Sujet Précédent Sujet Suivant

Aparition de Go inexpliqué

Résolu
Dzioum007 Messages postés 95 Statut Membre -  
Dzioum007 Messages postés 95 Statut Membre -
Bonjour, mon problème est le suivant: un jour en démarant mon pc, j'ai remarque que mon disque dur était anormalement rempli, c'est a dire que d'un jour a l'autre je me suis retrouver avec 40Go en plus dans mon disque dur.
J'ai donc cherchait ou était ces 40Go, et je les ai trouver dans mes programmes files, j'ai donc chercher le fichier et quand je l'ai trouvé, j'ai cherchait a l'intérieur les 40Go mais ils n'y étaient pas donc je ressort et je regarde sa taille et il ne fait plus que quelque Mo. Puis je remarque que c'est un autre dossier qui est passer a 40Go, je le vérifie aussi et idem rien, donc je reverifie sa taille et il ne fait plus que quelque Mo lui aussi.Puis ainsi de suite.
En résumer, j'ai 40Go qui se promené d'un fichier a un autre dans programmes files et ni mon anti-spyware ( AVG Anti-Spyware ) ni mon antivirus ( AntiVir PE Classic ) ni CCleaner n'arrivent a résoudre le problème.

Je compte sur vous pour me venir en aide.

merci.

17 réponses

Réponse 1 / 17
Dzioum007 Messages postés 95 Statut Membre
 
-----------\\ ToolBar S&D 1.1.8 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Quad CPU @ 2.40GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Rodrigues ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.18 (Activated)

"C:\ToolBar SD" ( MAJ : 07-09-2008|12:20 )
Option : [1] ( 11/09/2008| 1:17 )

[ UAC => 1 ]

-----------\\ Recherche de Fichiers / Dossiers ...

C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\WhenU

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fimg%2ffr%2ffr-fr%2fdivertissement%2fcelebrites%2fgalery%2fwentworth02.jpg%3f"
"SEARCH PAGE"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\Windows\\system32\\blank.htm"
"SearchMigratedDefaultURL"="https://search.yahoo.com/web{searchTerms}&ei=utf-8&fr=b1ie7"
"Search Bar"="http://www.bing.com/spresults.aspx"
"SearchAssistant"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"
"CustomizeSearch"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?gws_rd=ssl"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Bar"="http://www.bing.com/spresults.aspx"
"SearchAssistant"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"
"CustomizeSearch"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm"

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\RODRIG~1\AppData\Roaming\Azureus\torrents\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys [mininova]-3.torrent
C:\Users\RODRIG~1\AppData\Roaming\Azureus\torrents\[isoHunt] AV_Voice_Changer_Software_6.0.10_-_vLcB___keygen.3979529.TPB.torrent

[ UAC => 1 ]

1 - "C:\ToolBar SD\TB_1.txt" - 11/09/2008| 0:59 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 11/09/2008| 1:17 - Option : [1]

-----------\\ Fin du rapport a 1:17:27,25

1
Utilisateur anonyme
 
ok
lance l option 2
et colle le rapport
a+
-1
Réponse 2 / 17
Dzioum007 Messages postés 95 Statut Membre
 
T'a pas un autre truc a me conseille ?
1
Réponse 3 / 17
Dzioum007 Messages postés 95 Statut Membre
 
Qui pourrait voir si j'ai un virus ou trojan avec le rapport que j'ai fait :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:39:11, on 11/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\MarkAny\ContentSafer\MaAgent.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Valve\Steam\Steam.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Users\Rodrigues\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Rodrigues\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Azureus\Azureus.exe
C:\Windows\system32\conime.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\DllHost.exe
C:\Users\Rodrigues\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fimg%2ffr%2ffr-fr%2fdivertissement%2fcelebrites%2fgalery%2fwentworth02.jpg%3f
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLive.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLive.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLive.dll
O3 - Toolbar: (no name) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HerculesCamService] C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [EPSON Stylus DX5000 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE /FU "C:\Windows\TEMP\E_S9137.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus DX5000 Series (Copie 1)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE /FU "C:\Windows\TEMP\E_SCD6C.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: Outil de notification Live Search.lnk = C:\Users\Rodrigues\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: CabBuilder - http://ak.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\Windows\System32\appdrvrem01.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IntelDHSvcConf - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
-1
Utilisateur anonyme
 
bonsoir ou bonjour...
fait ceci
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
a+
-1
Réponse 4 / 17
Dzioum007 Messages postés 95 Statut Membre
 
-----------\\ ToolBar S&D 1.1.8 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Quad CPU @ 2.40GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Rodrigues ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.18 (Activated)

"C:\ToolBar SD" ( MAJ : 07-09-2008|12:20 )
Option : [2] ( 11/09/2008| 1:24 )

[ UAC => 1 ]

-----------\\ SUPPRESSION

Supprime! - C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\WhenU

-----------\\ Recherche de Fichiers / Dossiers ...

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fimg%2ffr%2ffr-fr%2fdivertissement%2fcelebrites%2fgalery%2fwentworth02.jpg%3f"
"SEARCH PAGE"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\Windows\\system32\\blank.htm"
"SearchMigratedDefaultURL"="https://search.yahoo.com/web{searchTerms}&ei=utf-8&fr=b1ie7"
"Search Bar"="http://www.bing.com/spresults.aspx"
"SearchAssistant"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"
"CustomizeSearch"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Bar"="http://www.bing.com/spresults.aspx"
"SearchAssistant"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"
"CustomizeSearch"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm"

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\RODRIG~1\AppData\Roaming\Azureus\torrents\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys [mininova]-3.torrent
C:\Users\RODRIG~1\AppData\Roaming\Azureus\torrents\[isoHunt] AV_Voice_Changer_Software_6.0.10_-_vLcB___keygen.3979529.TPB.torrent
C:\Users\RODRIG~1\AppData\Roaming\Microsoft\Office\Recent\Crack.LNK
C:\Users\RODRIG~1\AppData\Roaming\Microsoft\Windows\Recent\Crack.lnk

[ UAC => 1 ]

1 - "C:\ToolBar SD\TB_1.txt" - 11/09/2008| 0:59 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 11/09/2008| 1:17 - Option : [1]
3 - "C:\ToolBar SD\TB_3.txt" - 11/09/2008| 1:24 - Option : [2]

-----------\\ Fin du rapport a 1:24:41,62

-1
Utilisateur anonyme
 
refait 1 nouveau rapport hijackthis stp...
-1

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 17
Dzioum007 Messages postés 95 Statut Membre
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:43:16, on 11/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\MarkAny\ContentSafer\MaAgent.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Valve\Steam\Steam.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Users\Rodrigues\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Rodrigues\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Azureus\Azureus.exe
C:\Windows\system32\conime.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Users\Rodrigues\Desktop\Neko98.exe
C:\Users\Rodrigues\Desktop\NekoCFG.exe
C:\Users\Rodrigues\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fimg%2ffr%2ffr-fr%2fdivertissement%2fcelebrites%2fgalery%2fwentworth02.jpg%3f
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLive.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLive.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLive.dll
O3 - Toolbar: (no name) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HerculesCamService] C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [EPSON Stylus DX5000 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE /FU "C:\Windows\TEMP\E_S9137.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus DX5000 Series (Copie 1)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE /FU "C:\Windows\TEMP\E_SCD6C.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: Outil de notification Live Search.lnk = C:\Users\Rodrigues\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O16 - DPF: CabBuilder - http://ak.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\Windows\System32\appdrvrem01.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IntelDHSvcConf - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
-1
Utilisateur anonyme
 
ok... fait ceci
mais je suis fatigué et je te répondrai demain
car ce scan dure+ ou- 1 heure suivant ce que tu as sur ta machine...
pas le courage d attendre....
lance le et poste le rapport...
Fais un scan avec cet antispyware :

Telecharge malwarebytes + tutoriel :

-> https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

Tu l´instale; le programme va se mettre automatiquement a jour.

Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

Click maintenant sur l´onglet recherche et coche la case : "executer un examun complet".

Puis click sur "rechercher".

Laisse le scanner le pc...

