Fenêtre publicitaire intempestive

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Fenêtre publicitaire intempestive

Messagede diesel » 09 Juin 2011, 16:40

Bonjour, j'ai un petit soucis avec mon pc, j'ai des fenêtres de publicité qui apparaissent sans arrêt,
voici les différents rapport demandé.


Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Version de la base de données: 6819

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

9/06/2011 17:11:59
mbam-log-2011-06-09 (17-11-46).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 181730
Temps écoulé: 3 minute(s), 23 seconde(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 9

Processus mémoire infecté(s):
c:\Windows\Ahoxea.exe (Trojan.Downloader) -> 3796 -> No action taken.

Module(s) mémoire infecté(s):
c:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> No action taken.

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\4ECYTQ9SIC (Trojan.FakeAlert.SA) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\KOQMLYTPE7 (Trojan.FakeAlert.SA) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\idgbn5xehg (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Metropolis (Trojan.Downloader) -> Value: Metropolis -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\4ECYTQ9SIC (Trojan.Downloader) -> Value: 4ECYTQ9SIC -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\Windows\Ahoxea.exe (Trojan.Downloader) -> No action taken.
c:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> No action taken.
c:\Users\Utiilisateur\AppData\Local\Temp\Apl.exe (Trojan.Downloader) -> No action taken.
c:\Users\utiilisateur\AppData\Local\Temp\Apj.exe (Trojan.Downloader) -> No action taken.
c:\Users\utiilisateur\AppData\Local\Temp\Apk.exe (Trojan.Downloader) -> No action taken.
c:\Users\utiilisateur\AppData\Local\Temp\Apm.exe (Trojan.Downloader) -> No action taken.
c:\Windows\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> No action taken.
c:\Windows\Tasks\{bbaeaeaf-1275-40e2-bd6c-bc8f88bd114a}.job (Trojan.Downloader) -> No action taken.
c:\Windows\Tasks\{810401e2-dde0-454e-b0e2-aa89c9e5967c}.job (Trojan.FraudPack) -> No action taken.
diesel
 
Messages: 5
Inscription: 09 Juin 2011, 16:20

Re: Fenêtre publicitaire intempestive

Messagede diesel » 09 Juin 2011, 16:41

OTL Extras logfile created on: 9/06/2011 17:15:47 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Utiilisateur\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000080c | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy

3,25 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 41,50% Memory free
6,72 Gb Paging File | 4,48 Gb Available in Paging File | 66,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 279,46 Gb Total Space | 103,38 Gb Free Space | 36,99% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 612,93 Gb Free Space | 65,80% Space Free | Partition Type: NTFS

