A voir également:
- Savoir si mon pc et en bon état
- Mon pc est lent - Guide
- Reinitialiser pc - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Test performance pc - Guide
- Plus de son sur mon pc - Guide
25 réponses
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan 1.0.1.35 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤ XP | Vista | Seven - 32/64 bits ¤¤¤¤¤
Mis à jour le 01/06/2011 | 02.10 par g3n-h@ckm@n
Utilisateur : balou (Administrateurs)
Ordinateur : BALOU-PC
Système d'exploitation : Windows 7 Home Premium (64 bits)
Internet Explorer : 9.0.8112.16421
Mozilla Firefox : 4.0.1 (fr)
Scan : 03:29:58 | 01/06/2011
¤¤¤¤¤¤¤¤¤¤ Sessions
[HKLM | ProfileList] | S-1-5-21-1633666616-3530618582-4091465827-1000 : ProfileImagePath -> C:\Users\balou
[HKLM | ProfileList] | S-1-5-21-1633666616-3530618582-4091465827-1000 : RefCount -> 1
[HKLM | ProfileList] | S-1-5-21-1633666616-3530618582-4091465827-1000 : State -> 256
¤¤¤¤¤¤¤¤¤¤¤ Processus en cours
1160 | C:\Program Files\Alwil Software\Avast5\AvastSvc.exe - Système - Normal - "C:\Program Files\Alwil Software\Avast5\AvastSvc.exe" - 536
1724 | C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe - Système - Normal - "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe" - 536
1744 | C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - Système - Normal - "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" - 536
1780 | C:\Program Files (x86)\Bonjour\mDNSResponder.exe - Système - Normal - "C:\Program Files (x86)\Bonjour\mDNSResponder.exe" - 536
1828 | C:\Program Files (x86)\Acer\Registration\GregHSRW.exe - Système - Normal - "C:\Program Files (x86)\Acer\Registration\GregHSRW.exe" - 536
1952 | C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe - Système - Normal - "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe" - 536
1992 | C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE - Système - Normal - "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" - 536
1352 | C:\Program Files (x86)\Hama\Hama Webcam Suite\Magic-i Visual Effects 2\uCamMonitor.exe - Système - Normal - "C:\Program Files (x86)\Hama\Hama Webcam Suite\Magic-i Visual Effects 2\uCamMonitor.exe" - 536
1696 | C:\Program Files\Acer\Acer Updater\UpdaterService.exe - Système - Normal - "C:\Program Files\Acer\Acer Updater\UpdaterService.exe" - 536
2108 | C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe - Système - Normal - "C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe" - 536
2664 | C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe - balou - Normal - "C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" - 2388
2316 | C:\Program Files (x86)\uTorrent\uTorrent.exe - balou - Normal - "C:\Program Files (x86)\uTorrent\uTorrent.exe" - 2388
3092 | C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe - balou - Normal - "C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe" - 2388
3116 | C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe - balou - Normal - "C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe" - 2388
3136 | C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE - balou - Normal - "C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr - 2388
3588 | C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe - balou - Normal - "C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" - 3084
3604 | C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe - balou - Normal - "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" - 3084
3624 | C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe - balou - Normal - "C:\Program - 3084
3704 | C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe - balou - Normal - "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" - 3084
3756 | C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - balou - Normal - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" - 3084
3764 | C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe - balou - Normal - "C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe" - 3084
3780 | C:\Program Files (x86)\iTunes\iTunesHelper.exe - balou - Normal - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" - 3084
3800 | C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac - balou - Normal - ArcCon.ac 327750 0 - 3704
4084 | C:\Program Files\Alwil Software\Avast5\AvastUI.exe - balou - Normal - "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui - 3084
5760 | C:\Program Files (x86)\Nero\Update\NASvc.exe - Système - Normal - "C:\Program Files (x86)\Nero\Update\NASvc.exe" - 536
5420 | C:\Users\balou\Downloads\Pre_scan.exe - balou - High - "C:\Users\balou\Downloads\Pre_scan.exe" - 2388
5192 | C:\Windows\SysWOW64\cmd.exe - balou - Normal - cmd /c ""C:\Kill'em\Pv.bat" " - 5420
4044 | C:\Kill'em\Pv.exe - balou - Normal - C:\Kill'em\pv.exe -o"%i | %f - %u - %p - %l - %r" - 5192
¤¤¤¤¤¤¤¤¤¤ Winlogon
[HKLM | Winlogon] | Shell : explorer.exe
[HKLM | Winlogon] | AutoRestartShell : 1
[HKLM | Winlogon] | userinit : C:\Windows\SysWOW64\userinit.exe,
[HKLM | Winlogon] | PowerDownAfterShutdown : 1
[HKLM | Winlogon] | System :
¤¤¤¤¤¤¤¤¤¤ Associations
[.exe] : exefile
[exefile | command] : "%1" %*
[.com] : comfile
[comfile | command] : "%1" %*
[.reg] : regfile
[regfile | command] : regedit.exe "%1"
[.scr] : scrfile
[scrfile | command] : "%1" /S
[.bat] : batfile
[batfile | command] : "%1" %*
[.cmd] : cmdfile
[cmdfile | command] : "%1" %*
[.pif] : piffile
[piffile | command] : "%1" %*
[.url] : InternetShortcut
[InternetShortcut | command] : "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l
[Application.Manifest | command] : rundll32.exe dfshim.dll,ShOpenVerbApplication %1
[Application.Reference | command] : rundll32.exe dfshim.dll,ShOpenVerbShortcut %1|%2
[Folder | command] : C:\Windows\explorer.exe
¤
[Firefox | Command] | @ : "C:\Program Files (x86)\Mozilla Firefox\Firefox.exe"
[Firefox - Safemode | Command] | @ : "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode
[IE | Command] | @ : "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
[Applications | IE | Command] | @ : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1
[Chrome | Command] | @ : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
[Assoc | Applications] | @ : http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s
¤¤¤¤¤¤¤¤¤¤ Divers
[HKCU | HideDesktopIcons\NewStartPanel] | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> 0
[HKCU | HideDesktopIcons\ClassicStartMenu] | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> 0
