Désinfecter win32.dell.uv (RESOLU)

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Messagede kader-66 » 18 Déc 2009, 09:42

Bonjour,

je t'envoie le lien que tu m'as demandé

http://senduit.com/906488

a suivre
kader-66
 
Messages: 31
Inscription: 10 Déc 2009, 23:23

Messagede nickW » 19 Déc 2009, 01:41

Bonsoir,

Le fichier que tu as envoyé ne montre rien de "méchant".

Les deux détections de Spybot-S&D sont des faux-positifs, selon le forum officiel de BitDefender:

http://forum.bitdefender.com/index.php? ... entry66791

Note:MBAM faisait la même erreur, mais cela a été corrigé.


A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede kader-66 » 19 Déc 2009, 08:51

ok, mais depuis la detection de ce faux positif, je ne peux plus démarrer mbam, internet download manager etc...
La googletoolbar a disparu des navigateurs que ce soient Firefox ou Ie8. Je ne comprend plus rien
kader-66
 
Messages: 31
Inscription: 10 Déc 2009, 23:23

Messagede nickW » 19 Déc 2009, 19:47

Bonjour,

ComboFix a éliminé une DLL appartenant à Internet Download Manager: il est normal qu'il ne fonctionne plus.

Peux-tu essayer de le réinstaller?

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede kader-66 » 19 Déc 2009, 20:07

Bonsoir,

A plusieurs reprises, j'ai essayé d'installer mbam et idm, mais sans succès. Par contre, mbam fonctionne en mode sans echec. Alors c'est pour cela que je ne comprend plus rien. Tu avais raison, je n'aurais pas du utiliser combofix sans un avis d'un pro
kader-66
 
Messages: 31
Inscription: 10 Déc 2009, 23:23

Messagede nickW » 20 Déc 2009, 01:35

Bonsoir,

Peux-tu effectuer ce qui suit:

Étape 1: Malwarebytes' Anti-Malware, désinstallation
Désinstaller MBAM via Ajout/Suppression de programmes.
Télécharger et exécuter le programme mbam-clean.exe
Important: lorsque le redémarrage est demandé, accepter.


Étape 2: Malwarebytes' Anti-Malware, installation
Télécharger Malwarebytes' Anti-Malware depuis l'un des liens ci-dessous:
http://www.besttechie.net/tools/mbam-setup.exe
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Enregistrer ce fichier sur le Bureau.
Faire un double clic sur mbam-setup.exe pour lancer l'installation (Accepter le contrat de licence, puis valider les options par défaut).
Sur le dernier écran de la procédure d'installation, cocher la case située devant "Mettre à jour Malwarebytes' Anti-Malware", puis cliquer sur le bouton "Terminer".


Étape 3: OTL (de OldTimer), téléchargement
Télécharger OTL.exe depuis l'un des deux liens ci-dessous:
http://oldtimer.geekstogo.com/OTL.exe
http://ottools.noahdfear.net/OTL.exe
Enregistrer ce fichier sur le Bureau.


Étape 4: OTL (de OldTimer), analyse
Fermer toutes les fenêtres de programme ouvertes.

Faire un clic droit sur OTL.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.

L'écran principal de OTL s'affiche:
Image

Si ce n'est déjà fait, dans le paragraphe Extra Registry, cocher le bouton-radio Use SafeList:
Image

Cocher (en haut) la case située devant Scan All Users:
Image

Puis cliquer sur le bouton Run Scan:
Image

Laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant un rapport (log).
Fermer le Bloc-notes.
Le second rapport est visible dans la Barre des tâches. Le fermer également.
Fermer la fenêtre de OTL.


Étape 5: Résultats
Envoyer en réponse dans deux messages distincts (à cause de la longueur des logs):
*- les deux rapports de OTL (contenu des fichiers OTL.Txt et Extras.Txt situés sur le Bureau).
Les rapports envoyés sur le forum doivent se terminer par une ligne contenant <End>. Si ce n'est pas le cas, ils sont incomplets, et doivent alors être découpés en plusieurs messages.

Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"
Image pour continuer dans ce fil de discussion.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede kader-66 » 20 Déc 2009, 11:34

Bonjour,

Voilà le rapport OTL

OTL logfile created on: 20/12/2009 11:05:43 - Run 1
OTL by OldTimer - Version 3.1.19.0 Folder = C:\Users\Abdelkader\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 36,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 57,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 117,19 Gb Total Space | 25,61 Gb Free Space | 21,85% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 180,90 Gb Total Space | 152,19 Gb Free Space | 84,13% Space Free | Partition Type: NTFS
Drive M: | 931,51 Gb Total Space | 488,97 Gb Free Space | 52,49% Space Free | Partition Type: NTFS

Computer Name: PC-DE-KADER
Current User Name: Abdelkader
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/12/20 11:02:01 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Abdelkader\Downloads\OTL.exe
PRC - [2009/12/19 12:12:29 | 00,215,104 | ---- | M] () -- C:\Windows\System32\PnkBstrB.exe
PRC - [2009/12/15 16:06:52 | 01,085,720 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe
PRC - [2009/12/15 16:06:49 | 00,309,088 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
PRC - [2009/12/15 16:06:47 | 01,118,144 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe
PRC - [2009/11/30 20:33:40 | 03,181,456 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\Xfire.exe
PRC - [2009/11/27 16:24:34 | 00,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2009/11/27 04:03:43 | 01,622,320 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
PRC - [2009/11/23 20:49:27 | 00,378,128 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFTray.exe
PRC - [2009/11/23 20:49:24 | 00,070,928 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFService.exe
PRC - [2009/11/12 16:33:10 | 00,141,600 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/11/12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/11/09 13:51:12 | 01,858,144 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Free\a2service.exe
PRC - [2009/11/09 04:17:50 | 00,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2009/10/29 13:28:05 | 00,075,064 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe
PRC - [2009/10/09 13:11:12 | 25,623,336 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2009/10/09 13:11:12 | 00,078,008 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2009/10/07 13:50:26 | 00,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
PRC - [2009/09/27 17:47:00 | 00,215,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2009/09/27 16:48:00 | 00,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009/09/05 18:37:09 | 00,135,680 | ---- | M] (Microsoft Corporation) -- C:\Users\Abdelkader\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
PRC - [2009/08/03 06:35:50 | 02,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/14 02:14:50 | 00,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2009/07/14 02:14:42 | 00,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 02:14:31 | 00,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\Speech\Common\sapisvr.exe
PRC - [2009/07/14 02:14:24 | 00,157,184 | ---- | M] (Microsoft Corporation) -- c:\program files\windows defender\MpCmdRun.exe
PRC - [2009/07/09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/06/05 17:05:28 | 23,207,936 | ---- | M] () -- C:\Program Files\CounterPath\X-Lite\x-lite.exe
PRC - [2009/05/22 23:22:10 | 07,514,656 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
PRC - [2009/05/19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/05/01 11:09:00 | 01,130,496 | ---- | M] (www.IslamicFinder.org) -- C:\Program Files\Athan\Athan.exe
PRC - [2009/03/30 15:28:36 | 01,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009/03/30 15:28:36 | 00,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
PRC - [2009/03/05 15:07:20 | 02,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 14:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/10/13 12:00:22 | 02,160,144 | ---- | M] (Mon Widget RMC) -- C:\Program Files\Nosibay\Mon Widget RMC\Mon Widget RMC.exe
PRC - [2008/10/13 11:59:50 | 00,185,872 | ---- | M] (Mon Widget RMC) -- C:\Program Files\Nosibay\Mon Widget RMC\Launcher.exe
PRC - [2007/11/06 21:58:20 | 00,294,912 | ---- | M] () -- C:\Program Files\HomePlayer\HomePlayer.exe
PRC - [2007/01/08 09:30:48 | 00,471,040 | ---- | M] (Dritek System Inc.) -- C:\Program Files\KEMailKb\DsiMmKbd.EXE
PRC - [2007/01/05 16:12:58 | 00,258,048 | ---- | M] (SONIX) -- C:\Windows\tsnp2std.exe
PRC - [2006/11/03 10:01:16 | 00,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac7311\Monitor.exe
PRC - [2006/09/22 03:01:00 | 00,139,264 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATIBIE.EXE
PRC - [2006/04/18 03:00:00 | 00,102,400 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
PRC - [2005/08/11 15:30:30 | 00,081,920 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2005/01/14 15:32:38 | 00,053,248 | ---- | M] () -- C:\Windows\System32\PAStiSvc.exe


