Redémarrage en boucle intempestif

Résolu

maewa95 Messages postés 116 Statut Membre -
Utilisateur anonyme - 16 août 2009 à 15:17

Bonjour,

Mon pc démarre. Windows se lance mais, lorsque mon bureau apparait, il plante de façon intempestive : le reboot se lance.

De plus, mon antivirus n'est plus accessible (bitdefender internet security 2009). Je suis actuellement en mode sans échec.

J'ai tenté de faire une analyse en ligne sur les différents sites (kaspersky, secure, etc) et impossible.

Pouvez-vous m'aider svp ?

d'avance merci

Afficher la suite

A voir également:

Redémarrage en boucle intempestif
Forcer redemarrage windows - Guide
Utilisez un mot de passe après le redémarrage ✓ - Forum Huawei
Mon pc s'allume et s'éteint en boucle ✓ - Forum Matériel & Système
Redemarrage en cours long ✓ - Forum Windows 10
Smart tv qui s'allume et s'éteint en boucle - Forum Téléviseurs

173 réponses

Précédent

1
2
3
4
5
6
7
8
9

Suivant

Réponse 61 / 173

maewa95 Messages postés 116 Statut Membre

le voici :

http://www.cijoint.fr/cjlink.php?file=cj200908/cijcNSHheb.txt

Réponse 62 / 173

Utilisateur anonyme

__________________________________________________________
=>/!\ ATTENTION /!\ Le script qui suit a été écrit spécialement cet ordinateur,<=
=>il est fort déconseillé de le transposer sur un autre ordinateur !<=====|
---------------------------------------------------------------

Toujours avec toutes les protections désactivées, fais ceci :

▶ Ouvre le bloc-notes (Menu démarrer --> programmes --> accessoires --> bloc-notes)
▶ Copie/colle dans le bloc-notes ce qui entre les lignes ci dessous (sans les lignes) :

----------------------------------------------------------
File::
c:\windows\system32\YSys.dll
c:\windows\system32\SysChkVC.dll
c:\windows\system32\SysCheck2.dll

Folder::
C:\Metaboli
------------------------------------------------------------------

▶ Enregistre ce fichier sur ton Bureau (et pas ailleurs !) sous le nom CFScript.txt
▶ Quitte le Bloc Notes

▶ Fais un glisser/déposer de ce fichier CFScript sur le fichier C-Fix.exe (combofix) Comme ceci

▶ Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
▶ Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
▶ Si le fichier ne s'ouvre pas, il se trouve ici => C:\ComboFix.txt

Réponse 63 / 173

maewa95 Messages postés 116 Statut Membre

voilà le log (en espérant qu'il passe, qu'il ne soit pas trop long) lol

Comment ce fait-il que Metaboli apparaisse partout ? Aurais-je été contaminée par ce site ? C'est un site de jeux en ligne payant !

ComboFix 09-08-10.06 - maewa 11/08/2009 19:33.4.2 - NTFSx86 MINIMAL
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1023.786 [GMT 2:00]
Running from: c:\documents and settings\maewa\Bureau\Maewa.exe
Command switches used :: c:\documents and settings\maewa\Bureau\CFScript.txt
AV: Antivirus BitDefender *On-access scanning enabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: Pare-feu BitDefender *enabled* {4055920F-2E99-48A8-A270-4243D2B8F242}

FILE ::
"c:\windows\system32\SysCheck2.dll"
"c:\windows\system32\SysChkVC.dll"
"c:\windows\system32\YSys.dll"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Metaboli
c:\metaboli\Games\YPlayer.dll
c:\metaboli\Games\YPlayer.ygsq
c:\metaboli\SampleHelperApp.exe
c:\metaboli\YBroker.exe
c:\metaboli\YProx.ocx
c:\metaboli\YProxAut.exe
c:\windows\system32\SysCheck2.dll
c:\windows\system32\SysChkVC.dll
c:\windows\system32\YSys.dll

.
((((((((((((((((((((((((( Files Created from 2009-07-11 to 2009-08-11 )))))))))))))))))))))))))))))))
.

2009-08-09 22:28 . 2009-08-09 22:28 -------- d-----w- C:\_OTL
2009-08-09 19:21 . 2009-08-09 20:52 -------- d-----w- c:\program files\Ad-remover
2009-08-09 15:50 . 2009-08-09 15:50 579584 ----a-w- c:\windows\system32\dllcache\user32.dll
2009-08-09 15:46 . 2009-08-09 15:47 -------- d-----w- c:\windows\ERUNT
2009-08-09 15:42 . 2009-08-09 16:16 -------- d-----w- C:\SDFix
2009-08-09 14:02 . 2009-08-09 14:02 188312 ----a-w- c:\documents and settings\Administrateur.SN402039360009\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-09 13:22 . 2009-08-09 13:22 -------- d-----w- c:\documents and settings\Administrateur.SN402039360009\Application Data\BitDefender
2009-08-09 13:11 . 2009-08-09 13:11 -------- d-----w- c:\documents and settings\Administrateur.SN402039360009\Application Data\HouseCall 6.6
2009-08-09 13:11 . 2009-08-09 13:11 -------- d-----w- c:\windows\system32\HouseCall 6.6
2009-08-09 12:12 . 2009-08-09 12:12 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-08-09 11:54 . 2009-08-09 11:54 -------- d-----w- c:\windows\system32\wbem\Repository
2009-08-09 11:19 . 2009-08-09 11:19 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes
2009-08-09 11:18 . 2009-08-09 11:18 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Bitdefender
2009-08-09 11:17 . 2009-08-09 11:53 -------- d-----w- c:\documents and settings\Administrateur\Modèles
2009-08-09 11:17 . 2009-08-09 11:53 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Microsoft
2009-08-09 11:17 . 2009-08-09 11:53 -------- d-----w- c:\documents and settings\Administrateur\Favoris
2009-08-09 11:17 . 2009-05-14 01:06 -------- d-----w- c:\documents and settings\Administrateur\IETldCache
2009-08-09 11:17 . 2009-08-09 11:53 -------- d-s---w- c:\documents and settings\Administrateur
2009-07-30 11:09 . 2009-07-30 11:09 -------- d-----w- c:\documents and settings\maewa\Local Settings\Application Data\MicroVision Applications

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-09 12:07 . 2002-09-30 11:49 94286 ----a-w- c:\windows\system32\perfc00C.dat
2009-08-09 12:07 . 2002-09-30 11:49 535584 ----a-w- c:\windows\system32\perfh00C.dat
2009-08-01 06:05 . 2009-01-18 13:24 -------- d-----w- c:\program files\Microsoft Silverlight
2009-08-01 06:01 . 2007-04-26 07:17 -------- d-----w- c:\documents and settings\maewa\Application Data\ZoomBrowser EX
2009-08-01 05:46 . 2007-04-26 07:05 -------- d-----w- c:\documents and settings\All Users\Application Data\ZoomBrowser
2009-07-31 15:24 . 2009-02-27 07:47 81984 ----a-w- c:\windows\system32\bdod.bin
2009-07-16 01:06 . 2008-07-26 13:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-07-14 13:34 . 2008-10-23 19:03 -------- d-----w- c:\program files\Player Metaboli
2009-07-14 13:34 . 2008-10-01 18:46 68 ----a-w- c:\windows\GPlrLanc.dat
2009-07-14 13:34 . 2008-10-01 18:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Player Metaboli
2009-07-14 07:31 . 2009-06-01 18:25 -------- d-----w- c:\program files\Brother
2009-07-14 07:31 . 2008-11-22 20:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-03 16:57 . 2007-03-31 07:57 915456 ----a-w- c:\windows\system32\wininet.dll
2009-06-27 10:40 . 2006-12-25 08:51 188312 ----a-w- c:\documents and settings\maewa\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-20 11:10 . 2009-06-06 18:13 -------- d-----w- c:\program files\PE DESIGN V7 DEMO
2009-06-16 14:40 . 2002-09-30 11:49 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:40 . 2002-09-30 11:49 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-13 05:50 . 2009-06-13 05:45 -------- d-----w- c:\program files\THRED
2009-06-03 19:10 . 2005-08-30 08:26 1297408 ----a-w- c:\windows\system32\quartz.dll
2009-05-24 22:24 . 2008-05-26 21:18 350208 ----a-w- c:\windows\system32\mssph.dll
2009-04-07 16:24 . 2008-10-30 16:34 49664 ----a-w- c:\program files\mozilla firefox\components\FFComm.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [2007-03-04 20480]
"LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2005-01-18 196608]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-06-26 1211176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-01-03 13508608]
"PCMService"="c:\apps\Powercinema\PCMService.exe" [2004-01-30 81920]
"HPDJ Taskbar Utility"="c:\windows\System32\spool\drivers\w32x86\3\hpztsb05.exe" [2002-03-18 188416]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-01-18 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-01-18 217088]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-01-03 86016]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\maewa\Menu D‚marrer\Programmes\D‚marrage\
OneNote 2007 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\StubInstaller.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"c:\\Program Files\\NetMeeting\\conf.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R1 Asapi;Asapi;c:\windows\system32\drivers\asapi.sys [25/11/2006 11:37 11264]
S2 BDVEDISK;BDVEDISK;c:\program files\BitDefender\BitDefender 2009\BDVEDISK.sys [04/09/2008 17:33 82696]
S2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [18/01/2009 15:23 55136]
S2 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE [30/03/2009 16:28 1533808]
S2 X4HSX32Ex;X4HSX32Ex;c:\program files\Player Metaboli\X4HSX32Ex.sys [24/01/2009 17:55 29856]
S3 Arrakis3;BitDefender Arrakis Server;c:\program files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [17/07/2008 13:06 118784]
S3 ASIOMI;ASIOMI;c:\windows\system32\drivers\ASIOMI.sys [25/11/2006 11:37 5396]
S3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [18/09/2008 12:09 111112]
S3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\system32\drivers\bdfndisf.sys [17/10/2008 15:01 104328]
S3 busbcrw;USB Card Reader Writer driver;c:\windows\system32\drivers\busbcrw.sys [23/04/2003 09:45 16896]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [08/12/2008 18:01 533344]
S3 ids00026;ids00026;\??\c:\documents and settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00026.sys --> c:\documents and settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00026.sys [?]
S3 klstm;klstm;\??\c:\documents and settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\klstm.sys --> c:\documents and settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\klstm.sys [?]
S3 maconfservice;Ma-Config Service;c:\program files\pour detection config pilotes\ma-config.com\maconfservice.exe [21/04/2009 15:36 216232]
S3 PhTVTune;ASUS WDM TV Tuner;c:\windows\system32\drivers\PhTVTune.sys [01/01/1980 01:00 24608]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = localhost
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\maewa\Application Data\Mozilla\Firefox\Profiles\fwyph058.default\
FF - prefs.js: browser.startup.homepage - www.google.fr
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-fr&FORM=MIMWA1&q=
FF - component: c:\program files\Mozilla Firefox\components\FFComm.dll
FF - component: c:\program files\Mozilla Firefox\extensions\YPlayer@yummy.net\components\FYPlayer.dll
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npExentCtl.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npkimi.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
FF - plugin: c:\program files\pour detection config pilotes\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Real\RealOne Player\Netscape6\nppl3260.dll
FF - plugin: c:\program files\Real\RealOne Player\Netscape6\nprjplug.dll
FF - plugin: c:\program files\Real\RealOne Player\Netscape6\nprpjplug.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programme cc\adobe\Reader\browser\nppdf32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: signed.applets.codebase_principal_support - true

/* To avoid the user interaction, add the following lines: */
FF - user.js: capability.principal.codebase.YummyPlayer_YAEL.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_YAEL.id - hxxp://yael.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_LHOST.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_LHOST.id - hxxp://localhost/

/* GLDE */
FF - user.js: capability.principal.codebase.YummyPlayer_GLDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GLDE.id - hxxp://gamesflatrate.de/
FF - user.js: capability.principal.codebase.YummyPlayer_WGLDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WGLDE.id - hxxp://www.gamesflatrate.de/
FF - user.js: capability.principal.codebase.YummyPlayer_GLDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GLDEINT.id - hxxp://glde-int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SGLDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGLDE.id - hxxps://gamesflatrate.de/
FF - user.js: capability.principal.codebase.YummyPlayer_WSGLDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WSGLDE.id - hxxps://www.gamesflatrate.de/