Computer Name: ALEX | User Name: Utiilisateur | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{006B18CB-E83C-4EAE-BB64-CF8FF95B5889}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0272C677-623E-4C47-936F-4026631292A8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0C1AE858-930C-45F4-8B38-D7BE6D1CC9E9}" = rport=10243 | protocol=6 | dir=out | app=system |
"{0FB473AA-F92C-46CF-9CD3-F781ABEAC3E5}" = rport=139 | protocol=6 | dir=out | app=system |
"{16B9C449-9605-4387-B430-03E0EFA39AFD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{24284208-8AAB-42BE-BD23-03FF39299F94}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3B9E5660-33C6-481C-923B-80843D34001B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3F42E8B9-96A3-4469-BEE7-1424171E7C7F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{43193922-33BA-40EA-BF90-A3C9E969F544}" = lport=445 | protocol=6 | dir=in | app=system |
"{4ECC7848-A084-4F3C-BAC5-E1729CA8D099}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{517F73BD-DB14-4EDB-864A-0ABC9B13CEBB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{568CAE22-0A20-492C-8D62-3CA0A0283CC4}" = lport=138 | protocol=17 | dir=in | app=system |
"{5A86F22D-1CF3-4F32-85C2-54F63B36588D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5D24C28B-595C-442C-BB41-B084F8EADC45}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5DA78841-2373-4493-BDE8-E93863CE68B1}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{61C24494-7F58-46B3-85FC-28FF8911B5CC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{749338CC-144B-4287-BAF4-C9B5D4265F96}" = lport=139 | protocol=6 | dir=in | app=system |
"{7F3B4F81-DB86-4591-9403-230D5F2FD03C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{83481CEF-542F-42BA-8C2B-CF38617CDE8B}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{8EFA56D0-04CA-48FB-A9A0-24AAE10F6519}" = lport=137 | protocol=17 | dir=in | app=system |
"{91AA679C-6402-496D-8A2E-959EE4B3405C}" = lport=49161 | protocol=6 | dir=in | name=akamai netsession interface |
"{9D3E352C-5C06-4F83-8196-01EDDDB89ADB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A96D9592-26BE-4963-A788-EF352B9517AF}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{AE250934-EF2B-465A-A2BF-51B80EED6C26}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B32C5AA9-5397-4540-8EF0-2969B398E378}" = rport=138 | protocol=17 | dir=out | app=system |
"{C91473BA-3D11-4977-96E0-3B97BA08D90C}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{CF91804B-3265-437B-B8E4-5B44098E03A9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D1FC457B-B404-4FD1-8DF9-AED346F4F27D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D91F9477-1978-4DDC-A786-DDDB0C160097}" = rport=445 | protocol=6 | dir=out | app=system |
"{E15970FA-B7DD-448A-93E8-1F577609DBBF}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{F4344001-22EF-4800-87D4-134B5EA7FBEC}" = rport=137 | protocol=17 | dir=out | app=system |
"{FD0C8B04-DADC-4645-B219-76446E28FAD6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05BF91C0-FD20-4B25-ABA9-1D305FDCCC87}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{083D9473-8234-4213-9B3D-BBD4C99DA242}" = protocol=6 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{0A5503C5-F3E6-4E50-9CED-F7BA37771F5D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0CC6BD4E-5FB6-4A4C-8067-2A2E47CAF341}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0D8B9BC0-4D9F-468F-8DC6-F6DC6CDC41C4}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd9.exe |
"{167306D8-4477-422A-89FF-D002DB794DE4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{19523200-8B90-4E96-9A0B-11FCC7559127}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{1B54DC9A-8F50-407D-B4C0-C4DC98C432F2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1FB50C3F-8441-49DE-B62A-F22FDA222B95}" = protocol=6 | dir=out | app=system |
"{2F1ACC6F-9378-4203-AB5E-97F4A89A9520}" = protocol=17 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{36304DD6-749F-4BE0-83CE-99721C3C9399}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3D7C7647-E27A-429C-B16B-8DBDAC623764}" = protocol=17 | dir=in | app=c:\program files\codemasters\grid\grid.exe |
"{3DB41545-BE10-4CE2-92DE-7279CABBC563}" = protocol=6 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{4CBC3C96-30B8-46A7-B2C0-1D5DC3E3D0DC}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{4F90C805-07ED-48AF-98F4-C20E79030E8F}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{59BC0BEA-F07F-44FA-B0C1-D3A8126F05C6}" = protocol=17 | dir=in | app=c:\program files\thq\juiced2_hin\juiced2_hin.exe |
"{60D47564-A6B3-4F3B-B6A6-1493B3946921}" = protocol=6 | dir=in | app=c:\program files\thq\juiced2_hin\juiced2_hin.exe |
"{611E1231-9EE3-45CD-965D-1532CB124D80}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\server.exe |
"{6488BDC0-C0C6-4D9C-90EE-0FFA60CE2850}" = protocol=6 | dir=in | app=c:\program files\codemasters\grid\grid.exe |
"{75E184D6-792E-4537-A4A8-F6387BCCEC3C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{79DEF1FA-E730-4F15-9C03-605602F84162}" = protocol=17 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutlauncher.exe |
"{7FCBC8E1-1B91-44E5-9630-78959C6CA3FD}" = protocol=6 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysis.exe |
"{80C8E33B-549B-45DD-A941-E8730984D7D5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{858368A2-B80E-4B5E-83DC-220FD768C069}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\server.exe |
"{8B1C2D35-6D1B-4EA2-83B6-EF501BE51331}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{931589CA-8A98-4287-8D4E-47C5F82BF753}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2011\mentalimages\satellite\raysat_3dsmax2011_32.exe |
"{94080C90-D37C-4B70-9422-CDD39523FB28}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9448AB90-1F8F-4346-A742-EF114D648E2F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{94F93CC0-2329-4337-B8EC-F33FAD288F81}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{96D55517-2363-4F3E-9B5B-A3FCB5DEFAB5}" = protocol=6 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutlauncher.exe |
"{9961259A-3F9B-4A7A-8156-466B103B870D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{99EC73D5-E1EB-4B13-9258-E4302C604F03}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9C807E76-B81D-46B1-B890-4DBE24305449}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{A04FEDC2-209B-4B96-8225-EEBF6894CA72}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{A4976926-BA14-4DA5-ABA2-E3929579C27A}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2011\3dsmax.exe |
"{A51CCFC7-AC0D-4C79-9816-82B57F13676C}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe |
"{A8F0C4DE-4AA7-44F7-AEBA-58638D1BBDBB}" = protocol=6 | dir=in | app=c:\program files\codemasters\fuel\fuel.exe |
"{A90EBB20-1039-46C3-AF24-485CE36F332D}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\monitor.exe |
"{AB68B446-AACF-4D31-A947-39D6D82A5AAA}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2011\mentalimages\satellite\raysat_3dsmax2011_32.exe |
"{B594F236-BB67-4E94-BF39-035749FB4F97}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{B906C6E2-E9F6-4792-9452-5F4EFD72D031}" = protocol=6 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{BA292034-114D-4947-BC08-E3AD5126C4A1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BB30BBF7-2192-4166-8750-BCC6F954FF1A}" = protocol=17 | dir=in | app=c:\program files\codemasters\fuel\fuel.exe |
"{BED8F44D-4BCD-4D6B-80CE-04F0BA83C703}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe |
"{BFBF76B9-C8AA-46E1-BDD1-489BC21B75F4}" = protocol=17 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysis.exe |
"{C1736B73-9B97-4835-AFFD-3C1C08CD6FB2}" = protocol=17 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{C93AB6C3-9D43-4E1D-B209-0033A6B08BD1}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\manager.exe |
"{CACC291A-7A38-4920-AE65-918737CBDE47}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{CAD2CD61-48C4-48BE-92AD-83BA3F1B555D}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2011\3dsmax.exe |
"{CB14DBED-7D83-45A4-8E73-4FFEFF8630FA}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\monitor.exe |
"{CB97B8D0-56DF-4712-9478-BBBEB55817EE}" = protocol=17 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{DB16C983-F33D-434F-8A85-44C73CCF752F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DEEB4DFA-DB44-4560-A38D-BB5112A9164C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E0033F58-D2D3-4211-90CC-E02537C8F6EF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EB2CBFCA-5D5D-4D39-81E5-D93F10E16953}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{EBEEC8CF-06EB-4B31-B60A-3F281DC17213}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{EFC349E5-874F-48D0-989E-F20279941223}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{F032CDB6-C596-404C-8CD3-71002416BDD4}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{F33B866B-375D-48C6-A9D4-0816A5A406AA}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\manager.exe |
"{F773EA1E-05EF-49A6-AD2A-31A98B078CD0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{0D54738D-E79C-4F35-8990-DBC06704839E}C:\program files\real\realplayer\recordingmanager.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\recordingmanager.exe |
"TCP Query User{2450AE7F-5811-4BC8-B624-098F649AC91A}E:\download\shift 2 unleashed\crackshift2\shift2u.exe" = protocol=6 | dir=in | app=e:\download\shift 2 unleashed\crackshift2\shift2u.exe |
"TCP Query User{48176DEB-7FC4-4637-848F-23731BEC68BB}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{5194A922-0540-4AF7-96D7-A6E01FBEF0E0}C:\program files\adsltv\adsltv.exe" = protocol=6 | dir=in | app=c:\program files\adsltv\adsltv.exe |
"TCP Query User{65D10CE7-B4D0-496C-8D58-F45D04687279}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{80F474AB-96F4-4067-BE30-8632AC8576D1}C:\program files\codemasters\dirt\dirt.exe" = protocol=6 | dir=in | app=c:\program files\codemasters\dirt\dirt.exe |
"TCP Query User{853AB4EB-FC20-4944-BC15-58B09276236A}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{93D9E213-97FE-42AB-89CD-9FC7C7790D3E}C:\users\utiilisateur\appdata\local\temp\4600.exe" = protocol=6 | dir=in | app=c:\users\utiilisateur\appdata\local\temp\4600.exe |
"TCP Query User{9D875DEA-FD2F-4AAE-BAED-A2593A9BDB40}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{A33C2314-74BA-4CB7-BB40-9A21DF22058C}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{ABCA567C-BD35-45D7-8BF5-47D8E8D02B28}C:\program files\codemasters\dirt\dirt.exe" = protocol=6 | dir=in | app=c:\program files\codemasters\dirt\dirt.exe |
"TCP Query User{B535F1D4-96A9-4758-A73F-99783F53AC3F}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{B8AE4924-82C8-4DFF-8824-5D7E9FC25862}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{BB4F4701-FC0F-449A-9880-209461BF79B3}C:\program files\truck_racing_by_renault_trucks\bin\rtr.exe" = protocol=6 | dir=in | app=c:\program files\truck_racing_by_renault_trucks\bin\rtr.exe |
"TCP Query User{C254F05A-B192-4D82-A8DB-B87A34BC3D9F}C:\program files\adobe\adobe flash builder 4\flashbuilder.exe" = protocol=6 | dir=in | app=c:\program files\adobe\adobe flash builder 4\flashbuilder.exe |
"TCP Query User{C9F3EDD8-6F22-4F26-A34A-09B980F2ED1F}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{CE050AA9-1550-4CB7-9441-D715D0842F61}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{DB8B87F2-9DA4-49D9-B273-436CE0F635EE}C:\program files\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"TCP Query User{ECC0FBE6-0EFC-423F-B671-522C076B6C65}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{ED6D0510-0DC5-4C42-9382-527B77ECB052}C:\users\utiilisateur\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\utiilisateur\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{0BA36228-1B62-4316-B808-0BE71570DBCA}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{0DEFB5DA-F68A-41C2-9C03-851CC34CB4A0}C:\program files\codemasters\dirt\dirt.exe" = protocol=17 | dir=in | app=c:\program files\codemasters\dirt\dirt.exe |
"UDP Query User{1BDB15BF-CE7D-46E4-913C-5D3CECE67BD6}C:\program files\truck_racing_by_renault_trucks\bin\rtr.exe" = protocol=17 | dir=in | app=c:\program files\truck_racing_by_renault_trucks\bin\rtr.exe |
"UDP Query User{27611BF6-0C93-44A4-80ED-5605AE303F26}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{2B2525CD-49B9-42B9-BEBA-7CC3E9D91C88}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{3418BBAD-0EBE-4B3B-9BD5-607AEA2FC907}C:\users\utiilisateur\appdata\local\temp\4600.exe" = protocol=17 | dir=in | app=c:\users\utiilisateur\appdata\local\temp\4600.exe |
"UDP Query User{43F6925A-BBE9-4D09-959C-C66058BB3FD5}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{546D4D1F-0EEC-44D2-9266-C85674F41B41}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{59C88212-FD6D-42CB-A01B-2F9DB07E98BD}C:\program files\adsltv\adsltv.exe" = protocol=17 | dir=in | app=c:\program files\adsltv\adsltv.exe |
"UDP Query User{6916B811-C4E7-4289-8B5D-C2C5930B6328}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{6F779358-1DE4-485A-BD8E-3D55C1EBAA0E}C:\users\utiilisateur\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\utiilisateur\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{7EA0AF05-D04A-48B4-981B-B2057F6784A5}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{7FA03B70-AAC1-40F9-AB1C-DEBDB395C895}C:\program files\real\realplayer\recordingmanager.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\recordingmanager.exe |
"UDP Query User{843793A5-6875-401D-9219-C9FDC35FD3E2}E:\download\shift 2 unleashed\crackshift2\shift2u.exe" = protocol=17 | dir=in | app=e:\download\shift 2 unleashed\crackshift2\shift2u.exe |
"UDP Query User{86EEC6C6-178F-4972-B8BC-77FCF5CFA3C1}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{C50D36AD-BBD3-41A5-BE14-3B85F81AD11D}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{F50F229C-5A0B-44D0-9F0D-1DF9640D6EF4}C:\program files\adobe\adobe flash builder 4\flashbuilder.exe" = protocol=17 | dir=in | app=c:\program files\adobe\adobe flash builder 4\flashbuilder.exe |
"UDP Query User{F5F7B52A-9F4F-43BA-98A9-2616B4D5505D}C:\program files\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"UDP Query User{F9466B48-9558-49E5-8164-80204C430B08}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{FAFA094A-071E-487C-985F-E5D9524DFD6E}C:\program files\codemasters\dirt\dirt.exe" = protocol=17 | dir=in | app=c:\program files\codemasters\dirt\dirt.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03DD072B-A01B-4DCE-BF0A-8BC8A15817D4}_is1" = Picturaw 3.5
"{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}" = Microsoft Games for Windows - LIVE Redistributable
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{1AA26528-BDD7-45F2-7B45-54709113E1C7}" = Catalyst Control Center Graphics Light
"{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{246F6C8F-66A3-4660-9B9E-EEFE73377EB3}" = Skins
"{2491208F-5357-062F-31C6-CD7AF06300E1}" = Catalyst Control Center Graphics Full Existing
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x32
"{25E98ECB-5727-408E-B30A-2CAF86F5B310}" = OGA Notifier 1.7.0105.35.0
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 17
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2CBD0ADE-0EB2-491A-BDF8-17A738CFE264}" = Microcular
"{2F703E06-43D9-6867-1387-7D293AA222A7}" = Catalyst Control Center Graphics Full New
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3CA2B4FD-AEF2-ED4F-F5E5-0095DDA47AC7}" = Adobe Download Assistant
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40CB0D72-3B19-9BFE-F1B9-896BC4022145}" = HydraVision
"{41099717-4508-5A0E-7672-5D254C2A372C}" = CCC Help English
"{4196D960-68B0-4BEB-B312-3C1B4654068D}" = Handy Recovery 4.0
"{41F00F2E-00DC-93D3-0DEE-E73C4A16CEEB}" = ccc-utility
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{4D243BA7-9AC4-46D1-90E5-EEB88974F501}" = Microsoft Games for Windows - LIVE
"{4E33D05D-76CF-5D3C-4D5D-7727530FA161}" = Adobe Content Viewer
"{50E4FCC7-90B9-48C6-9D17-7AE66F282878}" = Juiced2_HIN
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57B89E30-0BBA-4F20-9F2C-8E8CDE1CEDB6}" = DiRT
"{5A0B7BA5-4682-4273-81C2-69B17E649103}" = GRID
"{5A0D71BC-3AB0-4BC1-B241-CABE11EEE731}" = DxO Optics Pro 5
"{5DC4D368-64B4-E266-6D8F-6CB90DF8A3F3}" = ccc-core-static
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM)
"{6009F2FC-EC56-4e28-B91C-0BA5104D6419}" = SF_CDA_Software
"{601F42A9-8B4F-4650-A472-4CA8325E3E87}" = D6100
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{6406E3EA-9777-45B7-A0C0-89741E629352}" = Composite 2011
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67574624-BF0F-0409-AF6D-19FBD86FF7F7}" = Autodesk 3ds Max 2011 32-bit
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}" = Adobe Flash Player 10 ActiveX
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{714B6179-84C4-4FBE-B934-B6CF75ED37A5}" = D6100_D7100_D7300_Help
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77296E63-8C19-462B-ABA1-F510750A8C51}" = Nokia PC Suite
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7B4B0AA9-F97E-49C4-AE6F-D40580B65A22}" = onOne PerfectPresets
"{7C6D8763-EEB7-433E-A75E-2AB44892FCA2}" = Ulead Photo Explorer 7.0 SE
"{7CFB6A71-5611-A1D8-520A-43AC0F2F56AD}" = CCC Help French
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{857CC5F0-040E-1016-A173-D55ADD80C260}" = Adobe InDesign CS5.5
"{85F8E0FA-A955-1C99-5FCA-D0EB6A915EC8}" = Catalyst Control Center Localization French
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{9455959E-D588-EFAE-329C-F66CC797F32A}" = Adobe Media Player
"{95120000-003F-040C-0000-0000000FF1CE}" = Microsoft Office Excel Viewer
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{9718521B-A345-4ad9-A52B-74D1435FB708}" = SF_CDA_ProductContext
"{975951E7-14D0-49AF-A630-89680D12D7F6}" = Autodesk Material Library 2011 Medium Image library
"{981DE354-9301-440f-AAFC-025AA2354A93}" = HP Deskjet & Photosmart Printer Driver Software 8.0.A
"{998EAED4-9AA5-6E47-B9EA-3BD1F43B0A33}" = Catalyst Control Center Core Implementation
"{99F80251-DAE8-0409-BD08-DCBBEF56B8CB}" = Autodesk 3ds Max 2011 32-bit Components
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9A996B6A-846E-4A89-B9C4-17546B7BE49F}" = Burnout(TM) Paradise The Ultimate Box
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A46C4D3C-84D7-5244-BAD5-58BDA56A9B62}" = Catalyst Control Center Graphics Previews Vista
"{A4EE4223-98B1-4874-BA6E-E8A574F9C0FF}" = Adobe Photoshop Lightroom 2.2
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A99411B5-760D-9035-EA58-B7CAED185446}" = ATI Catalyst Install Manager
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1036-7B44-A81000000003}" = Adobe Reader 8.1.0 - Français
"{AC76BA86-7AD7-5760-0000-800000000003}" = Japanese Fonts Support For Adobe Reader 8
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B9242864-2841-4ADE-86E0-8F90F91B04DD}" = Logitech Gaming Software
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}" = Adobe Flash Player 10 Plugin
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C07B86C3-1816-4C59-927E-0287925DFB96}" = Garmin City Navigator Europe NT 2010 Update
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3495A05-14AF-8FD1-FDA7-7554860BDC8B}" = Catalyst Control Center InstallProxy
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}" = Acronis True Image WD Edition
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C8D86898-0316-3CDE-B1DF-D2F260270696}" = Catalyst Control Center Graphics Previews Common
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E0783143-EAE2-4047-A8D6-E155523C594C}" = Garmin WebUpdater
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{E8C37E27-5205-4C8A-BECB-B00533045AAE}" = SHIFT 2 UNLEASHED™
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EC2A8F27-4FBF-4E41-B27B-FE822511B761}" = iTunes
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F51FF206-2273-4B3E-A90A-4752AE288C12}" = FUEL
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{FA3A247D-437A-455E-A88F-7EB6E5F9E799}" = Catalyst Control Center - Branding
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FE9CD338-1568-A3DF-D9DE-BFF0DE98303A}" = Catalyst Control Center HydraVision Full
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"00BD1CD47675C125126C80095FCC12CFA4D311DB" = Windows Driver Package - FTDI CDM Driver Package (06/27/2007 2.02.04)
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
"A622B79B943ECA1F0AECF1FF5BE13D458F345EBB" = Windows Driver Package - FTDI CDM Driver Package (06/27/2007 2.02.04)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Akamai" = Akamai NetSession Interface
"AnyDVD" = AnyDVD
"Autodesk FBX Plug-in 2011.1 - 3ds Max 2011" = Autodesk FBX Plug-in 2011.1 - 3ds Max 2011
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"CCleaner" = CCleaner (remove only)
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.dmp.contentviewer" = Adobe Content Viewer
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.53.1
"CutePDF Writer Installation" = CutePDF Writer 2.8
"DivX Setup.divx.com" = Configuration DivX
"DPP" = Canon Utilities Digital Photo Professional 3.8
"EOS Utility" = Canon Utilities EOS Utility
"ERUNT_is1" = ERUNT 1.1j
"ETKA 7.2 Final" = ETKA 7.2 Final
"Flickr Uploadr" = Flickr Uploadr 3.2.1
"FormatFactory" = FormatFactory 2.50
"Free Video Converter_is1" = Free Video Converter V 2.9
"Hardlock Device Drivers" = Hardlock Device Drivers
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HTPE3" = HyperTerminal Private Edition v7.0
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Gestionnaire de périphériques de plate-forme
"InstallShield_{2CBD0ADE-0EB2-491A-BDF8-17A738CFE264}" = Microcular
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Thunderbird (3.1.4)" = Mozilla Thunderbird (3.1.4)
"myxoftdssdj_is1" = DSS DJ 5.6
"ODSK" = Canon Utilities Original Data Security Tools
"OpenAL" = OpenAL
"PhotomatixPro3Betax32_is1" = Photomatix Pro version 3.2.1
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"PROPLUS" = Microsoft Office Professional Plus 2007
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealPlayer 12.0" = RealPlayer
"SpeedFan" = SpeedFan (remove only)
"ST6UNST #1" = SpeedCams_Serveur
"wcmdmgr.exe" = WildTangent Updater
"WFTK" = Canon Utilities WFT-E1/E2/E3 Utility
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = WinRAR archiver
"wtdmmp" = WildTangent Multiplayer Library
"wtwebdriver" = WildTangent Web Driver
"ZHPDiag_is1" = ZHPDiag 1.26