Si des elements on ete trouvés > click sur supprimer la selection.

si il t´es demandé de redemarrer > click sur "yes".

A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.

Copie et colle le rapport stp.

a demain
-1
Réponse 6 / 17
Dzioum007 Messages postés 95 Statut Membre
 
( message temporaire )
Je vais me coucher aussi car je commence les cours dans 4h, et je reviens qu'a 19h.
J'essayerai donc de poster tout sa demain au alentour de 20h - 21h.
et merci pour ton aide.
-1
Réponse 7 / 17
Dzioum007 Messages postés 95 Statut Membre
 
J'ai un problème avec le logiciel, a la fin, quand je supprime, vista me dit qu'il a un problème et il me dit de le fermer. Que faire ?
-1
Utilisateur anonyme
 
clic DROIT sur l icone MAMet execute en tt qu administrateur...
si ca marche pas essaye en mode sssans echec...
a+
-1
Utilisateur anonyme
 
clic DROIT sur l icone MAMet execute en tt qu administrateur...
si ca marche pas essaye en mode sssans echec...
a+
-1
Réponse 8 / 17
Dzioum007 Messages postés 95 Statut Membre
 
J'ai essayer tes deux solution mais aucune n'a fonctionner. Tu n'as pas un autre logiciel ?
-1
Utilisateur anonyme
 
essaye ceci
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
-1
Réponse 9 / 17
Dzioum007 Messages postés 95 Statut Membre
 
Voila le rapport :

-----------\\ ToolBar S&D 1.1.8 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Quad CPU @ 2.40GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Rodrigues ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.18 (Activated)

"C:\ToolBar SD" ( MAJ : 07-09-2008|12:20 )
Option : [1] ( 15/09/2008|21:00 )

[ UAC => 1 ]

-----------\\ Recherche de Fichiers / Dossiers ...

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fimg%2ffr%2ffr-fr%2fdivertissement%2fcelebrites%2fgalery%2fwentworth02.jpg%3f"
"SEARCH PAGE"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\Windows\\system32\\blank.htm"
"SearchMigratedDefaultURL"="https://search.yahoo.com/web{searchTerms}&ei=utf-8&fr=b1ie7"
"Search Bar"="http://www.bing.com/spresults.aspx"
"SearchAssistant"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"
"CustomizeSearch"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Bar"="http://www.bing.com/spresults.aspx"
"SearchAssistant"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"
"CustomizeSearch"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm"

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\RODRIG~1\AppData\Roaming\Azureus\torrents\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys [mininova]-3.torrent
C:\Users\RODRIG~1\AppData\Roaming\Azureus\torrents\[isoHunt] AV_Voice_Changer_Software_6.0.10_-_vLcB___keygen.3979529.TPB.torrent
C:\Users\RODRIG~1\AppData\Roaming\Microsoft\Windows\Recent\Crack.lnk

[ UAC => 1 ]

1 - "C:\ToolBar SD\TB_1.txt" - 11/09/2008| 0:59 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 11/09/2008| 1:17 - Option : [1]
3 - "C:\ToolBar SD\TB_3.txt" - 11/09/2008| 1:24 - Option : [2]
4 - "C:\ToolBar SD\TB_4.txt" - 15/09/2008|21:00 - Option : [1]
5 - "C:\ToolBar SD\TB_5.txt" - 15/09/2008|21:01 - Option : [1]

-----------\\ Fin du rapport a 21:01:06,73

-1
Utilisateur anonyme
 
ok c est bien
lance l option 2 stp
et colle le rapport
a+
-1
Réponse 10 / 17
Dzioum007 Messages postés 95 Statut Membre
 
Voila le new rapport :

-----------\\ ToolBar S&D 1.1.8 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Quad CPU @ 2.40GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Rodrigues ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.18 (Activated)

"C:\ToolBar SD" ( MAJ : 07-09-2008|12:20 )
Option : [2] ( 15/09/2008|22:19 )

[ UAC => 1 ]

-----------\\ Recherche de Fichiers / Dossiers ...

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fimg%2ffr%2ffr-fr%2fdivertissement%2fcelebrites%2fgalery%2fwentworth02.jpg%3f"
"SEARCH PAGE"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\Windows\\system32\\blank.htm"
"SearchMigratedDefaultURL"="https://search.yahoo.com/web{searchTerms}&ei=utf-8&fr=b1ie7"
"Search Bar"="http://www.bing.com/spresults.aspx"
"SearchAssistant"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"
"CustomizeSearch"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Bar"="http://www.bing.com/spresults.aspx"
"SearchAssistant"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"
"CustomizeSearch"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm"

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\RODRIG~1\AppData\Roaming\Azureus\torrents\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys [mininova]-3.torrent
C:\Users\RODRIG~1\AppData\Roaming\Azureus\torrents\[isoHunt] AV_Voice_Changer_Software_6.0.10_-_vLcB___keygen.3979529.TPB.torrent
C:\Users\RODRIG~1\AppData\Roaming\Microsoft\Windows\Recent\Crack.lnk

[ UAC => 1 ]

1 - "C:\ToolBar SD\TB_1.txt" - 11/09/2008| 0:59 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 11/09/2008| 1:17 - Option : [1]
3 - "C:\ToolBar SD\TB_3.txt" - 11/09/2008| 1:24 - Option : [2]
4 - "C:\ToolBar SD\TB_4.txt" - 15/09/2008|21:00 - Option : [1]
5 - "C:\ToolBar SD\TB_5.txt" - 15/09/2008|21:01 - Option : [1]
6 - "C:\ToolBar SD\TB_6.txt" - 15/09/2008|21:15 - Option : [2]
7 - "C:\ToolBar SD\TB_7.txt" - 15/09/2008|22:20 - Option : [2]

-----------\\ Fin du rapport a 22:20:00,23
-1
Utilisateur anonyme
 
comment va ton pc?
-1
Réponse 11 / 17
Dzioum007 Messages postés 95 Statut Membre
 
C'est a dire ?
-1
Utilisateur anonyme
 
EXCUSE / ERREUR DE DESTINATION....
-1
Réponse 12 / 17
Dzioum007 Messages postés 95 Statut Membre
 
ok, et pour moi ? ^^
-1
Réponse 13 / 17
Dzioum007 Messages postés 95 Statut Membre
 
Je fait quoi maintenant ?
-1
Utilisateur anonyme
 
Télécharge SmitfraudFix (de de S!Ri, balltrap34 et moe31) :
http://siri.urz.free.fr/Fix/SmitfraudFix.exe ou http://www.geekstogo.com/forum/files/file/6-smitfraudfix/

- Enregistre-le sur le bureau

- Double-clique sur SmitfraudFix.exe et choisis l'option 1 puis Entrée

- Un rapport sera généré, poste-le dans ta prochaine réponse.

[*] process.exe est détecté par certains antivirus comme étant un risktool. Il ne s'agit pas d'un virus mais d'un utilitaire destiné à mettre fin à des processus.[*]

** Ne fais l'étape 2 que si on te le demande, on doit d'abord examiner le premier rapport de SmitfraudFix
-1
Réponse 14 / 17
Dzioum007 Messages postés 95 Statut Membre
 
Voila le rapport:

SmitFraudFix v2.352

Scan done at 0:58:04,99, 20/09/2008
Run from C:\Users\Rodrigues\Desktop\SmitfraudFix
OS: Microsoft Windows [version 6.0.6001] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Windows\system32\svchost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\cmd.exe
C:\Windows\system32\wbem\wmiprvse.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows

»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system32\LogFiles

»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\Rodrigues

»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\Rodrigues\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Start Menu

»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\RODRIG~1\FAVORI~1

»»»»»»»»»»»»»»»»»»»»»»»» Desktop

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys

»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, following keys are not inevitably infected!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, following keys are not inevitably infected!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, following keys are not inevitably infected!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix
!!!Attention, following keys are not inevitably infected!!!