/* BGFR */
FF - user.js: capability.principal.codebase.YummyPlayer_BGFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BGFR.id - hxxp://linternaute.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SBGFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SBGFR.id - hxxps://linternaute.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_BGFRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BGFRINT.id - hxxp://bgfr-int.metaboli.fr/

/* BILD */
FF - user.js: capability.principal.codebase.YummyPlayer_BILD.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BILD.id - hxxp://bild.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SBILD.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SBILD.id - hxxps://bild.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_BILDINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BILDINT.id - hxxp://bild-int.metaboli.fr/

/* BTUK */
FF - user.js: capability.principal.codebase.YummyPlayer_BTUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BTUK.id - hxxp://btvision.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SBTUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SBTUK.id - hxxps://btvision.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_BTUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BTUKINT.id - hxxp://bt-int.metaboli.fr/

/* CLIC */
FF - user.js: capability.principal.codebase.YummyPlayer_CLIC.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CLIC.id - hxxp://clubic.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SCLIC.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCLIC.id - hxxps://clubic.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_CLICINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CLICINT.id - hxxp://clic-int.metaboli.fr/

/* COUK */
FF - user.js: capability.principal.codebase.YummyPlayer_COUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_COUK.id - hxxp://metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_WCOUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WCOUK.id - hxxp://www.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_WSCOUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WSCOUK.id - hxxps://www.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SCOUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCOUK.id - hxxps://metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_COUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_COUKINT.id - hxxp://uk-int.metaboli.fr/

/* MEDE */
FF - user.js: capability.principal.codebase.YummyPlayer_MEDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MEDE.id - hxxp://metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_WMEDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WMEDE.id - hxxp://www.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SMEDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMEDE.id - hxxps://metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_MEDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MEDEINT.id - hxxp://de-int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WSMEDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WSMEDE.id - hxxps://www.metaboli.de/

/* CUUK */
FF - user.js: capability.principal.codebase.YummyPlayer_CUUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CUUK.id - hxxp://custompc.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SCUUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCUUK.id - hxxps://custompc.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_CUUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CUUKINT.id - hxxp://cuuk-int.metaboli.fr/

/* EUUK */
FF - user.js: capability.principal.codebase.YummyPlayer_EUUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_EUUK.id - hxxp://eurogamer.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SEUUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SEUUK.id - hxxps://eurogamer.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_EUUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_EUUKINT.id - hxxp://euuk-int.metaboli.fr/

/* FUNR */
FF - user.js: capability.principal.codebase.YummyPlayer_FUNR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_FUNR.id - hxxp://fun.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SFUNR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SFUNR.id - hxxps://fun.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_FUNRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_FUNRINT.id - hxxp://fun-int.metaboli.fr/

/* GONE */
FF - user.js: capability.principal.codebase.YummyPlayer_GONE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GONE.id - hxxp://gameone.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SGONE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGONE.id - hxxps://gameone.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_GONEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GONEINT.id - hxxp://gone-int.metaboli.fr/

/* GUDE */
FF - user.js: capability.principal.codebase.YummyPlayer_GUDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GUDE.id - hxxp://gamerunlimited.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SGUDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGUDE.id - hxxps://gamerunlimited.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_GUDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GUDEINT.id - hxxp://gude-int.metaboli.fr/

/* META */
FF - user.js: capability.principal.codebase.YummyPlayer_META.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_META.id - hxxp://metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WMETA.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WMETA.id - hxxp://www.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SMETA.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMETA.id - hxxps://metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WSMETA.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WSMETA.id - hxxps://www.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_METAINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_METAINT.id - hxxp://fr-int.metaboli.fr/

/* MNDE */
FF - user.js: capability.principal.codebase.YummyPlayer_MNDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNDE.id - hxxp://livegames.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SMNDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMNDE.id - hxxps://livegames.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_MNDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNDEINT.id - hxxp://msde-int.metaboli.fr/

/* MNFR */
FF - user.js: capability.principal.codebase.YummyPlayer_MNFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNFR.id - hxxp://livegames.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SMNFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMNFR.id - hxxps://livegames.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_MNFRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNFRINT.id - hxxp://msfr-int.metaboli.fr/

/* MNUK */
FF - user.js: capability.principal.codebase.YummyPlayer_MNUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNUK.id - hxxp://livegames.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SMNUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMNUK.id - hxxps://livegames.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_MNUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNUKINT.id - hxxp://msuk-int.metaboli.fr/

/* NCNU */
FF - user.js: capability.principal.codebase.YummyPlayer_NCNU.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_NCNU.id - hxxp://numericable.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SNCNU.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SNCNU.id - hxxps://numericable.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_NCNUINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_NCNUINT.id - hxxp://ncnu-int.metaboli.fr/

/* QPUK */
FF - user.js: capability.principal.codebase.YummyPlayer_QPUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_QPUK.id - hxxp://quintplay.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SQPUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SQPUK.id - hxxps://quintplay.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_QPUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_QPUKINT.id - hxxp://qpuk-int.metaboli.fr/

/* SFFR */
FF - user.js: capability.principal.codebase.YummyPlayer_SFFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SFFR.id - hxxp://jeux-pc.sfr.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SSFFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSFFR.id - hxxps://jeux-pc.sfr.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SFFRM.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SFFRM.id - hxxp://sfr.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SSFFRM.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSFFRM.id - hxxps://sfr.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SFFRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SFFRINT.id - hxxp://sfr-int.metaboli.fr/

/* SPDE */
FF - user.js: capability.principal.codebase.YummyPlayer_SPDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SPDE.id - hxxp://spieletipps.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SSPDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSPDE.id - hxxps://spieletipps.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SPDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SPDEINT.id - hxxp://spde-int.metaboli.fr/

/* WOJ_ */
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_.id - hxxp://woj-prod.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_.id - hxxps://woj-prod.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_INT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_INT.id - hxxp://woj-int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_INT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_INT.id - hxxps://woj-int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_PP.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_PP.id - hxxp://woj-pp.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_PP.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_PP.id - hxxps://woj-pp.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_PPINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_PPINT.id - hxxp://woj-int.jeu.orange.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_PPINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_PPINT.id - hxxps://woj-int.jeu.orange.fr/

user_pref(capability.principal.codebase.YummyPlayer_XX0001.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0001.id,hxxp://www.neufgame.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0002.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0002.id,hxxps://www.neufgame.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0003.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0003.id,hxxp://neufgame.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0004.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0004.id,hxxp://ad.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0005.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0005.id,hxxps://ad.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0006.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0006.id,hxxp://ads.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0007.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0007.id,hxxps://ads.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0008.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0008.id,hxxp://ads.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0009.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0009.id,hxxps://ads.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0010.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0010.id,hxxp://ads.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0011.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0011.id,hxxps://ads.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0012.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0012.id,hxxp://ag.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0013.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0013.id,hxxps://ag.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0014.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0014.id,hxxp://alice.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0015.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0015.id,hxxps://alice.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0016.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0016.id,hxxp://allocine.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0017.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0017.id,hxxps://allocine.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0018.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0018.id,hxxp://am.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0019.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0019.id,hxxps://am.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0020.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0020.id,hxxp://aol.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0021.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0021.id,hxxps://aol.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0022.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0022.id,hxxp://bc.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0023.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0023.id,hxxps://bc.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0024.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0024.id,hxxp://linternaute.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0025.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0025.id,hxxps://linternaute.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0026.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0026.id,hxxp://bild.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0027.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0027.id,hxxps://bild.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0028.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0028.id,hxxp://btvision.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0029.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0029.id,hxxps://btvision.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0030.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0030.id,hxxp://www.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0031.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0031.id,hxxp://cg.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0032.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0032.id,hxxps://cg.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0033.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0033.id,hxxp://cibleclick.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0034.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0034.id,hxxps://cibleclick.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0035.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0035.id,hxxp://cegetel.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0036.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0036.id,hxxps://cegetel.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0037.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0037.id,hxxp://choc.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0038.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0038.id,hxxps://choc.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0039.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0039.id,hxxp://cj.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0040.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0040.id,hxxps://cj.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0041.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0041.id,hxxp://cj.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0042.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0042.id,hxxps://cj.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0043.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0043.id,hxxp://cj.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0044.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0044.id,hxxps://cj.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0045.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0045.id,hxxp://cj.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0046.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0046.id,hxxps://cj.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0047.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0047.id,hxxp://metaboli.clubic.com);
user_pref(capability.principal.codebase.YummyPlayer_XX0048.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0048.id,hxxps://metaboli.clubic.com);
user_pref(capability.principal.codebase.YummyPlayer_XX0049.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0049.id,hxxp://metaboli.club-internet.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0050.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0050.id,hxxps://metaboli.club-internet.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0051.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0051.id,hxxp://coeur.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0052.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0052.id,hxxps://coeur.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0053.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0053.id,hxxp://come.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0054.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0054.id,hxxps://come.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0055.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0055.id,hxxp://lesaccros2.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0056.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0056.id,hxxps://lesaccros2.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0057.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0057.id,hxxp://surcouf.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0058.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0058.id,hxxps://surcouf.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0059.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0059.id,hxxp://www.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0060.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0060.id,hxxps://www.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0061.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0061.id,hxxp://cs.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0062.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0062.id,hxxps://cs.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0063.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0063.id,hxxp://custompc.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0064.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0064.id,hxxps://custompc.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0065.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0065.id,hxxp://cvg.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0066.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0066.id,hxxps://cvg.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0067.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0067.id,hxxp://daooda.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0068.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0068.id,hxxps://daooda.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0069.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0069.id,hxxp://daooda.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0070.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0070.id,hxxps://daooda.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0071.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0071.id,hxxp://daooda.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0072.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0072.id,hxxps://daooda.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0073.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0073.id,hxxp://digitaldownload.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0074.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0074.id,hxxps://digitaldownload.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0075.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0075.id,hxxp://eurogamer.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0076.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0076.id,hxxps://eurogamer.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0077.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0077.id,hxxp://eurogamer.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0078.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0078.id,hxxps://eurogamer.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0079.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0079.id,hxxp://exagame.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0080.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0080.id,hxxps://exagame.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0081.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0081.id,hxxp://fb.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0082.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0082.id,hxxps://fb.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0083.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0083.id,hxxp://fb.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0084.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0084.id,hxxps://fb.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0085.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0085.id,hxxp://fb.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0086.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0086.id,hxxps://fb.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0087.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0087.id,hxxp://firstcoffee.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0088.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0088.id,hxxps://firstcoffee.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0089.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0089.id,hxxp://fnac.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0090.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0090.id,hxxps://fnac.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0091.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0091.id,hxxp://fox.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0092.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0092.id,hxxps://fox.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0093.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0093.id,hxxp://fox.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0094.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0094.id,hxxps://fox.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0095.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0095.id,hxxp://fox.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0096.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0096.id,hxxps://fox.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0097.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0097.id,hxxp://free.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0098.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0098.id,hxxps://free.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0099.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0099.id,hxxp://funsta.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0100.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0100.id,hxxps://funsta.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0101.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0101.id,hxxp://funsta.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0102.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0102.id,hxxps://funsta.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0103.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0103.id,hxxp://metaboli.funradio.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0104.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0104.id,hxxps://metaboli.funradio.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0105.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0105.id,hxxp://fastweb.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0106.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0106.id,hxxps://fastweb.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0107.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0107.id,hxxp://god1.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0108.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0108.id,hxxps://god1.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0109.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0109.id,hxxp://god2.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0110.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0110.id,hxxps://god2.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0111.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0111.id,hxxp://god3.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0112.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0112.id,hxxps://god3.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0113.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0113.id,hxxp://gamona.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0114.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0114.id,hxxps://gamona.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0115.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0115.id,hxxp://giga.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0116.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0116.id,hxxps://giga.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0117.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0117.id,hxxp://gameseek.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0118.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0118.id,hxxps://gameseek.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0119.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0119.id,hxxp://www.gamesflatrate.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0120.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0120.id,hxxps://www.gamesflatrate.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0121.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0121.id,hxxp://games24.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0122.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0122.id,hxxps://games24.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0123.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0123.id,hxxp://ondemand.game.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0124.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0124.id,hxxps://ondemand.game.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0125.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0125.id,hxxp://google.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0126.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0126.id,hxxps://google.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0127.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0127.id,hxxp://google.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0128.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0128.id,hxxps://google.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0129.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0129.id,hxxp://gameone.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0130.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0130.id,hxxps://gameone.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0131.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0131.id,hxxp://google.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0132.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0132.id,hxxps://google.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0133.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0133.id,hxxp://goog.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0134.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0134.id,hxxps://goog.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0135.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0135.id,hxxp://google.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0136.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0136.id,hxxps://google.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0137.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0137.id,hxxp://gameplay.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0138.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0138.id,hxxps://gameplay.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0139.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0139.id,hxxp://gamesonradar.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0140.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0140.id,hxxps://gamesonradar.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0141.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0141.id,hxxp://gameshadow.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0142.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0142.id,hxxps://gameshadow.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0143.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0143.id,hxxp://gametap.metaboli.com);
user_pref(capability.principal.codebase.YummyPlayer_XX0144.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0144.id,hxxps://gametap.metaboli.com);
user_pref(capability.principal.codebase.YummyPlayer_XX0145.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0145.id,hxxp://gametap2.metaboli.com);
user_pref(capability.principal.codebase.YummyPlayer_XX0146.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0146.id,hxxps://gametap2.metaboli.com);
user_pref(capability.principal.codebase.YummyPlayer_XX0147.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0147.id,hxxp://gamespot.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0148.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0148.id,hxxps://gamespot.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0149.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0149.id,hxxp://gamerunlimited.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0150.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0150.id,hxxps://gamerunlimited.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0151.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0151.id,hxxp://guts.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0152.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0152.id,hxxps://guts.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0153.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0153.id,hxxp://gameswelt.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0154.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0154.id,hxxps://gameswelt.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0155.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0155.id,hxxp://gmx.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0156.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0156.id,hxxps://gmx.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0157.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0157.id,hxxp://hoaxbuster.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0158.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0158.id,hxxps://hoaxbuster.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0159.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0159.id,hxxp://incgamers.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0160.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0160.id,hxxps://incgamers.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0161.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0161.id,hxxp://imbogames.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0162.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0162.id,hxxps://imbogames.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0163.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0163.id,hxxp://ja.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0164.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0164.id,hxxps://ja.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0165.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0165.id,hxxp://janews.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0166.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0166.id,hxxps://janews.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0167.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0167.id,hxxp://jvfr.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0168.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0168.id,hxxps://jvfr.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0169.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0169.id,hxxp://jeux-pc.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0170.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0170.id,hxxps://jeux-pc.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0171.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX01