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"777612c68f3d30d4" = RapidShare Downloader.NET
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 29/05/2011 6:13:36 | Computer Name = Alex | Source = WinMgmt | ID = 10
Description =

Error - 29/05/2011 7:51:04 | Computer Name = Alex | Source = WinMgmt | ID = 10
Description =

Error - 29/05/2011 16:10:39 | Computer Name = Alex | Source = WinMgmt | ID = 10
Description =

Error - 8/06/2011 12:33:48 | Computer Name = Alex | Source = WinMgmt | ID = 10
Description =

Error - 8/06/2011 17:15:44 | Computer Name = Alex | Source = VSS | ID = 8194
Description =

Error - 9/06/2011 2:16:10 | Computer Name = Alex | Source = Application Error | ID = 1000
Description = Application défaillante Apm.exe, version 0.0.0.0, horodatage 0x4de8cc2e,
module défaillant mshtml.dll, version 9.0.8112.16421, horodatage 0x4d76266c, code
d’exception 0xc0000005, décalage d’erreur 0x004148c4, ID du processus 0x1a0c, heure
de début de l’application 0x01cc266486d901ed.

Error - 9/06/2011 9:51:37 | Computer Name = Alex | Source = WinMgmt | ID = 10
Description =

Error - 9/06/2011 9:58:17 | Computer Name = Alex | Source = Application Error | ID = 1000
Description = Application défaillante Apm.exe, version 0.0.0.0, horodatage 0x4de8cc2e,
module défaillant mshtml.dll, version 9.0.8112.16421, horodatage 0x4d76266c, code
d’exception 0xc0000005, décalage d’erreur 0x002bb684, ID du processus 0x1f88, heure
de début de l’application 0x01cc26acb681dd2d.

Error - 9/06/2011 10:53:32 | Computer Name = Alex | Source = Application Error | ID = 1000
Description = Application défaillante Apm.exe, version 0.0.0.0, horodatage 0x4de8cc2e,
module défaillant mshtml.dll, version 9.0.8112.16421, horodatage 0x4d76266c, code
d’exception 0xc0000005, décalage d’erreur 0x001b0384, ID du processus 0x1534, heure
de début de l’application 0x01cc26b3cd228aad.

Error - 9/06/2011 10:58:44 | Computer Name = Alex | Source = Application Error | ID = 1000
Description = Application défaillante Apm.exe, version 0.0.0.0, horodatage 0x4de8cc2e,
module défaillant mshtml.dll, version 9.0.8112.16421, horodatage 0x4d76266c, code
d’exception 0xc0000005, décalage d’erreur 0x002bb684, ID du processus 0x1bd4, heure
de début de l’application 0x01cc26b55857550d.

[ OSession Events ]
Error - 9/02/2010 14:06:09 | Computer Name = Alex | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6334.5000. This session
lasted 26 seconds with 0 seconds of active time. This session ended with a crash.

Error - 9/02/2010 14:08:57 | Computer Name = Alex | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6334.5000. This session
lasted 38 seconds with 0 seconds of active time. This session ended with a crash.

Error - 9/02/2010 14:11:09 | Computer Name = Alex | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6334.5000. This session
lasted 100 seconds with 60 seconds of active time. This session ended with a crash.

Error - 9/02/2010 14:13:14 | Computer Name = Alex | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6334.5000. This session
lasted 66 seconds with 60 seconds of active time. This session ended with a crash.

Error - 9/02/2010 14:15:53 | Computer Name = Alex | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6334.5000. This session
lasted 37 seconds with 0 seconds of active time. This session ended with a crash.

Error - 9/02/2010 14:19:37 | Computer Name = Alex | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6334.5000. This session
lasted 26 seconds with 0 seconds of active time. This session ended with a crash.

Error - 9/02/2010 14:24:31 | Computer Name = Alex | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6334.5000. This session
lasted 79 seconds with 60 seconds of active time. This session ended with a crash.

Error - 9/02/2010 14:34:10 | Computer Name = Alex | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6334.5000. This session
lasted 53 seconds with 0 seconds of active time. This session ended with a crash.

Error - 9/02/2010 14:41:37 | Computer Name = Alex | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6334.5000. This session
lasted 30 seconds with 0 seconds of active time. This session ended with a crash.

Error - 9/02/2010 14:56:24 | Computer Name = Alex | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6334.5000. This session
lasted 44 seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 29/05/2011 5:45:03 | Computer Name = Alex | Source = Service Control Manager | ID = 7000
Description =

Error - 29/05/2011 6:13:42 | Computer Name = Alex | Source = Service Control Manager | ID = 7022
Description =

Error - 29/05/2011 7:52:14 | Computer Name = Alex | Source = Service Control Manager | ID = 7022
Description =

Error - 29/05/2011 16:10:49 | Computer Name = Alex | Source = Service Control Manager | ID = 7022
Description =

Error - 8/06/2011 12:33:48 | Computer Name = Alex | Source = Service Control Manager | ID = 7022
Description =

Error - 8/06/2011 16:46:12 | Computer Name = Alex | Source = DCOM | ID = 10005
Description =

Error - 8/06/2011 16:46:12 | Computer Name = Alex | Source = Service Control Manager | ID = 7009
Description =

Error - 8/06/2011 16:46:12 | Computer Name = Alex | Source = Service Control Manager | ID = 7000
Description =

Error - 9/06/2011 9:50:15 | Computer Name = Alex | Source = Print | ID = 19
Description = Échec du spouleur d’impression pour partager l’imprimante HP Photosmart
D6100 series (Copie 1) avec le nom de la ressource partagée HP Photosmart D6100
series (Copie 1). Erreur 2114. L’imprimante n’est pas utilisable par d’autres personnes
sur le réseau.

Error - 9/06/2011 9:51:46 | Computer Name = Alex | Source = Service Control Manager | ID = 7022
Description =


< End of report >
diesel
 
Messages: 5
Inscription: 09 Juin 2011, 16:20

Re: Fenêtre publicitaire intempestive

Messagede diesel » 09 Juin 2011, 16:42

OTL Extras logfile created on: 9/06/2011 17:15:47 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Utiilisateur\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000080c | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy

3,25 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 41,50% Memory free
6,72 Gb Paging File | 4,48 Gb Available in Paging File | 66,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 279,46 Gb Total Space | 103,38 Gb Free Space | 36,99% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 612,93 Gb Free Space | 65,80% Space Free | Partition Type: NTFS