[HKLM | HideDesktopIcons\ClassicStartMenu] | {9343812e-1c37-4a49-a12e-4b2d810d956b} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {F02C1A0D-BE21-4350-88B0-7367FC96EF3C} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {208D2C60-3AEA-1069-A2D7-08002B30309D} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {871C5380-42A0-1069-A2EA-08002B30309D} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {9343812e-1c37-4a49-a12e-4b2d810d956b} : 0
[HKCU | Desktop] | Wallpaper : C:\Users\balou\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
[HKLM | policies\Explorer] | NoActiveDesktop : 0
[HKLM | policies\Explorer] | NoActiveDesktopChanges : 0
¤¤¤¤¤¤¤¤¤¤ Services
[Ndisuio] | Start : 3 : Actif
[Power] | Start : 2 : Actif
[Profsvc] | Start : 2 : Actif
[PlugPlay] | Start : 2 : Actif
[PEAUTH] | Start : 2 : Actif
[NVSvc] | Start : 2 : Actif
[nsi] | Start : 2 : Actif
[NLASvc] | Start : 2 : Actif
[MPSsvc] | Start : 2 : Actif
[MMCSS] | Start : 2 : Actif
[luafv] | Start : 2 : Actif
[lltdio] | Start : 2 : Actif
[Iphlpsvc] | Start : 2 : Actif
[IKEEXT] | Start : 2 : Actif
[gpsvc] | Start : 2 : Actif
[lmhosts] | Start : 2 : Actif
[LanmanWorkstation] | Start : 2 : Actif
[LanmanServer] | Start : 2 : Actif
[agp440] | Start : 2 : Inactif
[AudioEndpointBuilder] | Start : 2 : Actif
[Audiosrv] | Start : 2 : Actif
[BFE] | Start : 2 : Actif
[Bits] | Start : 2 : Actif
[CryptSvc] | Start : 2 : Actif
[EapHost] | Start : 2 : Actif
[Wlansvc] | Start : 2 : Actif
[SharedAccess] | Start : 2 : Inactif
[windefend] | Start : 2 : Actif
[wuauserv] | Start : 2 : Actif
[WerSvc] | Start : 2 : Actif
[wscsvc] | Start : 2 : Actif
¤¤¤¤¤¤¤¤¤¤ Internet Explorer
[HKCU | Main] | Start Page : https://www.google.com/?gws_rd=ssl
[HKCU | Main] | Local Page : C:\Windows\SysWOW64\blank.htm
[HKCU | Main] | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
[HKLM | Main] | Start Page : https://www.msn.com/fr-fr/?ocid=iehp
[HKLM | Main] | Local Page : C:\Windows\SysWOW64\blank.htm
[HKLM | Main] | Default_Search_URL : https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
[HKLM | Main] | Default_Page_URL : https://www.msn.com/fr-fr/?ocid=iehp
[HKLM | Main] | Search Page : https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
¤¤¤¤¤¤¤¤¤¤ DNS
[HKLM | Tcpip\Parameters] | DhcpNameServer = 192.168.1.1
[HKLM\CCS | Interfaces\{8723791D-35FB-48D6-9425-AAED64699B99}] | DhcpNameServer -> 192.168.1.1
[HKLM\CS1 | Interfaces\{8723791D-35FB-48D6-9425-AAED64699B99}] | DhcpNameServer -> 192.168.1.1
[HKLM\CS2 | Interfaces\{8723791D-35FB-48D6-9425-AAED64699B99}] | DhcpNameServer -> 192.168.1.1
¤¤¤¤¤¤¤¤¤¤ Hosts ¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤ Processus
¤¤¤¤¤¤¤¤¤¤ Traitement Fichiers | Dossiers | Registre
Mise en quarantaine : C:\Users\balou\AppData\Roaming\ubi.com
Erreur de suppression : C:\Users\balou\AppData\Roaming\ubi.com
Mise en quarantaine : C:\Windows\Temp\CR_99AB8.tmp
Erreur de suppression : C:\Windows\Temp\CR_99AB8.tmp
¤¤¤¤¤¤¤¤¤¤ IFEO
¤¤¤¤¤¤¤¤¤¤ Mountpoints2
¤¤¤¤¤¤¤¤¤¤ Listing %AppData%
[28/07/2010|16:55:49] | C:\Users\balou\AppData\Roaming\.#
[12/05/2010|00:31:30] | C:\Users\balou\AppData\Roaming\Adobe
[18/08/2010|13:44:08] | C:\Users\balou\AppData\Roaming\Apple Computer
[21/01/2011|19:28:50] | C:\Users\balou\AppData\Roaming\ArcSoft
[22/02/2011|23:17:59] | C:\Users\balou\AppData\Roaming\DivX
[29/05/2010|19:37:14] | C:\Users\balou\AppData\Roaming\dvdcss
[28/07/2010|16:56:26] | C:\Users\balou\AppData\Roaming\GameConsole
[11/05/2010|21:07:47] | C:\Users\balou\AppData\Roaming\Google
[12/04/2011|23:30:23] | C:\Users\balou\AppData\Roaming\gtk-2.0
[11/05/2010|21:05:06] | C:\Users\balou\AppData\Roaming\Identities
[03/08/2010|19:06:22] | C:\Users\balou\AppData\Roaming\InstallShield
[11/05/2010|21:06:03] | C:\Users\balou\AppData\Roaming\Macromedia
[11/05/2010|21:03:40] | C:\Users\balou\AppData\Roaming\Media Center Programs
[11/05/2010|21:03:40] | C:\Users\balou\AppData\Roaming\Microsoft
[19/09/2010|22:23:08] | C:\Users\balou\AppData\Roaming\moovida-1
[20/05/2010|11:55:59] | C:\Users\balou\AppData\Roaming\Mozilla
[11/05/2010|21:33:33] | C:\Users\balou\AppData\Roaming\Nero
[22/04/2011|20:46:16] | C:\Users\balou\AppData\Roaming\Registry Mechanic
[17/06/2010|00:04:38] | C:\Users\balou\AppData\Roaming\SecuROM
[20/05/2010|12:01:47] | C:\Users\balou\AppData\Roaming\Skype
[28/06/2010|23:25:48] | C:\Users\balou\AppData\Roaming\skypePM
[12/05/2010|15:12:13] | C:\Users\balou\AppData\Roaming\ubi.com
[06/06/2010|17:10:31] | C:\Users\balou\AppData\Roaming\uTorrent
[22/02/2011|22:09:23] | C:\Users\balou\AppData\Roaming\vlc
[21/12/2010|09:46:02] | C:\Users\balou\AppData\Roaming\Windows Live Writer
[15/06/2010|14:37:28] | C:\Users\balou\AppData\Roaming\WinRAR
¤¤¤¤¤¤¤¤¤¤ Listing %CommonAppData%
[17/10/2009|04:20:51] | C:\ProgramData\Acer
[17/10/2009|04:36:13] | C:\ProgramData\Adobe
[05/08/2010|11:02:49] | C:\ProgramData\Alwil Software
[05/08/2010|12:04:17] | C:\ProgramData\Apple
[13/08/2010|15:55:53] | C:\ProgramData\Apple Computer
[11/05/2010|21:03:36] | C:\ProgramData\Application Data
[24/09/2010|20:31:46] | C:\ProgramData\Arcade Lab
[21/01/2011|19:27:24] | C:\ProgramData\ArcSoft
[17/10/2009|04:12:08] | C:\ProgramData\BackupManager
[11/05/2010|21:03:36] | C:\ProgramData\Bureau
[05/12/2010|19:25:07] | C:\ProgramData\DivX
[11/05/2010|21:03:36] | C:\ProgramData\Documents
[17/10/2009|04:39:52] | C:\ProgramData\EgisTec
[24/06/2010|01:11:10] | C:\ProgramData\eMule
[17/10/2009|04:37:18] | C:\ProgramData\eSobi
[28/06/2010|23:25:49] | C:\ProgramData\ezsidmv.dat
[11/05/2010|21:03:36] | C:\ProgramData\Favoris
[17/10/2009|04:23:04] | C:\ProgramData\Google
[17/10/2009|04:24:09] | C:\ProgramData\McAfee
[09/12/2010|01:33:27] | C:\ProgramData\McAfee Security Scan
[11/05/2010|21:06:51] | C:\ProgramData\McQcModifier-5c47-a7b0
[11/05/2010|21:03:36] | C:\ProgramData\Menu Démarrer
[14/07/2009|05:20:08] | C:\ProgramData\Microsoft
[17/10/2009|04:13:19] | C:\ProgramData\Microsoft Help
[11/05/2010|21:03:36] | C:\ProgramData\Modèles
[17/10/2009|04:30:33] | C:\ProgramData\Nero
[30/03/2011|18:57:24] | C:\ProgramData\Norton
[30/03/2011|18:57:23] | C:\ProgramData\NortonInstaller
[10/10/2006|01:34:37] | C:\ProgramData\NVIDIA
[13/04/2011|15:20:08] | C:\ProgramData\NVIDIA Corporation
[17/10/2009|04:39:51] | C:\ProgramData\OEM
[17/10/2009|04:23:09] | C:\ProgramData\Partner
[11/05/2011|02:32:56] | C:\ProgramData\QuestScan
[17/10/2009|04:28:12] | C:\ProgramData\SiteAdvisor
[20/05/2010|12:01:29] | C:\ProgramData\Skype
[20/05/2010|11:53:24] | C:\ProgramData\Sun
[19/10/2010|21:16:15] | C:\ProgramData\SweetIM
[30/03/2011|18:57:24] | C:\ProgramData\Symantec
[24/09/2010|20:31:33] | C:\ProgramData\TEMP
[17/09/2010|16:21:33] | C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
¤¤¤¤¤¤¤¤¤¤ Listing %LocalAppData%