Réponse 64 / 173

Utilisateur anonyme

ok refais un run Run scan avec OTL toujours les trois cases cochées et "ALL" pour la derniere option colonne de gauche d'OTL

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 65 / 173

maewa95 Messages postés 116 Statut Membre

"All" pour la colonne "extra Registry" ? c'est bien celle-ci ?

Réponse 66 / 173

Utilisateur anonyme

oui

Réponse 67 / 173

maewa95 Messages postés 116 Statut Membre

j'en ai eu deux pour le prix d'un mdr

OTL Extras logfile created on: 11/08/2009 20:51:47 - Run 6
OTL by OldTimer - Version 3.0.10.5 Folder = C:\Documents and Settings\maewa\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1022,79 Mb Total Physical Memory | 780,13 Mb Available Physical Memory | 76,27% Memory free
2,91 Gb Paging File | 2,83 Gb Available in Paging File | 97,21% Paging File free
Paging file location(s): C:\pagefile.sys 2048 2048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 90,61 Gb Free Space | 60,80% Space Free | Partition Type: NTFS
Drive D: | 149,05 Gb Total Space | 73,74 Gb Free Space | 49,47% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SN402039360009
Current User Name: maewa
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 60 Days
Output = Standard

[color=#E56717]========== Extra Registry (All) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- C:\WINDOWS\System32\shell32.DLL (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\System32\ieframe.DLL (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp
"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\StubInstaller.exe" = C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer -- (LimeWire)
"C:\WINDOWS\system32\rtcshare.exe" = C:\WINDOWS\system32\rtcshare.exe:*:Disabled:Partage de l'application RTC -- (Microsoft Corporation)
"C:\Program Files\NetMeeting\conf.exe" = C:\Program Files\NetMeeting\conf.exe:*:Disabled:Windows® NetMeeting® -- (Microsoft Corporation)
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\pour detection config pilotes\ma-config.com\maconfservice.exe" = C:\Program Files\pour detection config pilotes\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice -- (CybelSoft)

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01523985-2098-43AF-9C97-12B07BE02A9B}" = Windows Live Call
"{03B1B42B-F6DE-41d9-8CFF-DC44E895C7A7}" = PhotoGallery
"{059C042E-796A-4ACC-A81A-ECC2010BB78C}" = Windows Live Messenger
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA
"{0C858954-92B6-40C8-84D0-D095070C263C}" = Extension MSN pour Windows Live Toolbar
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Assistant de connexion Windows Live ID
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{172975EB-9465-4861-95B5-C7BB6D3DE62A}" = DocumentViewer
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{21DB3D90-D816-4092-A260-CA3F6B55A6DD}" = Sonic_PrimoSDK
"{2231CE39-B963-4B9D-823A-F412ECA637B1}" = Windows Live Writer
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23A7B376-BBEC-4e76-BBD7-0F155E70D74B}" = CP_Panorama1Config
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{27040F24-7260-4BCE-B45F-E19B40970EEE}" = PE-DESIGN Ver.7
"{27DC4D5B-1EFF-4666-8FED-2A7D32A495AF}" = PE-DESIGN Lite
"{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}" = Player Metaboli
"{2BB6C96F-D886-4494-961B-1AD282F3394B}" = PE-DESIGN Ver7 (Trial version)
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32BDCCB8-9DC8-496d-9DB1-F77510775BDB}" = InstantShareDevices
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36E47DA1-10E1-45d9-8B19-14D19607CDCF}" = CP_CalendarTemplates1
"{3CCB732A-E472-4CF9-B1EE-F18365341FE0}" = Installation Windows Live
"{3E0E698E-28DA-4F2A-91AE-F208B3716283}" = Domino 3D
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3E386744-10FA-44b2-98C9-DF7A270DECB3}" = HP PSC & OfficeJet 5.3.A
"{43563ACB-371B-4C58-8979-B192B390424C}" = Galerie de photos Windows Live
"{47FF921C-E834-47A6-8CE4-F0A99CDE347F}" = ViaMichelin Navigation PND
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Edition Découverte 3.0
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4CD67A02-DF59-43f7-8E8F-86DCF40543EF}" = 2570_Help
"{50E7BB78-02B4-469a-9D8B-B2F42835F90E}" = ProductContextNPI
"{525DE7A9-5A0E-4ED8-85F9-FC67F0B377CC}" = Cartes
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{567C23E1-7580-4185-B8C2-30805677297C}" = NewCopy_CDA
"{56EE8B17-8274-418d-89AC-C057C5DB251E}" = RandMap
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{57C23D06-7708-4778-9005-8C78BABA5513}" = ACDSee Retouche photo
"{59971D79-8111-42C2-9E40-883A0C277E78}" = SweetIM Toolbar for Internet Explorer 3.1
"{5A01C58E-B0EC-49b9-AD71-7C0468688087}" = CP_Package_Basic1
"{5B622B7A-60FB-4630-B11D-F121D20BCCD6}" = MarketResearch
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{63DC2DA0-2A6C-4C38-9249-B75395458657}" = Windows Live Mail
"{64D114CE-4234-45C2-B60A-2B07D5A48F72}" = Microsoft Works 7.0
"{66BA8C26-AFE4-4408-807B-43E76B57EF53}" = SkinsHP1
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D0313C-4F15-437D-9A2D-C1564088A26A}" = Windows Live Sync
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7E27304E-BAA2-4d90-A34E-76641FAFABB4}" = CP_AtenaShokunin1Config
"{8234A27D-C5A4-4F84-8718-3BF34BCFC89F}" = JourneySoftwarePromo
"{83459B05-68A9-4F0F-B840-B5346236DF04}" = ViaMichelin Navigation PND
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 12
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_ENTERPRISER_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_ENTERPRISER_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_ENTERPRISER_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_ENTERPRISER_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_ENTERPRISER_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_ENTERPRISER_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_ENTERPRISER_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISER_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_ENTERPRISER_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}_ENTERPRISER_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_ENTERPRISER_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_ENTERPRISER_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007
"{90120000-00BA-040C-0000-0000000FF1CE}_ENTERPRISER_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90AF040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{915809D6-1F93-45F2-9699-5F1DA64DC24B}" = Windows Live Toolbar
"{91A06334-CB8D-422A-9699-251217674FD4}" = ACDSee 9 Gestionnaire de photos
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{961CE74B-30C0-47D6-ACD9-0C887A5E23F5}" = BitDefender Internet Security 2009
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 3.81
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5BB5365-EFB4-44c3-A7E2-EB59B7EFD23D}" = CueTour
"{A8D91906-4032-4443-8C49-69F90E38F39D}" = 2570
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1036-7B44-A81000000003}" = Adobe Reader 8.1.0 - Français
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B158F76F-76AB-4115-A4F0-4C6EF6956093}_is1" = VirtualDubMOD 1.5.10.3 Fr
"{B208806F-A231-4FA0-AB3F-5C1B8979223E}" = Microsoft ActiveSync 4.0
"{B276997E-4367-4b1b-A39C-4CAE7464337A}" = AiO_Scan_CDA
"{B4D279F1-4309-49cc-A4B5-3A0D2E59C7B5}" = PanoStandAlone
"{B60E7826-F117-4d26-8165-D2DC5A494AB0}" = Fax_CDA
"{B64E3AFC-59EF-4f18-BF11-E751462450D3}" = AiOSoftwareNPI
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{B9C5669B-4705-4046-A3EE-0BFD08D7B668}" = Détecteur de flux Windows Live Toolbar
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C43048A9-742C-4DAD-90D2-E3B53C9DB825}" = Logiciel QuickCam de Logitech
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DD54C6DE-B787-406D-A5A7-A49E0471E45B}" = ACDSee 8
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{E5430A11-6799-41E0-A9D5-F68BDC67AAD8}" = OpenOffice.org 2.1
"{E780E536-16CE-4CD1-8FE0-2D5E52FAA65B}" = Ma-Config.com
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{EB8BAA0D-11EF-4EDC-A960-2AB7CA8F53F0}" = Windows Live Contrôle parental
"{EE55FD52-0D47-4c5a-96EC-48F70FF30520}" = 2570Trb
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F41C11EC-7C13-47A7-A07C-251D96EC3879}" = Les Chevaliers de Baphomet - Les Gardiens du Temple de Salomon
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"CCleaner" = CCleaner (remove only)
"C-Media Audio" = C-Media 3D Audio
"CSCLIB" = Canon Camera Support Core Library
"ENTERPRISER" = Microsoft Office Enterprise 2007
"EOS Utility" = Canon Utilities EOS Utility
"exent_201554" = Post Mortem
"exent_262354" = Aménophis
"exent_280354" = Egypt 3
"exent_314854" = Obscure
"exent_361554" = Still Life
"exent_389354" = Leisure Suit Larry M
"exent_458654" = Arthur et les Minimoys
"exent_617954" = Narnia Chapitre 1
"ffdshow_is1" = ffdshow [rev 497] [2006-11-04]
"FileZilla" = FileZilla (remove only)
"Filters Unlimited_is1" = Filters Unlimited 2.0
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1
"GML GrowCut Mask_is1" = GML GrowCut Mask 1.1
"hp deskjet 5550 series" = hp deskjet 5550 series (Supprimer uniquement)
"HP Document Viewer" = HP Document Viewer 5.3
"HP Imaging Device Functions" = HP Imaging Device Functions 5.3
"HP Photo & Imaging" = HP Image Zone 5.3
"hp print screen utility" = hp print screen utility
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"HPExtendedCapabilities" = HP Extended Capabilities 5.3
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Imikimi Plugin" = Imikimi Plugin
"Le pic rouge_is1" = Le pic rouge
"Logitech Print Service" = Logitech Print Service
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.0.13)" = Mozilla Firefox (3.0.13)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PhotoFiltre" = PhotoFiltre
"PhotoStitch" = Canon Utilities PhotoStitch
"QcDrv" = Programme de gestion Camera de Logitech®
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"ScMgr30Uninstall" = Caere Scan Manager 4.01
"Uninstall_is1" = Uninstall 1.0.0.0
"VLC media player" = VideoLAN VLC media player 0.8.6f
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"Windows XP Service" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Installation Windows Live
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"Zylom Games Player Plugin" = Zylom Games Player Plugin

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 11/08/2009 11:54:22 | Computer Name = SN402039360009 | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : Cette connexion réseau n'existe pas.