Computer Name: ALEX | User Name: Utiilisateur | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{006B18CB-E83C-4EAE-BB64-CF8FF95B5889}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0272C677-623E-4C47-936F-4026631292A8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0C1AE858-930C-45F4-8B38-D7BE6D1CC9E9}" = rport=10243 | protocol=6 | dir=out | app=system |
"{0FB473AA-F92C-46CF-9CD3-F781ABEAC3E5}" = rport=139 | protocol=6 | dir=out | app=system |
"{16B9C449-9605-4387-B430-03E0EFA39AFD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{24284208-8AAB-42BE-BD23-03FF39299F94}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3B9E5660-33C6-481C-923B-80843D34001B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3F42E8B9-96A3-4469-BEE7-1424171E7C7F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{43193922-33BA-40EA-BF90-A3C9E969F544}" = lport=445 | protocol=6 | dir=in | app=system |
"{4ECC7848-A084-4F3C-BAC5-E1729CA8D099}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{517F73BD-DB14-4EDB-864A-0ABC9B13CEBB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{568CAE22-0A20-492C-8D62-3CA0A0283CC4}" = lport=138 | protocol=17 | dir=in | app=system |
"{5A86F22D-1CF3-4F32-85C2-54F63B36588D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5D24C28B-595C-442C-BB41-B084F8EADC45}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5DA78841-2373-4493-BDE8-E93863CE68B1}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{61C24494-7F58-46B3-85FC-28FF8911B5CC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{749338CC-144B-4287-BAF4-C9B5D4265F96}" = lport=139 | protocol=6 | dir=in | app=system |
"{7F3B4F81-DB86-4591-9403-230D5F2FD03C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{83481CEF-542F-42BA-8C2B-CF38617CDE8B}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{8EFA56D0-04CA-48FB-A9A0-24AAE10F6519}" = lport=137 | protocol=17 | dir=in | app=system |
"{91AA679C-6402-496D-8A2E-959EE4B3405C}" = lport=49161 | protocol=6 | dir=in | name=akamai netsession interface |
"{9D3E352C-5C06-4F83-8196-01EDDDB89ADB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A96D9592-26BE-4963-A788-EF352B9517AF}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{AE250934-EF2B-465A-A2BF-51B80EED6C26}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B32C5AA9-5397-4540-8EF0-2969B398E378}" = rport=138 | protocol=17 | dir=out | app=system |
"{C91473BA-3D11-4977-96E0-3B97BA08D90C}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{CF91804B-3265-437B-B8E4-5B44098E03A9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D1FC457B-B404-4FD1-8DF9-AED346F4F27D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D91F9477-1978-4DDC-A786-DDDB0C160097}" = rport=445 | protocol=6 | dir=out | app=system |
"{E15970FA-B7DD-448A-93E8-1F577609DBBF}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{F4344001-22EF-4800-87D4-134B5EA7FBEC}" = rport=137 | protocol=17 | dir=out | app=system |
"{FD0C8B04-DADC-4645-B219-76446E28FAD6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05BF91C0-FD20-4B25-ABA9-1D305FDCCC87}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{083D9473-8234-4213-9B3D-BBD4C99DA242}" = protocol=6 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{0A5503C5-F3E6-4E50-9CED-F7BA37771F5D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0CC6BD4E-5FB6-4A4C-8067-2A2E47CAF341}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0D8B9BC0-4D9F-468F-8DC6-F6DC6CDC41C4}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd9.exe |
"{167306D8-4477-422A-89FF-D002DB794DE4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{19523200-8B90-4E96-9A0B-11FCC7559127}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{1B54DC9A-8F50-407D-B4C0-C4DC98C432F2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1FB50C3F-8441-49DE-B62A-F22FDA222B95}" = protocol=6 | dir=out | app=system |
"{2F1ACC6F-9378-4203-AB5E-97F4A89A9520}" = protocol=17 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{36304DD6-749F-4BE0-83CE-99721C3C9399}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3D7C7647-E27A-429C-B16B-8DBDAC623764}" = protocol=17 | dir=in | app=c:\program files\codemasters\grid\grid.exe |
"{3DB41545-BE10-4CE2-92DE-7279CABBC563}" = protocol=6 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{4CBC3C96-30B8-46A7-B2C0-1D5DC3E3D0DC}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{4F90C805-07ED-48AF-98F4-C20E79030E8F}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{59BC0BEA-F07F-44FA-B0C1-D3A8126F05C6}" = protocol=17 | dir=in | app=c:\program files\thq\juiced2_hin\juiced2_hin.exe |
"{60D47564-A6B3-4F3B-B6A6-1493B3946921}" = protocol=6 | dir=in | app=c:\program files\thq\juiced2_hin\juiced2_hin.exe |
"{611E1231-9EE3-45CD-965D-1532CB124D80}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\server.exe |
"{6488BDC0-C0C6-4D9C-90EE-0FFA60CE2850}" = protocol=6 | dir=in | app=c:\program files\codemasters\grid\grid.exe |
"{75E184D6-792E-4537-A4A8-F6387BCCEC3C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{79DEF1FA-E730-4F15-9C03-605602F84162}" = protocol=17 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutlauncher.exe |
"{7FCBC8E1-1B91-44E5-9630-78959C6CA3FD}" = protocol=6 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysis.exe |
"{80C8E33B-549B-45DD-A941-E8730984D7D5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{858368A2-B80E-4B5E-83DC-220FD768C069}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\server.exe |
"{8B1C2D35-6D1B-4EA2-83B6-EF501BE51331}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{931589CA-8A98-4287-8D4E-47C5F82BF753}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2011\mentalimages\satellite\raysat_3dsmax2011_32.exe |
"{94080C90-D37C-4B70-9422-CDD39523FB28}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9448AB90-1F8F-4346-A742-EF114D648E2F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{94F93CC0-2329-4337-B8EC-F33FAD288F81}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{96D55517-2363-4F3E-9B5B-A3FCB5DEFAB5}" = protocol=6 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutlauncher.exe |
"{9961259A-3F9B-4A7A-8156-466B103B870D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{99EC73D5-E1EB-4B13-9258-E4302C604F03}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9C807E76-B81D-46B1-B890-4DBE24305449}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{A04FEDC2-209B-4B96-8225-EEBF6894CA72}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{A4976926-BA14-4DA5-ABA2-E3929579C27A}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2011\3dsmax.exe |
"{A51CCFC7-AC0D-4C79-9816-82B57F13676C}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe |
"{A8F0C4DE-4AA7-44F7-AEBA-58638D1BBDBB}" = protocol=6 | dir=in | app=c:\program files\codemasters\fuel\fuel.exe |
"{A90EBB20-1039-46C3-AF24-485CE36F332D}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\monitor.exe |
"{AB68B446-AACF-4D31-A947-39D6D82A5AAA}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2011\mentalimages\satellite\raysat_3dsmax2011_32.exe |
"{B594F236-BB67-4E94-BF39-035749FB4F97}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{B906C6E2-E9F6-4792-9452-5F4EFD72D031}" = protocol=6 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{BA292034-114D-4947-BC08-E3AD5126C4A1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BB30BBF7-2192-4166-8750-BCC6F954FF1A}" = protocol=17 | dir=in | app=c:\program files\codemasters\fuel\fuel.exe |
"{BED8F44D-4BCD-4D6B-80CE-04F0BA83C703}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe |
"{BFBF76B9-C8AA-46E1-BDD1-489BC21B75F4}" = protocol=17 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysis.exe |
"{C1736B73-9B97-4835-AFFD-3C1C08CD6FB2}" = protocol=17 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{C93AB6C3-9D43-4E1D-B209-0033A6B08BD1}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\manager.exe |
"{CACC291A-7A38-4920-AE65-918737CBDE47}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{CAD2CD61-48C4-48BE-92AD-83BA3F1B555D}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2011\3dsmax.exe |
"{CB14DBED-7D83-45A4-8E73-4FFEFF8630FA}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\monitor.exe |
"{CB97B8D0-56DF-4712-9478-BBBEB55817EE}" = protocol=17 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{DB16C983-F33D-434F-8A85-44C73CCF752F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DEEB4DFA-DB44-4560-A38D-BB5112A9164C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E0033F58-D2D3-4211-90CC-E02537C8F6EF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EB2CBFCA-5D5D-4D39-81E5-D93F10E16953}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{EBEEC8CF-06EB-4B31-B60A-3F281DC17213}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{EFC349E5-874F-48D0-989E-F20279941223}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{F032CDB6-C596-404C-8CD3-71002416BDD4}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{F33B866B-375D-48C6-A9D4-0816A5A406AA}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\manager.exe |
"{F773EA1E-05EF-49A6-AD2A-31A98B078CD0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{0D54738D-E79C-4F35-8990-DBC06704839E}C:\program files\real\realplayer\recordingmanager.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\recordingmanager.exe |
"TCP Query User{2450AE7F-5811-4BC8-B624-098F649AC91A}E:\download\shift 2 unleashed\crackshift2\shift2u.exe" = protocol=6 | dir=in | app=e:\download\shift 2 unleashed\crackshift2\shift2u.exe |
"TCP Query User{48176DEB-7FC4-4637-848F-23731BEC68BB}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{5194A922-0540-4AF7-96D7-A6E01FBEF0E0}C:\program files\adsltv\adsltv.exe" = protocol=6 | dir=in | app=c:\program files\adsltv\adsltv.exe |
"TCP Query User{65D10CE7-B4D0-496C-8D58-F45D04687279}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{80F474AB-96F4-4067-BE30-8632AC8576D1}C:\program files\codemasters\dirt\dirt.exe" = protocol=6 | dir=in | app=c:\program files\codemasters\dirt\dirt.exe |
"TCP Query User{853AB4EB-FC20-4944-BC15-58B09276236A}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{93D9E213-97FE-42AB-89CD-9FC7C7790D3E}C:\users\utiilisateur\appdata\local\temp\4600.exe" = protocol=6 | dir=in | app=c:\users\utiilisateur\appdata\local\temp\4600.exe |
"TCP Query User{9D875DEA-FD2F-4AAE-BAED-A2593A9BDB40}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{A33C2314-74BA-4CB7-BB40-9A21DF22058C}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{ABCA567C-BD35-45D7-8BF5-47D8E8D02B28}C:\program files\codemasters\dirt\dirt.exe" = protocol=6 | dir=in | app=c:\program files\codemasters\dirt\dirt.exe |
"TCP Query User{B535F1D4-96A9-4758-A73F-99783F53AC3F}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{B8AE4924-82C8-4DFF-8824-5D7E9FC25862}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{BB4F4701-FC0F-449A-9880-209461BF79B3}C:\program files\truck_racing_by_renault_trucks\bin\rtr.exe" = protocol=6 | dir=in | app=c:\program files\truck_racing_by_renault_trucks\bin\rtr.exe |
"TCP Query User{C254F05A-B192-4D82-A8DB-B87A34BC3D9F}C:\program files\adobe\adobe flash builder 4\flashbuilder.exe" = protocol=6 | dir=in | app=c:\program files\adobe\adobe flash builder 4\flashbuilder.exe |