[15/06/2010|10:09:01] | C:\Users\balou\AppData\Local\Adobe
[05/08/2010|12:04:19] | C:\Users\balou\AppData\Local\Apple
[14/08/2010|00:27:02] | C:\Users\balou\AppData\Local\Apple Computer
[11/05/2010|21:03:40] | C:\Users\balou\AppData\Local\Application Data
[21/01/2011|19:28:50] | C:\Users\balou\AppData\Local\ArcSoft
[06/10/2010|17:10:57] | C:\Users\balou\AppData\Local\BearShare
[14/07/2010|00:13:01] | C:\Users\balou\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[11/05/2010|21:08:24] | C:\Users\balou\AppData\Local\Diagnostics
[11/05/2010|21:06:04] | C:\Users\balou\AppData\Local\EgisTec
[16/09/2010|18:04:53] | C:\Users\balou\AppData\Local\ElevatedDiagnostics
[04/11/2010|13:55:46] | C:\Users\balou\AppData\Local\eMule
[01/02/2011|23:42:29] | C:\Users\balou\AppData\Local\freetvradio Air
[11/05/2010|21:03:48] | C:\Users\balou\AppData\Local\GDIPFONTCACHEV1.DAT
[11/05/2010|21:07:47] | C:\Users\balou\AppData\Local\Google
[11/05/2010|21:03:40] | C:\Users\balou\AppData\Local\Historique
[11/05/2010|21:19:05] | C:\Users\balou\AppData\Local\IconCache.db
[11/05/2010|21:03:40] | C:\Users\balou\AppData\Local\Microsoft
[11/05/2010|23:12:41] | C:\Users\balou\AppData\Local\Microsoft Games
[19/09/2010|22:23:14] | C:\Users\balou\AppData\Local\moovida Air
[20/05/2010|12:12:00] | C:\Users\balou\AppData\Local\Mozilla
[13/05/2010|22:07:59] | C:\Users\balou\AppData\Local\Orange
[02/10/2010|12:13:37] | C:\Users\balou\AppData\Local\PackageAware
[11/05/2010|21:03:40] | C:\Users\balou\AppData\Local\Temp
[11/05/2010|21:03:40] | C:\Users\balou\AppData\Local\Temporary Internet Files
[18/06/2010|17:22:20] | C:\Users\balou\AppData\Local\THQ
[11/05/2010|21:05:01] | C:\Users\balou\AppData\Local\VirtualStore
[06/10/2010|17:41:51] | C:\Users\balou\AppData\Local\Windows Live
[21/12/2010|09:46:02] | C:\Users\balou\AppData\Local\Windows Live Writer
[25/04/2011|00:59:35] | C:\Users\balou\AppData\Local\{0030B2E1-187A-4EEB-BE25-A82B10BBE18B}
[22/04/2011|01:09:43] | C:\Users\balou\AppData\Local\{01470FD7-88CB-489F-BC4E-341B4F818458}
[06/05/2011|14:26:16] | C:\Users\balou\AppData\Local\{0962C448-F313-4DE7-9727-FF21FD686E5E}
[23/05/2011|04:33:06] | C:\Users\balou\AppData\Local\{0D579301-C920-4FA4-A287-95C636ABC1F8}
[22/05/2011|04:31:51] | C:\Users\balou\AppData\Local\{0F34875C-C4EA-4B22-80BB-FA0F1434E37F}
[11/04/2011|13:25:23] | C:\Users\balou\AppData\Local\{1B9FE3F1-E436-470B-811D-A5DF5AD823C7}
[31/05/2011|00:50:42] | C:\Users\balou\AppData\Local\{1BDC16B7-E3A0-49DD-A026-9B8116794B78}
[15/05/2011|02:29:16] | C:\Users\balou\AppData\Local\{22BD648C-4EA8-49BC-A1BF-E0415AECB0A2}
[23/04/2011|18:47:44] | C:\Users\balou\AppData\Local\{23475308-95CF-4A50-B02E-A46D7E9DCB41}
[26/04/2011|01:00:55] | C:\Users\balou\AppData\Local\{24E52FBD-C3F6-4D21-BF6F-D2CE26406B23}
[02/04/2011|12:53:51] | C:\Users\balou\AppData\Local\{300906D2-0B51-4210-A620-5E2D4E67B114}
[03/05/2011|22:31:44] | C:\Users\balou\AppData\Local\{30EA7691-52B6-4ED5-9203-02954DF85FD0}
[02/05/2011|02:34:57] | C:\Users\balou\AppData\Local\{33D9B4FB-3523-446B-8369-E4919C152A42}
[03/05/2011|02:36:16] | C:\Users\balou\AppData\Local\{377501A1-9E7A-4D6B-B315-8AC8BFF3603D}
[18/05/2011|15:04:45] | C:\Users\balou\AppData\Local\{37B80F45-67FA-4843-9C79-4A2ED7ACF978}
[04/04/2011|05:05:58] | C:\Users\balou\AppData\Local\{3B950FD5-728B-4A07-927C-2EA36DC02A24}
[31/03/2011|19:23:55] | C:\Users\balou\AppData\Local\{3CCA7F9C-4DED-46C4-A17F-8A62B0608F70}
[22/04/2011|13:10:08] | C:\Users\balou\AppData\Local\{3D05BC7F-8305-4CCB-A2AA-4693214F4A83}
[29/05/2011|00:48:53] | C:\Users\balou\AppData\Local\{42112281-4E0A-4441-8E45-84D11C7A4CBB}
[25/05/2011|22:54:22] | C:\Users\balou\AppData\Local\{44749D02-6AAF-43D8-81AA-FC17C4D1F7CC}
[24/04/2011|12:59:09] | C:\Users\balou\AppData\Local\{44E42665-248D-4556-AC6E-B81BF6630E93}
[11/05/2011|17:08:49] | C:\Users\balou\AppData\Local\{464D5B8A-FF28-48DF-AFAD-624E42BCC883}
[01/05/2011|14:34:17] | C:\Users\balou\AppData\Local\{47C0B08E-F909-465A-9AD4-4C7DF7466325}
[19/04/2011|23:33:01] | C:\Users\balou\AppData\Local\{48E70203-534B-484D-A20B-6BBE2EC13BC3}
[19/04/2011|11:32:24] | C:\Users\balou\AppData\Local\{4B427CF4-1AD6-428A-8D79-4421923A97FA}
[06/04/2011|05:08:14] | C:\Users\balou\AppData\Local\{4D9D0EF6-663F-4093-A7C7-9379782B5F92}
[07/05/2011|15:01:08] | C:\Users\balou\AppData\Local\{4DBA799C-088B-4840-8F2F-67A98351594E}
[23/04/2011|01:10:45] | C:\Users\balou\AppData\Local\{50075F65-614F-45B2-ACCD-02D128949CB4}
[18/04/2011|23:31:57] | C:\Users\balou\AppData\Local\{523355BB-FCDC-48C5-A28E-9114FBD4B45D}
[29/04/2011|12:04:43] | C:\Users\balou\AppData\Local\{53536F52-AA0C-4CA3-A4FC-0C68B10F895A}
[05/04/2011|17:07:38] | C:\Users\balou\AppData\Local\{5C38EED9-33A4-44DB-AF05-8EABEF493F3E}
[28/05/2011|12:48:08] | C:\Users\balou\AppData\Local\{5FE58D22-36FB-4796-ACC1-5A425EB397E2}
[01/04/2011|07:24:19] | C:\Users\balou\AppData\Local\{604A16A1-D366-41EA-A4BE-932DD9E295AA}
[10/04/2011|13:24:30] | C:\Users\balou\AppData\Local\{6424544C-2D4D-4EDD-A155-DEB45C5CB2B3}
[22/05/2011|16:32:24] | C:\Users\balou\AppData\Local\{69A948E7-7E89-41DD-9846-725842B007D7}
[14/05/2011|02:27:56] | C:\Users\balou\AppData\Local\{6A7A0D5D-062E-435D-A522-A78434B676C1}
[24/05/2011|12:13:36] | C:\Users\balou\AppData\Local\{6B1639DF-A457-48D8-9987-9E933E0A8681}
[09/04/2011|01:47:34] | C:\Users\balou\AppData\Local\{6CF9F9BA-A697-463D-A7EF-B8F12416564F}
[10/05/2011|17:08:01] | C:\Users\balou\AppData\Local\{70716A92-21CA-489F-80D5-69F6C53B42A9}
[03/04/2011|00:54:35] | C:\Users\balou\AppData\Local\{71586461-B54F-4A6C-854B-9B8903EF1BD8}
[30/03/2011|19:23:07] | C:\Users\balou\AppData\Local\{7169064D-6362-4D1E-B0ED-40B24CCD0E5B}
[13/05/2011|14:27:28] | C:\Users\balou\AppData\Local\{71E510F6-BA7B-4CBD-9272-8BDEECB22FCC}
[18/04/2011|11:31:33] | C:\Users\balou\AppData\Local\{75C828C5-A7C4-45B8-A8B7-E11FA1B1B12A}
[30/04/2011|00:06:03] | C:\Users\balou\AppData\Local\{79CD8A02-8FBA-4C5D-9446-42EF2A5FC053}
[28/04/2011|23:14:10] | C:\Users\balou\AppData\Local\{7B4284F9-AE69-4BCC-9915-E16855639225}
[16/04/2011|23:30:03] | C:\Users\balou\AppData\Local\{7F4E726B-6ADD-48A2-AC30-39931B3FEA1E}
[14/04/2011|13:45:13] | C:\Users\balou\AppData\Local\{823AFC03-2B38-4973-92D2-4E8761086E63}
[24/05/2011|22:52:41] | C:\Users\balou\AppData\Local\{826742ED-B817-4F7C-B8F0-75CF3CDCBD56}
[07/04/2011|09:38:25] | C:\Users\balou\AppData\Local\{83C022C9-FD3B-455A-9FCC-348D3B6001F8}
[26/04/2011|16:49:21] | C:\Users\balou\AppData\Local\{848901C2-9B01-4C2B-B4C9-B00BBF3844B4}
[11/04/2011|01:24:58] | C:\Users\balou\AppData\Local\{87364673-55C6-4D0C-B31A-7754E70A62E1}
[07/05/2011|03:00:34] | C:\Users\balou\AppData\Local\{87766299-9D60-412C-A598-C52B6C5AB79C}