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
"LoadAppInit_DLLs"=dword:00000000

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\Windows\\system32\\userinit.exe,"

»»»»»»»»»»»»»»»»»»»»»»»» RK

»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{714546E9-3DFF-4886-B2FB-3471DE1B3D88}: DhcpNameServer=212.27.40.240 212.27.40.241
HKLM\SYSTEM\CS1\Services\Tcpip\..\{714546E9-3DFF-4886-B2FB-3471DE1B3D88}: DhcpNameServer=212.27.40.240 212.27.40.241
HKLM\SYSTEM\CS2\Services\Tcpip\..\{714546E9-3DFF-4886-B2FB-3471DE1B3D88}: DhcpNameServer=212.27.40.240 212.27.40.241
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.240 212.27.40.241
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.240 212.27.40.241
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.240 212.27.40.241

»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection

»»»»»»»»»»»»»»»»»»»»»»»» End
-1
Utilisateur anonyme
 
ok
---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

/!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\

---> Double-clique sur Combofix.exe
Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
Accepte en cliquant sur "Oui"

---> Mets-le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.

/!\ Ne touche à rien tant que le scan n'est pas terminé. /!\

En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

/!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

Note : Le rapport se trouve également là : C:\ComboFix.txt
-1
Réponse 15 / 17
Dzioum007 Messages postés 95 Statut Membre
 
Le voici le voila :

ComboFix 08-09-20.02 - Rodrigues 2008-09-20 21:23:33.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1139 [GMT 2:00]
Lancé depuis: C:\Users\Rodrigues\Desktop\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\system32\x64

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-20 au 2008-09-20 ))))))))))))))))))))))))))))))))))))
.

2008-09-20 00:58 . 2008-09-20 00:58 4,978 --a------ C:\Windows\System32\tmp.reg
2008-09-20 00:57 . 2007-09-06 00:22 289,144 --a------ C:\Windows\System32\VCCLSID.exe
2008-09-20 00:57 . 2006-04-27 17:49 288,417 --a------ C:\Windows\System32\SrchSTS.exe
2008-09-20 00:57 . 2008-09-08 23:38 88,576 --a------ C:\Windows\System32\AntiXPVSTFix.exe
2008-09-20 00:57 . 2008-09-02 16:51 86,528 --a------ C:\Windows\System32\VACFix.exe
2008-09-20 00:57 . 2008-05-18 21:40 82,944 --a------ C:\Windows\System32\IEDFix.exe
2008-09-20 00:57 . 2008-09-19 12:26 82,944 --a------ C:\Windows\System32\IEDFix.C.exe
2008-09-20 00:57 . 2008-08-18 12:19 82,432 --a------ C:\Windows\System32\404Fix.exe
2008-09-20 00:57 . 2003-06-05 21:13 53,248 --a------ C:\Windows\System32\Process.exe
2008-09-20 00:57 . 2004-07-31 18:50 51,200 --a------ C:\Windows\System32\dumphive.exe
2008-09-20 00:57 . 2007-10-04 00:36 25,600 --a------ C:\Windows\System32\WS2Fix.exe
2008-09-20 00:47 . 2008-09-20 00:47 204,929,072 --a------ C:\Windows\MEMORY.DMP
2008-09-18 20:55 . 2008-09-18 20:55 <REP> d-------- C:\Users\All Users\Macromedia
2008-09-18 20:54 . 2008-09-18 20:55 <REP> d-------- C:\Program Files\Macromedia
2008-09-18 20:54 . 2008-09-18 20:59 <REP> d-------- C:\Program Files\Common Files\Macromedia
2008-09-18 07:45 . 2008-07-19 07:09 1,811,656 --a------ C:\Windows\System32\wuaueng.dll
2008-09-18 07:45 . 2008-07-19 05:44 1,524,736 --a------ C:\Windows\System32\wucltux.dll
2008-09-18 07:45 . 2008-07-19 07:10 53,448 --a------ C:\Windows\System32\wuauclt.exe
2008-09-18 07:45 . 2008-07-19 07:10 45,768 --a------ C:\Windows\System32\wups2.dll
2008-09-18 07:44 . 2008-07-19 07:09 563,912 --a------ C:\Windows\System32\wuapi.dll
2008-09-18 07:44 . 2008-07-18 22:08 163,904 --a------ C:\Windows\System32\wuwebv.dll
2008-09-18 07:44 . 2008-07-19 05:44 83,456 --a------ C:\Windows\System32\wudriver.dll
2008-09-18 07:44 . 2008-07-19 07:10 36,552 --a------ C:\Windows\System32\wups.dll
2008-09-18 07:44 . 2008-07-18 20:44 31,232 --a------ C:\Windows\System32\wuapp.exe
2008-09-15 23:06 . 2008-09-15 23:06 <REP> d-------- C:\Program Files\PPMate
2008-09-12 01:25 . 2008-09-12 01:25 <REP> d-------- C:\Program Files\Microsoft Silverlight
2008-09-11 18:42 . 2008-09-11 18:42 <REP> d-------- C:\Users\Rodrigues\AppData\Roaming\Malwarebytes
2008-09-11 18:42 . 2008-09-11 18:42 <REP> d-------- C:\Users\All Users\Malwarebytes
2008-09-11 18:42 . 2008-09-11 18:42 <REP> d-------- C:\ProgramData\Malwarebytes
2008-09-11 00:57 . 2008-09-15 22:20 <REP> d-------- C:\ToolBar SD
2008-09-10 18:04 . 2008-07-31 03:13 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-09-10 18:04 . 2008-08-02 03:01 625,152 --a------ C:\Windows\System32\drivers\dxgkrnl.sys
2008-09-10 18:04 . 2008-06-26 05:29 565,248 --a------ C:\Windows\System32\emdmgmt.dll
2008-09-10 18:04 . 2008-06-26 05:29 303,616 --a------ C:\Windows\System32\wmpeffects.dll
2008-09-10 18:04 . 2008-05-08 21:21 211,968 --a------ C:\Windows\System32\drivers\mrxsmb10.sys
2008-09-10 18:04 . 2008-05-20 04:07 148,480 --a------ C:\Windows\System32\drivers\nwifi.sys
2008-09-10 18:04 . 2008-06-26 05:29 45,056 --a------ C:\Windows\System32\dataclen.dll
2008-09-10 18:04 . 2008-08-02 05:26 36,864 --a------ C:\Windows\System32\cdd.dll
2008-09-10 18:04 . 2008-07-31 05:32 28,160 --a------ C:\Windows\System32\Apphlpdm.dll
2008-09-10 16:06 . 2008-09-10 16:06 <REP> d-------- C:\Program Files\Lavasoft
2008-09-10 16:05 . 2008-09-10 16:05 <REP> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-09-06 12:36 . 1998-07-09 20:41 217,088 --a------ C:\Windows\System32\skjpeg40.dll
2008-09-06 12:36 . 1998-03-04 11:40 83,968 --a------ C:\Windows\System32\Skbase40.dll
2008-09-06 12:36 . 2004-03-09 11:39 8,704 --a------ C:\Windows\System32\vidccleaner.exe
2008-09-01 03:04 . 2008-07-16 03:32 2,048 --a------ C:\Windows\System32\tzres.dll
2008-08-31 11:13 . 2008-06-27 03:55 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
2008-08-31 11:13 . 2008-06-27 06:15 827,392 --a------ C:\Windows\System32\wininet.dll
2008-08-31 11:13 . 2008-06-19 05:31 361,984 --a------ C:\Windows\System32\IPSECSVC.DLL
2008-08-31 11:13 . 2008-04-18 07:48 269,312 --a------ C:\Windows\System32\es.dll
2008-08-31 11:12 . 2008-04-10 07:12 738,304 --a------ C:\Windows\System32\inetcomm.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-20 19:26 --------- d-----w C:\Users\Rodrigues\AppData\Roaming\Azureus
2008-09-20 19:20 --------- d-----w C:\Users\Rodrigues\AppData\Roaming\Pro Cycling Manager 2008
2008-09-20 18:39 --------- d-----w C:\Users\Rodrigues\AppData\Roaming\Skype
2008-09-20 17:45 --------- d-----w C:\Program Files\Warcraft III
2008-09-20 14:46 --------- d-----w C:\Users\Rodrigues\AppData\Roaming\LimeWire
2008-09-20 14:08 --------- d-----w C:\Users\Rodrigues\AppData\Roaming\skypePM
2008-09-16 19:53 --------- d-----w C:\Users\Rodrigues\AppData\Roaming\teamspeak2
2008-09-16 13:52 --------- d-----w C:\Program Files\Common Files\Steam
2008-09-11 18:26 --------- d-----w C:\Program Files\Live_TV
2008-09-11 00:05 --------- d-----w C:\ProgramData\Microsoft Help
2008-09-11 00:03 --------- d-----w C:\Program Files\Microsoft Works
2008-09-10 14:06 --------- d-----w C:\ProgramData\Lavasoft
2008-09-06 20:27 --------- d-----w C:\Program Files\Metin2_France
2008-09-06 10:36 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-06 10:36 --------- d-----w C:\Program Files\Samsung
2008-09-06 10:35 --------- d-----w C:\Program Files\XviD
2008-09-01 02:03 --------- d-----w C:\Program Files\Windows Mail
2008-08-30 10:53 --------- d-----w C:\Program Files\Java
2008-07-31 10:13 --------- d-----w C:\Program Files\Sega
2008-07-31 03:32 460,288 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-31 03:32 2,154,496 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-31 03:32 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-07-29 13:14 --------- d-----w C:\Program Files\MSN Messenger
2008-07-27 14:15 --------- d-----w C:\ProgramData\WindowsSearch
2008-07-19 00:52 304,528 ----a-w C:\Windows\System32\appdrvrem01.exe
2008-07-18 18:39 587,264 ----a-w C:\Windows\WLXPGSS.SCR
2008-07-10 16:45 56 ---ha-w C:\Users\All Users\ezsidmv.dat
2008-07-10 16:45 56 ---ha-w C:\ProgramData\ezsidmv.dat
2008-06-29 07:51 174 --sha-w C:\Program Files\desktop.ini
2008-06-28 11:06 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-06-28 11:06 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-06-26 03:29 801,280 ----a-w C:\Windows\System32\NaturalLanguage6.dll
2008-06-26 01:45 2,644,480 ----a-w C:\Windows\System32\NlsLexicons0009.dll
2008-06-26 01:45 12,240,896 ----a-w C:\Windows\System32\NlsLexicons0007.dll
2008-06-24 07:26 1,352 ----a-w C:\Users\Rodrigues\AppData\Roaming\wklnhst.dat
2008-01-03 11:22 55,296 ----a-w C:\Windows\inf\USBSTOR.SYS
2008-01-02 22:21 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-01-02 22:21 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-01-02 22:21 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
2006-05-03 09:06 163,328 --sha-r C:\Windows\System32\flvDX.dll
2007-02-21 10:47 31,232 --sha-r C:\Windows\System32\msfDX.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"Acer Tour Reminder"="C:\Acer\AcerTour\Reminder.exe" [2007-02-15 151552]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2008-03-07 5724184]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 125952]
"Steam"="c:\program files\valve\steam\steam.exe" [2008-03-28 1271032]
"EPSON Stylus DX5000 Series"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE" [2006-09-22 139264]
"EPSON Stylus DX5000 Series (Copie 1)"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE" [2006-09-22 139264]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-05-16 213936]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-06-03 21718312]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCUTRAYICON"="FactoryMode" [X]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-09-29 151552]
"Acer Empowering Technology Monitor"="C:\Acer\Empowering Technology\SysMonitor.exe" [2007-01-24 319488]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-07 464168]
"NMSSupport"="C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" [2006-09-26 423424]
"WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"Acer Tour Reminder"="C:\Acer\AcerTour\Reminder.exe" [2007-02-15 151552]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-01-03 185896]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-17 266497]
"SMSTray"="C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-02-23 126976]
"MAAgent"="C:\Program Files\MarkAny\ContentSafer\MAAgent.exe" [2007-01-30 57344]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-05-03 13535776]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2008-05-03 92704]
"HerculesCamService"="C:\Program Files\Hercules\Hercules DualPix HD Webcam\CamService.exe" [2007-02-26 102400]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 157592]
"RtHDVCpl"="RtHDVCpl.exe" [2007-02-15 C:\Windows\RtHDVCpl.exe]