"TCP Query User{C9F3EDD8-6F22-4F26-A34A-09B980F2ED1F}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{CE050AA9-1550-4CB7-9441-D715D0842F61}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{DB8B87F2-9DA4-49D9-B273-436CE0F635EE}C:\program files\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"TCP Query User{ECC0FBE6-0EFC-423F-B671-522C076B6C65}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{ED6D0510-0DC5-4C42-9382-527B77ECB052}C:\users\utiilisateur\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\utiilisateur\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{0BA36228-1B62-4316-B808-0BE71570DBCA}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{0DEFB5DA-F68A-41C2-9C03-851CC34CB4A0}C:\program files\codemasters\dirt\dirt.exe" = protocol=17 | dir=in | app=c:\program files\codemasters\dirt\dirt.exe |
"UDP Query User{1BDB15BF-CE7D-46E4-913C-5D3CECE67BD6}C:\program files\truck_racing_by_renault_trucks\bin\rtr.exe" = protocol=17 | dir=in | app=c:\program files\truck_racing_by_renault_trucks\bin\rtr.exe |
"UDP Query User{27611BF6-0C93-44A4-80ED-5605AE303F26}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{2B2525CD-49B9-42B9-BEBA-7CC3E9D91C88}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{3418BBAD-0EBE-4B3B-9BD5-607AEA2FC907}C:\users\utiilisateur\appdata\local\temp\4600.exe" = protocol=17 | dir=in | app=c:\users\utiilisateur\appdata\local\temp\4600.exe |
"UDP Query User{43F6925A-BBE9-4D09-959C-C66058BB3FD5}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{546D4D1F-0EEC-44D2-9266-C85674F41B41}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{59C88212-FD6D-42CB-A01B-2F9DB07E98BD}C:\program files\adsltv\adsltv.exe" = protocol=17 | dir=in | app=c:\program files\adsltv\adsltv.exe |
"UDP Query User{6916B811-C4E7-4289-8B5D-C2C5930B6328}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{6F779358-1DE4-485A-BD8E-3D55C1EBAA0E}C:\users\utiilisateur\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\utiilisateur\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{7EA0AF05-D04A-48B4-981B-B2057F6784A5}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{7FA03B70-AAC1-40F9-AB1C-DEBDB395C895}C:\program files\real\realplayer\recordingmanager.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\recordingmanager.exe |
"UDP Query User{843793A5-6875-401D-9219-C9FDC35FD3E2}E:\download\shift 2 unleashed\crackshift2\shift2u.exe" = protocol=17 | dir=in | app=e:\download\shift 2 unleashed\crackshift2\shift2u.exe |
"UDP Query User{86EEC6C6-178F-4972-B8BC-77FCF5CFA3C1}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{C50D36AD-BBD3-41A5-BE14-3B85F81AD11D}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{F50F229C-5A0B-44D0-9F0D-1DF9640D6EF4}C:\program files\adobe\adobe flash builder 4\flashbuilder.exe" = protocol=17 | dir=in | app=c:\program files\adobe\adobe flash builder 4\flashbuilder.exe |
"UDP Query User{F5F7B52A-9F4F-43BA-98A9-2616B4D5505D}C:\program files\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"UDP Query User{F9466B48-9558-49E5-8164-80204C430B08}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{FAFA094A-071E-487C-985F-E5D9524DFD6E}C:\program files\codemasters\dirt\dirt.exe" = protocol=17 | dir=in | app=c:\program files\codemasters\dirt\dirt.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03DD072B-A01B-4DCE-BF0A-8BC8A15817D4}_is1" = Picturaw 3.5
"{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}" = Microsoft Games for Windows - LIVE Redistributable
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{1AA26528-BDD7-45F2-7B45-54709113E1C7}" = Catalyst Control Center Graphics Light
"{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{246F6C8F-66A3-4660-9B9E-EEFE73377EB3}" = Skins
"{2491208F-5357-062F-31C6-CD7AF06300E1}" = Catalyst Control Center Graphics Full Existing
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x32
"{25E98ECB-5727-408E-B30A-2CAF86F5B310}" = OGA Notifier 1.7.0105.35.0
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 17
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2CBD0ADE-0EB2-491A-BDF8-17A738CFE264}" = Microcular
"{2F703E06-43D9-6867-1387-7D293AA222A7}" = Catalyst Control Center Graphics Full New
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3CA2B4FD-AEF2-ED4F-F5E5-0095DDA47AC7}" = Adobe Download Assistant
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40CB0D72-3B19-9BFE-F1B9-896BC4022145}" = HydraVision
"{41099717-4508-5A0E-7672-5D254C2A372C}" = CCC Help English
"{4196D960-68B0-4BEB-B312-3C1B4654068D}" = Handy Recovery 4.0
"{41F00F2E-00DC-93D3-0DEE-E73C4A16CEEB}" = ccc-utility
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{4D243BA7-9AC4-46D1-90E5-EEB88974F501}" = Microsoft Games for Windows - LIVE
"{4E33D05D-76CF-5D3C-4D5D-7727530FA161}" = Adobe Content Viewer
"{50E4FCC7-90B9-48C6-9D17-7AE66F282878}" = Juiced2_HIN
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57B89E30-0BBA-4F20-9F2C-8E8CDE1CEDB6}" = DiRT
"{5A0B7BA5-4682-4273-81C2-69B17E649103}" = GRID
"{5A0D71BC-3AB0-4BC1-B241-CABE11EEE731}" = DxO Optics Pro 5
"{5DC4D368-64B4-E266-6D8F-6CB90DF8A3F3}" = ccc-core-static
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM)
"{6009F2FC-EC56-4e28-B91C-0BA5104D6419}" = SF_CDA_Software
"{601F42A9-8B4F-4650-A472-4CA8325E3E87}" = D6100
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{6406E3EA-9777-45B7-A0C0-89741E629352}" = Composite 2011
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67574624-BF0F-0409-AF6D-19FBD86FF7F7}" = Autodesk 3ds Max 2011 32-bit
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}" = Adobe Flash Player 10 ActiveX
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{714B6179-84C4-4FBE-B934-B6CF75ED37A5}" = D6100_D7100_D7300_Help
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77296E63-8C19-462B-ABA1-F510750A8C51}" = Nokia PC Suite
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7B4B0AA9-F97E-49C4-AE6F-D40580B65A22}" = onOne PerfectPresets
"{7C6D8763-EEB7-433E-A75E-2AB44892FCA2}" = Ulead Photo Explorer 7.0 SE
"{7CFB6A71-5611-A1D8-520A-43AC0F2F56AD}" = CCC Help French
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{857CC5F0-040E-1016-A173-D55ADD80C260}" = Adobe InDesign CS5.5
"{85F8E0FA-A955-1C99-5FCA-D0EB6A915EC8}" = Catalyst Control Center Localization French
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{9455959E-D588-EFAE-329C-F66CC797F32A}" = Adobe Media Player
"{95120000-003F-040C-0000-0000000FF1CE}" = Microsoft Office Excel Viewer
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{9718521B-A345-4ad9-A52B-74D1435FB708}" = SF_CDA_ProductContext
"{975951E7-14D0-49AF-A630-89680D12D7F6}" = Autodesk Material Library 2011 Medium Image library
"{981DE354-9301-440f-AAFC-025AA2354A93}" = HP Deskjet & Photosmart Printer Driver Software 8.0.A
"{998EAED4-9AA5-6E47-B9EA-3BD1F43B0A33}" = Catalyst Control Center Core Implementation
"{99F80251-DAE8-0409-BD08-DCBBEF56B8CB}" = Autodesk 3ds Max 2011 32-bit Components
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9A996B6A-846E-4A89-B9C4-17546B7BE49F}" = Burnout(TM) Paradise The Ultimate Box
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A46C4D3C-84D7-5244-BAD5-58BDA56A9B62}" = Catalyst Control Center Graphics Previews Vista
"{A4EE4223-98B1-4874-BA6E-E8A574F9C0FF}" = Adobe Photoshop Lightroom 2.2
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A99411B5-760D-9035-EA58-B7CAED185446}" = ATI Catalyst Install Manager
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1036-7B44-A81000000003}" = Adobe Reader 8.1.0 - Français
"{AC76BA86-7AD7-5760-0000-800000000003}" = Japanese Fonts Support For Adobe Reader 8
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B9242864-2841-4ADE-86E0-8F90F91B04DD}" = Logitech Gaming Software
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}" = Adobe Flash Player 10 Plugin
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C07B86C3-1816-4C59-927E-0287925DFB96}" = Garmin City Navigator Europe NT 2010 Update
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3495A05-14AF-8FD1-FDA7-7554860BDC8B}" = Catalyst Control Center InstallProxy
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}" = Acronis True Image WD Edition
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C8D86898-0316-3CDE-B1DF-D2F260270696}" = Catalyst Control Center Graphics Previews Common
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E0783143-EAE2-4047-A8D6-E155523C594C}" = Garmin WebUpdater
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{E8C37E27-5205-4C8A-BECB-B00533045AAE}" = SHIFT 2 UNLEASHED™
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EC2A8F27-4FBF-4E41-B27B-FE822511B761}" = iTunes
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F51FF206-2273-4B3E-A90A-4752AE288C12}" = FUEL
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{FA3A247D-437A-455E-A88F-7EB6E5F9E799}" = Catalyst Control Center - Branding
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FE9CD338-1568-A3DF-D9DE-BFF0DE98303A}" = Catalyst Control Center HydraVision Full
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"00BD1CD47675C125126C80095FCC12CFA4D311DB" = Windows Driver Package - FTDI CDM Driver Package (06/27/2007 2.02.04)
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
"A622B79B943ECA1F0AECF1FF5BE13D458F345EBB" = Windows Driver Package - FTDI CDM Driver Package (06/27/2007 2.02.04)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Akamai" = Akamai NetSession Interface
"AnyDVD" = AnyDVD
"Autodesk FBX Plug-in 2011.1 - 3ds Max 2011" = Autodesk FBX Plug-in 2011.1 - 3ds Max 2011
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"CCleaner" = CCleaner (remove only)
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.dmp.contentviewer" = Adobe Content Viewer
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.53.1
"CutePDF Writer Installation" = CutePDF Writer 2.8
"DivX Setup.divx.com" = Configuration DivX
"DPP" = Canon Utilities Digital Photo Professional 3.8
"EOS Utility" = Canon Utilities EOS Utility
"ERUNT_is1" = ERUNT 1.1j
"ETKA 7.2 Final" = ETKA 7.2 Final
"Flickr Uploadr" = Flickr Uploadr 3.2.1
"FormatFactory" = FormatFactory 2.50
"Free Video Converter_is1" = Free Video Converter V 2.9
"Hardlock Device Drivers" = Hardlock Device Drivers
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HTPE3" = HyperTerminal Private Edition v7.0
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Gestionnaire de périphériques de plate-forme
"InstallShield_{2CBD0ADE-0EB2-491A-BDF8-17A738CFE264}" = Microcular
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Thunderbird (3.1.4)" = Mozilla Thunderbird (3.1.4)
"myxoftdssdj_is1" = DSS DJ 5.6
"ODSK" = Canon Utilities Original Data Security Tools
"OpenAL" = OpenAL
"PhotomatixPro3Betax32_is1" = Photomatix Pro version 3.2.1
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"PROPLUS" = Microsoft Office Professional Plus 2007
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealPlayer 12.0" = RealPlayer
"SpeedFan" = SpeedFan (remove only)
"ST6UNST #1" = SpeedCams_Serveur
"wcmdmgr.exe" = WildTangent Updater
"WFTK" = Canon Utilities WFT-E1/E2/E3 Utility
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = WinRAR archiver
"wtdmmp" = WildTangent Multiplayer Library
"wtwebdriver" = WildTangent Web Driver
"ZHPDiag_is1" = ZHPDiag 1.26

