Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business

|-  SECURITE


|||-  

clavier FOU ( RESOLU )

 

2 utilisateurs anonymes
Ajouter une réponse
 

 
Page photos
 
     
Vider la liste des messages à citer
 
 Page :
1
Auteur
 Sujet :

clavier FOU ( RESOLU )

Prévenir les modérateurs en cas d'abus 
LOULALIE
loulalie
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 19/11/2010 à 23:49:45  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
BONJOUR

 JAI UN PROBLEME Avec mon portable certaines touches disjonctent (la c le clavier visuel)

 par exemple le m = %C?XMV , le c= mv , le v = c,xmvMV le x bloc mon pc

 je ne sais pas ce que je peuX faire, cela peut il etre du à un virus?

 qui peut m'aider s'il vous plait?

 MERCI D'avance

 ps : c un toshiba easy media, windows vista

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 20/11/2010 à 02:08:01  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut LOULALIE


 On va vérifier cela, télécharge RSIT (de random/random) sur le bureau ici :
 http://images.malwareremoval.com/random/RSIT.exe

 - Double clique sur RSIT.exe qui est sur le bureau
 - Clique sur Continue dans la fenêtre
 - RSIT téléchargera HijackThis si il n’est pas présent où détecté, alors il faudra accepter la licence
 - Poste le contenue des deux rapports, log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse

 Utilise cjoint.com pour poster en lien tes rapports :
 http://cjoint.com/

 - Clique sur Parcourir pour aller chercher le rapport   C:\rsit\log.txt
 - Clique sur Ouvrir ensuite sur Créer le lien Cjoint

 - Fais un copier/coller du lien qui est devant Le lien a été créé: dans ta prochaine réponse.

 Faire la même chose avec l'autre rapport C:\rsit\info.txt


 @++    :)  

(Publicité)
loulalie
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 20/11/2010 à 11:35:15  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 


 bonjour dédétraqué,

 merci pour ton aide, voici le rapport je n'ai pas su utiliser cjoint excuses moi

 Logfile of random's system information tool 1.08 (written by random/random)
 Run by mous et salima at 2010-11-20 11:16:26
 Microsoft® Windows Vista™ Édition Familiale Premium  Service Pack 2
 System drive C: has 18 GB (15%) free of 119 GB
 Total RAM: 2939 MB (54% free)

 Logfile of Trend Micro HijackThis v2.0.4
 Scan saved at 11:16:54, on 20/11/2010
 Platform: Windows Vista SP2 (WinNT 6.00.1906)
 MSIE: Internet Explorer v8.00 (8.00.6001.18975)
 Boot mode: Normal

 Running processes:
 C:\Windows\system32\Dwm.exe
 C:\Windows\Explorer.EXE
 C:\Windows\system32\taskeng.ex​e
 C:\Program Files\Windows Defender\MSASCui.exe
 C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 C:\Program Files\TOSHIBA\ConfigFree\NDSTr​ay.exe
 C:\Windows\System32\hkcmd.exe
 C:\Windows\System32\igfxpers.e​xe
 C:\Windows\RtHDVCpl.exe
 C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
 C:\Program Files\TOSHIBA\SmoothView\Smoot​hView.exe
 C:\Program Files\TOSHIBA\FlashCards\TCrdM​ain.exe
 C:\Windows\system32\igfxsrvc.e​xe
 C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
 C:\Windows\Samsung\ComSMMgr\SS​MMgr.exe
 C:\Windows\WindowsMobile\wmdc.​exe
 C:\Program Files\Common Files\Real\Update_OB\realsched​.exe
 C:\Program Files\iTunes\iTunesHelper.exe
 C:\Program Files\Common Files\Java\Java Update\jusched.exe
 C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSP​D.exe
 C:\Program Files\Eset\nod32kui.exe
 C:\Windows\System32\mobsync.ex​e
 C:\Windows\ehome\ehtray.exe
 C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
 C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertMod​ule.exe
 C:\Program Files\Windows Media Player\wmpnscfg.exe
 C:\Windows\system32\igfxext.ex​e
 C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
 C:\Windows\ehome\ehmsas.exe
 C:\Program Files\OpenOffice.org 3\program\soffice.exe
 C:\Program Files\OpenOffice.org 3\program\soffice.bin
 C:\Program Files\TOSHIBA\ConfigFree\CFSwM​gr.exe
 C:\Program Files\OrangeHSS\systray\systra​yapp.exe
 C:\Program Files\Synaptics\SynTP\SynTPHel​per.exe
 C:\Program Files\Internet Explorer\iexplore.exe
 C:\Program Files\Internet Explorer\iexplore.exe
 C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
 C:\Program Files\OfferBox\OfferBox.exe
 C:\Windows\system32\Macromed\F​lash\FlashUtil10l_ActiveX.exe
 C:\Program Files\Mozilla Firefox\firefox.exe
 C:\Program Files\Mozilla Firefox\plugin-container.exe
 C:\Program Files\Internet Explorer\iexplore.exe
 C:\Users\mous et salima\AppData\Local\Microsoft​\Windows\Temporary Internet Files\Content.IE5\UIE5CYVO\RSI​T[1].exe
 C:\Windows\System32\osk.exe
 C:\Program Files\trend micro\mous et salima.exe