C:\Users\Rodrigues\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Outil de notification Live Search.lnk - C:\Users\Rodrigues\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe [2008-06-06 152616]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2007-04-03 528384]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"= "C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL" [2004-11-23 192512]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{722D1D9F-5885-4D78-9DA5-2079562B23C7}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{BE342372-9CEB-4827-80F2-75D04B42BCD6}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{E6316576-679F-4665-9D38-E34D3DFC70A6}"= C:\Program Files\Acer Zone\Acer Zone Main Page\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite
"{34B087DC-CD9D-44C6-B626-3F79DC528461}"= C:\Program Files\Acer Zone\Acer Picture Slide DVD\Component\CLSLDVD.exe:Cyberlink Picture Slide DVD workprocess
"{AE078BE2-6F15-4D46-9C88-57063ADCD039}"= C:\Program Files\Acer Zone\Acer Plug and Record\Component\ARAWP.exe:Cyberlink Plug and Record ARA workprocess
"{A0645421-8520-4699-BD1C-254AAC4ACF0C}"= C:\Program Files\Acer Zone\Acer Plug and Record\Component\DVAX2Process.exe:Cyberlink Plug and Record AVAX workprocess
"{618F33FF-F4A9-4522-917A-1EB7AF18EE44}"= UDP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM
"{AD33046A-A52C-4809-B533-BCAABFAF3874}"= TCP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM
"{9B83A768-CE1A-40DE-9FF9-BDBA88CF85F4}"= UDP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel(R) Remoting Service
"{E75DC615-CE0E-43E3-8D4D-7862A0920910}"= TCP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel(R) Remoting Service
"{A4C0C1E1-0ADC-44EA-A968-3FA0B112A8B8}"= UDP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel(R) Viiv(TM) Media Server
"{F0E69C43-2320-4FC0-9134-3984ED45D970}"= TCP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel(R) Viiv(TM) Media Server
"{F6219B3C-F4E1-4C8A-817F-A479539B367B}"= TCP:Profile=Private|Profile=Public|9442:127.0.0.1:Intel(R) Viiv(TM) Media Server Discovery
"{A1CD5500-34D1-4475-A266-A2E26AA8BE5F}"= TCP:Profile=Private|Profile=Public|1900:LocalSubnet:LocalSubnet:Intel(R) Viiv(TM) Media Server UPnP Discovery
"{A7D6510C-F244-45D5-AFD8-BCC2B659257F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{D29C4C9A-2F10-4922-839D-AB5E487A2544}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{157E9D00-6AE3-4DB9-A29C-2EC3F61B8797}C:\\program files\\valve\\steam\\steamapps\\rodrigues_07\\condition zero\\hl.exe"= UDP:C:\program files\valve\steam\steamapps\rodrigues_07\condition zero\hl.exe:Half-Life Launcher
"UDP Query User{BB4C6F7A-66A8-40A7-9769-05EF15EA62C4}C:\\program files\\valve\\steam\\steamapps\\rodrigues_07\\condition zero\\hl.exe"= TCP:C:\program files\valve\steam\steamapps\rodrigues_07\condition zero\hl.exe:Half-Life Launcher
"TCP Query User{31598359-8CB5-4200-9254-A854AAE40FFE}C:\\program files\\metin2_france\\metin2.bin"= UDP:C:\program files\metin2_france\metin2.bin:metin2.bin
"UDP Query User{0D4EB771-A172-4C59-BBF7-C8856A01A5A9}C:\\program files\\metin2_france\\metin2.bin"= TCP:C:\program files\metin2_france\metin2.bin:metin2.bin
"TCP Query User{4B05FE25-5573-486D-803C-E56251E08084}C:\\program files\\valve\\steam\\steamapps\\rodrigues_07\\counter-strike\\hl.exe"= UDP:C:\program files\valve\steam\steamapps\rodrigues_07\counter-strike\hl.exe:Half-Life Launcher
"UDP Query User{936429B1-2338-43D0-BB33-869AA69C3F16}C:\\program files\\valve\\steam\\steamapps\\rodrigues_07\\counter-strike\\hl.exe"= TCP:C:\program files\valve\steam\steamapps\rodrigues_07\counter-strike\hl.exe:Half-Life Launcher
"TCP Query User{B3689C71-CD4C-4F05-A34D-973594ED5A6E}C:\\program files\\tvants\\tvants.exe"= UDP:C:\program files\tvants\tvants.exe:TVAnts
"UDP Query User{9C9FEAB8-25A2-4574-9D4D-7947DAE854E6}C:\\program files\\tvants\\tvants.exe"= TCP:C:\program files\tvants\tvants.exe:TVAnts
"TCP Query User{2EF20671-6D49-4D02-94A5-2F77AF1EF447}C:\\program files\\videolan\\vlc\\vlc.exe"= UDP:C:\program files\videolan\vlc\vlc.exe:VLC media player
"UDP Query User{7C10AC04-6F4E-4EF3-BE0F-32794C7F7518}C:\\program files\\videolan\\vlc\\vlc.exe"= TCP:C:\program files\videolan\vlc\vlc.exe:VLC media player
"TCP Query User{071F3CF9-048F-477C-AFEE-8F808A3BD63B}C:\\program files\\limewire\\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{613E0EC6-0BEE-42A3-8F5E-49DAB6E91878}C:\\program files\\limewire\\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire
"TCP Query User{5134990D-B7F7-47C2-B98D-BA02EA88E5E3}C:\\program files\\valve\\steam\\steamapps\\rodrigues_07\\day of defeat\\hl.exe"= UDP:C:\program files\valve\steam\steamapps\rodrigues_07\day of defeat\hl.exe:Half-Life Launcher
"UDP Query User{29C152A3-258F-46B1-8C3A-F9609051EAA6}C:\\program files\\valve\\steam\\steamapps\\rodrigues_07\\day of defeat\\hl.exe"= TCP:C:\program files\valve\steam\steamapps\rodrigues_07\day of defeat\hl.exe:Half-Life Launcher
"TCP Query User{043168B7-25F2-4B13-8B87-F5CE6355CFE6}C:\\program files\\mozilla firefox\\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{A9BE8FD6-AE1B-4EA9-B5F9-352287F3FC1C}C:\\program files\\mozilla firefox\\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{B6ADC838-F32B-4DDD-8D21-9743DF8C0208}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
"UDP Query User{29D29B37-61D5-45FC-A2E5-4821C1224F88}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus
"TCP Query User{E49862DC-9E5C-4D6B-BAC3-F7C237391C69}C:\\program files\\ppmate\\ppamnet.exe"= UDP:C:\program files\ppmate\ppamnet.exe:ppmnet Module
"UDP Query User{7460AE4F-B0F0-49C5-8502-CADF0DA44127}C:\\program files\\ppmate\\ppamnet.exe"= TCP:C:\program files\ppmate\ppamnet.exe:ppmnet Module
"TCP Query User{CF6CA8C4-9929-4F29-A8A9-0F7268EAE173}C:\\program files\\amsn\\bin\\wish.exe"= UDP:C:\program files\amsn\bin\wish.exe:Wish Application
"UDP Query User{F4E53ED1-5E39-40B3-8638-B912C9127905}C:\\program files\\amsn\\bin\\wish.exe"= TCP:C:\program files\amsn\bin\wish.exe:Wish Application
"TCP Query User{B5710EC5-21D0-4F0D-9B74-C13EEE4F22DF}C:\\program files\\sopcast\\sopcast.exe"= UDP:C:\program files\sopcast\sopcast.exe:SopCast Main Application
"UDP Query User{8030AAD3-CE2E-4257-9301-BCEE3207D41D}C:\\program files\\sopcast\\sopcast.exe"= TCP:C:\program files\sopcast\sopcast.exe:SopCast Main Application
"TCP Query User{85194828-3B89-43E8-9A08-F59371A3E800}C:\\program files\\sopcast\\adv\\sopadver.exe"= UDP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"UDP Query User{C3926488-0746-4F34-A6F1-BADB8C0D060C}C:\\program files\\sopcast\\adv\\sopadver.exe"= TCP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"TCP Query User{FF658B37-0E38-4185-8EEF-EEB5CE89D858}C:\\program files\\freeplayer\\vlc\\vlc.exe"= UDP:C:\program files\freeplayer\vlc\vlc.exe:VLC media player
"UDP Query User{97DED3F8-DEC3-4F9C-8C3A-C43067163608}C:\\program files\\freeplayer\\vlc\\vlc.exe"= TCP:C:\program files\freeplayer\vlc\vlc.exe:VLC media player
"TCP Query User{A503081D-9945-42B9-8FFF-2B9A8238F235}C:\\program files\\codemasters\\worms 4 mayhem online demo\\worms 4 mayhem online demo.exe"= UDP:C:\program files\codemasters\worms 4 mayhem online demo\worms 4 mayhem online demo.exe:Worms 4 Mayhem
"UDP Query User{B7A37111-0314-4B7C-88DC-8270EA98BC08}C:\\program files\\codemasters\\worms 4 mayhem online demo\\worms 4 mayhem online demo.exe"= TCP:C:\program files\codemasters\worms 4 mayhem online demo\worms 4 mayhem online demo.exe:Worms 4 Mayhem