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"777612c68f3d30d4" = RapidShare Downloader.NET
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 29/05/2011 6:13:36 | Computer Name = Alex | Source = WinMgmt | ID = 10
Description =

Error - 29/05/2011 7:51:04 | Computer Name = Alex | Source = WinMgmt | ID = 10
Description =

Error - 29/05/2011 16:10:39 | Computer Name = Alex | Source = WinMgmt | ID = 10
Description =

Error - 8/06/2011 12:33:48 | Computer Name = Alex | Source = WinMgmt | ID = 10
Description =

Error - 8/06/2011 17:15:44 | Computer Name = Alex | Source = VSS | ID = 8194
Description =

Error - 9/06/2011 2:16:10 | Computer Name = Alex | Source = Application Error | ID = 1000
Description = Application défaillante Apm.exe, version 0.0.0.0, horodatage 0x4de8cc2e,
module défaillant mshtml.dll, version 9.0.8112.16421, horodatage 0x4d76266c, code
d’exception 0xc0000005, décalage d’erreur 0x004148c4, ID du processus 0x1a0c, heure
de début de l’application 0x01cc266486d901ed.

Error - 9/06/2011 9:51:37 | Computer Name = Alex | Source = WinMgmt | ID = 10
Description =

Error - 9/06/2011 9:58:17 | Computer Name = Alex | Source = Application Error | ID = 1000
Description = Application défaillante Apm.exe, version 0.0.0.0, horodatage 0x4de8cc2e,
module défaillant mshtml.dll, version 9.0.8112.16421, horodatage 0x4d76266c, code
d’exception 0xc0000005, décalage d’erreur 0x002bb684, ID du processus 0x1f88, heure
de début de l’application 0x01cc26acb681dd2d.

Error - 9/06/2011 10:53:32 | Computer Name = Alex | Source = Application Error | ID = 1000
Description = Application défaillante Apm.exe, version 0.0.0.0, horodatage 0x4de8cc2e,
module défaillant mshtml.dll, version 9.0.8112.16421, horodatage 0x4d76266c, code
d’exception 0xc0000005, décalage d’erreur 0x001b0384, ID du processus 0x1534, heure
de début de l’application 0x01cc26b3cd228aad.

Error - 9/06/2011 10:58:44 | Computer Name = Alex | Source = Application Error | ID = 1000
Description = Application défaillante Apm.exe, version 0.0.0.0, horodatage 0x4de8cc2e,
module défaillant mshtml.dll, version 9.0.8112.16421, horodatage 0x4d76266c, code
d’exception 0xc0000005, décalage d’erreur 0x002bb684, ID du processus 0x1bd4, heure
de début de l’application 0x01cc26b55857550d.

[ OSession Events ]
Error - 9/02/2010 14:06:09 | Computer Name = Alex | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6334.5000. This session
lasted 26 seconds with 0 seconds of active time. This session ended with a crash.

Error - 9/02/2010 14:08:57 | Computer Name = Alex | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6334.5000. This session
lasted 38 seconds with 0 seconds of active time. This session ended with a crash.

Error - 9/02/2010 14:11:09 | Computer Name = Alex | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6334.5000. This session
lasted 100 seconds with 60 seconds of active time. This session ended with a crash.

Error - 9/02/2010 14:13:14 | Computer Name = Alex | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6334.5000. This session
lasted 66 seconds with 60 seconds of active time. This session ended with a crash.

Error - 9/02/2010 14:15:53 | Computer Name = Alex | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6334.5000. This session
lasted 37 seconds with 0 seconds of active time. This session ended with a crash.

Error - 9/02/2010 14:19:37 | Computer Name = Alex | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6334.5000. This session
lasted 26 seconds with 0 seconds of active time. This session ended with a crash.

Error - 9/02/2010 14:24:31 | Computer Name = Alex | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6334.5000. This session
lasted 79 seconds with 60 seconds of active time. This session ended with a crash.

Error - 9/02/2010 14:34:10 | Computer Name = Alex | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6334.5000. This session
lasted 53 seconds with 0 seconds of active time. This session ended with a crash.

Error - 9/02/2010 14:41:37 | Computer Name = Alex | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6334.5000. This session
lasted 30 seconds with 0 seconds of active time. This session ended with a crash.

Error - 9/02/2010 14:56:24 | Computer Name = Alex | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6334.5000. This session
lasted 44 seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 29/05/2011 5:45:03 | Computer Name = Alex | Source = Service Control Manager | ID = 7000
Description =

Error - 29/05/2011 6:13:42 | Computer Name = Alex | Source = Service Control Manager | ID = 7022
Description =

Error - 29/05/2011 7:52:14 | Computer Name = Alex | Source = Service Control Manager | ID = 7022
Description =

Error - 29/05/2011 16:10:49 | Computer Name = Alex | Source = Service Control Manager | ID = 7022
Description =

Error - 8/06/2011 12:33:48 | Computer Name = Alex | Source = Service Control Manager | ID = 7022
Description =

Error - 8/06/2011 16:46:12 | Computer Name = Alex | Source = DCOM | ID = 10005
Description =

Error - 8/06/2011 16:46:12 | Computer Name = Alex | Source = Service Control Manager | ID = 7009
Description =

Error - 8/06/2011 16:46:12 | Computer Name = Alex | Source = Service Control Manager | ID = 7000
Description =

Error - 9/06/2011 9:50:15 | Computer Name = Alex | Source = Print | ID = 19
Description = Échec du spouleur d’impression pour partager l’imprimante HP Photosmart
D6100 series (Copie 1) avec le nom de la ressource partagée HP Photosmart D6100
series (Copie 1). Erreur 2114. L’imprimante n’est pas utilisable par d’autres personnes
sur le réseau.

Error - 9/06/2011 9:51:46 | Computer Name = Alex | Source = Service Control Manager | ID = 7022
Description =


< End of report >
diesel
 
Messages: 5
Inscription: 09 Juin 2011, 16:20

Re: Fenêtre publicitaire intempestive

Messagede diesel » 09 Juin 2011, 16:44

OTL logfile created on: 9/06/2011 17:15:47 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Utiilisateur\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000080c | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy

3,25 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 41,50% Memory free
6,72 Gb Paging File | 4,48 Gb Available in Paging File | 66,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 279,46 Gb Total Space | 103,38 Gb Free Space | 36,99% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 612,93 Gb Free Space | 65,80% Space Free | Partition Type: NTFS

Computer Name: ALEX | User Name: Utiilisateur | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/09 16:45:28 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Utiilisateur\Desktop\OTL.exe
PRC - [2011/06/09 07:17:26 | 000,239,104 | ---- | M] () -- C:\Users\UTIILI~1\AppData\Local\Temp\Apl.exe
PRC - [2011/06/09 07:17:23 | 000,232,960 | ---- | M] () -- C:\Windows\Ahoxea.exe
PRC - [2011/05/15 21:56:30 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2010/12/08 21:17:46 | 001,226,608 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/10/25 15:13:42 | 000,821,144 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2010/03/25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2010/03/10 03:10:38 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe
PRC - [2009/11/03 00:43:58 | 001,349,392 | ---- | M] (Seagate) -- C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
PRC - [2009/11/02 19:52:30 | 000,136,544 | ---- | M] (Seagate) -- C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
PRC - [2009/11/02 19:52:04 | 000,431,456 | ---- | M] (Seagate) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
PRC - [2009/09/23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009/09/01 18:00:12 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files\CyberLink\Shared Files\brs.exe
PRC - [2009/08/30 09:46:38 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/08/30 09:46:38 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/07/06 15:22:04 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
PRC - [2009/06/15 16:37:46 | 000,905,360 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
PRC - [2009/06/15 11:55:18 | 000,136,472 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2009/06/15 11:55:14 | 000,431,384 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/11 08:27:20 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2009/03/02 13:08:11 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/08/26 05:18:18 | 016,986,112 | R--- | M] (VIA) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
PRC - [2008/04/07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2008/01/21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/21 04:23:24 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe
PRC - [2007/05/28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2007/05/11 04:06:38 | 000,341,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
PRC - [2006/11/03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac207\Monitor.exe
PRC - [2006/04/26 08:29:50 | 000,237,568 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe


========== Modules (SafeList) ==========

MOD - [2011/06/09 16:45:28 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Utiilisateur\Desktop\OTL.exe
MOD - [2010/08/31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2010/05/04 21:13:07 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
MOD - [2008/01/21 04:25:01 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\duser.dll
MOD - [2006/11/02 14:34:33 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IconCodecService.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/05/11 23:53:34 | 003,275,864 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Akamai\netsession_win_8832f4b.dll -- (Akamai)
SRV - [2011/02/01 22:58:55 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/03/10 03:10:38 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe -- (mi-raysat_3dsmax2011_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/11/02 19:52:04 | 000,431,456 | ---- | M] (Seagate) [Auto | Running] -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
SRV - [2009/09/23 14:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/08/30 09:46:38 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/08/30 09:46:38 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/06/15 11:55:14 | 000,431,384 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2008/04/07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/01/21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/21 04:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/21 04:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/05/28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)


========== Driver Services (SafeList) ==========

DRV - [2010/09/25 13:09:03 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/09/14 15:16:06 | 000,108,480 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010/01/21 20:57:44 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2010/01/21 20:57:44 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\System32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2010/01/21 20:57:31 | 000,132,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2010/01/21 20:57:27 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tdrpman.sys -- (tdrpman)
DRV - [2009/12/10 21:09:55 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/09/01 17:59:44 | 000,087,536 | ---- | M] (CyberLink Corp.) [2009/12/24 18:32:56] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2009/08/30 09:46:38 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/04/11 06:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009/03/31 10:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/03/30 10:32:47 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/03/27 02:16:28 | 000,012,672 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz132_x32.sys -- (cpuz132)
DRV - [2009/02/13 12:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/01/14 04:13:00 | 000,029,192 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2008/11/23 11:23:04 | 000,097,792 | ---- | M] (T0r0 2008) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NSHE.SYS -- (NSHE)
DRV - [2008/08/21 06:54:08 | 003,928,576 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/08/06 10:26:08 | 000,124,928 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/07/25 14:09:50 | 000,870,400 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2007/09/17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/09/05 13:04:34 | 000,079,408 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TPkd.sys -- (TPkd)
DRV - [2007/06/27 23:05:52 | 000,053,184 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2007/06/27 23:04:14 | 000,071,488 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2007/06/26 03:45:12 | 000,286,208 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WMP54Gv41x86.sys -- (rt61x86)
DRV - [2006/12/05 11:34:42 | 000,507,136 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PFC027.SYS -- (PAC207)
DRV - [2006/10/18 15:44:48 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2006/09/24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [2006/04/03 09:41:36 | 000,030,272 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usb2vcom.sys -- (usb2vcom)
DRV - [2005/11/09 09:44:36 | 000,024,064 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [1996/04/03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://be.msn.com/defaultf.aspx?lang=fr-be&ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-be
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = EC 6E 46 C6 27 C1 C9 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========


FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/05/15 21:56:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011/06/08 22:47:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/05/15 21:56:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2010/11/04 22:20:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Utiilisateur\AppData\Roaming\mozilla\Extensions
[2010/10/08 12:06:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Utiilisateur\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009/02/08 18:50:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Utiilisateur\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2010/11/04 22:20:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Utiilisateur\AppData\Roaming\mozilla\Extensions\uploadr@flickr.com

