboot...
File move failed. C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\CLDigitalHome\PCMMediaServer.log scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Réponse 49 / 68

ederson7

Up!!

Réponse 50 / 68

Utilisateur anonyme

salut désolé de l attente ;)

relance OTL stp

Réponse 51 / 68

ederson7

Bonjour,ensuite ?? après avoir relancé OTL???

Réponse 52 / 68

Utilisateur anonyme

et bien tu me fournis le rapport par l intermediare de cijoint.fr

Réponse 53 / 68

ederson7

Bonjour,
Bah post 50 c'est pas ca le rapport OTL???

Réponse 54 / 68

Utilisateur anonyme

http://www.commentcamarche.net/forum/affich 12684983 mon pc est truffer de virussss aidez moi svpp?page=3#45

Réponse 55 / 68

ederson7

Bonjour, merci pour le lien =) voici le lien comme demandé:

http://www.cijoint.fr/cjlink.php?file=cj200906/cijyldRSoG.txt

Réponse 56 / 68

Utilisateur anonyme

Réponse 57 / 68

ederson7

Bonjour,
Je n'arrive tjrs pas à cocher quoi que ce soit dans mon pare-feu =(

Réponse 58 / 68

Utilisateur anonyme

Nod32 a un parefeu intégré ?

Réponse 59 / 68

ederson7

Pas à ma connaissance!

Réponse 60 / 68

Utilisateur anonyme

boonjour desinstalle-le puis reinstalle-le

Votre réponse