"TCP Query User{A42C1650-5E51-4DEB-AC3F-369ED01F190E}C:\\wow\\world of warcraft\\wow-2.3.0-frfr-downloader.exe"= UDP:C:\wow\world of warcraft\wow-2.3.0-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{FADBC58A-61FE-4F82-8E49-77810F3273A7}C:\\wow\\world of warcraft\\wow-2.3.0-frfr-downloader.exe"= TCP:C:\wow\world of warcraft\wow-2.3.0-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{28AB860B-8774-4938-B153-D01E2266BF94}C:\\wow\\world of warcraft\\backgrounddownloader.exe"= UDP:C:\wow\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"UDP Query User{52CA018F-FB9A-461C-B8A3-2AF0439EE7AB}C:\\wow\\world of warcraft\\backgrounddownloader.exe"= TCP:C:\wow\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"TCP Query User{EA521314-76DC-4485-9977-A7B865240772}C:\\program files\\trackmania nations eswc\\tmnationseswc.exe"= UDP:C:\program files\trackmania nations eswc\tmnationseswc.exe:TmNationsESWC
"UDP Query User{CD09E4A6-B99D-4AE8-8402-CC692D5FA8D0}C:\\program files\\trackmania nations eswc\\tmnationseswc.exe"= TCP:C:\program files\trackmania nations eswc\tmnationseswc.exe:TmNationsESWC
"TCP Query User{C9CAEE8E-B8BB-44E9-A0E8-5B1A33B2C05E}C:\\program files\\valve\\steam\\steamapps\\rodrigues_07\\counter-strike\\hl.exe"= UDP:C:\program files\valve\steam\steamapps\rodrigues_07\counter-strike\hl.exe:Half-Life Launcher
"UDP Query User{6F26EA5A-E7E4-4F03-B7B6-262F25BABF6E}C:\\program files\\valve\\steam\\steamapps\\rodrigues_07\\counter-strike\\hl.exe"= TCP:C:\program files\valve\steam\steamapps\rodrigues_07\counter-strike\hl.exe:Half-Life Launcher
"TCP Query User{8A238448-1B01-44F2-AA6D-5A177635C36B}C:\\program files\\sopcast\\adv\\sopadver.exe"= UDP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"UDP Query User{67ECD7AE-3A1D-41EF-A648-7EC67A19A121}C:\\program files\\sopcast\\adv\\sopadver.exe"= TCP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"TCP Query User{04950AC7-82F7-4BC8-8AD9-9777D24DFBA9}C:\\program files\\sopcast\\sopcast.exe"= UDP:C:\program files\sopcast\sopcast.exe:SopCast Main Application
"UDP Query User{AB1D2EA0-F90C-4DBF-9D3A-6A301F25CB5F}C:\\program files\\sopcast\\sopcast.exe"= TCP:C:\program files\sopcast\sopcast.exe:SopCast Main Application
"TCP Query User{D55BC140-5D47-44A5-86C3-515B3B88AAB2}C:\\program files\\videolan\\vlc\\vlc.exe"= UDP:C:\program files\videolan\vlc\vlc.exe:VLC media player
"UDP Query User{6C2E855B-C8DA-4AA1-BF6F-A58A692743E6}C:\\program files\\videolan\\vlc\\vlc.exe"= TCP:C:\program files\videolan\vlc\vlc.exe:VLC media player
"TCP Query User{0CE50A3B-6999-426F-A28B-1AACBA9669CF}C:\\wow\\world of warcraft\\backgrounddownloader.exe"= UDP:C:\wow\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"UDP Query User{080DA9C4-89B4-4D85-92BF-CAD6F6051641}C:\\wow\\world of warcraft\\backgrounddownloader.exe"= TCP:C:\wow\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"TCP Query User{AE484D99-DF8C-4A04-AD2F-A5989175F116}C:\\program files\\trackmania nations eswc\\tmnationseswc.exe"= UDP:C:\program files\trackmania nations eswc\tmnationseswc.exe:TmNationsESWC
"UDP Query User{891D3A34-BE20-4054-B7FF-6FE8BBBED187}C:\\program files\\trackmania nations eswc\\tmnationseswc.exe"= TCP:C:\program files\trackmania nations eswc\tmnationseswc.exe:TmNationsESWC
"TCP Query User{6A0CA935-AEFC-4253-8A7E-B824E9195800}C:\\program files\\capcom\\lost_planet_trial_dx10\\lostplanetdx10.exe"= UDP:C:\program files\capcom\lost_planet_trial_dx10\lostplanetdx10.exe:LostPlanetDX10
"UDP Query User{CA07CF2B-980D-408E-93D1-3C452359B8BF}C:\\program files\\capcom\\lost_planet_trial_dx10\\lostplanetdx10.exe"= TCP:C:\program files\capcom\lost_planet_trial_dx10\lostplanetdx10.exe:LostPlanetDX10
"TCP Query User{F657AB99-D27F-4A09-A76A-63EAC578FC39}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
"UDP Query User{0AA7E35E-F432-4C5D-B1BB-6C29A795D752}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus
"TCP Query User{5D6F0E7B-1B17-40B6-A04A-4DB927D2ABF1}C:\\program files\\limewire\\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{12BE849F-211F-4C3A-BCD9-A8AAB549084F}C:\\program files\\limewire\\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire
"TCP Query User{73B8488F-C2C3-455B-A60E-143D5E9DD1D0}C:\\program files\\trackmania united\\tmunited.exe"= UDP:C:\program files\trackmania united\tmunited.exe:TmUnited
"UDP Query User{181BE927-92F7-448D-9DDD-CC5919091BB0}C:\\program files\\trackmania united\\tmunited.exe"= TCP:C:\program files\trackmania united\tmunited.exe:TmUnited
"TCP Query User{17A824D0-C4B0-483E-8965-C9722510AE01}C:\\program files\\valve\\steam\\steamapps\\kevincss255\\day of defeat source\\hl2.exe"= UDP:C:\program files\valve\steam\steamapps\kevincss255\day of defeat source\hl2.exe:hl2
"UDP Query User{55CCE815-891B-4AB7-B557-D17EA0E94773}C:\\program files\\valve\\steam\\steamapps\\kevincss255\\day of defeat source\\hl2.exe"= TCP:C:\program files\valve\steam\steamapps\kevincss255\day of defeat source\hl2.exe:hl2
"TCP Query User{868A851B-9621-490A-ABE5-1326BD52FA5B}C:\\program files\\valve\\steam\\steamapps\\rodrigues_07\\day of defeat\\hl.exe"= UDP:C:\program files\valve\steam\steamapps\rodrigues_07\day of defeat\hl.exe:Half-Life Launcher
"UDP Query User{A5B8C52C-09FC-41CC-B872-4F64F1DFBA69}C:\\program files\\valve\\steam\\steamapps\\rodrigues_07\\day of defeat\\hl.exe"= TCP:C:\program files\valve\steam\steamapps\rodrigues_07\day of defeat\hl.exe:Half-Life Launcher
"TCP Query User{2241811F-C499-4AB3-9054-0CF16BA82C19}C:\\program files\\valve\\steam\\steamapps\\kevincss255\\counter-strike source\\hl2.exe"= UDP:C:\program files\valve\steam\steamapps\kevincss255\counter-strike source\hl2.exe:hl2
"UDP Query User{4BF1E944-B1DA-4B93-852A-DBE3192EA649}C:\\program files\\valve\\steam\\steamapps\\kevincss255\\counter-strike source\\hl2.exe"= TCP:C:\program files\valve\steam\steamapps\kevincss255\counter-strike source\hl2.exe:hl2
"TCP Query User{329BD2D7-7E95-4258-BDFD-5B8A938AF835}C:\\program files\\mozilla firefox\\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{A3DB39E0-CC78-4E4F-BAFC-DF5C816C8660}C:\\program files\\mozilla firefox\\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{CA0DA8B1-61EC-47BB-B02A-9B45000D5DC8}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{C923EC28-F649-42AD-B0DA-4CF35FC0935E}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"TCP Query User{94E92819-7E4B-4E4A-BE35-75DFBD7C0EEF}C:\\program files\\ppmate\\ppamnet.exe"= UDP:C:\program files\ppmate\ppamnet.exe:ppmnet Module
"UDP Query User{039FCD3A-A2E6-4369-8CA6-1BAB2E141232}C:\\program files\\ppmate\\ppamnet.exe"= TCP:C:\program files\ppmate\ppamnet.exe:ppmnet Module
"TCP Query User{D060FFCB-54F4-41D5-B49D-76A115796FE4}C:\\program files\\microsoft games\\age of empires ii\\empires2.icd"= UDP:C:\program files\microsoft games\age of empires ii\empires2.icd:Age of Empires II
"UDP Query User{DA44A0C3-AC00-4D22-BE6A-B544FB1460D2}C:\\program files\\microsoft games\\age of empires ii\\empires2.icd"= TCP:C:\program files\microsoft games\age of empires ii\empires2.icd:Age of Empires II
"TCP Query User{6BD28C24-A27C-49F0-83D3-4EA7495938F4}C:\\program files\\metin2_france\\metin2.bin"= UDP:C:\program files\metin2_france\metin2.bin:metin2.bin
"UDP Query User{66FB8797-D592-484C-A0DE-A7051BCDF38A}C:\\program files\\metin2_france\\metin2.bin"= TCP:C:\program files\metin2_france\metin2.bin:metin2.bin
"{EACF1A00-5308-44A0-B906-F6BF3766FE94}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{B88AE87E-073E-4D11-B933-6E7663FA5838}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{0A095283-8F8E-42A9-94EA-676823B26798}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{4032FCEB-6742-45B8-97E8-E4BABEEC0302}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{BFACF71F-4B12-4028-AE67-7F58D38E8043}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{912524F9-1EC7-4FFD-9369-4671178BBE19}"= UDP:C:\Windows\System32\muzapp.exe:MUZ AOD APP player
"{3B48CC83-0F33-4ED1-A0B8-8286C505E57B}"= TCP:C:\Windows\System32\muzapp.exe:MUZ AOD APP player
"{BEA65BF9-25FE-4629-B0AD-1429131F98AF}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