O1 HOSTS File: ([2011/06/08 18:51:50 | 000,004,940 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 192.150.14.69
O1 - Hosts: 127.0.0.1 192.150.18.101
O1 - Hosts: 127.0.0.1 192.150.18.108
O1 - Hosts: 127.0.0.1 192.150.22.40
O1 - Hosts: 127.0.0.1 192.150.8.100
O1 - Hosts: 127.0.0.1 192.150.8.118
O1 - Hosts: 127.0.0.1 209-34-83-73.ood.opsource.net
O1 - Hosts: 127.0.0.1 3dns-1.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-4.adobe.com
O1 - Hosts: 127.0.0.1 3dns.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip2.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip4.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-1.adobe.com
O1 - Hosts: 114 more lines...
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BDRegion] C:\Program Files\CyberLink\Shared Files\brs.exe (cyberlink)
O4 - HKLM..\Run: [DiscWizardMonitor.exe] C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe (Seagate)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Seagate Scheduler2 Service] C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe (Seagate)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [wcmdmgr] C:\Windows\wt\updater\wcmdmgrl.exe (WildTangent, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [4ECYTQ9SIC] C:\Users\UTIILI~1\AppData\Local\Temp\Apl.exe ()
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Metropolis] C:\Windows\System32\sshnas21.dll (Simon Tatham)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Utiilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8 - Extra context menu item: Ajouter à un fichier PDF existant - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir au format Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.238.2.21 195.238.2.22
O20 - AppInit_DLLs: (AnyDiscHelp.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Utiilisateur\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Utiilisateur\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{73b8947c-6a58-11de-92d2-0023545ccf91}\Shell - "" = AutoRun
O33 - MountPoints2\{73b8947c-6a58-11de-92d2-0023545ccf91}\Shell\AutoRun\command - "" = L:\autorun.exe
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\wd_windows_tools\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2011/06/09 17:06:02 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/06/09 17:01:15 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/06/09 16:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011/06/09 16:59:30 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011/06/09 16:45:36 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Utiilisateur\Desktop\OTL.exe
[2011/06/09 07:17:21 | 000,228,352 | ---- | C] (Simon Tatham) -- C:\Windows\System32\sshnas21.dll
[2011/06/09 00:12:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\onOne Software
[2011/06/09 00:12:24 | 000,000,000 | ---D | C] -- C:\Program Files\onOne Software
[2011/06/08 23:37:17 | 000,000,000 | ---D | C] -- C:\Users\Utiilisateur\AppData\Roaming\com.adobe.dmp.contentviewer
[2011/06/08 18:33:34 | 000,000,000 | R--D | C] -- C:\Users\Utiilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9
[2011/06/07 22:34:45 | 000,000,000 | ---D | C] -- C:\Users\Utiilisateur\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011/06/07 22:34:42 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Download Assistant
[2011/06/01 20:41:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/05/29 12:47:06 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011/05/29 12:47:06 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/05/29 12:47:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/05/29 12:47:05 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011/05/29 12:47:05 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/05/29 12:47:05 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011/05/29 12:47:05 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011/05/29 12:47:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011/05/29 12:47:04 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011/05/29 12:47:04 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/05/29 12:47:04 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/05/29 12:47:04 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011/05/29 12:47:04 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/05/29 12:47:04 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/05/29 12:47:04 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011/05/29 12:47:04 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/05/29 12:47:04 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/05/29 12:47:04 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/05/29 12:47:03 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/05/29 12:47:03 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/05/29 12:47:03 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/05/29 12:47:03 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011/05/29 12:47:03 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011/05/29 12:47:03 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011/05/29 12:47:03 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/05/29 12:47:02 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/05/29 12:47:02 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/05/29 12:47:02 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/05/29 12:47:02 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/05/29 12:47:02 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011/05/29 12:47:02 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/05/29 12:47:02 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011/05/29 12:47:02 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/05/29 12:47:02 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011/05/29 12:47:02 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011/05/29 12:47:02 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011/05/29 12:47:02 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/05/29 12:47:02 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011/05/29 12:47:02 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/05/29 12:46:37 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011/05/29 12:46:37 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2011/05/29 12:46:37 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2011/05/29 12:46:37 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2011/05/29 12:46:37 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011/05/29 12:46:37 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2011/05/29 12:46:36 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2011/05/29 12:46:35 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011/05/29 12:46:35 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2011/05/29 12:46:35 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011/05/29 12:46:35 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011/05/29 12:46:35 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2011/05/29 12:46:35 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2011/05/29 12:46:35 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011/05/29 12:46:35 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2011/05/29 12:46:35 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011/05/29 12:46:35 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011/05/29 12:46:35 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011/05/29 12:46:35 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011/05/29 12:46:34 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2011/05/29 12:46:34 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011/05/29 12:46:34 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2011/05/29 12:27:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/05/29 12:27:43 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011/05/29 12:27:43 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011/05/29 12:27:11 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2011/05/29 12:27:11 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011/05/29 12:27:10 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011/05/29 12:27:08 | 003,602,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/05/29 12:27:07 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/05/29 12:27:05 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2011/05/29 12:27:05 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2011/05/29 12:27:05 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2011/05/29 12:27:02 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2011/05/29 12:26:53 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2011/05/29 12:26:43 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011/05/29 12:26:41 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/05/29 12:26:41 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2011/05/29 12:26:41 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/05/29 12:26:40 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/05/29 12:26:38 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/05/29 12:26:38 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/05/29 12:26:29 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2011/05/29 12:26:28 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2011/05/29 12:26:18 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2011/05/29 12:26:18 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2011/05/29 12:26:15 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/05/29 12:26:15 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011/05/29 12:26:15 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011/05/29 12:26:15 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2011/05/29 12:26:15 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011/05/29 12:26:14 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2011/05/29 12:26:13 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2011/05/29 12:25:20 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2011/05/29 12:20:42 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2011/05/29 12:20:41 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2011/05/29 12:20:38 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2011/05/29 11:47:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
[2011/05/28 23:21:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Akamai
[2011/05/15 21:56:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2011/05/15 21:56:49 | 000,198,848 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2011/05/15 21:56:32 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2011/05/15 21:56:32 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2011/05/15 21:56:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/09 17:16:56 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011/06/09 17:08:46 | 000,000,306 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011/06/09 17:06:03 | 000,001,356 | ---- | M] () -- C:\Users\Utiilisateur\AppData\Local\d3d9caps.dat
[2011/06/09 16:59:36 | 000,000,873 | ---- | M] () -- C:\Users\Utiilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/06/09 16:59:31 | 000,000,693 | ---- | M] () -- C:\Users\Utiilisateur\Desktop\NTREGOPT.lnk
[2011/06/09 16:59:31 | 000,000,674 | ---- | M] () -- C:\Users\Utiilisateur\Desktop\ERUNT.lnk
[2011/06/09 16:58:48 | 000,000,306 | -H-- | M] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2011/06/09 16:45:28 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Utiilisateur\Desktop\OTL.exe
[2011/06/09 16:45:02 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2704778913-2800520666-1465336105-1000UA.job
[2011/06/09 16:44:01 | 000,000,260 | -H-- | M] () -- C:\Windows\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011/06/09 16:39:01 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/09 15:58:54 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/09 15:56:09 | 000,730,902 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2011/06/09 15:56:09 | 000,632,784 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/09 15:56:09 | 000,149,090 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2011/06/09 15:56:09 | 000,122,094 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/09 15:51:31 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/09 15:50:25 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/09 15:50:25 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/09 15:50:21 | 003,974,056 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/06/09 15:50:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/09 15:50:02 | 3488,735,232 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/09 15:47:53 | 000,207,027 | ---- | M] () -- E:\Mes documents\User Guide.pdf
[2011/06/09 07:17:23 | 000,232,960 | ---- | M] () -- C:\Windows\Ahoxea.exe
[2011/06/09 07:17:21 | 000,228,352 | ---- | M] (Simon Tatham) -- C:\Windows\System32\sshnas21.dll
[2011/06/08 22:45:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2704778913-2800520666-1465336105-1000Core.job
[2011/06/07 22:34:43 | 000,000,872 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Download Assistant.lnk
[2011/06/04 22:22:31 | 000,113,664 | ---- | M] () -- C:\Users\Utiilisateur\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/01 20:41:09 | 000,002,033 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/05/29 15:03:51 | 000,000,903 | ---- | M] () -- C:\Users\Utiilisateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/05/29 12:47:11 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011/05/29 12:47:11 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011/05/29 12:47:06 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011/05/29 12:47:06 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/05/29 12:47:05 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/05/29 12:47:05 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011/05/29 12:47:05 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/05/29 12:47:05 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011/05/29 12:47:05 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011/05/29 12:47:05 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011/05/29 12:47:04 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011/05/29 12:47:04 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/05/29 12:47:04 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/05/29 12:47:04 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011/05/29 12:47:04 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/05/29 12:47:04 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/05/29 12:47:04 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011/05/29 12:47:04 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/05/29 12:47:04 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/05/29 12:47:04 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011/05/29 12:47:04 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/05/29 12:47:03 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/05/29 12:47:03 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/05/29 12:47:03 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/05/29 12:47:03 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011/05/29 12:47:03 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011/05/29 12:47:03 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011/05/29 12:47:03 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/05/29 12:47:02 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/05/29 12:47:02 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/05/29 12:47:02 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/05/29 12:47:02 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/05/29 12:47:02 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011/05/29 12:47:02 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/05/29 12:47:02 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011/05/29 12:47:02 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/05/29 12:47:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011/05/29 12:47:02 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011/05/29 12:47:02 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011/05/29 12:47:02 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/05/29 12:47:02 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011/05/29 12:47:02 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/05/29 12:46:37 | 002,873,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011/05/29 12:46:37 | 000,979,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2011/05/29 12:46:37 | 000,357,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2011/05/29 12:46:37 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2011/05/29 12:46:37 | 000,261,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011/05/29 12:46:37 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2011/05/29 12:46:36 | 000,209,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2011/05/29 12:46:35 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011/05/29 12:46:35 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2011/05/29 12:46:35 | 000,683,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011/05/29 12:46:35 | 000,667,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011/05/29 12:46:35 | 000,486,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2011/05/29 12:46:35 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2011/05/29 12:46:35 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011/05/29 12:46:35 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2011/05/29 12:46:35 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011/05/29 12:46:35 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011/05/29 12:46:35 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011/05/29 12:46:35 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011/05/29 12:46:34 | 001,554,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2011/05/29 12:46:34 | 000,876,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011/05/29 12:46:34 | 000,847,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/05/15 21:57:01 | 000,000,901 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2011/05/15 21:56:49 | 000,198,848 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2011/05/15 21:56:32 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2011/05/15 21:56:32 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2011/05/15 21:56:32 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/09 17:16:56 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011/06/09 16:59:36 | 000,000,873 | ---- | C] () -- C:\Users\Utiilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/06/09 16:59:31 | 000,000,693 | ---- | C] () -- C:\Users\Utiilisateur\Desktop\NTREGOPT.lnk
[2011/06/09 16:59:31 | 000,000,674 | ---- | C] () -- C:\Users\Utiilisateur\Desktop\ERUNT.lnk
[2011/06/09 15:47:53 | 000,207,027 | ---- | C] () -- E:\Mes documents\User Guide.pdf
[2011/06/09 07:17:29 | 000,000,306 | -H-- | C] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2011/06/09 07:17:28 | 000,232,960 | ---- | C] () -- C:\Windows\Ahoxea.exe
[2011/06/09 07:17:27 | 000,000,306 | -H-- | C] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011/06/09 07:17:25 | 000,000,260 | -H-- | C] () -- C:\Windows\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011/06/07 22:34:43 | 000,000,872 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Download Assistant.lnk
[2011/06/01 20:41:09 | 000,002,033 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/05/29 15:03:51 | 000,000,903 | ---- | C] () -- C:\Users\Utiilisateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/05/29 12:47:04 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011/05/15 21:57:01 | 000,000,901 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2011/05/09 18:22:37 | 000,000,116 | ---- | C] () -- C:\Windows\Ulead32.ini
[2010/11/23 21:18:27 | 000,001,456 | ---- | C] () -- C:\Users\Utiilisateur\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs
[2010/10/29 22:50:21 | 000,000,000 | ---- | C] () -- C:\Users\Utiilisateur\AppData\Roaming\.NANotifyHere
[2010/10/19 18:21:25 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010/09/25 13:52:22 | 000,024,064 | ---- | C] () -- C:\Windows\System32\drivers\hardlock.sys
[2010/09/25 13:52:10 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNWISE.EXE
[2010/09/25 13:52:10 | 000,028,672 | ---- | C] () -- C:\Windows\System32\hlduinst.exe
[2010/06/06 11:11:00 | 000,000,100 | ---- | C] () -- C:\Users\Utiilisateur\AppData\Local\fusioncache.dat
[2010/02/13 14:56:10 | 000,000,087 | ---- | C] () -- C:\Users\Utiilisateur\AppData\Roaming\PDC.ini
[2010/02/06 21:43:45 | 000,000,136 | ---- | C] () -- C:\Users\Utiilisateur\AppData\Roaming\default.rss
[2009/12/18 23:36:14 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2009/12/18 23:36:14 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2009/11/13 03:17:57 | 000,087,552 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll
[2009/10/11 13:17:18 | 000,119,516 | ---- | C] () -- C:\Windows\hpqins00.dat
[2009/09/17 17:37:06 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/17 17:37:05 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/06/21 13:05:18 | 000,030,272 | ---- | C] () -- C:\Windows\System32\drivers\usb2vcom.sys
[2009/06/16 20:49:44 | 000,164,864 | ---- | C] () -- C:\Windows\System32\UNWISE32.EXE
[2009/04/22 00:19:06 | 000,172,173 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009/01/10 11:38:29 | 000,024,227 | ---- | C] () -- C:\Users\Utiilisateur\AppData\Roaming\UserTile.png
[2009/01/01 11:44:21 | 000,148,909 | ---- | C] () -- C:\Windows\hppins20.dat
[2009/01/01 11:44:05 | 000,016,655 | ---- | C] () -- C:\Windows\hppmdl20.dat
[2009/01/01 04:31:29 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/12/31 19:00:36 | 000,022,328 | ---- | C] () -- C:\Users\Utiilisateur\AppData\Roaming\PnkBstrK.sys
[2008/12/31 19:00:12 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2008/12/31 18:40:51 | 000,006,550 | ---- | C] () -- C:\Windows\jautoexp.dat
[2008/12/31 18:04:42 | 000,691,560 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2008/12/31 18:04:42 | 000,528,744 | ---- | C] () -- C:\Windows\System32\OGAVerify.exe
[2008/12/29 20:12:12 | 000,113,664 | ---- | C] () -- C:\Users\Utiilisateur\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/29 14:04:33 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008/12/29 14:02:12 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008/12/29 13:43:34 | 000,025,903 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2008/12/29 13:43:30 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2008/12/29 13:43:22 | 000,025,583 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2008/12/29 13:31:24 | 000,001,356 | ---- | C] () -- C:\Users\Utiilisateur\AppData\Local\d3d9caps.dat
[2008/08/21 04:13:04 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/07/17 14:23:36 | 000,174,818 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008/03/06 02:38:44 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2008/01/21 10:40:50 | 000,730,902 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
[2008/01/21 10:40:50 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
[2008/01/21 10:40:50 | 000,149,090 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
[2008/01/21 10:40:50 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
[2007/12/28 09:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2007/10/25 18:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007/08/21 23:51:16 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2007/08/21 21:36:12 | 000,040,960 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2006/11/02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 14:47:37 | 003,974,056 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 12:33:01 | 000,632,784 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 12:33:01 | 000,122,094 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 09:27:46 | 000,000,518 | ---- | C] () -- C:\Windows\System32\SP207.INI
[2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/05/25 01:22:06 | 000,053,248 | ---- | C] () -- C:\Windows\bdoscandel.exe
[2005/12/07 12:31:00 | 000,202,752 | R--- | C] () -- C:\Windows\System32\CddbCdda.dll
[2005/03/14 14:38:28 | 000,000,469 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2004/01/08 10:30:22 | 000,011,170 | ---- | C] () -- C:\Windows\System32\PA207USD.DLL
[1996/04/03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== LOP Check ==========