[08/04/2011|13:46:54] | C:\Users\balou\AppData\Local\{87C4279F-5EF5-41A0-BB2A-ACC9F5BB981D}
[25/04/2011|13:00:12] | C:\Users\balou\AppData\Local\{884C7CE3-3864-4BFB-80B4-2A915BA26338}
[16/05/2011|02:30:26] | C:\Users\balou\AppData\Local\{8A345138-4639-41B7-A441-46B054613473}
[27/05/2011|10:56:07] | C:\Users\balou\AppData\Local\{8E64E181-FAB6-44DC-9BA4-891CE0F9A327}
[16/04/2011|01:48:32] | C:\Users\balou\AppData\Local\{8E766328-F604-475E-B482-AA2D82B5B8B3}
[15/04/2011|01:45:54] | C:\Users\balou\AppData\Local\{8EC239B1-7764-4455-A1FC-0B919D72D362}
[09/05/2011|17:06:44] | C:\Users\balou\AppData\Local\{9023A365-544A-4104-8CAE-5D86CB998988}
[13/04/2011|01:26:48] | C:\Users\balou\AppData\Local\{92475E20-880B-43B4-9FF4-0BB5A1124EC5}
[27/04/2011|22:00:10] | C:\Users\balou\AppData\Local\{94685E7E-9497-4E93-A83C-CFBD6840CB75}
[07/04/2011|21:38:51] | C:\Users\balou\AppData\Local\{9519D500-39CF-4C3E-96AB-6B9A8E26D3E1}
[14/05/2011|14:28:38] | C:\Users\balou\AppData\Local\{98F1202C-D637-4C92-9EBF-11D56396E5F2}
[17/05/2011|03:03:01] | C:\Users\balou\AppData\Local\{99BBA79F-A54A-4861-9C98-20A61B139A4C}
[16/05/2011|15:02:24] | C:\Users\balou\AppData\Local\{9B89C1A6-65D9-4933-B0C2-58F6F73BFCEE}
[21/04/2011|13:09:18] | C:\Users\balou\AppData\Local\{9C07A954-569E-4F89-B7C8-9F7C355DF5F7}
[25/05/2011|10:53:40] | C:\Users\balou\AppData\Local\{9EDAC6D8-7ADF-4744-9F50-D9ADD6337966}
[30/04/2011|13:47:24] | C:\Users\balou\AppData\Local\{A2F91D77-99F1-470F-950C-C4D1869B5952}
[01/06/2011|00:51:50] | C:\Users\balou\AppData\Local\{A63B2528-279D-4CDA-BAED-D0D25668D153}
[20/05/2011|10:02:38] | C:\Users\balou\AppData\Local\{A67ADDEB-517D-47E8-AC5A-03C88B16BF6E}
[06/05/2011|02:25:40] | C:\Users\balou\AppData\Local\{A8175EC2-799B-4870-9197-22571D2408C2}
[14/04/2011|01:27:50] | C:\Users\balou\AppData\Local\{A824FECC-27F8-4F23-8FF4-9AC4197CA930}
[17/05/2011|15:03:28] | C:\Users\balou\AppData\Local\{ACC54BAC-F7C5-4DC6-A886-E54D74057E43}
[09/05/2011|03:02:26] | C:\Users\balou\AppData\Local\{AD56612E-C238-4CB0-B4CB-5D40E0741545}
[12/04/2011|01:26:00] | C:\Users\balou\AppData\Local\{AFEB4688-7CAB-41B3-A042-770C09EC5DD7}
[24/05/2011|13:08:16] | C:\Users\balou\AppData\Local\{B6FFBE0C-5C1C-4823-B65E-FAA3B3FB9B86}
[23/05/2011|18:40:24] | C:\Users\balou\AppData\Local\{B729FBC8-4665-4962-842F-B85C412BF9A4}
[30/05/2011|12:50:17] | C:\Users\balou\AppData\Local\{B80BF4DB-EC56-4A0F-892B-0B392D736666}
[12/05/2011|17:37:17] | C:\Users\balou\AppData\Local\{B847A0AF-0EB7-4889-B5DB-83AD6DE4C612}
[17/04/2011|11:30:31] | C:\Users\balou\AppData\Local\{BB3A5B0D-9360-41E3-ADDA-06DC0ACD71C4}
[05/05/2011|14:25:15] | C:\Users\balou\AppData\Local\{BB4BB683-55A1-44B1-AE1A-E143E20E3B8C}
[05/04/2011|05:07:13] | C:\Users\balou\AppData\Local\{BB834E55-1C30-4C46-8729-29F44415C9DE}
[02/05/2011|14:35:35] | C:\Users\balou\AppData\Local\{BC21E37E-4317-4562-A472-3B46EC5ACD54}
[12/04/2011|13:26:24] | C:\Users\balou\AppData\Local\{C5BB5688-BF16-4119-9E9C-8CDFA3C9BF59}
[08/05/2011|15:02:01] | C:\Users\balou\AppData\Local\{C780DF99-E2A5-47AB-867C-63B15B024B51}
[19/05/2011|12:16:58] | C:\Users\balou\AppData\Local\{CA964BC3-B53D-42E4-926C-11FADEA0F3D0}
[15/05/2011|14:30:02] | C:\Users\balou\AppData\Local\{CAC47014-8E47-4968-820B-0F4D369B5D88}
[17/04/2011|23:31:08] | C:\Users\balou\AppData\Local\{CED3C58E-1BB7-414B-B32F-D6DFAA56E22D}
[21/05/2011|14:04:11] | C:\Users\balou\AppData\Local\{D00A03D0-CA4C-4A3A-982E-887E3C60B5E8}
[28/05/2011|00:47:42] | C:\Users\balou\AppData\Local\{D0E6F510-8AC0-4271-A6E1-121CA610497D}
[10/05/2011|05:07:24] | C:\Users\balou\AppData\Local\{D131E9CD-4539-47D5-813B-3294C3FE93CB}
[26/05/2011|22:55:30] | C:\Users\balou\AppData\Local\{D4761A8E-CA43-434A-8E37-D1A6DDC89A56}
[04/04/2011|17:06:36] | C:\Users\balou\AppData\Local\{D47F1A3B-E45F-4164-855A-D96B97D1C22A}
[26/05/2011|10:54:53] | C:\Users\balou\AppData\Local\{D5E3D972-D7AB-4BCA-8D8A-BC7F4D67773F}
[01/04/2011|19:24:43] | C:\Users\balou\AppData\Local\{D64AA9B5-82B3-4F24-90B1-2FBE04DB083B}
[30/05/2011|00:49:52] | C:\Users\balou\AppData\Local\{D94CBDFF-78C1-45D5-BDFE-A1BA4A25EC99}
[06/04/2011|21:37:37] | C:\Users\balou\AppData\Local\{DA064A19-2F12-4AF4-AE27-BF2FC517B9BD}
[27/04/2011|04:49:59] | C:\Users\balou\AppData\Local\{DF574B27-9A30-4291-A75B-01E2D8E98D07}
[13/04/2011|13:27:13] | C:\Users\balou\AppData\Local\{E06DE986-6636-4B73-9EC2-F24040DEF1EF}
[18/05/2011|03:04:10] | C:\Users\balou\AppData\Local\{E2A2C633-C40D-4B90-88BA-A0D10D416150}
[29/05/2011|12:49:29] | C:\Users\balou\AppData\Local\{E39CD66E-2B3F-46C1-8776-F09AEE3B29C5}
[08/05/2011|03:01:33] | C:\Users\balou\AppData\Local\{E6199346-8AEF-45E3-BAD0-80260686B3E0}
[01/05/2011|02:33:39] | C:\Users\balou\AppData\Local\{E6363522-30B4-4516-AD6E-5792427B7054}
[31/03/2011|07:23:31] | C:\Users\balou\AppData\Local\{F14B116F-89D4-4C8F-8CD5-846ACA4A27D8}
[28/04/2011|10:00:49] | C:\Users\balou\AppData\Local\{F15D4ED8-A39B-4D4B-9D87-7E7023D5ED58}
[31/05/2011|12:51:12] | C:\Users\balou\AppData\Local\{F2D73EC6-AC8D-4F25-B131-D511CFF72BEC}
[04/05/2011|13:44:39] | C:\Users\balou\AppData\Local\{F2F62E27-8714-4833-8243-FD3DB99794AE}
[20/04/2011|19:51:54] | C:\Users\balou\AppData\Local\{F5BD5C39-ABC9-4A9E-B1EC-65D54E2D4F35}
[11/05/2011|05:08:25] | C:\Users\balou\AppData\Local\{F6796B89-D5F6-487F-A225-E07572502497}
[20/05/2011|22:03:20] | C:\Users\balou\AppData\Local\{F738A3DB-D431-4718-91CF-6A864D843228}
[15/04/2011|13:47:30] | C:\Users\balou\AppData\Local\{F9CF48CB-0FFE-4CFB-AE4B-9FE8EEDD1D64}
[03/04/2011|12:54:59] | C:\Users\balou\AppData\Local\{FBBC4C8D-B94B-4D6C-8ACF-A45352318FCD}
[05/05/2011|01:45:18] | C:\Users\balou\AppData\Local\{FDAB0095-8CA1-4C27-BF6A-12391D9A3E1D}
¤¤¤¤¤¤¤¤¤¤ Listing Tasks
[06/10/2010 | 17:08:08] | C:\Windows\Tasks\BearShareNAG.job
[15/06/2010 | 14:10:56] | C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[15/06/2010 | 14:10:57] | C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
¤¤¤¤¤¤¤¤¤¤ Security
¤¤¤
C:\Windows\SysWOW64\explorer.exe -> Processus redémarré
Pre_Script.exe : installé
Fin : 03:33:00
¤¤¤¤¤ XP | Vista | Seven - 32/64 bits ¤¤¤¤¤
Mis à jour le 01/06/2011 | 02.10 par g3n-h@ckm@n
Utilisateur : balou (Administrateurs)
Ordinateur : BALOU-PC
Système d'exploitation : Windows 7 Home Premium (64 bits)
Internet Explorer : 9.0.8112.16421
Mozilla Firefox : 4.0.1 (fr)
Scan : 03:29:58 | 01/06/2011
¤¤¤¤¤¤¤¤¤¤ Sessions
[HKLM | ProfileList] | S-1-5-21-1633666616-3530618582-4091465827-1000 : ProfileImagePath -> C:\Users\balou
[HKLM | ProfileList] | S-1-5-21-1633666616-3530618582-4091465827-1000 : RefCount -> 1
[HKLM | ProfileList] | S-1-5-21-1633666616-3530618582-4091465827-1000 : State -> 256
¤¤¤¤¤¤¤¤¤¤¤ Processus en cours