Error - 11/08/2009 11:54:22 | Computer Name = SN402039360009 | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : Cette connexion réseau n'existe pas.

Error - 11/08/2009 13:44:08 | Computer Name = SN402039360009 | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : The server name or address could not be resolved

Error - 11/08/2009 13:44:08 | Computer Name = SN402039360009 | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : Cette connexion réseau n'existe pas.

Error - 11/08/2009 13:44:08 | Computer Name = SN402039360009 | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : Cette connexion réseau n'existe pas.

Error - 11/08/2009 13:44:08 | Computer Name = SN402039360009 | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : Cette connexion réseau n'existe pas.

Error - 11/08/2009 13:44:14 | Computer Name = SN402039360009 | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : Cette connexion réseau n'existe pas.

Error - 11/08/2009 13:44:14 | Computer Name = SN402039360009 | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : Cette connexion réseau n'existe pas.

Error - 11/08/2009 13:44:14 | Computer Name = SN402039360009 | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : Cette connexion réseau n'existe pas.

Error - 11/08/2009 13:44:14 | Computer Name = SN402039360009 | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : Cette connexion réseau n'existe pas.

[ OSession Events ]
Error - 07/08/2008 02:44:22 | Computer Name = SN402039360009 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.4518.1014. This session lasted 286
seconds with 240 seconds of active time. This session ended with a crash.

Error - 05/05/2009 05:33:03 | Computer Name = SN402039360009 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 20
seconds with 0 seconds of active time. This session ended with a crash.

Error - 05/05/2009 05:33:22 | Computer Name = SN402039360009 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 29
seconds with 0 seconds of active time. This session ended with a crash.

Error - 05/05/2009 05:33:41 | Computer Name = SN402039360009 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 27
seconds with 0 seconds of active time. This session ended with a crash.

Error - 05/05/2009 05:34:01 | Computer Name = SN402039360009 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 32
seconds with 0 seconds of active time. This session ended with a crash.

Error - 05/05/2009 05:34:18 | Computer Name = SN402039360009 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 30
seconds with 0 seconds of active time. This session ended with a crash.

Error - 05/05/2009 05:34:57 | Computer Name = SN402039360009 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 51
seconds with 0 seconds of active time. This session ended with a crash.

Error - 10/05/2009 06:10:06 | Computer Name = SN402039360009 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 30
seconds with 0 seconds of active time. This session ended with a crash.

Error - 10/05/2009 06:10:58 | Computer Name = SN402039360009 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 39
seconds with 0 seconds of active time. This session ended with a crash.

Error - 14/06/2009 08:00:46 | Computer Name = SN402039360009 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 85
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 11/08/2009 13:30:19 | Computer Name = SN402039360009 | Source = Service Control Manager | ID = 7001
Description = Le service Services IPSEC dépend du service Pilote IPSEC qui n'a pas
pu démarrer en raison de l'erreur : %%31

Error - 11/08/2009 13:30:19 | Computer Name = SN402039360009 | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : AFD bdftdif Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip

Error - 11/08/2009 13:33:05 | Computer Name = SN402039360009 | Source = Service Control Manager | ID = 7009
Description = Délai (30000 millisecondes) d'attente pour une connexion du service
PEVSystemStart.

Error - 11/08/2009 13:45:01 | Computer Name = SN402039360009 | Source = Service Control Manager | ID = 7009
Description = Délai (30000 millisecondes) d'attente pour une connexion du service
PEVSystemStart.

Error - 11/08/2009 13:45:03 | Computer Name = SN402039360009 | Source = Service Control Manager | ID = 7009
Description = Délai (30000 millisecondes) d'attente pour une connexion du service
PEVSystemStart.

Error - 11/08/2009 13:52:20 | Computer Name = SN402039360009 | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service StiSvc
avec les arguments "" pour démarrer le serveur : {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 11/08/2009 13:52:44 | Computer Name = SN402039360009 | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem
avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 11/08/2009 13:54:09 | Computer Name = SN402039360009 | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 192.168.0.2 pour la carte réseau dont l'adresse
réseau est 0013D41DE147 a été refusé par le serveur DHCP 78.250.255.253 (celui-ci
a envoyé un message DHCPNACK).

Error - 11/08/2009 13:54:40 | Computer Name = SN402039360009 | Source = DCOM | ID = 10005
Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem
avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 11/08/2009 13:55:40 | Computer Name = SN402039360009 | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : Fips intelppm

< End of report >

OTL Extras logfile created on: 11/08/2009 20:51:47 - Run 6
OTL by OldTimer - Version 3.0.10.5 Folder = C:\Documents and Settings\maewa\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1022,79 Mb Total Physical Memory | 780,13 Mb Available Physical Memory | 76,27% Memory free
2,91 Gb Paging File | 2,83 Gb Available in Paging File | 97,21% Paging File free
Paging file location(s): C:\pagefile.sys 2048 2048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 90,61 Gb Free Space | 60,80% Space Free | Partition Type: NTFS
Drive D: | 149,05 Gb Total Space | 73,74 Gb Free Space | 49,47% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SN402039360009
Current User Name: maewa
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 60 Days
Output = Standard

[color=#E56717]========== Extra Registry (All) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- C:\WINDOWS\System32\shell32.DLL (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\System32\ieframe.DLL (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp
"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\StubInstaller.exe" = C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer -- (LimeWire)
"C:\WINDOWS\system32\rtcshare.exe" = C:\WINDOWS\system32\rtcshare.exe:*:Disabled:Partage de l'application RTC -- (Microsoft Corporation)
"C:\Program Files\NetMeeting\conf.exe" = C:\Program Files\NetMeeting\conf.exe:*:Disabled:Windows® NetMeeting® -- (Microsoft Corporation)
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\pour detection config pilotes\ma-config.com\maconfservice.exe" = C:\Program Files\pour detection config pilotes\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice -- (CybelSoft)

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01523985-2098-43AF-9C97-12B07BE02A9B}" = Windows Live Call
"{03B1B42B-F6DE-41d9-8CFF-DC44E895C7A7}" = PhotoGallery
"{059C042E-796A-4ACC-A81A-ECC2010BB78C}" = Windows Live Messenger
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA
"{0C858954-92B6-40C8-84D0-D095070C263C}" = Extension MSN pour Windows Live Toolbar
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Assistant de connexion Windows Live ID
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{172975EB-9465-4861-95B5-C7BB6D3DE62A}" = DocumentViewer
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{21DB3D90-D816-4092-A260-CA3F6B55A6DD}" = Sonic_PrimoSDK
"{2231CE39-B963-4B9D-823A-F412ECA637B1}" = Windows Live Writer
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23A7B376-BBEC-4e76-BBD7-0F155E70D74B}" = CP_Panorama1Config
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{27040F24-7260-4BCE-B45F-E19B40970EEE}" = PE-DESIGN Ver.7
"{27DC4D5B-1EFF-4666-8FED-2A7D32A495AF}" = PE-DESIGN Lite
"{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}" = Player Metaboli
"{2BB6C96F-D886-4494-961B-1AD282F3394B}" = PE-DESIGN Ver7 (Trial version)
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32BDCCB8-9DC8-496d-9DB1-F77510775BDB}" = InstantShareDevices
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36E47DA1-10E1-45d9-8B19-14D19607CDCF}" = CP_CalendarTemplates1
"{3CCB732A-E472-4CF9-B1EE-F18365341FE0}" = Installation Windows Live
"{3E0E698E-28DA-4F2A-91AE-F208B3716283}" = Domino 3D
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3E386744-10FA-44b2-98C9-DF7A270DECB3}" = HP PSC & OfficeJet 5.3.A
"{43563ACB-371B-4C58-8979-B192B390424C}" = Galerie de photos Windows Live
"{47FF921C-E834-47A6-8CE4-F0A99CDE347F}" = ViaMichelin Navigation PND
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Edition Découverte 3.0
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4CD67A02-DF59-43f7-8E8F-86DCF40543EF}" = 2570_Help
"{50E7BB78-02B4-469a-9D8B-B2F42835F90E}" = ProductContextNPI
"{525DE7A9-5A0E-4ED8-85F9-FC67F0B377CC}" = Cartes
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{567C23E1-7580-4185-B8C2-30805677297C}" = NewCopy_CDA
"{56EE8B17-8274-418d-89AC-C057C5DB251E}" = RandMap
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{57C23D06-7708-4778-9005-8C78BABA5513}" = ACDSee Retouche photo
"{59971D79-8111-42C2-9E40-883A0C277E78}" = SweetIM Toolbar for Internet Explorer 3.1
"{5A01C58E-B0EC-49b9-AD71-7C0468688087}" = CP_Package_Basic1
"{5B622B7A-60FB-4630-B11D-F121D20BCCD6}" = MarketResearch
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{63DC2DA0-2A6C-4C38-9249-B75395458657}" = Windows Live Mail
"{64D114CE-4234-45C2-B60A-2B07D5A48F72}" = Microsoft Works 7.0
"{66BA8C26-AFE4-4408-807B-43E76B57EF53}" = SkinsHP1
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D0313C-4F15-437D-9A2D-C1564088A26A}" = Windows Live Sync
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7E27304E-BAA2-4d90-A34E-76641FAFABB4}" = CP_AtenaShokunin1Config
"{8234A27D-C5A4-4F84-8718-3BF34BCFC89F}" = JourneySoftwarePromo
"{83459B05-68A9-4F0F-B840-B5346236DF04}" = ViaMichelin Navigation PND
"{89F4137D-6C26-4A84-BDB8-2

Réponse 68 / 173

Utilisateur anonyme

et tu peux m'envoyer l'OTL.txt par cijoint.fr stp ?

Réponse 69 / 173

maewa95 Messages postés 116 Statut Membre

zoup là, le voici, le voilou

http://www.cijoint.fr/cjlink.php?file=cj200908/cijkUJZ85i.txt

Réponse 70 / 173

Utilisateur anonyme

▶ Clique sur le menu Demarrer /Panneau de configuration/Options des dossiers/ puis dans l'onglet Affichage
* - Coche Afficher les fichiers et dossiers cachés
* - Décoche Masquer les extensions des fichiers dont le type est connu
* - Décoche Masquer les fichiers protégés du système d'exploitation (recommandé)

▶ clique sur Appliquer, puis OK.

N'oublie pas de recacher à nouveau les fichiers cachés et protégés du système d'exploitation en fin de désinfection, c'est important

Fais analyser le(s) fichier(s) suivants sur Virustotal :

Virus Total

* Clique sur Parcourir en haut, choisis Poste de travail et cherche ces fichiers :

C:\WINDOWS\Tpwf016.dll
C:\WINDOWS\System32\sh33w32.dll

* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté
* Une nouvelle fenêtre de ton navigateur va apparaître
* Clique alors sur les deux fleches
* Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
* Enfin colle le résultat dans ta prochaine réponse.

Note : Pour analyser un autre fichier, clique en bas sur Autre fichier.