========== Modules (SafeList) ==========

MOD - [2009/12/20 11:02:01 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Abdelkader\Downloads\OTL.exe
MOD - [2009/11/30 20:33:48 | 00,914,320 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\xfire_toucan_40405.dll
MOD - [2009/11/23 20:49:32 | 00,460,048 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TfWah.dll
MOD - [2009/07/14 02:17:54 | 00,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
MOD - [2009/07/14 02:16:20 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll
MOD - [2009/07/14 02:16:15 | 00,126,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\IME\SPTIP.DLL
MOD - [2009/07/14 02:16:15 | 00,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009/07/14 02:16:14 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Speech\SpeechUX\SpeechUXPS.DLL
MOD - [2009/07/14 02:16:13 | 00,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009/07/14 02:16:13 | 00,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009/07/14 02:16:13 | 00,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RpcRtRemote.dll
MOD - [2009/07/14 02:16:12 | 00,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009/07/14 02:16:03 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009/07/14 02:15:35 | 00,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009/07/14 02:15:13 | 00,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009/07/14 02:15:11 | 00,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009/07/14 02:15:07 | 00,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptsp.dll
MOD - [2009/07/14 02:15:07 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009/07/14 02:15:02 | 00,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009/07/14 02:03:50 | 01,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2003/02/21 04:42:22 | 00,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr71.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/12/19 12:12:29 | 00,215,104 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PnkBstrB.exe -- (PnkBstrB)
SRV - [2009/12/15 16:06:49 | 00,309,088 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe -- (LIVESRV)
SRV - [2009/11/27 16:24:34 | 00,185,640 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2009/11/27 04:03:50 | 00,311,296 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll -- (scan)
SRV - [2009/11/27 04:03:49 | 00,183,880 | ---- | M] (BitDefender S.R.L. http://www.bitdefender.com) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Arrakis3)
SRV - [2009/11/27 04:03:43 | 01,622,320 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe -- (VSSERV)
SRV - [2009/11/27 00:19:53 | 00,320,760 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/11/23 20:49:24 | 00,070,928 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\ThreatFire\TFService.exe -- (ThreatFire)
SRV - [2009/11/12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/11/09 13:51:12 | 01,858,144 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\a-squared Free\a2service.exe -- (a2free)
SRV - [2009/10/29 13:28:05 | 00,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PnkBstrA.exe -- (PnkBstrA)
SRV - [2009/10/07 13:50:26 | 00,185,640 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe -- (TeamViewer4)
SRV - [2009/09/27 17:47:00 | 00,215,656 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Windows\System32\nvvsvc.exe -- (nvsvc)
SRV - [2009/09/27 16:48:00 | 00,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009/09/23 14:50:28 | 00,238,960 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2009/08/05 21:48:42 | 00,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/07/14 02:16:21 | 00,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/14 02:16:17 | 00,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/14 02:16:17 | 00,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/07/14 02:16:16 | 00,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/14 02:16:15 | 00,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/07/14 02:16:13 | 00,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/14 02:16:13 | 00,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 01,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:16:12 | 00,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/14 02:16:12 | 00,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/14 02:16:12 | 00,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/14 02:16:12 | 00,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/14 02:15:41 | 00,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2009/07/14 02:15:36 | 00,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/07/14 02:15:21 | 00,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/14 02:15:11 | 00,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/14 02:15:10 | 00,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/14 02:14:59 | 00,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/14 02:14:58 | 00,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Programme d’installation ActiveX (AxInstSV)
SRV - [2009/07/14 02:14:53 | 00,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/14 02:14:29 | 03,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009/07/09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/06/19 12:16:28 | 00,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9f0cf6a3dcad1) Service Google Update (gupdate1c9f0cf6a3dcad1)
SRV - [2009/05/19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/03/30 15:28:36 | 01,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/01/26 14:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/11/04 00:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/04/18 03:00:00 | 00,102,400 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)
SRV - [2005/11/14 00:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/01/14 15:32:38 | 00,053,248 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PAStiSvc.exe -- (STI Simulator)
kader-66
 