"{36030524-BF03-4A05-9796-1A7E0450E62D}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{2B4906D9-A113-44F3-A46E-40AABD3E58FF}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{6FED68E3-C206-4515-B887-A2C700007CA2}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{A997F99D-6407-4099-8FA8-66671014C7EF}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{17F2CA77-CDDA-4D08-9AF1-4904BDAF72F0}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{37B7B2DF-7404-427C-BC15-D650307B2AB0}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{5D5F951E-9193-4491-A710-208586E22421}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{25D495EF-343F-4536-8111-90936FC111BC}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{EED37E02-78E6-4BBB-AFEB-D893255C63D3}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{99922522-EEE9-447D-A6D2-43A7F51F8C30}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{0126DB37-06E2-4952-A15C-91362BAAABF5}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{A02FB657-DCA8-4023-820D-540EB9C1DC9F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{1C91C56C-8F3F-4CFC-A253-B2B975F73B34}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{AA6DD9F7-517B-4CAD-A2B9-5C353ED1FE93}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{C183603E-9F91-4DB3-AD71-B29E2C1F15C9}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{B3E35294-BB79-4CCC-97C5-235D9D27CD3A}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{FBEDDD6E-4919-408D-8D81-5DC16EAB5ED7}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{1E4BEB2D-4199-43BA-80A1-1DFEFDAA9356}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{6EDE2EC4-BCC2-492D-8085-91D93BC73541}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{4C5292A8-53FE-4E44-ACB3-57A02A49D657}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{CD5ACB24-953F-444D-9794-0E47409B0D71}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{6BD3FD79-9C97-4BAC-8F30-5802667143E2}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{12222371-7591-40C7-B729-187280B509E6}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{F0FDF40B-9A58-4698-AA0E-421A75016A3F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{618F25AF-114E-40DE-96C9-BE157B5FE889}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{60E7934B-E801-4F4C-A4FD-A85F3DE5F60F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{80FBADF5-C54E-434B-B733-FC5BBC022C6E}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{2DC0004F-C8D9-4CF3-A0A8-F04097BD9FA9}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{FA348D85-0BEF-4CC2-9C33-8971975EFD4E}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{3D3ECB54-AF7B-4AA3-A770-530D565F874E}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{66D8D5A5-90EE-4F91-B6ED-7CA7B3CC6EFA}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{859CCB32-46FA-42C0-A085-41CF64950864}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{A7390634-7BE8-4E14-BD67-96016B271440}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{806B650E-358A-46E7-B0F4-924DA251D535}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{54FD5A3A-EE0B-4AD5-A41A-99B5457EF5A4}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{9F85E36E-A012-46C5-81AA-59977D9BCD43}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{3A06E4BD-E78B-4797-A86D-A31ACEA9498C}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{00E03A48-78F2-4A9D-8DCE-F29398B3C3F8}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{A54D5D35-5A99-4402-A5AA-6D343E0FC4E0}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{8C9C30BD-9A18-447F-80B4-2370E12C744C}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{3BCAA1E9-37E7-4094-B83F-01E46F1DE4C5}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{8EDD9DC2-CD1D-45A6-B1C1-8A150BF6EF22}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{562EC3EB-13CB-4362-8D86-5F2533463B57}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{75FFCAF8-1B19-4992-AB41-FE383E42DBCD}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{D8203F72-42FA-42DA-801A-CA2F9ACFB1BB}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{5D10A947-A0A3-41C4-A889-EFBF3B9BEA65}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{DD065B63-EBA0-41C4-BC1E-3159C592A0A8}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{46DF6D6E-0EF7-4BFB-8F34-2EC408544156}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{B484E9DB-FC2A-4D7E-95D5-01086A0CDDA4}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{DA5AC8EF-B2D5-4C45-8205-88701AACFBB9}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{E451E66B-3F5D-4D73-B2DC-2C560550A0F0}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{D9E6B29B-403C-4069-9575-98EC771D6AF2}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{D27ECEE4-3E4F-48B3-B8EB-10B11DF3D281}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{1084262C-57C7-404C-BE80-AB6EAB25C427}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{376DC367-113E-4E66-B664-421D23C40DE3}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{7E90ADCE-3B84-43A2-A1F7-1FEF9CD84A94}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{B3FE23CC-CFD7-499C-AE04-586A676D1EEF}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{84CF2216-1E63-48A9-9E54-A403348B523B}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{750B0DBB-372E-48C0-A043-A186BAD8A7FF}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{646297E7-7815-489F-B1F7-B789A3B4C5EE}C:\\program files\\hercules\\hercules dualpix hd webcam\\station2.exe"= UDP:C:\program files\hercules\hercules dualpix hd webcam\station2.exe:Hercules Webcam Station Evolution
"UDP Query User{79A30122-D649-4B37-A821-1D58F98921A6}C:\\program files\\hercules\\hercules dualpix hd webcam\\station2.exe"= TCP:C:\program files\hercules\hercules dualpix hd webcam\station2.exe:Hercules Webcam Station Evolution
"{E0162B6F-F69E-4C3A-B8E1-692D82356C81}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{29FD7CBB-5073-4AAB-AFF2-93B969209492}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{86F9219C-AED0-44D4-B288-424547F530B8}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{B17364DE-18E8-4786-AD6B-40F30E99EC97}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{0E8750D8-16AB-459F-865D-7516207F509C}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{07FBED40-2295-4976-8170-EFAA0D4C718A}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{B9882317-FB01-4006-B632-3ABF2DD16A16}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{0F272AC3-69CC-44EB-BBAE-C5E5BC8C0639}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{51BB74D3-6855-4416-9D42-5F3C6FEF16E3}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{2D7FA7C3-45EE-4C07-8135-A512B427BF3B}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{3E734425-D893-441C-977E-3837734ED25E}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{0D534D4B-A493-4068-A2F3-CBCFC36275E2}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{4E5FF2CB-23F6-40C1-BB82-1B054E6203C0}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{649864E6-AD8B-48FB-AD84-10D53D2BD427}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{127FBEFA-246C-49DE-82AE-AAC9A800D6AE}"= UDP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008
"{588278AB-49C0-4208-AF83-E5F1A7FCCD34}"= TCP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008
"{5BA3A301-AFE3-4B53-AA1C-640DA88F7ECD}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{50BD6FB2-94F1-4139-ABEE-52D59348100A}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"TCP Query User{99406E86-707D-4E4F-91CA-35CE921FDDE1}C:\\program files\\warcraft iii\\war3.exe"= UDP:C:\program files\warcraft iii\war3.exe:Warcraft III
"UDP Query User{039E02B9-B71F-479C-ACD2-17AC048C1D39}C:\\program files\\warcraft iii\\war3.exe"= TCP:C:\program files\warcraft iii\war3.exe:Warcraft III
"{BAFD9625-7ADE-4980-AE78-CA78E3E2E933}"= UDP:6112:War 3
"{025670ED-36A3-43EC-A69E-1BF513085DAA}"= TCP:6112:War 3
"{70170425-7A5D-4E8B-86EA-EC80C0B9D38E}"= UDP:6113:War 3
"{4E394461-EAE0-45C3-8D7F-56F372003E09}"= TCP:6113:War 3
"{E2403156-A55D-4C54-885B-F282F2B8EBD4}"= UDP:6114:War 3
"{FE224FC1-0F3D-4CA7-869B-0A6708E98E03}"= TCP:6114:War 3
"{28F29685-BDE0-44EE-A042-9A917A535915}"= UDP:C:\Program Files\Cyanide\GameCenter\GameCenter.exe:GameCenter
"{034EDD20-1086-4CB2-8516-D0011151D881}"= TCP:C:\Program Files\Cyanide\GameCenter\GameCenter.exe:GameCenter
"{4663D366-EBD9-4FE6-B42A-447F9C55FA49}"= UDP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{ABF366D6-D477-4D2D-AEC9-EF5C990199E1}"= TCP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{860B8A5E-2FB7-4576-BD28-A2352B4CC0D6}"= UDP:C:\Program Files\Pro Cycling Manager - Season 2008\PCM.exe:Pro Cycling Manager - Season 2008
"{E56F44B0-C4FD-4AFE-AAFB-86923DD2600D}"= TCP:C:\Program Files\Pro Cycling Manager - Season 2008\PCM.exe:Pro Cycling Manager - Season 2008
"{AC8251B3-5E53-43EA-86AE-76FCD4FD1ACE}"= UDP:C:\Program Files\Pro Cycling Manager - Season 2008\Autorun\Exe\Autorun.exe:Pro Cycling Manager - Season 2008 - AutoRun
"{7DEF0134-A503-4687-BE38-361EBD710715}"= TCP:C:\Program Files\Pro Cycling Manager - Season 2008\Autorun\Exe\Autorun.exe:Pro Cycling Manager - Season 2008 - AutoRun
"{C3418F42-99AB-40ED-AF46-0216C28A42B5}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{5A10EA29-4FA8-4050-91E2-CB29E34D989A}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{4976A43D-175D-4C91-B280-B3314AD3589D}C:\\program files\\valve\\steam\\steamapps\\warnaruto\\day of defeat source\\hl2.exe"= UDP:C:\program files\valve\steam\steamapps\warnaruto\day of defeat source\hl2.exe:hl2
"UDP Query User{6DEEB742-C6F8-4914-BD97-A7DBD2AEA959}C:\\program files\\valve\\steam\\steamapps\\warnaruto\\day of defeat source\\hl2.exe"= TCP:C:\program files\valve\steam\steamapps\warnaruto\day of defeat source\hl2.exe:hl2
"{D48C37A8-9987-4376-B4E2-49266EF4CFBB}"= UDP:C:\Program Files\Warcraft III\Frozen Throne.exe:Warcraft III - The Frozen Throne
"{50779F33-6A66-480D-920D-CB1454319CF7}"= TCP:C:\Program Files\Warcraft III\Frozen Throne.exe:Warcraft III - The Frozen Throne
"TCP Query User{AF5EBC54-9747-4035-8E58-10DB2F00EFA3}C:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:C:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"UDP Query User{8124AC9A-B7F1-47CF-BF24-63CF9FBE1F9B}C:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:C:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"TCP Query User{3C170F50-225E-4814-A250-E5F406C55D4E}C:\\program files\\valve\\steam\\steamapps\\kakashi2509\\counter-strike source\\hl2.exe"= UDP:C:\program files\valve\steam\steamapps\kakashi2509\counter-strike source\hl2.exe:hl2
"UDP Query User{AF390280-EDA8-4032-83E4-51AC21119E0F}C:\\program files\\valve\\steam\\steamapps\\kakashi2509\\counter-strike source\\hl2.exe"= TCP:C:\program files\valve\steam\steamapps\kakashi2509\counter-strike source\hl2.exe:hl2
"TCP Query User{1F1FBEB6-6CD8-4F85-89A8-C26B9C76ADEB}C:\\users\\rodrigues\\desktop\\skype.exe"= UDP:C:\users\rodrigues\desktop\skype.exe:skype.exe
"UDP Query User{92C5D397-ED96-4881-9B7C-C1296A111AF6}C:\\users\\rodrigues\\desktop\\skype.exe"= TCP:C:\users\rodrigues\desktop\skype.exe:skype.exe
"TCP Query User{F30F04F0-2133-4938-8971-B0CB2DB9E661}C:\\program files\\hercules\\hercules dualpix hd webcam\\controlui.exe"= UDP:C:\program files\hercules\hercules dualpix hd webcam\controlui.exe:Hercules Zoom Controller Main Application
"UDP Query User{D0AFE526-91F9-4372-A127-AF7384DF1C4E}C:\\program files\\hercules\\hercules dualpix hd webcam\\controlui.exe"= TCP:C:\program files\hercules\hercules dualpix hd webcam\controlui.exe:Hercules Zoom Controller Main Application
"TCP Query User{44C0570D-9241-4F0E-A66B-939A28A5ED7F}C:\\program files\\valve\\steam\\steamapps\\kevincss255\\source dedicated server\\srcds.exe"= UDP:C:\program files\valve\steam\steamapps\kevincss255\source dedicated server\srcds.exe:srcds
"UDP Query User{F2076988-6441-4FA0-BDCF-65775E335FFE}C:\\program files\\valve\\steam\\steamapps\\kevincss255\\source dedicated server\\srcds.exe"= TCP:C:\program files\valve\steam\steamapps\kevincss255\source dedicated server\srcds.exe:srcds