1160 | C:\Program Files\Alwil Software\Avast5\AvastSvc.exe - Système - Normal - "C:\Program Files\Alwil Software\Avast5\AvastSvc.exe" - 536
1724 | C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe - Système - Normal - "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe" - 536
1744 | C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - Système - Normal - "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" - 536
1780 | C:\Program Files (x86)\Bonjour\mDNSResponder.exe - Système - Normal - "C:\Program Files (x86)\Bonjour\mDNSResponder.exe" - 536
1828 | C:\Program Files (x86)\Acer\Registration\GregHSRW.exe - Système - Normal - "C:\Program Files (x86)\Acer\Registration\GregHSRW.exe" - 536
1952 | C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe - Système - Normal - "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe" - 536
1992 | C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE - Système - Normal - "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" - 536
1352 | C:\Program Files (x86)\Hama\Hama Webcam Suite\Magic-i Visual Effects 2\uCamMonitor.exe - Système - Normal - "C:\Program Files (x86)\Hama\Hama Webcam Suite\Magic-i Visual Effects 2\uCamMonitor.exe" - 536
1696 | C:\Program Files\Acer\Acer Updater\UpdaterService.exe - Système - Normal - "C:\Program Files\Acer\Acer Updater\UpdaterService.exe" - 536
2108 | C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe - Système - Normal - "C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe" - 536
2664 | C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe - balou - Normal - "C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" - 2388
2316 | C:\Program Files (x86)\uTorrent\uTorrent.exe - balou - Normal - "C:\Program Files (x86)\uTorrent\uTorrent.exe" - 2388
3092 | C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe - balou - Normal - "C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe" - 2388
3116 | C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe - balou - Normal - "C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe" - 2388
3136 | C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE - balou - Normal - "C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr - 2388
3588 | C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe - balou - Normal - "C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" - 3084
3604 | C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe - balou - Normal - "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" - 3084
3624 | C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe - balou - Normal - "C:\Program - 3084
3704 | C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe - balou - Normal - "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" - 3084
3756 | C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - balou - Normal - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" - 3084
3764 | C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe - balou - Normal - "C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe" - 3084
3780 | C:\Program Files (x86)\iTunes\iTunesHelper.exe - balou - Normal - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" - 3084
3800 | C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac - balou - Normal - ArcCon.ac 327750 0 - 3704
4084 | C:\Program Files\Alwil Software\Avast5\AvastUI.exe - balou - Normal - "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui - 3084
5760 | C:\Program Files (x86)\Nero\Update\NASvc.exe - Système - Normal - "C:\Program Files (x86)\Nero\Update\NASvc.exe" - 536
5420 | C:\Users\balou\Downloads\Pre_scan.exe - balou - High - "C:\Users\balou\Downloads\Pre_scan.exe" - 2388
5192 | C:\Windows\SysWOW64\cmd.exe - balou - Normal - cmd /c ""C:\Kill'em\Pv.bat" " - 5420
4044 | C:\Kill'em\Pv.exe - balou - Normal - C:\Kill'em\pv.exe -o"%i | %f - %u - %p - %l - %r" - 5192
¤¤¤¤¤¤¤¤¤¤ Winlogon
[HKLM | Winlogon] | Shell : explorer.exe
[HKLM | Winlogon] | AutoRestartShell : 1
[HKLM | Winlogon] | userinit : C:\Windows\SysWOW64\userinit.exe,
[HKLM | Winlogon] | PowerDownAfterShutdown : 1
[HKLM | Winlogon] | System :
¤¤¤¤¤¤¤¤¤¤ Associations
[.exe] : exefile
[exefile | command] : "%1" %*
[.com] : comfile
[comfile | command] : "%1" %*
[.reg] : regfile
[regfile | command] : regedit.exe "%1"
[.scr] : scrfile
[scrfile | command] : "%1" /S
[.bat] : batfile
[batfile | command] : "%1" %*
[.cmd] : cmdfile
[cmdfile | command] : "%1" %*
[.pif] : piffile
[piffile | command] : "%1" %*
[.url] : InternetShortcut
[InternetShortcut | command] : "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l
[Application.Manifest | command] : rundll32.exe dfshim.dll,ShOpenVerbApplication %1
[Application.Reference | command] : rundll32.exe dfshim.dll,ShOpenVerbShortcut %1|%2
[Folder | command] : C:\Windows\explorer.exe
¤
[Firefox | Command] | @ : "C:\Program Files (x86)\Mozilla Firefox\Firefox.exe"
[Firefox - Safemode | Command] | @ : "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode
[IE | Command] | @ : "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
[Applications | IE | Command] | @ : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1
[Chrome | Command] | @ : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
[Assoc | Applications] | @ : http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s
¤¤¤¤¤¤¤¤¤¤ Divers
[HKCU | HideDesktopIcons\NewStartPanel] | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> 0
[HKCU | HideDesktopIcons\ClassicStartMenu] | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> 0
[HKLM | HideDesktopIcons\ClassicStartMenu] | {9343812e-1c37-4a49-a12e-4b2d810d956b} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {F02C1A0D-BE21-4350-88B0-7367FC96EF3C} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {208D2C60-3AEA-1069-A2D7-08002B30309D} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {871C5380-42A0-1069-A2EA-08002B30309D} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 0
[HKLM | HideDesktopIcons\NewStartPanel] | {9343812e-1c37-4a49-a12e-4b2d810d956b} : 0
[HKCU | Desktop] | Wallpaper : C:\Users\balou\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
[HKLM | policies\Explorer] | NoActiveDesktop : 0
[HKLM | policies\Explorer] | NoActiveDesktopChanges : 0
¤¤¤¤¤¤¤¤¤¤ Services
[Ndisuio] | Start : 3 : Actif
[Power] | Start : 2 : Actif
[Profsvc] | Start : 2 : Actif
[PlugPlay] | Start : 2 : Actif
[PEAUTH] | Start : 2 : Actif
[NVSvc] | Start : 2 : Actif
[nsi] | Start : 2 : Actif
[NLASvc] | Start : 2 : Actif
[MPSsvc] | Start : 2 : Actif
[MMCSS] | Start : 2 : Actif
[luafv] | Start : 2 : Actif
[lltdio] | Start : 2 : Actif
[Iphlpsvc] | Start : 2 : Actif
[IKEEXT] | Start : 2 : Actif