Messages: 31
Inscription: 10 Déc 2009, 23:23

Messagede kader-66 » 20 Déc 2009, 11:36

========== Driver Services (SafeList) ==========

DRV - [2009/12/15 16:06:47 | 00,055,936 | ---- | M] (BitDefender) [Kernel | On_Demand | Stopped] -- C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys -- (BDSelfPr)
DRV - [2009/12/15 16:06:45 | 00,152,456 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\bdfm.sys -- (BDFM)
DRV - [2009/11/27 03:58:27 | 00,079,368 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV - [2009/11/23 20:49:39 | 00,059,664 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - [2009/11/23 20:49:38 | 00,033,552 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - [2009/11/23 20:49:37 | 00,051,984 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - [2009/11/09 04:21:18 | 00,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/09/27 16:12:22 | 09,509,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/09/23 14:53:20 | 00,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
DRV - [2009/09/02 11:09:24 | 00,176,128 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/08/27 17:28:44 | 00,014,720 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys -- (Profos)
DRV - [2009/08/05 21:48:42 | 00,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2009/07/14 02:26:21 | 00,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009/07/14 02:26:17 | 00,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009/07/14 02:26:15 | 00,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009/07/14 02:26:15 | 00,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009/07/14 02:26:15 | 00,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009/07/14 02:26:15 | 00,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009/07/14 02:26:15 | 00,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009/07/14 02:26:15 | 00,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009/07/14 02:26:15 | 00,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009/07/14 02:26:15 | 00,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009/07/14 02:20:44 | 00,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009/07/14 02:20:44 | 00,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009/07/14 02:20:44 | 00,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009/07/14 02:20:37 | 00,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009/07/14 02:20:36 | 00,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009/07/14 02:20:36 | 00,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009/07/14 02:20:36 | 00,133,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009/07/14 02:20:36 | 00,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009/07/14 02:20:36 | 00,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009/07/14 02:20:36 | 00,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009/07/14 02:20:36 | 00,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009/07/14 02:20:36 | 00,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009/07/14 02:20:36 | 00,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009/07/14 02:20:28 | 00,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009/07/14 02:20:28 | 00,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009/07/14 02:20:28 | 00,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009/07/14 02:20:28 | 00,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009/07/14 02:19:11 | 00,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009/07/14 02:19:10 | 00,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/14 02:19:10 | 00,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009/07/14 02:19:10 | 00,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 02:19:10 | 00,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009/07/14 02:19:10 | 00,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/14 02:19:10 | 00,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/14 02:19:10 | 00,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009/07/14 02:19:04 | 01,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009/07/14 02:19:04 | 00,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009/07/14 02:19:04 | 00,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009/07/14 02:19:04 | 00,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009/07/14 02:19:04 | 00,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009/07/14 02:19:04 | 00,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009/07/14 02:19:04 | 00,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009/07/14 02:17:54 | 00,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009/07/14 01:57:25 | 00,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009/07/14 01:02:41 | 00,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009/07/14 01:01:41 | 00,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009/07/14 00:55:00 | 00,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009/07/14 00:53:51 | 00,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009/07/14 00:52:44 | 00,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009/07/14 00:52:02 | 00,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009/07/14 00:52:00 | 00,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009/07/14 00:51:35 | 00,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009/07/14 00:51:23 | 00,080,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2009/07/14 00:51:08 | 00,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009/07/14 00:46:55 | 00,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009/07/14 00:45:26 | 00,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009/07/14 00:36:52 | 00,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009/07/14 00:33:50 | 00,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009/07/14 00:28:47 | 00,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 00:28:45 | 00,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/14 00:24:05 | 00,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009/07/14 00:19:21 | 00,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009/07/14 00:16:36 | 00,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009/07/14 00:11:04 | 00,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009/07/13 23:54:14 | 00,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 23:53:33 | 00,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009/07/13 23:53:33 | 00,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009/07/13 23:53:32 | 00,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009/07/13 23:53:28 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009/07/13 23:53:28 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009/07/13 23:02:49 | 00,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009/07/13 23:02:48 | 03,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009/07/13 23:02:48 | 00,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009/07/13 21:50:20 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2009/05/23 01:03:40 | 02,361,952 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/05/18 14:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/05/07 04:22:06 | 00,039,808 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys -- (Trufos)
DRV - [2007/02/13 17:01:02 | 00,448,896 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PA707UCM.SYS -- (PAC7311)
DRV - [2007/01/05 10:59:50 | 00,029,712 | ---- | M] (Dritek System Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mmkbd.sys -- (mmkbd)
DRV - [2006/05/05 18:21:00 | 00,004,608 | ---- | M] (NVIDIA Corporation.) [Kernel | System | Running] -- C:\Windows\System32\drivers\nvport.sys -- (nvport)
DRV - [2006/03/29 07:49:26 | 00,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pfc.sys -- (pfc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4165229912-2147149674-2309070950-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-4165229912-2147149674-2309070950-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-4165229912-2147149674-2309070950-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2A C0 9D EC C5 80 CA 01 [binary data]
IE - HKU\S-1-5-21-4165229912-2147149674-2309070950-1000\S-1-5-21-4165229912-2147149674-2309070950-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4165229912-2147149674-2309070950-1000\S-1-5-21-4165229912-2147149674-2309070950-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/news?hl=fr&q=&sourceid=navclient-ff&rlz=1R0GGGL_fr&ie=UTF-8"
FF - prefs.js..extensions.enabledItems: FFToolbar@bitdefender.com:2.0
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.5
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.6
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:6.3
FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:3.2
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.18
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..keyword.URL: "http://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2009/12/17 14:33:22 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/17 14:36:27 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/12/17 14:36:28 | 00,000,000 | ---D | M]

[2009/12/17 14:47:41 | 00,000,000 | ---D | M] -- C:\Users\Abdelkader\AppData\Roaming\mozilla\Extensions
[2009/12/19 21:37:57 | 00,000,000 | ---D | M] -- C:\Users\Abdelkader\AppData\Roaming\mozilla\Firefox\Profiles\92x8qyx0.default\extensions
[2009/12/19 21:37:57 | 00,000,000 | ---D | M] (No name found) -- C:\Users\Abdelkader\AppData\Roaming\mozilla\Firefox\Profiles\92x8qyx0.default\extensions\{1cdccf78-1ea9-4f40-b69f-ef7674dbef8c}
[2009/12/17 14:47:44 | 00,000,000 | ---D | M] (NoScript) -- C:\Users\Abdelkader\AppData\Roaming\mozilla\Firefox\Profiles\92x8qyx0.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009/12/17 14:47:44 | 00,000,000 | ---D | M] (FireFTP) -- C:\Users\Abdelkader\AppData\Roaming\mozilla\Firefox\Profiles\92x8qyx0.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2009/12/17 14:47:45 | 00,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Abdelkader\AppData\Roaming\mozilla\Firefox\Profiles\92x8qyx0.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/09/12 09:33:25 | 00,000,000 | ---D | M] (No name found) -- C:\Users\Abdelkader\AppData\Roaming\mozilla\Firefox\Profiles\92x8qyx0.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/12/17 14:47:42 | 00,000,000 | ---D | M] -- C:\Users\Abdelkader\AppData\Roaming\mozilla\Firefox\Profiles\92x8qyx0.default\extensions\illimitux@illimitux.net
[2009/12/19 21:37:57 | 00,000,000 | ---D | M] -- C:\Users\Abdelkader\AppData\Roaming\mozilla\Firefox\Profiles\92x8qyx0.default\extensions\staged-xpis
[2009/09/05 18:37:09 | 00,001,775 | ---- | M] () -- C:\Users\Abdelkader\AppData\Roaming\Mozilla\FireFox\Profiles\92x8qyx0.default\searchplugins\live-search.xml
[2009/12/19 20:14:01 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/11/27 03:58:38 | 00,047,104 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\mozilla firefox\components\FFComm.dll
[2009/12/17 12:52:04 | 00,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2009/12/17 12:52:04 | 00,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2009/12/17 12:52:04 | 00,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2009/12/17 12:52:04 | 00,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2009/12/17 12:52:04 | 00,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: (307199 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 10575 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (no name) - {CF070CB8-F02F-4af4-A7B7-8D45CAD4BB54} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll (BitDefender S.R.L.)
O3 - HKU\S-1-5-21-4165229912-2147149674-2309070950-1000\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [Athan] C:\Program Files\Athan\Athan.exe (www.IslamicFinder.org)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [HomePlayer] C:\Program Files\HomePlayer\HomePlayer.exe ()
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [KEMailKb] C:\PROGRA~1\KEMailKb\DsiMmKbd.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [PAC7311_Monitor] C:\Windows\PixArt\Pac7311\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe (PC Tools)
O4 - HKLM..\Run: [tsnp2std] C:\Windows\tsnp2std.exe (SONIX)
O4 - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4165229912-2147149674-2309070950-1000..\Run: [EPSON Stylus DX6000 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-4165229912-2147149674-2309070950-1000..\Run: [eyeBeam SIP Client] C:\Program Files\CounterPath\X-Lite\x-lite.exe ()
O4 - HKU\S-1-5-21-4165229912-2147149674-2309070950-1000..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKU\S-1-5-21-4165229912-2147149674-2309070950-1000..\Run: [Mon Widget RMC] C:\Program Files\Nosibay\Mon Widget RMC\launcher.exe (Mon Widget RMC)
O4 - HKU\S-1-5-21-4165229912-2147149674-2309070950-1000..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKU\S-1-5-21-4165229912-2147149674-2309070950-1000..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4165229912-2147149674-2309070950-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-4165229912-2147149674-2309070950-1000..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Abdelkader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Notification de cadeaux MSN.lnk = C:\Users\Abdelkader\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Abdelkader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4165229912-2147149674-2309070950-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4165229912-2147149674-2309070950-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-4165229912-2147149674-2309070950-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4165229912-2147149674-2309070950-1000_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-4165229912-2147149674-2309070950-1000\..Trusted Domains: google.fr ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-4165229912-2147149674-2309070950-1000\..Trusted Domains: msn.com ([fr] http in Trusted sites)
O15 - HKU\S-1-5-21-4165229912-2147149674-2309070950-1000\..Trusted Domains: 51 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
kader-66
 