Réponse 71 / 173

maewa95 Messages postés 116 Statut Membre

voici l'analyse du fichier tpwf016.dll :

Fichier Tpwf016.dll reçu le 2009.08.11 19:48:41 (UTC)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.24 2009.08.11 -
AhnLab-V3 5.0.0.2 2009.08.11 -
AntiVir 7.9.1.0 2009.08.11 -
Antiy-AVL 2.0.3.7 2009.08.11 -
Authentium 5.1.2.4 2009.08.11 -
Avast 4.8.1335.0 2009.08.10 -
AVG 8.5.0.406 2009.08.11 -
BitDefender 7.2 2009.08.11 -
CAT-QuickHeal 10.00 2009.08.11 -
ClamAV 0.94.1 2009.08.11 -
Comodo 1945 2009.08.11 -
DrWeb 5.0.0.12182 2009.08.11 -
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6672 2009.08.11 -
F-Prot 4.4.4.56 2009.08.10 -
F-Secure 8.0.14470.0 2009.08.11 -
Fortinet 3.120.0.0 2009.08.11 -
GData 19 2009.08.11 -
Ikarus T3.1.1.64.0 2009.08.11 -
K7AntiVirus 7.10.816 2009.08.11 -
Kaspersky 7.0.0.125 2009.08.11 -
McAfee 5706 2009.08.11 -
McAfee+Artemis 5706 2009.08.11 -
McAfee-GW-Edition 6.8.5 2009.08.11 -
Microsoft 1.4903 2009.08.11 -
NOD32 4326 2009.08.11 -
nProtect 2009.1.8.0 2009.08.11 -
Panda 10.0.0.14 2009.08.11 -
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.11 -
Rising 21.42.14.00 2009.08.11 -
Sophos 4.44.0 2009.08.11 -
Sunbelt 3.2.1858.2 2009.08.11 -
Symantec 1.4.4.12 2009.08.11 -
TheHacker 6.3.4.3.380 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.11 -
VBA32 3.12.10.9 2009.08.10 -
ViRobot 2009.8.11.1879 2009.08.11 -
VirusBuster 4.6.5.0 2009.08.11 -
Information additionnelle
File size: 34304 bytes
MD5...: 5e940998d7bf9de5ada29914757c779a
SHA1..: ff93d321af37db4f5a819502b006aedf3cfe15b0
SHA256: 8c92cb649e30f23b7ac9affa2dd20c4ae04114c8c8048c3d91cf04db01b791a2
ssdeep: 384:F1HSsB7SQeAb/1PU5LOe3+k56oNEGF2V3FXifFzfz3uDojR7yh30DO3:uQ7c<br>cNPU7IgaVIFzaDoQ30<br>
PEiD..: -
TrID..: File type identification<br>Win32 Executable MS Visual C++ 4.x (69.2%)<br>Win32 Executable MS Visual C++ (generic) (19.3%)<br>Win32 Executable Generic (4.3%)<br>Win32 Dynamic Link Library (generic) (3.8%)<br>Win16/32 Executable Delphi generic (1.0%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x1810<br>timedatestamp.....: 0x3343be63 (Thu Apr 03 14:27:47 1997)<br>machinetype.......: 0x14c (I386)<br><br>( 5 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x4f75 0x5000 6.38 580454580e7e6b3bce9b76aeb5012e8b<br>.rdata 0x6000 0x2ee 0x400 3.93 eb5ec01c758223fa634cca4404fe02db<br>.data 0x7000 0x31c4 0x2000 3.78 3ee131e462e22214172ee678a3eadc93<br>.idata 0xb000 0x4f4 0x600 4.38 7ee7268ca05d6cf2c6051b11ca5b8944<br>.reloc 0xc000 0x6de 0x800 4.39 285a69d26a14c80f65b19efed1c65ba6<br><br>( 1 imports ) <br>> KERNEL32.dll: GetModuleFileNameA, GlobalFree, GetACP, GetCPInfo, GetCommandLineA, GetProcAddress, GetModuleHandleA, GetVersion, LoadLibraryA, GetCurrentThreadId, TlsSetValue, TlsAlloc, TlsFree, SetLastError, TlsGetValue, GetLastError, ExitProcess, HeapCreate, HeapDestroy, SetHandleCount, GetFileType, GetStdHandle, GetStartupInfoA, DeleteCriticalSection, lstrcpyA, SetStdHandle, SetFilePointer, GetOEMCP, FreeEnvironmentStringsA, MultiByteToWideChar, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, WideCharToMultiByte, WriteFile, HeapAlloc, InitializeCriticalSection, EnterCriticalSection, LeaveCriticalSection, HeapFree, GetStringTypeA, GetStringTypeW, LCMapStringA, LCMapStringW, FlushFileBuffers, CloseHandle<br><br>( 21 exports ) <br>TPW_class, TPW_computeBorder, TPW_filter, TPW_icon, TPW_infoBitmap, TPW_infoText, TPW_margin, TPW_nameBitmap, TPW_nameText, TPW_nextDstRect, TPW_nextSrcRect, TPW_partSize, TPW_rectwidth, TPW_sliderDefaultSetting, TPW_sliderDescription, TPW_sliderIsActive, TPW_special, TPW_startDstRect, TPW_startSrcRect, TPW_totalSize, TPW_version<br>
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-

Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.24 2009.08.11 -
AhnLab-V3 5.0.0.2 2009.08.11 -
AntiVir 7.9.1.0 2009.08.11 -
Antiy-AVL 2.0.3.7 2009.08.11 -
Authentium 5.1.2.4 2009.08.11 -
Avast 4.8.1335.0 2009.08.10 -
AVG 8.5.0.406 2009.08.11 -
BitDefender 7.2 2009.08.11 -
CAT-QuickHeal 10.00 2009.08.11 -
ClamAV 0.94.1 2009.08.11 -
Comodo 1945 2009.08.11 -
DrWeb 5.0.0.12182 2009.08.11 -
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6672 2009.08.11 -
F-Prot 4.4.4.56 2009.08.10 -
F-Secure 8.0.14470.0 2009.08.11 -
Fortinet 3.120.0.0 2009.08.11 -
GData 19 2009.08.11 -
Ikarus T3.1.1.64.0 2009.08.11 -
K7AntiVirus 7.10.816 2009.08.11 -
Kaspersky 7.0.0.125 2009.08.11 -
McAfee 5706 2009.08.11 -
McAfee+Artemis 5706 2009.08.11 -
McAfee-GW-Edition 6.8.5 2009.08.11 -
Microsoft 1.4903 2009.08.11 -
NOD32 4326 2009.08.11 -
nProtect 2009.1.8.0 2009.08.11 -
Panda 10.0.0.14 2009.08.11 -
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.11 -
Rising 21.42.14.00 2009.08.11 -
Sophos 4.44.0 2009.08.11 -
Sunbelt 3.2.1858.2 2009.08.11 -
Symantec 1.4.4.12 2009.08.11 -
TheHacker 6.3.4.3.380 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.11 -
VBA32 3.12.10.9 2009.08.10 -
ViRobot 2009.8.11.1879 2009.08.11 -
VirusBuster 4.6.5.0 2009.08.11 -

Information additionnelle
File size: 34304 bytes
MD5...: 5e940998d7bf9de5ada29914757c779a
SHA1..: ff93d321af37db4f5a819502b006aedf3cfe15b0
SHA256: 8c92cb649e30f23b7ac9affa2dd20c4ae04114c8c8048c3d91cf04db01b791a2
ssdeep: 384:F1HSsB7SQeAb/1PU5LOe3+k56oNEGF2V3FXifFzfz3uDojR7yh30DO3:uQ7c<br>cNPU7IgaVIFzaDoQ30<br>
PEiD..: -
TrID..: File type identification<br>Win32 Executable MS Visual C++ 4.x (69.2%)<br>Win32 Executable MS Visual C++ (generic) (19.3%)<br>Win32 Executable Generic (4.3%)<br>Win32 Dynamic Link Library (generic) (3.8%)<br>Win16/32 Executable Delphi generic (1.0%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x1810<br>timedatestamp.....: 0x3343be63 (Thu Apr 03 14:27:47 1997)<br>machinetype.......: 0x14c (I386)<br><br>( 5 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x4f75 0x5000 6.38 580454580e7e6b3bce9b76aeb5012e8b<br>.rdata 0x6000 0x2ee 0x400 3.93 eb5ec01c758223fa634cca4404fe02db<br>.data 0x7000 0x31c4 0x2000 3.78 3ee131e462e22214172ee678a3eadc93<br>.idata 0xb000 0x4f4 0x600 4.38 7ee7268ca05d6cf2c6051b11ca5b8944<br>.reloc 0xc000 0x6de 0x800 4.39 285a69d26a14c80f65b19efed1c65ba6<br><br>( 1 imports ) <br>> KERNEL32.dll: GetModuleFileNameA, GlobalFree, GetACP, GetCPInfo, GetCommandLineA, GetProcAddress, GetModuleHandleA, GetVersion, LoadLibraryA, GetCurrentThreadId, TlsSetValue, TlsAlloc, TlsFree, SetLastError, TlsGetValue, GetLastError, ExitProcess, HeapCreate, HeapDestroy, SetHandleCount, GetFileType, GetStdHandle, GetStartupInfoA, DeleteCriticalSection, lstrcpyA, SetStdHandle, SetFilePointer, GetOEMCP, FreeEnvironmentStringsA, MultiByteToWideChar, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, WideCharToMultiByte, WriteFile, HeapAlloc, InitializeCriticalSection, EnterCriticalSection, LeaveCriticalSection, HeapFree, GetStringTypeA, GetStringTypeW, LCMapStringA, LCMapStringW, FlushFileBuffers, CloseHandle<br><br>( 21 exports ) <br>TPW_class, TPW_computeBorder, TPW_filter, TPW_icon, TPW_infoBitmap, TPW_infoText, TPW_margin, TPW_nameBitmap, TPW_nameText, TPW_nextDstRect, TPW_nextSrcRect, TPW_partSize, TPW_rectwidth, TPW_sliderDefaultSetting, TPW_sliderDescription, TPW_sliderIsActive, TPW_special, TPW_startDstRect, TPW_startSrcRect, TPW_totalSize, TPW_version<br>
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-

Réponse 72 / 173

maewa95 Messages postés 116 Statut Membre

heuuuuuu là, pour le fichier system32\sh33w32.dll j'ai eu le message suivant : ce fichier a déjà été analysé et il m'a donné un permalien. Pourtant je ne l'avais pas lancé avant !