[gpsvc] | Start : 2 : Actif
[lmhosts] | Start : 2 : Actif
[LanmanWorkstation] | Start : 2 : Actif
[LanmanServer] | Start : 2 : Actif
[agp440] | Start : 2 : Inactif
[AudioEndpointBuilder] | Start : 2 : Actif
[Audiosrv] | Start : 2 : Actif
[BFE] | Start : 2 : Actif
[Bits] | Start : 2 : Actif
[CryptSvc] | Start : 2 : Actif
[EapHost] | Start : 2 : Actif
[Wlansvc] | Start : 2 : Actif
[SharedAccess] | Start : 2 : Inactif
[windefend] | Start : 2 : Actif
[wuauserv] | Start : 2 : Actif
[WerSvc] | Start : 2 : Actif
[wscsvc] | Start : 2 : Actif
¤¤¤¤¤¤¤¤¤¤ Internet Explorer
[HKCU | Main] | Start Page : https://www.google.com/?gws_rd=ssl
[HKCU | Main] | Local Page : C:\Windows\SysWOW64\blank.htm
[HKCU | Main] | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
[HKLM | Main] | Start Page : https://www.msn.com/fr-fr/?ocid=iehp
[HKLM | Main] | Local Page : C:\Windows\SysWOW64\blank.htm
[HKLM | Main] | Default_Search_URL : https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
[HKLM | Main] | Default_Page_URL : https://www.msn.com/fr-fr/?ocid=iehp
[HKLM | Main] | Search Page : https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
¤¤¤¤¤¤¤¤¤¤ DNS
[HKLM | Tcpip\Parameters] | DhcpNameServer = 192.168.1.1
[HKLM\CCS | Interfaces\{8723791D-35FB-48D6-9425-AAED64699B99}] | DhcpNameServer -> 192.168.1.1
[HKLM\CS1 | Interfaces\{8723791D-35FB-48D6-9425-AAED64699B99}] | DhcpNameServer -> 192.168.1.1
[HKLM\CS2 | Interfaces\{8723791D-35FB-48D6-9425-AAED64699B99}] | DhcpNameServer -> 192.168.1.1
¤¤¤¤¤¤¤¤¤¤ Hosts ¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤ Processus
¤¤¤¤¤¤¤¤¤¤ Traitement Fichiers | Dossiers | Registre
Mise en quarantaine : C:\Users\balou\AppData\Roaming\ubi.com
Erreur de suppression : C:\Users\balou\AppData\Roaming\ubi.com
Mise en quarantaine : C:\Windows\Temp\CR_99AB8.tmp
Erreur de suppression : C:\Windows\Temp\CR_99AB8.tmp
¤¤¤¤¤¤¤¤¤¤ IFEO
¤¤¤¤¤¤¤¤¤¤ Mountpoints2
¤¤¤¤¤¤¤¤¤¤ Listing %AppData%
[28/07/2010|16:55:49] | C:\Users\balou\AppData\Roaming\.#
[12/05/2010|00:31:30] | C:\Users\balou\AppData\Roaming\Adobe
[18/08/2010|13:44:08] | C:\Users\balou\AppData\Roaming\Apple Computer
[21/01/2011|19:28:50] | C:\Users\balou\AppData\Roaming\ArcSoft
[22/02/2011|23:17:59] | C:\Users\balou\AppData\Roaming\DivX
[29/05/2010|19:37:14] | C:\Users\balou\AppData\Roaming\dvdcss
[28/07/2010|16:56:26] | C:\Users\balou\AppData\Roaming\GameConsole
[11/05/2010|21:07:47] | C:\Users\balou\AppData\Roaming\Google
[12/04/2011|23:30:23] | C:\Users\balou\AppData\Roaming\gtk-2.0
[11/05/2010|21:05:06] | C:\Users\balou\AppData\Roaming\Identities
[03/08/2010|19:06:22] | C:\Users\balou\AppData\Roaming\InstallShield
[11/05/2010|21:06:03] | C:\Users\balou\AppData\Roaming\Macromedia
[11/05/2010|21:03:40] | C:\Users\balou\AppData\Roaming\Media Center Programs
[11/05/2010|21:03:40] | C:\Users\balou\AppData\Roaming\Microsoft
[19/09/2010|22:23:08] | C:\Users\balou\AppData\Roaming\moovida-1
[20/05/2010|11:55:59] | C:\Users\balou\AppData\Roaming\Mozilla
[11/05/2010|21:33:33] | C:\Users\balou\AppData\Roaming\Nero
[22/04/2011|20:46:16] | C:\Users\balou\AppData\Roaming\Registry Mechanic
[17/06/2010|00:04:38] | C:\Users\balou\AppData\Roaming\SecuROM
[20/05/2010|12:01:47] | C:\Users\balou\AppData\Roaming\Skype
[28/06/2010|23:25:48] | C:\Users\balou\AppData\Roaming\skypePM
[12/05/2010|15:12:13] | C:\Users\balou\AppData\Roaming\ubi.com
[06/06/2010|17:10:31] | C:\Users\balou\AppData\Roaming\uTorrent
[22/02/2011|22:09:23] | C:\Users\balou\AppData\Roaming\vlc
[21/12/2010|09:46:02] | C:\Users\balou\AppData\Roaming\Windows Live Writer
[15/06/2010|14:37:28] | C:\Users\balou\AppData\Roaming\WinRAR
¤¤¤¤¤¤¤¤¤¤ Listing %CommonAppData%
[17/10/2009|04:20:51] | C:\ProgramData\Acer
[17/10/2009|04:36:13] | C:\ProgramData\Adobe
[05/08/2010|11:02:49] | C:\ProgramData\Alwil Software
[05/08/2010|12:04:17] | C:\ProgramData\Apple
[13/08/2010|15:55:53] | C:\ProgramData\Apple Computer
[11/05/2010|21:03:36] | C:\ProgramData\Application Data
[24/09/2010|20:31:46] | C:\ProgramData\Arcade Lab
[21/01/2011|19:27:24] | C:\ProgramData\ArcSoft
[17/10/2009|04:12:08] | C:\ProgramData\BackupManager
[11/05/2010|21:03:36] | C:\ProgramData\Bureau
[05/12/2010|19:25:07] | C:\ProgramData\DivX
[11/05/2010|21:03:36] | C:\ProgramData\Documents
[17/10/2009|04:39:52] | C:\ProgramData\EgisTec
[24/06/2010|01:11:10] | C:\ProgramData\eMule
[17/10/2009|04:37:18] | C:\ProgramData\eSobi
[28/06/2010|23:25:49] | C:\ProgramData\ezsidmv.dat
[11/05/2010|21:03:36] | C:\ProgramData\Favoris
[17/10/2009|04:23:04] | C:\ProgramData\Google
[17/10/2009|04:24:09] | C:\ProgramData\McAfee
[09/12/2010|01:33:27] | C:\ProgramData\McAfee Security Scan
[11/05/2010|21:06:51] | C:\ProgramData\McQcModifier-5c47-a7b0
[11/05/2010|21:03:36] | C:\ProgramData\Menu Démarrer
[14/07/2009|05:20:08] | C:\ProgramData\Microsoft
[17/10/2009|04:13:19] | C:\ProgramData\Microsoft Help
[11/05/2010|21:03:36] | C:\ProgramData\Modèles
[17/10/2009|04:30:33] | C:\ProgramData\Nero
[30/03/2011|18:57:24] | C:\ProgramData\Norton
[30/03/2011|18:57:23] | C:\ProgramData\NortonInstaller
[10/10/2006|01:34:37] | C:\ProgramData\NVIDIA
[13/04/2011|15:20:08] | C:\ProgramData\NVIDIA Corporation
[17/10/2009|04:39:51] | C:\ProgramData\OEM
[17/10/2009|04:23:09] | C:\ProgramData\Partner
[11/05/2011|02:32:56] | C:\ProgramData\QuestScan
[17/10/2009|04:28:12] | C:\ProgramData\SiteAdvisor
[20/05/2010|12:01:29] | C:\ProgramData\Skype
[20/05/2010|11:53:24] | C:\ProgramData\Sun
[19/10/2010|21:16:15] | C:\ProgramData\SweetIM
[30/03/2011|18:57:24] | C:\ProgramData\Symantec
[24/09/2010|20:31:33] | C:\ProgramData\TEMP
[17/09/2010|16:21:33] | C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
¤¤¤¤¤¤¤¤¤¤ Listing %LocalAppData%
[15/06/2010|10:09:01] | C:\Users\balou\AppData\Local\Adobe
[05/08/2010|12:04:19] | C:\Users\balou\AppData\Local\Apple
[14/08/2010|00:27:02] | C:\Users\balou\AppData\Local\Apple Computer
[11/05/2010|21:03:40] | C:\Users\balou\AppData\Local\Application Data
[21/01/2011|19:28:50] | C:\Users\balou\AppData\Local\ArcSoft
[06/10/2010|17:10:57] | C:\Users\balou\AppData\Local\BearShare
[14/07/2010|00:13:01] | C:\Users\balou\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[11/05/2010|21:08:24] | C:\Users\balou\AppData\Local\Diagnostics
[11/05/2010|21:06:04] | C:\Users\balou\AppData\Local\EgisTec
[16/09/2010|18:04:53] | C:\Users\balou\AppData\Local\ElevatedDiagnostics
[04/11/2010|13:55:46] | C:\Users\balou\AppData\Local\eMule
[01/02/2011|23:42:29] | C:\Users\balou\AppData\Local\freetvradio Air
[11/05/2010|21:03:48] | C:\Users\balou\AppData\Local\GDIPFONTCACHEV1.DAT
[11/05/2010|21:07:47] | C:\Users\balou\AppData\Local\Google