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\PPMate\\ppmate.exe"= C:\Program Files\PPMate\ppmate.exe:*:Enabled:PPMate

R1 appdrv01;Application Driver (01);C:\Windows\system32\Drivers\appdrv01.sys [2008-07-19 3468904]
R2 DQLWinService;DQLWinService;C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-10-29 208896]
R2 nmsgopro;GoProto Protocol Driver for NMS;C:\Windows\system32\DRIVERS\nmsgopro.sys [2006-09-27 28672]
R2 nmsunidr;UniDriver for NMS;C:\Windows\system32\DRIVERS\nmsunidr.sys [2006-10-19 7424]
R3 APL531;Hercules Dualpix HD Webcam;C:\Windows\system32\Drivers\HDvid.sys [2006-12-08 275072]
R3 camfilt;camfilt;C:\Windows\system32\Drivers\camfilt.sys [2006-11-16 24192]
R3 IntelDH;IntelDH Driver;C:\Windows\system32\Drivers\IntelDH.sys [2007-07-02 5504]
S2 appdrvrem01;Application Driver Auto Removal Service (01);C:\Windows\System32\appdrvrem01.exe svc [ ]
S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\Windows\system32\DRIVERS\fbxusb32.sys [2004-10-20 21344]
S3 IntelDHSvcConf;IntelDHSvcConf;C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [2006-11-18 36312]
S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-09-16 92656]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0e46aae9-fde1-11dc-be0f-001c2503b401}]
\shell\AutoRun\command - J:\CdAutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{84581613-2867-11dc-8362-806e6f6e6963}]
\shell\AutoRun\command - E:\Installer.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a7a3082d-48d5-11dd-b0e6-001c2503b401}]
\shell\AutoRun\command - J:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a7a30834-48d5-11dd-b0e6-001c2503b401}]
\shell\AutoRun\command - K:\Launcher.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a7a30836-48d5-11dd-b0e6-001c2503b401}]
\shell\AutoRun\command - L:\setup\rsrc\Autorun.exe
\shell\dinstall\command - L:\Directx\dxsetup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a7a30839-48d5-11dd-b0e6-001c2503b401}]
\shell\AutoRun\command - M:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ffcc168d-fe1b-11dc-a786-001c2503b401}]
\shell\AutoRun\command - K:\autorun.exe
\shell\directx\command - K:\DirectX9\dxsetup.exe
\shell\setup\command - K:\install.exe