Messages: 31
Inscription: 10 Déc 2009, 23:23

Messagede kader-66 » 20 Déc 2009, 11:36

========== Files/Folders - Created Within 30 Days ==========

[2009/12/20 10:52:42 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/12/18 09:38:51 | 00,000,000 | ---D | C] -- C:\Users\Abdelkader\Desktop\kader66.zip
[2009/12/17 16:24:15 | 00,195,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2009/12/17 16:21:23 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2009/12/17 16:17:03 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009/12/17 16:15:24 | 02,613,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2009/12/17 16:15:24 | 01,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2009/12/17 16:15:24 | 00,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2009/12/17 16:15:23 | 00,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2009/12/17 16:15:23 | 00,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2009/12/17 16:15:23 | 00,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2009/12/17 16:15:23 | 00,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2009/12/17 16:15:22 | 12,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2009/12/17 15:40:57 | 00,000,000 | -HSD | C] -- C:\ProgramData\Modèles
[2009/12/17 15:40:57 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes vidéos
[2009/12/17 15:40:57 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes images
[2009/12/17 15:40:57 | 00,000,000 | -HSD | C] -- C:\ProgramData\Menu Démarrer
[2009/12/17 15:40:57 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\Ma musique
[2009/12/17 15:40:57 | 00,000,000 | -HSD | C] -- C:\Program Files\Fichiers communs
[2009/12/17 15:40:57 | 00,000,000 | -HSD | C] -- C:\ProgramData\Favoris
[2009/12/17 15:40:57 | 00,000,000 | -HSD | C] -- C:\ProgramData\Bureau
[2009/12/17 14:30:57 | 00,000,000 | --SD | C] -- C:\Users\Abdelkader\AppData\Roaming\Microsoft
[2009/12/17 14:30:57 | 00,000,000 | R--D | C] -- C:\Users\Abdelkader\Videos
[2009/12/17 14:30:57 | 00,000,000 | R--D | C] -- C:\Users\Abdelkader\Saved Games
[2009/12/17 14:30:57 | 00,000,000 | R--D | C] -- C:\Users\Abdelkader\Pictures
[2009/12/17 14:30:57 | 00,000,000 | R--D | C] -- C:\Users\Abdelkader\Music
[2009/12/17 14:30:57 | 00,000,000 | R--D | C] -- C:\Users\Abdelkader\Links
[2009/12/17 14:30:57 | 00,000,000 | R--D | C] -- C:\Users\Abdelkader\Favorites
[2009/12/17 14:30:57 | 00,000,000 | R--D | C] -- C:\Users\Abdelkader\Downloads
[2009/12/17 14:30:57 | 00,000,000 | R--D | C] -- C:\Users\Abdelkader\Documents
[2009/12/17 14:30:57 | 00,000,000 | R--D | C] -- C:\Users\Abdelkader\Desktop
[2009/12/17 14:30:57 | 00,000,000 | -HSD | C] -- C:\Users\Abdelkader\Voisinage réseau
[2009/12/17 14:30:57 | 00,000,000 | -HSD | C] -- C:\Users\Abdelkader\Voisinage d'impression
[2009/12/17 14:30:57 | 00,000,000 | -HSD | C] -- C:\Users\Abdelkader\AppData\Local\Temporary Internet Files
[2009/12/17 14:30:57 | 00,000,000 | -HSD | C] -- C:\Users\Abdelkader\SendTo
[2009/12/17 14:30:57 | 00,000,000 | -HSD | C] -- C:\Users\Abdelkader\Recent
[2009/12/17 14:30:57 | 00,000,000 | -HSD | C] -- C:\Users\Abdelkader\Modèles
[2009/12/17 14:30:57 | 00,000,000 | -HSD | C] -- C:\Users\Abdelkader\Documents\Mes vidéos
[2009/12/17 14:30:57 | 00,000,000 | -HSD | C] -- C:\Users\Abdelkader\Documents\Mes images
[2009/12/17 14:30:57 | 00,000,000 | -HSD | C] -- C:\Users\Abdelkader\Mes documents
[2009/12/17 14:30:57 | 00,000,000 | -HSD | C] -- C:\Users\Abdelkader\Menu Démarrer
[2009/12/17 14:30:57 | 00,000,000 | -HSD | C] -- C:\Users\Abdelkader\Documents\Ma musique
[2009/12/17 14:30:57 | 00,000,000 | -HSD | C] -- C:\Users\Abdelkader\Local Settings
[2009/12/17 14:30:57 | 00,000,000 | -HSD | C] -- C:\Users\Abdelkader\AppData\Local\Historique
[2009/12/17 14:30:57 | 00,000,000 | -HSD | C] -- C:\Users\Abdelkader\Cookies
[2009/12/17 14:30:57 | 00,000,000 | -HSD | C] -- C:\Users\Abdelkader\Application Data
[2009/12/17 14:30:57 | 00,000,000 | -HSD | C] -- C:\Users\Abdelkader\AppData\Local\Application Data
[2009/12/17 14:30:57 | 00,000,000 | -H-D | C] -- C:\Users\Abdelkader\AppData
[2009/12/17 14:30:57 | 00,000,000 | ---D | C] -- C:\Users\Abdelkader\AppData\Local\Temp
[2009/12/17 14:30:57 | 00,000,000 | ---D | C] -- C:\Users\Abdelkader\AppData\Local\Microsoft
[2009/12/17 14:30:57 | 00,000,000 | ---D | C] -- C:\Users\Abdelkader\AppData\Roaming\Media Center Programs
[2009/12/17 14:29:15 | 00,000,000 | ---D | C] -- C:\Windows\PixArt
[2009/12/17 14:28:04 | 00,490,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvuninst.exe
[2009/12/17 14:27:24 | 00,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2009/12/17 14:27:24 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek
[2009/12/17 14:24:07 | 00,000,000 | ---D | C] -- C:\Windows\Prefetch
[2009/12/17 14:22:34 | 00,000,000 | ---D | C] -- C:\Windows\Panther
[2009/12/17 14:15:00 | 00,000,000 | -H-D | C] -- C:\$WINDOWS.~Q
[2009/12/17 14:11:04 | 00,000,000 | -H-D | C] -- C:\$INPLACE.~TR
[2009/12/16 19:37:57 | 00,000,000 | ---D | C] -- C:\32788R22FWJFW
[2009/12/14 12:58:58 | 00,000,000 | ---D | C] -- C:\Windows\Sun
[2009/12/12 22:09:26 | 00,000,000 | ---D | C] -- C:\Avenger
[2009/12/11 13:29:54 | 00,000,000 | ---D | C] -- C:\Users\Abdelkader\AppData\Roaming\Malwarebytes
[2009/12/11 13:29:50 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/12/11 13:29:50 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/12/10 22:18:55 | 00,000,000 | ---D | C] -- C:\ComboFix
[2009/12/10 20:09:53 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/12/09 22:29:50 | 00,000,000 | ---D | C] -- C:\Program Files\TVUPlayer
[2009/12/09 21:43:09 | 00,000,000 | ---D | C] -- C:\vcs5BGEffects
[2009/12/08 17:19:52 | 00,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2009/12/08 17:19:51 | 00,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2009/12/08 17:19:51 | 00,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2009/12/08 17:19:51 | 00,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2009/12/08 17:07:40 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/12/08 17:05:07 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/12/07 20:36:44 | 00,000,000 | ---D | C] -- C:\Program Files\JDownloader
[2009/12/07 20:36:29 | 00,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll
[2009/12/07 20:36:29 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2009/12/07 20:36:29 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2009/12/07 20:36:29 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2009/12/07 20:36:10 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2009/12/06 08:43:47 | 00,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2009/12/06 08:43:47 | 00,026,600 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys
[2009/12/06 08:43:07 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/12/06 08:43:06 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/12/06 08:39:55 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2009/12/02 14:42:13 | 00,000,000 | ---D | C] -- C:\Users\Abdelkader\AppData\Roaming\skypePM
[2009/12/02 14:40:29 | 00,000,000 | ---D | C] -- C:\Users\Abdelkader\AppData\Roaming\Skype
[2009/12/02 14:39:37 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2009/12/02 14:39:36 | 00,000,000 | R--D | C] -- C:\Program Files\Skype
[2009/12/02 14:39:30 | 00,000,000 | ---D | C] -- C:\ProgramData\Skype
[2009/11/30 18:02:40 | 00,171,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xliveinstall.dll
[2009/11/30 18:02:38 | 00,072,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xliveinstallhost.exe
[2009/11/27 16:58:03 | 00,000,000 | ---D | C] -- C:\Users\Abdelkader\AppData\Local\Runscanner.net
[2009/11/27 16:52:06 | 00,000,000 | ---D | C] -- C:\Users\Abdelkader\Bureau
[2009/11/25 23:03:39 | 00,233,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DreamScene.dll
[2009/11/23 20:27:47 | 00,033,552 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\TfNetMon.sys
[2009/11/23 20:27:41 | 00,059,664 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\TfSysMon.sys
[2009/11/23 20:27:34 | 00,051,984 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\TfFsMon.sys
[2009/11/20 15:58:47 | 00,000,000 | ---D | C] -- C:\Users\Abdelkader\temp
[2009/06/07 08:31:24 | 00,151,552 | ---- | C] ( ) -- C:\Windows\System32\rsnp2std.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009/12/20 11:07:55 | 06,553,600 | -HS- | M] () -- C:\Users\Abdelkader\NTUSER.DAT
[2009/12/20 11:02:20 | 00,019,120 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2009/12/20 11:02:20 | 00,019,120 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2009/12/20 10:56:07 | 00,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009/12/20 10:55:14 | 00,000,450 | ---- | M] () -- C:\Windows\tasks\SLOW-PCfighter.job
[2009/12/20 10:55:14 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/12/20 10:55:11 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/12/20 10:54:54 | 16,094,24896 | -HS- | M] () -- C:\hiberfil.sys
[2009/12/20 10:53:44 | 02,372,950 | -H-- | M] () -- C:\Users\Abdelkader\AppData\Local\IconCache.db
[2009/12/20 10:53:38 | 00,000,121 | ---- | M] () -- C:\Windows\bdagent.INI
[2009/12/20 10:53:19 | 00,000,926 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/12/20 09:40:00 | 00,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009/12/20 00:42:17 | 00,002,209 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2009/12/19 22:37:00 | 00,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2009/12/19 16:03:10 | 01,532,276 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/12/19 16:03:10 | 00,697,522 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2009/12/19 16:03:10 | 00,609,896 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/12/19 16:03:10 | 00,128,356 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2009/12/19 16:03:10 | 00,104,214 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/12/19 12:12:29 | 00,215,104 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2009/12/19 12:12:29 | 00,215,104 | ---- | M] () -- C:\Windows\System32\PnkBstrB.exe
[2009/12/19 11:58:12 | 00,138,576 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009/12/18 22:38:37 | 00,001,143 | ---- | M] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2009/12/18 22:37:59 | 00,001,597 | ---- | M] () -- C:\Users\Abdelkader\Desktop\DivX Movies.lnk
[2009/12/18 09:39:48 | 00,000,797 | ---- | M] () -- C:\Users\Abdelkader\Desktop\kader66.zip.rar
[2009/12/18 09:10:26 | 00,000,121 | ---- | M] () -- C:\Users\Abdelkader\Desktop\liste-ifeo.bat
[2009/12/17 16:27:10 | 00,411,688 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/12/17 16:09:20 | 00,000,132 | ---- | M] () -- C:\Windows\System32\rezumatenoi.dat
[2009/12/17 16:07:40 | 00,000,020 | RHS- | M] () -- C:\winx.ld
[2009/12/17 16:07:15 | 00,239,326 | RHS- | M] () -- C:\NJMLW
[2009/12/17 16:02:36 | 00,109,608 | ---- | M] () -- C:\Users\Abdelkader\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/12/17 15:41:18 | 00,000,493 | ---- | M] () -- C:\Windows\win.ini
[2009/12/17 15:41:13 | 00,000,020 | -HS- | M] () -- C:\Users\Abdelkader\ntuser.ini
[2009/12/17 15:02:17 | 00,057,704 | ---- | M] () -- C:\Windows\System32\license.rtf
[2009/12/17 14:57:25 | 00,021,780 | ---- | M] () -- C:\Windows\System32\emptyregdb.dat
[2009/12/17 14:30:59 | 00,524,288 | -HS- | M] () -- C:\Users\Abdelkader\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2009/12/17 14:30:59 | 00,524,288 | -HS- | M] () -- C:\Users\Abdelkader\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2009/12/17 14:30:59 | 00,065,536 | -HS- | M] () -- C:\Users\Abdelkader\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2009/12/17 14:27:03 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2009/12/17 14:22:22 | 00,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2009/12/17 13:28:16 | 00,003,374 | ---- | M] () -- C:\Users\Abdelkader\Desktop\Rapport de compatibilité Windows.htm
[2009/12/17 13:24:35 | 00,002,544 | ---- | M] () -- C:\Windows\diagwrn.xml
[2009/12/17 13:24:27 | 00,001,890 | ---- | M] () -- C:\Windows\diagerr.xml
[2009/12/17 08:11:59 | 00,304,160 | ---- | M] () -- C:\PA7311.DAT
[2009/12/15 16:06:49 | 00,105,736 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Windows\System32\drivers\bdhv.sys
[2009/12/15 16:06:45 | 00,152,456 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Windows\System32\drivers\bdfm.sys
[2009/12/12 22:14:16 | 00,000,048 | -H-- | M] () -- C:\Windows\System32\ezsidmv.dat
[2009/12/12 22:06:23 | 00,000,009 | RHS- | M] () -- C:\Windows\ULDR
[2009/12/10 22:49:48 | 00,000,215 | ---- | M] () -- C:\Windows\system.ini
[2009/12/10 22:04:09 | 03,847,760 | R--- | M] () -- C:\Users\Abdelkader\Desktop\ComboFix.exe
[2009/12/10 20:09:53 | 00,002,042 | ---- | M] () -- C:\Users\Abdelkader\Desktop\HijackThis.lnk
[2009/12/09 22:54:07 | 00,261,632 | ---- | M] () -- C:\Windows\PEV.exe
[2009/12/07 20:37:06 | 00,001,006 | ---- | M] () -- C:\Users\Abdelkader\Desktop\JDownloader.lnk
[2009/12/07 20:36:13 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll
[2009/12/07 20:36:13 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2009/12/07 20:36:13 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2009/12/07 20:36:13 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2009/12/06 08:43:53 | 00,002,459 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/12/06 08:40:07 | 00,001,820 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2009/12/06 08:37:14 | 00,002,509 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2009/12/03 16:14:06 | 00,038,224 | ---- | M] () -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/12/03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/12/03 15:32:14 | 00,001,049 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk
[2009/12/02 14:39:38 | 00,002,533 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2009/12/02 11:54:52 | 00,001,000 | ---- | M] () -- C:\Users\Abdelkader\Desktop\HomePlayer.lnk
[2009/11/30 20:33:46 | 00,041,872 | ---- | M] () -- C:\Windows\System32\xfcodec.dll
[2009/11/30 18:02:40 | 00,171,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xliveinstall.dll
[2009/11/30 18:02:38 | 00,072,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xliveinstallhost.exe
[2009/11/28 15:41:49 | 00,001,834 | ---- | M] () -- C:\Users\Abdelkader\Desktop\CCleaner.lnk
[2009/11/28 14:35:13 | 00,001,483 | ---- | M] () -- C:\Users\Abdelkader\Desktop\-=FreePack=-.lnk
[2009/11/27 00:13:26 | 00,002,103 | ---- | M] () -- C:\Users\Public\Desktop\BitDefender Antivirus 2010.lnk
[2009/11/24 19:16:43 | 00,057,652 | ---- | M] () -- C:\Users\Abdelkader\Desktop\2686958810_2.jpg
[2009/11/24 19:16:27 | 00,026,885 | ---- | M] () -- C:\Users\Abdelkader\Desktop\2686709554_small_1.jpg
[2009/11/23 20:49:39 | 00,059,664 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\TfSysMon.sys
[2009/11/23 20:49:38 | 00,033,552 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\TfNetMon.sys
[2009/11/23 20:49:37 | 00,051,984 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\TfFsMon.sys
[2009/11/20 16:01:09 | 00,001,125 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 4.lnk
[2009/11/20 11:11:03 | 00,025,321 | ---- | M] () -- C:\Users\Abdelkader\Desktop\5816367420[1].jpg
[2009/11/20 11:11:03 | 00,001,807 | ---- | M] () -- C:\Users\Abdelkader\Desktop\5876163668[1].jpg
[2009/11/20 11:11:03 | 00,001,639 | ---- | M] () -- C:\Users\Abdelkader\Desktop\5847208510[1].jpg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/12/20 00:42:17 | 00,002,209 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2009/12/18 09:39:48 | 00,000,797 | ---- | C] () -- C:\Users\Abdelkader\Desktop\kader66.zip.rar
[2009/12/18 09:10:26 | 00,000,121 | ---- | C] () -- C:\Users\Abdelkader\Desktop\liste-ifeo.bat
[2009/12/17 17:06:50 | 00,000,926 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/12/17 17:05:24 | 00,038,224 | ---- | C] () -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/12/17 16:07:15 | 00,239,326 | RHS- | C] () -- C:\NJMLW
[2009/12/17 15:41:13 | 00,000,020 | -HS- | C] () -- C:\Users\Abdelkader\ntuser.ini
[2009/12/17 14:30:57 | 06,553,600 | -HS- | C] () -- C:\Users\Abdelkader\NTUSER.DAT
[2009/12/17 14:30:57 | 00,524,288 | -HS- | C] () -- C:\Users\Abdelkader\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2009/12/17 14:30:57 | 00,524,288 | -HS- | C] () -- C:\Users\Abdelkader\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2009/12/17 14:30:57 | 00,065,536 | -HS- | C] () -- C:\Users\Abdelkader\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2009/12/17 14:27:03 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2009/12/13 03:17:04 | 00,000,121 | ---- | C] () -- C:\Windows\bdagent.INI
[2009/12/12 22:14:15 | 00,000,048 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009/12/12 22:06:23 | 00,000,009 | RHS- | C] () -- C:\Windows\ULDR
[2009/12/10 22:04:03 | 03,847,760 | R--- | C] () -- C:\Users\Abdelkader\Desktop\ComboFix.exe
[2009/12/10 20:09:53 | 00,002,042 | ---- | C] () -- C:\Users\Abdelkader\Desktop\HijackThis.lnk
[2009/12/10 18:46:51 | 00,003,374 | ---- | C] () -- C:\Users\Abdelkader\Desktop\Rapport de compatibilité Windows.htm
[2009/12/08 17:19:52 | 00,261,632 | ---- | C] () -- C:\Windows\PEV.exe
[2009/12/08 17:19:52 | 00,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2009/12/08 17:19:51 | 00,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2009/12/08 17:19:51 | 00,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2009/12/08 17:19:51 | 00,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2009/12/07 20:37:06 | 00,001,006 | ---- | C] () -- C:\Users\Abdelkader\Desktop\JDownloader.lnk
[2009/12/06 08:43:53 | 00,002,459 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/12/06 08:40:07 | 00,001,820 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2009/12/03 15:32:14 | 00,001,049 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk
[2009/12/02 14:39:38 | 00,002,533 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2009/11/30 20:33:46 | 00,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009/11/25 15:25:08 | 00,000,343 | ---- | C] () -- C:\Windows\FIN2.cmd
[2009/11/24 19:16:43 | 00,057,652 | ---- | C] () -- C:\Users\Abdelkader\Desktop\2686958810_2.jpg
[2009/11/24 19:16:27 | 00,026,885 | ---- | C] () -- C:\Users\Abdelkader\Desktop\2686709554_small_1.jpg
[2009/11/20 11:14:56 | 00,001,807 | ---- | C] () -- C:\Users\Abdelkader\Desktop\5876163668[1].jpg
[2009/11/20 11:14:46 | 00,001,639 | ---- | C] () -- C:\Users\Abdelkader\Desktop\5847208510[1].jpg
[2009/11/20 11:14:40 | 00,025,321 | ---- | C] () -- C:\Users\Abdelkader\Desktop\5816367420[1].jpg
[2009/11/06 10:58:04 | 00,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009/10/29 23:24:39 | 00,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009/09/24 21:24:35 | 00,031,007 | ---- | C] () -- C:\Users\Abdelkader\AppData\Roaming\UserTile.png
[2009/09/06 23:00:02 | 01,481,728 | ---- | C] () -- C:\Windows\System32\legitcheckcontrol.dll.bak
[2009/09/06 23:00:02 | 01,481,728 | ---- | C] () -- C:\Windows\System32\LegitCheckControl.dll
[2009/09/06 23:00:02 | 00,190,976 | ---- | C] () -- C:\Windows\System32\wgalogon.dll.bak
[2009/09/06 23:00:02 | 00,190,976 | ---- | C] () -- C:\Windows\System32\WgaLogon.dll
[2009/08/18 20:14:14 | 00,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/08/18 18:28:48 | 00,000,482 | ---- | C] () -- C:\Windows\System32\Remover.ini
[2009/08/18 17:03:27 | 00,000,000 | ---- | C] () -- C:\Windows\SelSet.INI
[2009/07/14 00:51:43 | 00,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 00,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/07/05 10:29:18 | 00,138,576 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009/06/19 10:27:48 | 00,000,556 | ---- | C] () -- C:\Windows\iqksenu.ini
[2009/06/07 14:59:58 | 00,022,328 | ---- | C] () -- C:\Users\Abdelkader\AppData\Roaming\PnkBstrK.sys
[2009/06/07 14:59:38 | 00,000,319 | ---- | C] () -- C:\Windows\game.ini
[2009/06/07 12:04:09 | 00,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009/01/15 13:45:34 | 00,181,248 | ---- | C] () -- C:\Windows\System32\txmlutil.dll
[2008/10/07 08:13:30 | 00,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 08:13:22 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007/01/31 14:50:32 | 00,913,408 | ---- | C] () -- C:\Windows\System32\xreglib.dll
[2007/01/31 13:48:36 | 00,000,518 | ---- | C] () -- C:\Windows\System32\SP7311.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Abdelkader\Desktop\brice hortefeux ministre UMP France racisme derape.mp4:TOC.WMV
<End>
kader-66
 