[11/05/2010|21:03:40] | C:\Users\balou\AppData\Local\Historique
[11/05/2010|21:19:05] | C:\Users\balou\AppData\Local\IconCache.db
[11/05/2010|21:03:40] | C:\Users\balou\AppData\Local\Microsoft
[11/05/2010|23:12:41] | C:\Users\balou\AppData\Local\Microsoft Games
[19/09/2010|22:23:14] | C:\Users\balou\AppData\Local\moovida Air
[20/05/2010|12:12:00] | C:\Users\balou\AppData\Local\Mozilla
[13/05/2010|22:07:59] | C:\Users\balou\AppData\Local\Orange
[02/10/2010|12:13:37] | C:\Users\balou\AppData\Local\PackageAware
[11/05/2010|21:03:40] | C:\Users\balou\AppData\Local\Temp
[11/05/2010|21:03:40] | C:\Users\balou\AppData\Local\Temporary Internet Files
[18/06/2010|17:22:20] | C:\Users\balou\AppData\Local\THQ
[11/05/2010|21:05:01] | C:\Users\balou\AppData\Local\VirtualStore
[06/10/2010|17:41:51] | C:\Users\balou\AppData\Local\Windows Live
[21/12/2010|09:46:02] | C:\Users\balou\AppData\Local\Windows Live Writer
[25/04/2011|00:59:35] | C:\Users\balou\AppData\Local\{0030B2E1-187A-4EEB-BE25-A82B10BBE18B}
[22/04/2011|01:09:43] | C:\Users\balou\AppData\Local\{01470FD7-88CB-489F-BC4E-341B4F818458}
[06/05/2011|14:26:16] | C:\Users\balou\AppData\Local\{0962C448-F313-4DE7-9727-FF21FD686E5E}
[23/05/2011|04:33:06] | C:\Users\balou\AppData\Local\{0D579301-C920-4FA4-A287-95C636ABC1F8}
[22/05/2011|04:31:51] | C:\Users\balou\AppData\Local\{0F34875C-C4EA-4B22-80BB-FA0F1434E37F}
[11/04/2011|13:25:23] | C:\Users\balou\AppData\Local\{1B9FE3F1-E436-470B-811D-A5DF5AD823C7}
[31/05/2011|00:50:42] | C:\Users\balou\AppData\Local\{1BDC16B7-E3A0-49DD-A026-9B8116794B78}
[15/05/2011|02:29:16] | C:\Users\balou\AppData\Local\{22BD648C-4EA8-49BC-A1BF-E0415AECB0A2}
[23/04/2011|18:47:44] | C:\Users\balou\AppData\Local\{23475308-95CF-4A50-B02E-A46D7E9DCB41}
[26/04/2011|01:00:55] | C:\Users\balou\AppData\Local\{24E52FBD-C3F6-4D21-BF6F-D2CE26406B23}
[02/04/2011|12:53:51] | C:\Users\balou\AppData\Local\{300906D2-0B51-4210-A620-5E2D4E67B114}
[03/05/2011|22:31:44] | C:\Users\balou\AppData\Local\{30EA7691-52B6-4ED5-9203-02954DF85FD0}
[02/05/2011|02:34:57] | C:\Users\balou\AppData\Local\{33D9B4FB-3523-446B-8369-E4919C152A42}
[03/05/2011|02:36:16] | C:\Users\balou\AppData\Local\{377501A1-9E7A-4D6B-B315-8AC8BFF3603D}
[18/05/2011|15:04:45] | C:\Users\balou\AppData\Local\{37B80F45-67FA-4843-9C79-4A2ED7ACF978}
[04/04/2011|05:05:58] | C:\Users\balou\AppData\Local\{3B950FD5-728B-4A07-927C-2EA36DC02A24}
[31/03/2011|19:23:55] | C:\Users\balou\AppData\Local\{3CCA7F9C-4DED-46C4-A17F-8A62B0608F70}
[22/04/2011|13:10:08] | C:\Users\balou\AppData\Local\{3D05BC7F-8305-4CCB-A2AA-4693214F4A83}
[29/05/2011|00:48:53] | C:\Users\balou\AppData\Local\{42112281-4E0A-4441-8E45-84D11C7A4CBB}
[25/05/2011|22:54:22] | C:\Users\balou\AppData\Local\{44749D02-6AAF-43D8-81AA-FC17C4D1F7CC}
[24/04/2011|12:59:09] | C:\Users\balou\AppData\Local\{44E42665-248D-4556-AC6E-B81BF6630E93}
[11/05/2011|17:08:49] | C:\Users\balou\AppData\Local\{464D5B8A-FF28-48DF-AFAD-624E42BCC883}
[01/05/2011|14:34:17] | C:\Users\balou\AppData\Local\{47C0B08E-F909-465A-9AD4-4C7DF7466325}
[19/04/2011|23:33:01] | C:\Users\balou\AppData\Local\{48E70203-534B-484D-A20B-6BBE2EC13BC3}
[19/04/2011|11:32:24] | C:\Users\balou\AppData\Local\{4B427CF4-1AD6-428A-8D79-4421923A97FA}
[06/04/2011|05:08:14] | C:\Users\balou\AppData\Local\{4D9D0EF6-663F-4093-A7C7-9379782B5F92}
[07/05/2011|15:01:08] | C:\Users\balou\AppData\Local\{4DBA799C-088B-4840-8F2F-67A98351594E}
[23/04/2011|01:10:45] | C:\Users\balou\AppData\Local\{50075F65-614F-45B2-ACCD-02D128949CB4}
[18/04/2011|23:31:57] | C:\Users\balou\AppData\Local\{523355BB-FCDC-48C5-A28E-9114FBD4B45D}
[29/04/2011|12:04:43] | C:\Users\balou\AppData\Local\{53536F52-AA0C-4CA3-A4FC-0C68B10F895A}
[05/04/2011|17:07:38] | C:\Users\balou\AppData\Local\{5C38EED9-33A4-44DB-AF05-8EABEF493F3E}
[28/05/2011|12:48:08] | C:\Users\balou\AppData\Local\{5FE58D22-36FB-4796-ACC1-5A425EB397E2}
[01/04/2011|07:24:19] | C:\Users\balou\AppData\Local\{604A16A1-D366-41EA-A4BE-932DD9E295AA}
[10/04/2011|13:24:30] | C:\Users\balou\AppData\Local\{6424544C-2D4D-4EDD-A155-DEB45C5CB2B3}
[22/05/2011|16:32:24] | C:\Users\balou\AppData\Local\{69A948E7-7E89-41DD-9846-725842B007D7}
[14/05/2011|02:27:56] | C:\Users\balou\AppData\Local\{6A7A0D5D-062E-435D-A522-A78434B676C1}
[24/05/2011|12:13:36] | C:\Users\balou\AppData\Local\{6B1639DF-A457-48D8-9987-9E933E0A8681}
[09/04/2011|01:47:34] | C:\Users\balou\AppData\Local\{6CF9F9BA-A697-463D-A7EF-B8F12416564F}
[10/05/2011|17:08:01] | C:\Users\balou\AppData\Local\{70716A92-21CA-489F-80D5-69F6C53B42A9}
[03/04/2011|00:54:35] | C:\Users\balou\AppData\Local\{71586461-B54F-4A6C-854B-9B8903EF1BD8}
[30/03/2011|19:23:07] | C:\Users\balou\AppData\Local\{7169064D-6362-4D1E-B0ED-40B24CCD0E5B}
[13/05/2011|14:27:28] | C:\Users\balou\AppData\Local\{71E510F6-BA7B-4CBD-9272-8BDEECB22FCC}
[18/04/2011|11:31:33] | C:\Users\balou\AppData\Local\{75C828C5-A7C4-45B8-A8B7-E11FA1B1B12A}
[30/04/2011|00:06:03] | C:\Users\balou\AppData\Local\{79CD8A02-8FBA-4C5D-9446-42EF2A5FC053}
[28/04/2011|23:14:10] | C:\Users\balou\AppData\Local\{7B4284F9-AE69-4BCC-9915-E16855639225}
[16/04/2011|23:30:03] | C:\Users\balou\AppData\Local\{7F4E726B-6ADD-48A2-AC30-39931B3FEA1E}
[14/04/2011|13:45:13] | C:\Users\balou\AppData\Local\{823AFC03-2B38-4973-92D2-4E8761086E63}
[24/05/2011|22:52:41] | C:\Users\balou\AppData\Local\{826742ED-B817-4F7C-B8F0-75CF3CDCBD56}
[07/04/2011|09:38:25] | C:\Users\balou\AppData\Local\{83C022C9-FD3B-455A-9FCC-348D3B6001F8}
[26/04/2011|16:49:21] | C:\Users\balou\AppData\Local\{848901C2-9B01-4C2B-B4C9-B00BBF3844B4}
[11/04/2011|01:24:58] | C:\Users\balou\AppData\Local\{87364673-55C6-4D0C-B31A-7754E70A62E1}
[07/05/2011|03:00:34] | C:\Users\balou\AppData\Local\{87766299-9D60-412C-A598-C52B6C5AB79C}
[08/04/2011|13:46:54] | C:\Users\balou\AppData\Local\{87C4279F-5EF5-41A0-BB2A-ACC9F5BB981D}
[25/04/2011|13:00:12] | C:\Users\balou\AppData\Local\{884C7CE3-3864-4BFB-80B4-2A915BA26338}
[16/05/2011|02:30:26] | C:\Users\balou\AppData\Local\{8A345138-4639-41B7-A441-46B054613473}
[27/05/2011|10:56:07] | C:\Users\balou\AppData\Local\{8E64E181-FAB6-44DC-9BA4-891CE0F9A327}
[16/04/2011|01:48:32] | C:\Users\balou\AppData\Local\{8E766328-F604-475E-B482-AA2D82B5B8B3}
[15/04/2011|01:45:54] | C:\Users\balou\AppData\Local\{8EC239B1-7764-4455-A1FC-0B919D72D362}
[09/05/2011|17:06:44] | C:\Users\balou\AppData\Local\{9023A365-544A-4104-8CAE-5D86CB998988}
[13/04/2011|01:26:48] | C:\Users\balou\AppData\Local\{92475E20-880B-43B4-9FF4-0BB5A1124EC5}
[27/04/2011|22:00:10] | C:\Users\balou\AppData\Local\{94685E7E-9497-4E93-A83C-CFBD6840CB75}
[07/04/2011|21:38:51] | C:\Users\balou\AppData\Local\{9519D500-39CF-4C3E-96AB-6B9A8E26D3E1}