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Tâches planifiées'
.
- - - - ORPHELINS SUPPRIMES - - - -

WebBrowser-{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
HKLM-Run-Acer Tour - (no file)
HKLM-Run-eRecoveryService - (no file)

.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Users\Rodrigues\AppData\Roaming\Mozilla\Firefox\Profiles\uv9wa43b.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.fr/
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-20 21:27:02
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2008-09-20 21:28:50
ComboFix-quarantined-files.txt 2008-09-20 19:28:35

Avant-CF: 99ÿ638ÿ140ÿ928 octets libres
Après-CF: 99,692,998,656 octets libres

430 --- E O F --- 2008-09-11 23:27:26

C'est ça ?
-1
Utilisateur anonyme
 
as tu tjrs ton probleme?
-1
Réponse 16 / 17
Dzioum007 Messages postés 95 Statut Membre
 
oui toujours.
-1
Utilisateur anonyme
 
ok
fait ceci
Fais un scan avec cet antispyware :

Telecharge malwarebytes + tutoriel :

-> https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

Tu l´instale; le programme va se mettre automatiquement a jour.

Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

Click maintenant sur l´onglet recherche et coche la case : "executer un examun complet".

Puis click sur "rechercher".

Laisse le scanner le pc...

Si des elements on ete trouvés > click sur supprimer la selection.

si il t´es demandé de redemarrer > click sur "yes".

A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.

Copie et colle le rapport stp.

a demain
-1
Réponse 17 / 17
Dzioum007 Messages postés 95 Statut Membre
 
Je crois qu'il y a un problème de compatibilité avec vista
-1

Discussions similaires

512 GB SSD est égal à combien de GO ?
Nurton -
brucine -

9 réponses
svp 32Gb est il egal a 32Go??
William Fernand -
nemrod18 -

3 réponses
Combien font 8Gb en Go?
Lanterne666 -
Majo -

10 réponses
4GO équivaut à combien en GB ?
xolena -
Chris 94 -

4 réponses
1GB = ? Go
cyril -
william3457 -

14 réponses