bon voici ce que j'ai eu en allant sur le permalien

Fichier sh33w32.dll reçu le 2009.06.18 11:14:13 (UTC)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.18 2009.06.18 -
AhnLab-V3 5.0.0.2 2009.06.18 -
AntiVir 7.9.0.191 2009.06.18 -
Antiy-AVL 2.0.3.1 2009.06.18 -
Authentium 5.1.2.4 2009.06.18 -
Avast 4.8.1335.0 2009.06.17 -
AVG 8.5.0.339 2009.06.18 -
BitDefender 7.2 2009.06.18 -
CAT-QuickHeal 10.00 2009.06.18 -
ClamAV 0.94.1 2009.06.18 -
Comodo 1362 2009.06.18 -
DrWeb 5.0.0.12182 2009.06.18 -
eSafe 7.0.17.0 2009.06.17 -
eTrust-Vet 31.6.6567 2009.06.18 -
F-Prot 4.4.4.56 2009.06.17 -
F-Secure 8.0.14470.0 2009.06.18 -
Fortinet 3.117.0.0 2009.06.18 -
GData 19 2009.06.18 -
Ikarus T3.1.1.59.0 2009.06.18 -
Jiangmin 11.0.706 2009.06.18 -
K7AntiVirus 7.10.766 2009.06.17 -
Kaspersky 7.0.0.125 2009.06.18 -
McAfee 5649 2009.06.17 -
McAfee+Artemis 5649 2009.06.17 -
McAfee-GW-Edition 6.7.6 2009.06.18 -
Microsoft 1.4701 2009.06.18 -
NOD32 4166 2009.06.18 -
Norman 6.01.09 2009.06.17 -
nProtect 2009.1.8.0 2009.06.18 -
Panda 10.0.0.14 2009.06.17 -
PCTools 4.4.2.0 2009.06.17 -
Prevx 3.0 2009.06.18 -
Rising 21.34.33.00 2009.06.18 -
Sophos 4.42.0 2009.06.18 -
Sunbelt 3.2.1858.2 2009.06.18 -
Symantec 1.4.4.12 2009.06.18 -
TheHacker 6.3.4.3.348 2009.06.17 -
TrendMicro 8.950.0.1094 2009.06.18 -
VBA32 3.12.10.7 2009.06.18 -
ViRobot 2009.6.18.1794 2009.06.18 -
VirusBuster 4.6.5.0 2009.06.17 -
Information additionnelle
File size: 108032 bytes
MD5   : 9ee770044e1e9ce205bf5605c5b4bc58
SHA1  : 95013c7f1de4a54f8be2f2057e9ad7987430df31
SHA256: d0033f9b0960f10a91d081d152e3e863d1149c763c3a3347c030436644aa9185
PEInfo: PE Structure information<br> <br> ( base data )<br> entrypointaddress.: 0xCAED<br> timedatestamp.....: 0x3393C00F (Tue Jun 3 08:56:15 1997)<br> machinetype.......: 0x14C (Intel I386)<br> <br> ( 9 sections )<br> name viradd virsiz rawdsiz ntrpy md5<br> .text 0x1000 0xF632 0xF800 6.47 e1c8989da83c44e22467c62eaed3f910<br>.bss 0x11000 0x1514 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<br>.sdata 0x13000 0x10C 0x200 0.00 bf619eac0cdf3f68d496ea9344137e8b<br>.rdata 0x14000 0x25D 0x400 3.27 0a1946d05c169e6d744a878d61c9117b<br>.data 0x15000 0x61C4 0x6200 2.36 166e0a9ea6cfd4b27ba7fe082a3d429e<br>.idata 0x1C000 0x9D4 0xA00 5.82 b2f772be8cc55af51f8b792bdc32dad7<br>.edata 0x1D000 0xB13 0xC00 3.93 c41ad6106bca66c7561b722bf717082f<br>.rsrc 0x1E000 0x314 0x400 2.80 3082472e35418d8a616f23cc57685683<br>.reloc 0x1F000 0x1114 0x1200 6.07 a4dac991abf18862473f8ba12750c639<br> <br> ( 3 imports )<br> <br>> advapi32.dll: RegCloseKey, RegOpenKeyExA, RegCreateKeyExA, RegSetValueExA, RegQueryValueExA<br>> kernel32.dll: VirtualLock, VirtualAlloc, VirtualFree, VirtualQuery, HeapAlloc, GetProcessHeap, HeapReAlloc, HeapFree, IsBadCodePtr, UnmapViewOfFile, MapViewOfFileEx, CreateFileMappingA, OpenFileMappingA, GetSystemInfo, OpenProcess, GetCurrentProcess, VirtualQueryEx, WaitForMultipleObjects, GetLastError, SetThreadPriority, CreateRemoteThread, ReadProcessMemory, InterlockedIncrement, OpenMutexA, MapViewOfFile, GetCurrentProcessId, CreateMutexA, GetCurrentThreadId, CreateEventA, SetEvent, GetVersion, GetModuleFileNameA, GetProcAddress, VirtualProtect, WriteProcessMemory, GetModuleHandleA, LoadLibraryA, LoadLibraryW, GetModuleHandleW, LoadLibraryExA, LoadLibraryExW, FreeLibrary, DeleteCriticalSection, CloseHandle, GetProcessHeaps, LeaveCriticalSection, LocalHandle, HeapLock, HeapSize, RaiseException, HeapDestroy, SetLastError, GlobalFlags, GlobalFree, GlobalHandle, GlobalLock, GlobalReAlloc, GlobalUnlock, RtlUnwind, GetEnvironmentStrings, GetCommandLineA, TlsSetValue, TlsAlloc, TlsFree, TlsGetValue, ExitProcess, WriteFile, GetACP, GetOEMCP, GetCPInfo, GetStdHandle, GetFileType, GetStartupInfoA, SetFilePointer, WideCharToMultiByte, CreateFileA, MultiByteToWideChar, SetStdHandle, FlushFileBuffers, SetEndOfFile, ReadFile, InitializeCriticalSection, WaitForSingleObject, ReleaseMutex, EnterCriticalSection, HeapWalk, ExitThread, HeapUnlock<br>> user32.dll: IsWindow, MessageBeep, MessageBoxA<br> <br> ( 1 exports )<br> <br>> @_shi_deletePage@8, @_shi_initPageVariable@8, @_shi_sysAlloc@8, @_shi_sysFree@4, @_shi_sysSize@4, MemAlloc, MemAllocFS, MemAllocPtr, MemCheckPtr, MemDefaultErrorHandler, MemErrorUnwind, MemFix, MemFree, MemFreeFS, MemFreePtr, MemHandle, MemIsMoveable, MemLock, MemLockCount, MemPoolAttachShared, MemPoolCheck, MemPoolCount, MemPoolFirst, MemPoolFree, MemPoolInfo, MemPoolInit, MemPoolInitFS, MemPoolInitNamedShared, MemPoolInitNamedSharedEx, MemPoolInitRegion, MemPoolLock, MemPoolNext, MemPoolPreAllocate, MemPoolPreAllocateHandles, MemPoolSetBlockSizeFS, MemPoolSetCeiling, MemPoolSetFloor, MemPoolSetPageSize, MemPoolSetSmallBlockSize, MemPoolShrink, MemPoolSize, MemPoolUnlock, MemPoolWalk, MemReAlloc, MemReAllocPtr, MemRegisterTask, MemSetErrorHandler, MemSize, MemSizePtr, MemSizeRequested, MemUnfix, MemUnlock, MemUnregisterTask, MemVersion, _shi_MemFreeDefaultPool@0, _shi_MemInitDefaultPool@0, _shi_deleteStdcall@4, _shi_enterCriticalSection, _shi_leaveCriticalSection, _shi_newStdcall@4, shi_MemDefaultPool, shi_calloc, shi_delete, shi_expand, shi_free, shi_heapadd, shi_heapchk, shi_heapmin, shi_heapset, shi_heapused, shi_heapwalk, shi_malloc, shi_msize, shi_new, shi_realloc, shi_set_new_handler
TrID  : File type identification<br>Win32 Executable MS Visual C++ (generic) (65.2%)<br>Win32 Executable Generic (14.7%)<br>Win32 Dynamic Link Library (generic) (13.1%)<br>Generic Win/DOS Executable (3.4%)<br>DOS Executable Generic (3.4%)
ssdeep: 3072:EdPymhFflYmXgCaPdT9IMUFMtwOTo5BB2kNDwI46mf:JUEdTaOT0B2kq6C
PEiD  : -
RDS   : NSRL Reference Data Set<br><br>( Hewlett Packard )<br><br>HP scanjet 7400c series: sh33w32.dll<br>( Vivendi Universal Games )<br><br>Little People Discovery Games: SH33W32.DLL<br>( Novell Inc. )<br><br>CNE Net NetWare 5 Beta 3: SH33W32.DLL<br>( Corel Corporation )<br><br>1,300,000 Corel Gallery: sh33w32.dllCorel Draw 8: SH33W32.DLLCorel Print House 6: sh33w32.dllCorel PrintOffice: sh33w32.dllGallery: sh33w32.dllPrint House Magic: SH33W32.DLLPrint House Magic: SH33W32.DLLPrint Office: sh33w32.dll<br>( WRQ )<br><br>Reflection Evaluator: sh33w32.dll

Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.18 2009.06.18 -
AhnLab-V3 5.0.0.2 2009.06.18 -
AntiVir 7.9.0.191 2009.06.18 -
Antiy-AVL 2.0.3.1 2009.06.18 -
Authentium 5.1.2.4 2009.06.18 -
Avast 4.8.1335.0 2009.06.17 -
AVG 8.5.0.339 2009.06.18 -
BitDefender 7.2 2009.06.18 -
CAT-QuickHeal 10.00 2009.06.18 -
ClamAV 0.94.1 2009.06.18 -
Comodo 1362 2009.06.18 -
DrWeb 5.0.0.12182 2009.06.18 -
eSafe 7.0.17.0 2009.06.17 -
eTrust-Vet 31.6.6567 2009.06.18 -
F-Prot 4.4.4.56 2009.06.17 -
F-Secure 8.0.14470.0 2009.06.18 -
Fortinet 3.117.0.0 2009.06.18 -
GData 19 2009.06.18 -
Ikarus T3.1.1.59.0 2009.06.18 -
Jiangmin 11.0.706 2009.06.18 -
K7AntiVirus 7.10.766 2009.06.17 -
Kaspersky 7.0.0.125 2009.06.18 -
McAfee 5649 2009.06.17 -
McAfee+Artemis 5649 2009.06.17 -
McAfee-GW-Edition 6.7.6 2009.06.18 -
Microsoft 1.4701 2009.06.18 -
NOD32 4166 2009.06.18 -
Norman 6.01.09 2009.06.17 -
nProtect 2009.1.8.0 2009.06.18 -
Panda 10.0.0.14 2009.06.17 -
PCTools 4.4.2.0 2009.06.17 -
Prevx 3.0 2009.06.18 -
Rising 21.34.33.00 2009.06.18 -
Sophos 4.42.0 2009.06.18 -
Sunbelt 3.2.1858.2 2009.06.18 -
Symantec 1.4.4.12 2009.06.18 -
TheHacker 6.3.4.3.348 2009.06.17 -
TrendMicro 8.950.0.1094 2009.06.18 -
VBA32 3.12.10.7 2009.06.18 -
ViRobot 2009.6.18.1794 2009.06.18 -
VirusBuster 4.6.5.0 2009.06.17 -

Information additionnelle
File size: 108032 bytes
MD5   : 9ee770044e1e9ce205bf5605c5b4bc58
SHA1  : 95013c7f1de4a54f8be2f2057e9ad7987430df31
SHA256: d0033f9b0960f10a91d081d152e3e863d1149c763c3a3347c030436644aa9185
PEInfo: PE Structure information<br> <br> ( base data )<br> entrypointaddress.: 0xCAED<br> timedatestamp.....: 0x3393C00F (Tue Jun 3 08:56:15 1997)<br> machinetype.......: 0x14C (Intel I386)<br> <br> ( 9 sections )<br> name viradd virsiz rawdsiz ntrpy md5<br> .text 0x1000 0xF632 0xF800 6.47 e1c8989da83c44e22467c62eaed3f910<br>.bss 0x11000 0x1514 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<br>.sdata 0x13000 0x10C 0x200 0.00 bf619eac0cdf3f68d496ea9344137e8b<br>.rdata 0x14000 0x25D 0x400 3.27 0a1946d05c169e6d744a878d61c9117b<br>.data 0x15000 0x61C4 0x6200 2.36 166e0a9ea6cfd4b27ba7fe082a3d429e<br>.idata 0x1C000 0x9D4 0xA00 5.82 b2f772be8cc55af51f8b792bdc32dad7<br>.edata 0x1D000 0xB13 0xC00 3.93 c41ad6106bca66c7561b722bf717082f<br>.rsrc 0x1E000 0x314 0x400 2.80 3082472e35418d8a616f23cc57685683<br>.reloc 0x1F000 0x1114 0x1200 6.07 a4dac991abf18862473f8ba12750c639<br> <br> ( 3 imports )<br> <br>> advapi32.dll: RegCloseKey, RegOpenKeyExA, RegCreateKeyExA, RegSetValueExA, RegQueryValueExA<br>> kernel32.dll: VirtualLock, VirtualAlloc, VirtualFree, VirtualQuery, HeapAlloc, GetProcessHeap, HeapReAlloc, HeapFree, IsBadCodePtr, UnmapViewOfFile, MapViewOfFileEx, CreateFileMappingA, OpenFileMappingA, GetSystemInfo, OpenProcess, GetCurrentProcess, VirtualQueryEx, WaitForMultipleObjects, GetLastError, SetThreadPriority, CreateRemoteThread, ReadProcessMemory, InterlockedIncrement, OpenMutexA, MapViewOfFile, GetCurrentProcessId, CreateMutexA, GetCurrentThreadId, CreateEventA, SetEvent, GetVersion, GetModuleFileNameA, GetProcAddress, VirtualProtect, WriteProcessMemory, GetModuleHandleA, LoadLibraryA, LoadLibraryW, GetModuleHandleW, LoadLibraryExA, LoadLibraryExW, FreeLibrary, DeleteCriticalSection, CloseHandle, GetProcessHeaps, LeaveCriticalSection, LocalHandle, HeapLock, HeapSize, RaiseException, HeapDestroy, SetLastError, GlobalFlags, GlobalFree, GlobalHandle, GlobalLock, GlobalReAlloc, GlobalUnlock, RtlUnwind, GetEnvironmentStrings, GetCommandLineA, TlsSetValue, TlsAlloc, TlsFree, TlsGetValue, ExitProcess, WriteFile, GetACP, GetOEMCP, GetCPInfo, GetStdHandle, GetFileType, GetStartupInfoA, SetFilePointer, WideCharToMultiByte, CreateFileA, MultiByteToWideChar, SetStdHandle, FlushFileBuffers, SetEndOfFile, ReadFile, InitializeCriticalSection, WaitForSingleObject, ReleaseMutex, EnterCriticalSection, HeapWalk, ExitThread, HeapUnlock<br>> user32.dll: IsWindow, MessageBeep, MessageBoxA<br> <br> ( 1 exports )<br> <br>> @_shi_deletePage@8, @_shi_initPageVariable@8, @_shi_sysAlloc@8, @_shi_sysFree@4, @_shi_sysSize@4, MemAlloc, MemAllocFS, MemAllocPtr, MemCheckPtr, MemDefaultErrorHandler, MemErrorUnwind, MemFix, MemFree, MemFreeFS, MemFreePtr, MemHandle, MemIsMoveable, MemLock, MemLockCount, MemPoolAttachShared, MemPoolCheck, MemPoolCount, MemPoolFirst, MemPoolFree, MemPoolInfo, MemPoolInit, MemPoolInitFS, MemPoolInitNamedShared, MemPoolInitNamedSharedEx, MemPoolInitRegion, MemPoolLock, MemPoolNext, MemPoolPreAllocate, MemPoolPreAllocateHandles, MemPoolSetBlockSizeFS, MemPoolSetCeiling, MemPoolSetFloor, MemPoolSetPageSize, MemPoolSetSmallBlockSize, MemPoolShrink, MemPoolSize, MemPoolUnlock, MemPoolWalk, MemReAlloc, MemReAllocPtr, MemRegisterTask, MemSetErrorHandler, MemSize, MemSizePtr, MemSizeRequested, MemUnfix, MemUnlock, MemUnregisterTask, MemVersion, _shi_MemFreeDefaultPool@0, _shi_MemInitDefaultPool@0, _shi_deleteStdcall@4, _shi_enterCriticalSection, _shi_leaveCriticalSection, _shi_newStdcall@4, shi_MemDefaultPool, shi_calloc, shi_delete, shi_expand, shi_free, shi_heapadd, shi_heapchk, shi_heapmin, shi_heapset, shi_heapused, shi_heapwalk, shi_malloc, shi_msize, shi_new, shi_realloc, shi_set_new_handler
TrID  : File type identification<br>Win32 Executable MS Visual C++ (generic) (65.2%)<br>Win32 Executable Generic (14.7%)<br>Win32 Dynamic Link Library (generic) (13.1%)<br>Generic Win/DOS Executable (3.4%)<br>DOS Executable Generic (3.4%)
ssdeep: 3072:EdPymhFflYmXgCaPdT9IMUFMtwOTo5BB2kNDwI46mf:JUEdTaOT0B2kq6C
PEiD  : -
RDS   : NSRL Reference Data Set<br><br>( Hewlett Packard )<br><br>HP scanjet 7400c series: sh33w32.dll<br>( Vivendi Universal Games )<br><br>Little People Discovery Games: SH33W32.DLL<br>( Novell Inc. )<br><br>CNE Net NetWare 5 Beta 3: SH33W32.DLL<br>( Corel Corporation )<br><br>1,300,000 Corel Gallery: sh33w32.dllCorel Draw 8: SH33W32.DLLCorel Print House 6: sh33w32.dllCorel PrintOffice: sh33w32.dllGallery: sh33w32.dllPrint House Magic: SH33W32.DLLPrint House Magic: SH33W32.DLLPrint Office: sh33w32.dll<br>( WRQ )<br><br>Reflection Evaluator: sh33w32.dll