[14/05/2011|14:28:38] | C:\Users\balou\AppData\Local\{98F1202C-D637-4C92-9EBF-11D56396E5F2}
[17/05/2011|03:03:01] | C:\Users\balou\AppData\Local\{99BBA79F-A54A-4861-9C98-20A61B139A4C}
[16/05/2011|15:02:24] | C:\Users\balou\AppData\Local\{9B89C1A6-65D9-4933-B0C2-58F6F73BFCEE}
[21/04/2011|13:09:18] | C:\Users\balou\AppData\Local\{9C07A954-569E-4F89-B7C8-9F7C355DF5F7}
[25/05/2011|10:53:40] | C:\Users\balou\AppData\Local\{9EDAC6D8-7ADF-4744-9F50-D9ADD6337966}
[30/04/2011|13:47:24] | C:\Users\balou\AppData\Local\{A2F91D77-99F1-470F-950C-C4D1869B5952}
[01/06/2011|00:51:50] | C:\Users\balou\AppData\Local\{A63B2528-279D-4CDA-BAED-D0D25668D153}
[20/05/2011|10:02:38] | C:\Users\balou\AppData\Local\{A67ADDEB-517D-47E8-AC5A-03C88B16BF6E}
[06/05/2011|02:25:40] | C:\Users\balou\AppData\Local\{A8175EC2-799B-4870-9197-22571D2408C2}
[14/04/2011|01:27:50] | C:\Users\balou\AppData\Local\{A824FECC-27F8-4F23-8FF4-9AC4197CA930}
[17/05/2011|15:03:28] | C:\Users\balou\AppData\Local\{ACC54BAC-F7C5-4DC6-A886-E54D74057E43}
[09/05/2011|03:02:26] | C:\Users\balou\AppData\Local\{AD56612E-C238-4CB0-B4CB-5D40E0741545}
[12/04/2011|01:26:00] | C:\Users\balou\AppData\Local\{AFEB4688-7CAB-41B3-A042-770C09EC5DD7}
[24/05/2011|13:08:16] | C:\Users\balou\AppData\Local\{B6FFBE0C-5C1C-4823-B65E-FAA3B3FB9B86}
[23/05/2011|18:40:24] | C:\Users\balou\AppData\Local\{B729FBC8-4665-4962-842F-B85C412BF9A4}
[30/05/2011|12:50:17] | C:\Users\balou\AppData\Local\{B80BF4DB-EC56-4A0F-892B-0B392D736666}
[12/05/2011|17:37:17] | C:\Users\balou\AppData\Local\{B847A0AF-0EB7-4889-B5DB-83AD6DE4C612}
[17/04/2011|11:30:31] | C:\Users\balou\AppData\Local\{BB3A5B0D-9360-41E3-ADDA-06DC0ACD71C4}
[05/05/2011|14:25:15] | C:\Users\balou\AppData\Local\{BB4BB683-55A1-44B1-AE1A-E143E20E3B8C}
[05/04/2011|05:07:13] | C:\Users\balou\AppData\Local\{BB834E55-1C30-4C46-8729-29F44415C9DE}
[02/05/2011|14:35:35] | C:\Users\balou\AppData\Local\{BC21E37E-4317-4562-A472-3B46EC5ACD54}
[12/04/2011|13:26:24] | C:\Users\balou\AppData\Local\{C5BB5688-BF16-4119-9E9C-8CDFA3C9BF59}
[08/05/2011|15:02:01] | C:\Users\balou\AppData\Local\{C780DF99-E2A5-47AB-867C-63B15B024B51}
[19/05/2011|12:16:58] | C:\Users\balou\AppData\Local\{CA964BC3-B53D-42E4-926C-11FADEA0F3D0}
[15/05/2011|14:30:02] | C:\Users\balou\AppData\Local\{CAC47014-8E47-4968-820B-0F4D369B5D88}
[17/04/2011|23:31:08] | C:\Users\balou\AppData\Local\{CED3C58E-1BB7-414B-B32F-D6DFAA56E22D}
[21/05/2011|14:04:11] | C:\Users\balou\AppData\Local\{D00A03D0-CA4C-4A3A-982E-887E3C60B5E8}
[28/05/2011|00:47:42] | C:\Users\balou\AppData\Local\{D0E6F510-8AC0-4271-A6E1-121CA610497D}
[10/05/2011|05:07:24] | C:\Users\balou\AppData\Local\{D131E9CD-4539-47D5-813B-3294C3FE93CB}
[26/05/2011|22:55:30] | C:\Users\balou\AppData\Local\{D4761A8E-CA43-434A-8E37-D1A6DDC89A56}
[04/04/2011|17:06:36] | C:\Users\balou\AppData\Local\{D47F1A3B-E45F-4164-855A-D96B97D1C22A}
[26/05/2011|10:54:53] | C:\Users\balou\AppData\Local\{D5E3D972-D7AB-4BCA-8D8A-BC7F4D67773F}
[01/04/2011|19:24:43] | C:\Users\balou\AppData\Local\{D64AA9B5-82B3-4F24-90B1-2FBE04DB083B}
[30/05/2011|00:49:52] | C:\Users\balou\AppData\Local\{D94CBDFF-78C1-45D5-BDFE-A1BA4A25EC99}
[06/04/2011|21:37:37] | C:\Users\balou\AppData\Local\{DA064A19-2F12-4AF4-AE27-BF2FC517B9BD}
[27/04/2011|04:49:59] | C:\Users\balou\AppData\Local\{DF574B27-9A30-4291-A75B-01E2D8E98D07}
[13/04/2011|13:27:13] | C:\Users\balou\AppData\Local\{E06DE986-6636-4B73-9EC2-F24040DEF1EF}
[18/05/2011|03:04:10] | C:\Users\balou\AppData\Local\{E2A2C633-C40D-4B90-88BA-A0D10D416150}
[29/05/2011|12:49:29] | C:\Users\balou\AppData\Local\{E39CD66E-2B3F-46C1-8776-F09AEE3B29C5}
[08/05/2011|03:01:33] | C:\Users\balou\AppData\Local\{E6199346-8AEF-45E3-BAD0-80260686B3E0}
[01/05/2011|02:33:39] | C:\Users\balou\AppData\Local\{E6363522-30B4-4516-AD6E-5792427B7054}
[31/03/2011|07:23:31] | C:\Users\balou\AppData\Local\{F14B116F-89D4-4C8F-8CD5-846ACA4A27D8}
[28/04/2011|10:00:49] | C:\Users\balou\AppData\Local\{F15D4ED8-A39B-4D4B-9D87-7E7023D5ED58}
[31/05/2011|12:51:12] | C:\Users\balou\AppData\Local\{F2D73EC6-AC8D-4F25-B131-D511CFF72BEC}
[04/05/2011|13:44:39] | C:\Users\balou\AppData\Local\{F2F62E27-8714-4833-8243-FD3DB99794AE}
[20/04/2011|19:51:54] | C:\Users\balou\AppData\Local\{F5BD5C39-ABC9-4A9E-B1EC-65D54E2D4F35}
[11/05/2011|05:08:25] | C:\Users\balou\AppData\Local\{F6796B89-D5F6-487F-A225-E07572502497}
[20/05/2011|22:03:20] | C:\Users\balou\AppData\Local\{F738A3DB-D431-4718-91CF-6A864D843228}
[15/04/2011|13:47:30] | C:\Users\balou\AppData\Local\{F9CF48CB-0FFE-4CFB-AE4B-9FE8EEDD1D64}
[03/04/2011|12:54:59] | C:\Users\balou\AppData\Local\{FBBC4C8D-B94B-4D6C-8ACF-A45352318FCD}
[05/05/2011|01:45:18] | C:\Users\balou\AppData\Local\{FDAB0095-8CA1-4C27-BF6A-12391D9A3E1D}
¤¤¤¤¤¤¤¤¤¤ Listing Tasks
[06/10/2010 | 17:08:08] | C:\Windows\Tasks\BearShareNAG.job
[15/06/2010 | 14:10:56] | C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[15/06/2010 | 14:10:57] | C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
¤¤¤¤¤¤¤¤¤¤ Security
¤¤¤
C:\Windows\SysWOW64\explorer.exe -> Processus redémarré
Pre_Script.exe : installé
Fin : 03:33:00
Télécharge ici :OTL
▶ enregistre le sur ton Bureau.
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶ => Configuration
▶Clic sur Analyse.
A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).
Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)
▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)
Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/
▶ Clique sur Parcourir et cherche le fichier ci-dessus.
▶ Clique sur Ouvrir.
▶ Clique sur "Cliquez ici pour déposer le fichier".
juste au niveau du bouton , en fin de chargement du fichier , Un lien de cette forme apparaitra :
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt
▶ Copie ce lien dans ta réponse.
▶▶ Tu feras la meme chose avec le "Extra.txt" qui logiquement sera aussi sur ton bureau.
▶ enregistre le sur ton Bureau.
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶ => Configuration
▶Clic sur Analyse.
A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).
Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)
▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)
Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/
▶ Clique sur Parcourir et cherche le fichier ci-dessus.
▶ Clique sur Ouvrir.
▶ Clique sur "Cliquez ici pour déposer le fichier".
juste au niveau du bouton , en fin de chargement du fichier , Un lien de cette forme apparaitra :
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt
▶ Copie ce lien dans ta réponse.
▶▶ Tu feras la meme chose avec le "Extra.txt" qui logiquement sera aussi sur ton bureau.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question