Messages: 31
Inscription: 10 Déc 2009, 23:23

Messagede kader-66 » 20 Déc 2009, 11:39

Et maintenant, voilà le rapport Extra

OTL Extras logfile created on: 20/12/2009 11:05:43 - Run 1
OTL by OldTimer - Version 3.1.19.0 Folder = C:\Users\Abdelkader\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 36,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 57,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 117,19 Gb Total Space | 25,61 Gb Free Space | 21,85% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 180,90 Gb Total Space | 152,19 Gb Free Space | 84,13% Space Free | Partition Type: NTFS
Drive M: | 931,51 Gb Total Space | 488,97 Gb Free Space | 52,49% Space Free | Partition Type: NTFS

Computer Name: PC-DE-KADER
Current User Name: Abdelkader
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-4165229912-2147149674-2309070950-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
chm.file [open] -- "%SystemRoot%\hh.exe" %1
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
"{055FEF8E-4B86-400F-A5C6-8FAC0042DCD9}" = NVIDIA PureVideo Decoder
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0C811605-BAB2-4129-AB15-0A9956B2F0D2}" = PC-Camera
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Assistant de connexion Windows Live ID
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{249F04CC-4824-44E6-A8D8-08013A4C79DA}" = PDF2Office v5.0 - Trial
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{2D87E961-577B-492B-AD54-1368680FB9A7}" = Bing Maps 3D
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"{3E9324D4-F434-4158-B011-AC3752533590}" = Windows Genuine Advantage Validation v1.9.40.0 Cracked V4
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{425FFD94-36BD-4933-881B-FE0B9DADF2B7}" = Ma-Config.com
"{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{4BE15737-07C5-4705-9DFC-D9D533939942}" = NVIDIA Media Center Extensions
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{53B20C18-D8D4-4588-8737-9BBFE303C354}" = Windows Live Movie Maker
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E36A172-06FB-4BC8-B7FC-D30D219E6776}" = Tom Clancy's H.A.W.X
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = USB2.0 PC Camera (SN9C201&202)
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Gestionnaire pour appareils Windows Mobile
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B63540D-D942-4C38-B42E-A48AE0145970}" = Virtua Tennis(TM) 2009
"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1036-7B44-A92000000001}" = Adobe Reader 9.2 - Français
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B43A3C5D-7F74-4493-840E-D7B74520BC19}" = PDF Download for Internet Explorer
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BADC5319-A2A0-4BE1-A7C3-A271AE0E791D}" = BitDefender Antivirus 2010
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C084BC61-E537-11DE-8616-005056806466}" = Google Earth
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}" = Windows Live Contrôle parental
"{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}" = Safari
"{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}" = U3Launcher
"{D96021A9-B290-4783-B019-0E4000DA84CE}" = S4 League_EU
"{DA703982C580418795BF4001AA9D7061}" = DivX Plus Media Foundation Components
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E5141379-B2D9-4BBC-BB2A-5805541571DD}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
"{E7044E25-3038-4A76-9064-344AC038043E}" = Mise à jour du pilote du Gestionnaire pour appareils Windows Mobile
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3BCE8FA-0EE2-4628-BF02-AB5AF4077997}" = Ciel Compta 16.0
"{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = Utilitaire de configuration iPhone
"{FA5CEDAB-60BF-4C3F-9DB3-FC51C45A9392}" = StarCam mini
"3554AA4B-9B0B-451a-A269-2B5F53982209_is1" = ThreatFire
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"adsl TV" = adsl TV
"a-squared Free_is1" = a-squared Free 4.5
"Athan" = Athan Basic 3.6
"CCleaner" = CCleaner
"Digital Image Recovery_is1" = Digital Image Recovery 1.47
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"EPSON Printer and Utilities" = EPSON Logiciel imprimante
"EPSON Scanner" = EPSON Scan
"FreePack" = FreePack
"HijackThis" = HijackThis 2.0.2
"HomePlayer" = HomePlayer 1.5.9
"InstallShield_{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
"InstallShield_{0C811605-BAB2-4129-AB15-0A9956B2F0D2}" = PC-Camera
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{A1644527-B0FF-485B-8412-3C7504A2F188}" = Quantum of Solace(TM) 1.1 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{E5141379-B2D9-4BBC-BB2A-5805541571DD}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
"InstallShield_{FA5CEDAB-60BF-4C3F-9DB3-FC51C45A9392}" = StarCam mini
"iqksenu.ini" = Cool Paint
"JDownloader" = JDownloader
"Jeyo Mobile Extender 2.5 pour Outlook_is1" = Jeyo Mobile Extender 2.5 pour Outlook
"KEMailKb" = E-Mail Multimedia Keyboard for USB
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Mon Widget RMC" = Mon Widget RMC (remove only)
"Mozilla Firefox (3.5.6)" = Mozilla Firefox (3.5.6)
"Nero8Lite_is1" = Nero 8 Lite 8.1.1.4
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PC Wizard 2009_is1" = PC Wizard 2009.1.90
"PowerISO" = PowerISO
"PROPLUS" = Microsoft Office Professional Plus 2007
"PunkBusterSvc" = PunkBuster Services
"Recuva" = Recuva (remove only)
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamViewer 4" = TeamViewer 4
"TeamViewer 5" = TeamViewer 5
"VLC media player" = VLC media player 1.0.3
"Windows Genuine Advantage Validation v1.9.40.0 Cracked V4" = Windows Genuine Advantage Validation v1.9.40.0 Cracked V4
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = Archiveur WinRAR
"Xfire" = Xfire (remove only)
"X-Lite 1.5_is1" = X-Lite 3.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4165229912-2147149674-2309070950-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Notification de cadeaux MSN" = Notification de cadeaux MSN