Réponse 73 / 173

maewa95 Messages postés 116 Statut Membre

attends, dans le doute, j'ai relancé l'analyse pour sh33w32

voici le rapport :

Fichier sh33w32.dll reçu le 2009.08.11 19:56:47 (UTC)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.24 2009.08.11 -
AhnLab-V3 5.0.0.2 2009.08.11 -
AntiVir 7.9.1.0 2009.08.11 -
Antiy-AVL 2.0.3.7 2009.08.11 -
Authentium 5.1.2.4 2009.08.11 -
Avast 4.8.1335.0 2009.08.10 -
AVG 8.5.0.406 2009.08.11 -
BitDefender 7.2 2009.08.11 -
CAT-QuickHeal 10.00 2009.08.11 -
ClamAV 0.94.1 2009.08.11 -
Comodo 1945 2009.08.11 -
DrWeb 5.0.0.12182 2009.08.11 -
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6672 2009.08.11 -
F-Prot 4.4.4.56 2009.08.10 -
F-Secure 8.0.14470.0 2009.08.11 -
Fortinet 3.120.0.0 2009.08.11 -
GData 19 2009.08.11 -
Ikarus T3.1.1.64.0 2009.08.11 -
Jiangmin 11.0.800 2009.08.11 -
K7AntiVirus 7.10.816 2009.08.11 -
Kaspersky 7.0.0.125 2009.08.11 -
McAfee 5706 2009.08.11 -
McAfee+Artemis 5706 2009.08.11 -
McAfee-GW-Edition 6.8.5 2009.08.11 -
Microsoft 1.4903 2009.08.11 -
NOD32 4326 2009.08.11 -
Norman 6.01.09 2009.08.11 -
nProtect 2009.1.8.0 2009.08.11 -
Panda 10.0.0.14 2009.08.11 -
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.11 -
Rising 21.42.14.00 2009.08.11 -
Sophos 4.44.0 2009.08.11 -
Sunbelt 3.2.1858.2 2009.08.11 -
Symantec 1.4.4.12 2009.08.11 -
TheHacker 6.3.4.3.381 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.11 -
VBA32 3.12.10.9 2009.08.10 -
ViRobot 2009.8.11.1879 2009.08.11 -
VirusBuster 4.6.5.0 2009.08.11 -
Information additionnelle
File size: 108032 bytes
MD5...: 9ee770044e1e9ce205bf5605c5b4bc58
SHA1..: 95013c7f1de4a54f8be2f2057e9ad7987430df31
SHA256: d0033f9b0960f10a91d081d152e3e863d1149c763c3a3347c030436644aa9185
ssdeep: 3072:EdPymhFflYmXgCaPdT9IMUFMtwOTo5BB2kNDwI46mf:JUEdTaOT0B2kq6C<br>
PEiD..: -
TrID..: File type identification<br>Win32 Executable MS Visual C++ (generic) (65.2%)<br>Win32 Executable Generic (14.7%)<br>Win32 Dynamic Link Library (generic) (13.1%)<br>Generic Win/DOS Executable (3.4%)<br>DOS Executable Generic (3.4%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0xcaed<br>timedatestamp.....: 0x3393c00f (Tue Jun 03 06:56:15 1997)<br>machinetype.......: 0x14c (I386)<br><br>( 9 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0xf632 0xf800 6.47 e1c8989da83c44e22467c62eaed3f910<br>.bss 0x11000 0x1514 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<br>.sdata 0x13000 0x10c 0x200 0.00 bf619eac0cdf3f68d496ea9344137e8b<br>.rdata 0x14000 0x25d 0x400 3.27 0a1946d05c169e6d744a878d61c9117b<br>.data 0x15000 0x61c4 0x6200 2.36 166e0a9ea6cfd4b27ba7fe082a3d429e<br>.idata 0x1c000 0x9d4 0xa00 5.82 b2f772be8cc55af51f8b792bdc32dad7<br>.edata 0x1d000 0xb13 0xc00 3.93 c41ad6106bca66c7561b722bf717082f<br>.rsrc 0x1e000 0x314 0x400 2.80 3082472e35418d8a616f23cc57685683<br>.reloc 0x1f000 0x1114 0x1200 6.07 a4dac991abf18862473f8ba12750c639<br><br>( 3 imports ) <br>> KERNEL32.dll: VirtualLock, VirtualAlloc, VirtualFree, VirtualQuery, HeapAlloc, GetProcessHeap, HeapReAlloc, HeapFree, IsBadCodePtr, UnmapViewOfFile, MapViewOfFileEx, CreateFileMappingA, OpenFileMappingA, GetSystemInfo, OpenProcess, GetCurrentProcess, VirtualQueryEx, WaitForMultipleObjects, GetLastError, SetThreadPriority, CreateRemoteThread, ReadProcessMemory, InterlockedIncrement, OpenMutexA, MapViewOfFile, GetCurrentProcessId, CreateMutexA, GetCurrentThreadId, CreateEventA, SetEvent, GetVersion, GetModuleFileNameA, GetProcAddress, VirtualProtect, WriteProcessMemory, GetModuleHandleA, LoadLibraryA, LoadLibraryW, GetModuleHandleW, LoadLibraryExA, LoadLibraryExW, FreeLibrary, DeleteCriticalSection, CloseHandle, GetProcessHeaps, LeaveCriticalSection, LocalHandle, HeapLock, HeapSize, RaiseException, HeapDestroy, SetLastError, GlobalFlags, GlobalFree, GlobalHandle, GlobalLock, GlobalReAlloc, GlobalUnlock, RtlUnwind, GetEnvironmentStrings, GetCommandLineA, TlsSetValue, TlsAlloc, TlsFree, TlsGetValue, ExitProcess, WriteFile, GetACP, GetOEMCP, GetCPInfo, GetStdHandle, GetFileType, GetStartupInfoA, SetFilePointer, WideCharToMultiByte, CreateFileA, MultiByteToWideChar, SetStdHandle, FlushFileBuffers, SetEndOfFile, ReadFile, InitializeCriticalSection, WaitForSingleObject, ReleaseMutex, EnterCriticalSection, HeapWalk, ExitThread, HeapUnlock<br>> USER32.dll: IsWindow, MessageBeep, MessageBoxA<br>> ADVAPI32.dll: RegCloseKey, RegOpenKeyExA, RegCreateKeyExA, RegSetValueExA, RegQueryValueExA<br><br>( 76 exports ) <br>@_shi_deletePage@8, @_shi_initPageVariable@8, @_shi_sysAlloc@8, @_shi_sysFree@4, @_shi_sysSize@4, MemAlloc, MemAllocFS, MemAllocPtr, MemCheckPtr, MemDefaultErrorHandler, MemErrorUnwind, MemFix, MemFree, MemFreeFS, MemFreePtr, MemHandle, MemIsMoveable, MemLock, MemLockCount, MemPoolAttachShared, MemPoolCheck, MemPoolCount, MemPoolFirst, MemPoolFree, MemPoolInfo, MemPoolInit, MemPoolInitFS, MemPoolInitNamedShared, MemPoolInitNamedSharedEx, MemPoolInitRegion, MemPoolLock, MemPoolNext, MemPoolPreAllocate, MemPoolPreAllocateHandles, MemPoolSetBlockSizeFS, MemPoolSetCeiling, MemPoolSetFloor, MemPoolSetPageSize, MemPoolSetSmallBlockSize, MemPoolShrink, MemPoolSize, MemPoolUnlock, MemPoolWalk, MemReAlloc, MemReAllocPtr, MemRegisterTask, MemSetErrorHandler, MemSize, MemSizePtr, MemSizeRequested, MemUnfix, MemUnlock, MemUnregisterTask, MemVersion, _shi_MemFreeDefaultPool@0, _shi_MemInitDefaultPool@0, _shi_deleteStdcall@4, _shi_enterCriticalSection, _shi_leaveCriticalSection, _shi_newStdcall@4, shi_MemDefaultPool, shi_calloc, shi_delete, shi_expand, shi_free, shi_heapadd, shi_heapchk, shi_heapmin, shi_heapset, shi_heapused, shi_heapwalk, shi_malloc, shi_msize, shi_new, shi_realloc, shi_set_new_handler<br>
PDFiD.: -
RDS...: NSRL Reference Data Set<br><br>( Corel Corporation )<br><br>> Print House Magic: SH33W32.DLL<br>> 1,300,000 Corel Gallery: sh33w32.dll<br>> Print Office: sh33w32.dll<br>> Corel Print House 6: sh33w32.dll<br>> Corel Draw 8: SH33W32.DLL<br>> Gallery: sh33w32.dll<br>> Corel PrintOffice: sh33w32.dll<br><br>( Vivendi Universal Games )<br><br>> Little People Discovery Games: SH33W32.DLL<br><br>( Novell Inc. )<br><br>> CNE Net NetWare 5 Beta 3: SH33W32.DLL<br><br>( Hewlett Packard )<br><br>> HP scanjet 7400c series: sh33w32.dll<br><br>( WRQ )<br><br>> Reflection Evaluator: sh33w32.dll<br><br>

Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.24 2009.08.11 -
AhnLab-V3 5.0.0.2 2009.08.11 -
AntiVir 7.9.1.0 2009.08.11 -
Antiy-AVL 2.0.3.7 2009.08.11 -
Authentium 5.1.2.4 2009.08.11 -
Avast 4.8.1335.0 2009.08.10 -
AVG 8.5.0.406 2009.08.11 -
BitDefender 7.2 2009.08.11 -
CAT-QuickHeal 10.00 2009.08.11 -
ClamAV 0.94.1 2009.08.11 -
Comodo 1945 2009.08.11 -
DrWeb 5.0.0.12182 2009.08.11 -
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6672 2009.08.11 -
F-Prot 4.4.4.56 2009.08.10 -
F-Secure 8.0.14470.0 2009.08.11 -
Fortinet 3.120.0.0 2009.08.11 -
GData 19 2009.08.11 -
Ikarus T3.1.1.64.0 2009.08.11 -
Jiangmin 11.0.800 2009.08.11 -
K7AntiVirus 7.10.816 2009.08.11 -
Kaspersky 7.0.0.125 2009.08.11 -
McAfee 5706 2009.08.11 -
McAfee+Artemis 5706 2009.08.11 -
McAfee-GW-Edition 6.8.5 2009.08.11 -
Microsoft 1.4903 2009.08.11 -
NOD32 4326 2009.08.11 -
Norman 6.01.09 2009.08.11 -
nProtect 2009.1.8.0 2009.08.11 -
Panda 10.0.0.14 2009.08.11 -
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.11 -
Rising 21.42.14.00 2009.08.11 -
Sophos 4.44.0 2009.08.11 -
Sunbelt 3.2.1858.2 2009.08.11 -
Symantec 1.4.4.12 2009.08.11 -
TheHacker 6.3.4.3.381 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.11 -
VBA32 3.12.10.9 2009.08.10 -
ViRobot 2009.8.11.1879 2009.08.11 -
VirusBuster 4.6.5.0 2009.08.11 -