[2010/09/04 09:05:54 | 000,000,000 | ---D | M] -- C:\Users\Utiilisateur\AppData\Roaming\69ADC9607A6B6981636246DFB9FB1FD0
[2011/02/01 23:42:14 | 000,000,000 | ---D | M] -- C:\Users\Utiilisateur\AppData\Roaming\Autodesk
[2009/09/03 07:01:46 | 000,000,000 | ---D | M] -- C:\Users\Utiilisateur\AppData\Roaming\Azureus
[2008/12/30 23:02:43 | 000,000,000 | ---D | M] -- C:\Users\Utiilisateur\AppData\Roaming\Canon
[2011/06/08 23:37:17 | 000,000,000 | ---D | M] -- C:\Users\Utiilisateur\AppData\Roaming\com.adobe.dmp.contentviewer
[2011/06/07 22:34:45 | 000,000,000 | ---D | M] -- C:\Users\Utiilisateur\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2009/12/23 23:27:51 | 000,000,000 | ---D | M] -- C:\Users\Utiilisateur\AppData\Roaming\com.adobe.example.avatarAirApplication.199ED43C2CFEB351CD0244628B93195D7C58F98C.1
[2009/02/16 19:19:47 | 000,000,000 | ---D | M] -- C:\Users\Utiilisateur\AppData\Roaming\DAEMON Tools
[2010/09/25 13:36:35 | 000,000,000 | ---D | M] -- C:\Users\Utiilisateur\AppData\Roaming\DAEMON Tools Lite
[2009/02/16 19:19:47 | 000,000,000 | ---D | M] -- C:\Users\Utiilisateur\AppData\Roaming\DAEMON Tools Pro
[2009/01/25 16:43:24 | 000,000,000 | ---D | M] -- C:\Users\Utiilisateur\AppData\Roaming\DMCache
[2009/02/17 20:26:43 | 000,000,000 | ---D | M] -- C:\Users\Utiilisateur\AppData\Roaming\DxO Labs
[2010/11/04 22:20:50 | 000,000,000 | ---D | M] -- C:\Users\Utiilisateur\AppData\Roaming\Flickr
[2010/12/20 22:56:42 | 000,000,000 | ---D | M] -- C:\Users\Utiilisateur\AppData\Roaming\FreeVideoConverter
[2009/07/06 20:31:00 | 000,000,000 | ---D | M] -- C:\Users\Utiilisateur\AppData\Roaming\FUEL
[2010/02/09 20:31:49 | 000,000,000 | ---D | M] -- C:\Users\Utiilisateur\AppData\Roaming\GARMIN
[2010/06/06 11:12:33 | 000,000,000 | ---D | M] -- C:\Users\Utiilisateur\AppData\Roaming\HDRsoft
[2009/01/25 16:43:39 | 000,000,000 | ---D | M] -- C:\Users\Utiilisateur\AppData\Roaming\IDM
[2009/12/14 23:33:36 | 000,000,000 | ---D | M] -- C:\Users\Utiilisateur\AppData\Roaming\Image Zone Express
[2009/12/14 23:41:39 | 000,000,000 | ---D | M] -- C:\Users\Utiilisateur\AppData\Roaming\jsoft.fr
[2009/04/22 00:19:31 | 000,000,000 | ---D | M] -- C:\Users\Utiilisateur\AppData\Roaming\LimeWire
[2009/02/17 20:26:37 | 000,000,000 | ---D | M] -- C:\Users\Utiilisateur\AppData\Roaming\PACE Anti-Piracy
[2009/06/21 13:02:40 | 000,000,000 | ---D | M] -- C:\Users\Utiilisateur\AppData\Roaming\PC Suite
[2009/01/10 11:38:29 | 000,000,000 | ---D | M] -- C:\Users\Utiilisateur\AppData\Roaming\PeerNetworking
[2009/01/01 11:55:21 | 000,000,000 | ---D | M] -- C:\Users\Utiilisateur\AppData\Roaming\Printer Info Cache
[2009/12/20 16:55:58 | 000,000,000 | ---D | M] -- C:\Users\Utiilisateur\AppData\Roaming\Samsung
[2010/10/08 12:06:08 | 000,000,000 | ---D | M] -- C:\Users\Utiilisateur\AppData\Roaming\Thunderbird
[2011/06/09 15:48:34 | 000,032,530 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/06/09 17:08:46 | 000,000,306 | -H-- | M] () -- C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011/06/09 16:44:01 | 000,000,260 | -H-- | M] () -- C:\Windows\Tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011/06/09 16:58:48 | 000,000,306 | -H-- | M] () -- C:\Windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
diesel
 
Messages: 5
Inscription: 09 Juin 2011, 16:20

Re: Fenêtre publicitaire intempestive

Messagede diesel » 09 Juin 2011, 16:45

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CTFMON.EXE >
[2006/11/02 11:45:00 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=22BFD03DF51065A9ED8D17F8FB72296B -- C:\Windows\System32\ctfmon.exe
[2006/11/02 11:45:00 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=22BFD03DF51065A9ED8D17F8FB72296B -- C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_9af9cad793a67953\ctfmon.exe

< MD5 for: EXPLORER.EXE >
[2008/10/29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: IASTORV.SYS >
[2008/01/21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: USERINIT.EXE >
[2008/01/21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WININIT.EXE >
[2008/01/21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008/01/21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008/08/21 04:14:12 | 000,425,984 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll
[2011/05/29 12:47:04 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2011/05/29 12:47:04 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2011/05/29 12:47:02 | 000,118,784 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\iepeers.dll

< %systemroot%\Tasks\*.job /lockedfiles >

========== Alternate Data Streams ==========

@Alternate Data Stream - 1289 bytes -> C:\Users\Utiilisateur\AppData\Local\ywwfqCj5UWYGl7:4F2D2uOrcPnX8ejDAU57xA6

< End of report >
diesel
 
Messages: 5
Inscription: 09 Juin 2011, 16:20


Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 55 invités