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 24/11/2009 17:43:58 | Computer Name = PC-de-Kader | Source = Software Protection Platform Service | ID = 8193
Description = Le planificateur d’activation des licences (sppuinotify.dll) a échoué
avec le code d’erreur suivant : 0x80070002

Error - 24/11/2009 18:43:58 | Computer Name = PC-de-Kader | Source = Software Protection Platform Service | ID = 8193
Description = Le planificateur d’activation des licences (sppuinotify.dll) a échoué
avec le code d’erreur suivant : 0x80070002

Error - 24/11/2009 19:43:58 | Computer Name = PC-de-Kader | Source = Software Protection Platform Service | ID = 8193
Description = Le planificateur d’activation des licences (sppuinotify.dll) a échoué
avec le code d’erreur suivant : 0x80070002

Error - 25/11/2009 05:38:14 | Computer Name = PC-de-Kader | Source = Software Protection Platform Service | ID = 8193
Description = Le planificateur d’activation des licences (sppuinotify.dll) a échoué
avec le code d’erreur suivant : 0x80070002

Error - 25/11/2009 06:38:18 | Computer Name = PC-de-Kader | Source = Software Protection Platform Service | ID = 8193
Description = Le planificateur d’activation des licences (sppuinotify.dll) a échoué
avec le code d’erreur suivant : 0x80070002

Error - 25/11/2009 06:41:25 | Computer Name = PC-de-Kader | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante iw3mp.exe, version : 0.0.0.0, horodatage
: 0x4859a219 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage :
0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000 ID du processus
défaillant : 0x1ef8 Heure de début de l’application défaillante : 0x01ca6dba70e07788
Chemin
d’accès de l’application défaillante : c:\program files\activision\call of duty
4 - modern warfare\iw3mp.exe Chemin d’accès du module défaillant: unknown ID de rapport
: 142e289f-d9af-11de-bdd1-001a4d940cf8

Error - 25/11/2009 06:53:05 | Computer Name = PC-de-Kader | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante iw3mp.exe, version : 0.0.0.0, horodatage
: 0x4859a219 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage :
0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x3ab1ff91 ID du processus
défaillant : 0x1ffc Heure de début de l’application défaillante : 0x01ca6dbd5baf46e7
Chemin
d’accès de l’application défaillante : c:\program files\activision\call of duty
4 - modern warfare\iw3mp.exe Chemin d’accès du module défaillant: unknown ID de rapport
: b4e47895-d9b0-11de-bdd1-001a4d940cf8

Error - 25/11/2009 07:38:17 | Computer Name = PC-de-Kader | Source = Software Protection Platform Service | ID = 8193
Description = Le planificateur d’activation des licences (sppuinotify.dll) a échoué
avec le code d’erreur suivant : 0x80070002

Error - 25/11/2009 08:38:17 | Computer Name = PC-de-Kader | Source = Software Protection Platform Service | ID = 8193
Description = Le planificateur d’activation des licences (sppuinotify.dll) a échoué
avec le code d’erreur suivant : 0x80070002

Error - 25/11/2009 09:38:17 | Computer Name = PC-de-Kader | Source = Software Protection Platform Service | ID = 8193
Description = Le planificateur d’activation des licences (sppuinotify.dll) a échoué
avec le code d’erreur suivant : 0x80070002

[ OSession Events ]
Error - 18/08/2009 12:26:28 | Computer Name = PC-de-Abdelkade | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 144
seconds with 120 seconds of active time. This session ended with a crash.

Error - 21/09/2009 05:14:47 | Computer Name = PC-de-Abdelkade | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 85
seconds with 0 seconds of active time. This session ended with a crash.

Error - 05/11/2009 07:45:41 | Computer Name = PC-de-Kader | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 101
seconds with 0 seconds of active time. This session ended with a crash.

Error - 10/11/2009 06:28:12 | Computer Name = PC-de-Kader | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 85
seconds with 0 seconds of active time. This session ended with a crash.

Error - 17/11/2009 08:36:20 | Computer Name = PC-de-Kader | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 80
seconds with 0 seconds of active time. This session ended with a crash.

Error - 26/11/2009 10:00:32 | Computer Name = PC-de-Kader | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 86
seconds with 60 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 19/12/2009 09:24:49 | Computer Name = PC-de-Kader | Source = Service Control Manager | ID = 7034
Description = Le service Hôte du fournisseur de découverte de fonctions s’est terminé
de façon inattendue pour la 1ème fois.

Error - 19/12/2009 09:24:49 | Computer Name = PC-de-Kader | Source = Service Control Manager | ID = 7031
Description = Le service Service Liste des réseaux s’est terminé de manière inattendue.
Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans
100 millisecondes : Redémarrer le service.

Error - 19/12/2009 09:24:49 | Computer Name = PC-de-Kader | Source = Service Control Manager | ID = 7031
Description = Le service Service Interface du magasin réseau s’est terminé de manière
inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée
dans 120000 millisecondes : Redémarrer le service.

Error - 19/12/2009 09:24:49 | Computer Name = PC-de-Kader | Source = Service Control Manager | ID = 7031
Description = Le service Service SSTP (Secure Socket Tunneling Protocol) s’est terminé
de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante
va être effectuée dans 120000 millisecondes : Redémarrer le service.

Error - 19/12/2009 09:24:49 | Computer Name = PC-de-Kader | Source = Service Control Manager | ID = 7034
Description = Le service Service hôte WDIServiceHost s’est terminé de façon inattendue
pour la 1ème fois.

Error - 19/12/2009 09:26:49 | Computer Name = PC-de-Kader | Source = Service Control Manager | ID = 7032
Description = Le Gestionnaire de services de contrôle a essayé d’entreprendre une
action corrective (Redémarrer le service) après la fin inattendue du service Service
Interface du magasin réseau, mais cette action a échoué en raison de l’erreur suivante :
%%1056

Error - 19/12/2009 10:58:58 | Computer Name = PC-de-Kader | Source = Service Control Manager | ID = 7000
Description = Le service BDFM n’a pas pu démarrer en raison de l’erreur : %%31

Error - 19/12/2009 13:46:19 | Computer Name = PC-de-Kader | Source = Microsoft-Windows-HAL | ID = 12
Description = Le microprogramme de la plateforme a endommagé la mémoire lors de
la précédente transition d’alimentation du système. Recherchez un microprogramme
plus récent à utiliser pour votre système.

Error - 20/12/2009 05:40:19 | Computer Name = PC-de-Kader | Source = Service Control Manager | ID = 7000
Description = Le service BDFM n’a pas pu démarrer en raison de l’erreur : %%31

Error - 20/12/2009 05:55:25 | Computer Name = PC-de-Kader | Source = Service Control Manager | ID = 7000
Description = Le service BDFM n’a pas pu démarrer en raison de l’erreur : %%31


<End>
kader-66
 
Messages: 31
Inscription: 10 Déc 2009, 23:23

Précédente

Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 13 invités

cron