Information additionnelle
File size: 108032 bytes
MD5...: 9ee770044e1e9ce205bf5605c5b4bc58
SHA1..: 95013c7f1de4a54f8be2f2057e9ad7987430df31
SHA256: d0033f9b0960f10a91d081d152e3e863d1149c763c3a3347c030436644aa9185
ssdeep: 3072:EdPymhFflYmXgCaPdT9IMUFMtwOTo5BB2kNDwI46mf:JUEdTaOT0B2kq6C<br>
PEiD..: -
TrID..: File type identification<br>Win32 Executable MS Visual C++ (generic) (65.2%)<br>Win32 Executable Generic (14.7%)<br>Win32 Dynamic Link Library (generic) (13.1%)<br>Generic Win/DOS Executable (3.4%)<br>DOS Executable Generic (3.4%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0xcaed<br>timedatestamp.....: 0x3393c00f (Tue Jun 03 06:56:15 1997)<br>machinetype.......: 0x14c (I386)<br><br>( 9 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0xf632 0xf800 6.47 e1c8989da83c44e22467c62eaed3f910<br>.bss 0x11000 0x1514 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<br>.sdata 0x13000 0x10c 0x200 0.00 bf619eac0cdf3f68d496ea9344137e8b<br>.rdata 0x14000 0x25d 0x400 3.27 0a1946d05c169e6d744a878d61c9117b<br>.data 0x15000 0x61c4 0x6200 2.36 166e0a9ea6cfd4b27ba7fe082a3d429e<br>.idata 0x1c000 0x9d4 0xa00 5.82 b2f772be8cc55af51f8b792bdc32dad7<br>.edata 0x1d000 0xb13 0xc00 3.93 c41ad6106bca66c7561b722bf717082f<br>.rsrc 0x1e000 0x314 0x400 2.80 3082472e35418d8a616f23cc57685683<br>.reloc 0x1f000 0x1114 0x1200 6.07 a4dac991abf18862473f8ba12750c639<br><br>( 3 imports ) <br>> KERNEL32.dll: VirtualLock, VirtualAlloc, VirtualFree, VirtualQuery, HeapAlloc, GetProcessHeap, HeapReAlloc, HeapFree, IsBadCodePtr, UnmapViewOfFile, MapViewOfFileEx, CreateFileMappingA, OpenFileMappingA, GetSystemInfo, OpenProcess, GetCurrentProcess, VirtualQueryEx, WaitForMultipleObjects, GetLastError, SetThreadPriority, CreateRemoteThread, ReadProcessMemory, InterlockedIncrement, OpenMutexA, MapViewOfFile, GetCurrentProcessId, CreateMutexA, GetCurrentThreadId, CreateEventA, SetEvent, GetVersion, GetModuleFileNameA, GetProcAddress, VirtualProtect, WriteProcessMemory, GetModuleHandleA, LoadLibraryA, LoadLibraryW, GetModuleHandleW, LoadLibraryExA, LoadLibraryExW, FreeLibrary, DeleteCriticalSection, CloseHandle, GetProcessHeaps, LeaveCriticalSection, LocalHandle, HeapLock, HeapSize, RaiseException, HeapDestroy, SetLastError, GlobalFlags, GlobalFree, GlobalHandle, GlobalLock, GlobalReAlloc, GlobalUnlock, RtlUnwind, GetEnvironmentStrings, GetCommandLineA, TlsSetValue, TlsAlloc, TlsFree, TlsGetValue, ExitProcess, WriteFile, GetACP, GetOEMCP, GetCPInfo, GetStdHandle, GetFileType, GetStartupInfoA, SetFilePointer, WideCharToMultiByte, CreateFileA, MultiByteToWideChar, SetStdHandle, FlushFileBuffers, SetEndOfFile, ReadFile, InitializeCriticalSection, WaitForSingleObject, ReleaseMutex, EnterCriticalSection, HeapWalk, ExitThread, HeapUnlock<br>> USER32.dll: IsWindow, MessageBeep, MessageBoxA<br>> ADVAPI32.dll: RegCloseKey, RegOpenKeyExA, RegCreateKeyExA, RegSetValueExA, RegQueryValueExA<br><br>( 76 exports ) <br>@_shi_deletePage@8, @_shi_initPageVariable@8, @_shi_sysAlloc@8, @_shi_sysFree@4, @_shi_sysSize@4, MemAlloc, MemAllocFS, MemAllocPtr, MemCheckPtr, MemDefaultErrorHandler, MemErrorUnwind, MemFix, MemFree, MemFreeFS, MemFreePtr, MemHandle, MemIsMoveable, MemLock, MemLockCount, MemPoolAttachShared, MemPoolCheck, MemPoolCount, MemPoolFirst, MemPoolFree, MemPoolInfo, MemPoolInit, MemPoolInitFS, MemPoolInitNamedShared, MemPoolInitNamedSharedEx, MemPoolInitRegion, MemPoolLock, MemPoolNext, MemPoolPreAllocate, MemPoolPreAllocateHandles, MemPoolSetBlockSizeFS, MemPoolSetCeiling, MemPoolSetFloor, MemPoolSetPageSize, MemPoolSetSmallBlockSize, MemPoolShrink, MemPoolSize, MemPoolUnlock, MemPoolWalk, MemReAlloc, MemReAllocPtr, MemRegisterTask, MemSetErrorHandler, MemSize, MemSizePtr, MemSizeRequested, MemUnfix, MemUnlock, MemUnregisterTask, MemVersion, _shi_MemFreeDefaultPool@0, _shi_MemInitDefaultPool@0, _shi_deleteStdcall@4, _shi_enterCriticalSection, _shi_leaveCriticalSection, _shi_newStdcall@4, shi_MemDefaultPool, shi_calloc, shi_delete, shi_expand, shi_free, shi_heapadd, shi_heapchk, shi_heapmin, shi_heapset, shi_heapused, shi_heapwalk, shi_malloc, shi_msize, shi_new, shi_realloc, shi_set_new_handler<br>
PDFiD.: -
RDS...: NSRL Reference Data Set<br><br>( Corel Corporation )<br><br>> Print House Magic: SH33W32.DLL<br>> 1,300,000 Corel Gallery: sh33w32.dll<br>> Print Office: sh33w32.dll<br>> Corel Print House 6: sh33w32.dll<br>> Corel Draw 8: SH33W32.DLL<br>> Gallery: sh33w32.dll<br>> Corel PrintOffice: sh33w32.dll<br><br>( Vivendi Universal Games )<br><br>> Little People Discovery Games: SH33W32.DLL<br><br>( Novell Inc. )<br><br>> CNE Net NetWare 5 Beta 3: SH33W32.DLL<br><br>( Hewlett Packard )<br><br>> HP scanjet 7400c series: sh33w32.dll<br><br>( WRQ )<br><br>> Reflection Evaluator: sh33w32.dll<br><br>

Réponse 74 / 173

Utilisateur anonyme

▶ Télécharge Zeb-Restoreet enregistre ce fichier sur le bureau.

▶-Clic droit Zeb-Restore.zip ==> Extraire tout choisis comme lieu d'enregistrement le bureau.

▶-Ouvre le dossier ZR_1.0.0.37 ==> double clic sur Zeb-Restore.exe

▶- Coche la case devant :sites de confiance

▶- Ne coche aucune autre case

▶-Clique sur Restaurer

▶-Redémarre ton PC

ensuite :

▶ Double clic sur OTL.exe pour le lancer.

▶Copie la liste qui se trouve en gras ci-dessous,

▶ colle-la dans la zone sous Customs Scans/Fixes :

:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe

:OTL
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-4131921849-2024023189-673777175-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} Reg Error: Value error. (Reg Error: Key error.)
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\maewa\Menu Démarrer\Programmes\Démarrage\desktop.ini:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\maewa\Application Data\desktop.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\maewa\Mes documents\desktop.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\maewa\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini:KAVICHS

:files
C:\WINDOWS\PEV.exe

:commands
[emptytemp]
[start explorer]
[reboot]

▶ Clique sur RunFix pour lancer la suppression.

▶ Poste le rapport.

Réponse 75 / 173

maewa95 Messages postés 116 Statut Membre

dis gen, tu crois qu'on va y arriver à la destroy cette sale bête ?

allez, voilà le rapport :

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
========== OTL ==========
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun not found.
Registry value HKEY_USERS\S-1-5-21-4131921849-2024023189-673777175-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun deleted successfully.
Starting removal of ActiveX control {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} Reg Error: Value error.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} Reg Error: Value error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} Reg Error: Value error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} Reg Error: Value error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} Reg Error: Value error.\ not found.
ADS C:\Documents and Settings\maewa\Menu Démarrer\Programmes\Démarrage\desktop.ini:KAVICHS deleted successfully.
ADS C:\Documents and Settings\maewa\Application Data\desktop.ini:KAVICHS deleted successfully.
ADS C:\Documents and Settings\maewa\Mes documents\desktop.ini:KAVICHS deleted successfully.
ADS C:\Documents and Settings\maewa\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini:KAVICHS deleted successfully.
========== FILES ==========
C:\WINDOWS\PEV.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Administrateur.SN402039360009
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: maewa
->Temp folder emptied: 142728 bytes
->Temporary Internet Files folder emptied: 210210 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 38672722 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Propriétaire

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 664 bytes
RecycleBin emptied: 15557 bytes

Total Files Cleaned = 37,23 mb

OTL by OldTimer - Version 3.0.10.5 log created on 08112009_224430

Réponse 76 / 173

Utilisateur anonyme

on a l air pas mal là

Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.

▶ Télécharge :

Malwarebytes

ou :

Malwarebytes

▶ Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

(NB : Si tu as un message d'erreur t'indiquant qu'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : COMCTL32.OCX

▶ Potasses le Tuto pour te familiariser avec le prg :

( cela dit, il est très simple d'utilisation ).

relance malwarebytes en suivant scrupuleusement ces consignes :

! Déconnecte toi et ferme toutes applications en cours !

▶ Lance Malwarebyte's .

Fais un examen dit "Complet" .

▶ Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
▶ à la fin tu cliques sur "résultat" .
▶ Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .

▶ Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !

▶ Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)

Réponse 77 / 173

maewa95 Messages postés 116 Statut Membre

bonjour gen,

c'est à n'y rien comprendre. Aucun objet infecté, mais toujours impossible de démarrer normalement. J'arrive jusqu'à "bienvenue" où là, il se met à clignoter comme une guirlande de noël, et puis zou reboot. Il est tout de même lent pour arriver à "bienvenue"

je te mets le log

Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2605
Windows 5.1.2600 Service Pack 3 (Safe Mode)

12/08/2009 06:11:59
mbam-log-2009-08-12 (06-11-59).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 289160
Temps écoulé: 1 hour(s), 56 minute(s), 20 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Réponse 78 / 173

Utilisateur anonyme

hello je vais finir par me demander si ce n'est pas materiel ton histoire

Réponse 79 / 173

maewa95 Messages postés 116 Statut Membre

tu crois ? ça pourrait être quoi à ton avis si c'est matériel ?

Car je démarre en mode sans échec sans problème. C'est le mode normal qui pose problème.

Réponse 80 / 173

Utilisateur anonyme

refais un OTL mais regle sur 90 jours cette fois-ci

Discussions similaires

Mon pc s'allume et s'éteint en boucle

Mon ordinateur s'allume et s'eteint en boucle

"Redémarrage en cours" interminable

problème tv décodeur orange

Redmi redémarre en boucle - Fastboost impossible

Forum Virus

Trouvez des solutions pour détecter et éliminer les menaces, des astuces pour prévenir les infections, et discutez des dernières menaces en ligne

Newsletters

Newsletters

Actu du jour

Voir un exemple