 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://google.fr/
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://www.cooxer.com/
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,SearchAssistan​t =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,CustomizeSearc​h =
 R1 - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings,ProxyOverride = *.local
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me =
 R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5​495E5FC} - C:\Program Files\Ask.com\GenericAskToolba​r.dll
 R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A8​9362C85} - C:\Program Files\OrangeHSS\SearchURLHook\​SearchPageURL.dll
 O1 - Hosts: ::1 localhost
 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelperShim.dll
 O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C091​46192CA} - C:\ProgramData\Real\RealPlayer​\BrowserRecordPlugin\IE\rpbrow​serrecordplugin.dll
 O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3A​AC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
 O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.5.4723.1820\swg.dll
 O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D​8127440} - C:\Program Files\Ask.com\GenericAskToolba​r.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O2 - BHO: OfferBox - {FC0D62C2-9640-4AEB-A5D5-CF25D​F11FA8C} - C:\Program Files\OfferBox\OfferBoxBHO.dll
 O3 - Toolbar: LimeWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D​8127440} - C:\Program Files\Ask.com\GenericAskToolba​r.dll
 O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
 O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
 O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe
 O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
 O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
 O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.e​xe
 O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
 O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.e​xe
 O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
 O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
 O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothV​iew\SmoothView.exe
 O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCa​rds\TCrdMain.exe
 O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\Tos​hibaRegistration.exe
 O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
 O4 - HKLM\..\Run: [Samsung Common SM] "C:\Windows\Samsung\ComSMMgr\s​smmgr.exe" /autorun
 O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
 O4 - HKLM\..\Run: [Toshiba TEMPRO] C:\Program Files\Toshiba TEMPRO\TemproTray.exe
 O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.ex​e
 O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager​\SessionManager.exe
 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched​.exe"  -osboot
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
 O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
 O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.e​xe"
 O4 - HKLM\..\Run: [UpdateReminder] C:\Program Files\Eset\UpdateReminder.exe
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
 O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSP​D.exe
 O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
 O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
 O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
 O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
 O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
 O4 - HKUS\S-1-5-18\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.​EXE /P7 /q c:\users\MOUSET~1\appdata\loca​l\temp\TEDB1C~1.ZIP\{CAFEE~1\c​hrome\locale\zh-TW.SH! c:\users\MOUSET~1\appdata\loca​l\temp\HSPERF~1.SH! (User 'SYSTEM')
 O4 - HKUS\.DEFAULT\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.​EXE /P7 /q c:\users\MOUSET~1\appdata\loca​l\temp\TEDB1C~1.ZIP\{CAFEE~1\c​hrome\locale\zh-TW.SH! c:\users\MOUSET~1\appdata\loca​l\temp\HSPERF~1.SH! (User 'Default user')
 O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRD​CReminder.exe (User 'Default user')
 O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
 O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
 O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
 O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
 O4 - Global Startup: WinZip Quick Pick.lnk = D:\Karim\WZQKPICK.EXE
 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPho​tos.scr/200
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFF​ICE11\EXCEL.EXE/3000
 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolba​rDynamic_mui_en_96D6FF0C6D236B​F8.dll/cmsidewiki.html
 O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterS​hortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll
 O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterS​hortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll
 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~2\Office12\​ONBttnIE.dll
 O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~2\Office12\​ONBttnIE.dll
 O9 - Extra button: @C:\Windows\WindowsMobile\INet​Repl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04​FAE2D4F} - C:\Windows\WindowsMobile\INetR​epl.dll
 O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04​FAE2D4F} - C:\Windows\WindowsMobile\INetR​epl.dll
 O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INet​Repl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04​FAE2D4F} - C:\Windows\WindowsMobile\INetR​epl.dll
 O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C​3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing)
 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-08002​00c9a66} - C:\Windows\bdoscandel.exe
 O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-08002​00c9a66} - C:\Windows\bdoscandel.exe
 O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C151​9E434CE} - http://www.amazon.fr/exec/obid [...] &site=home (file missing)
 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\​REFIEBAR.DLL
 O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D​5CC64F2} (20-20 3D Viewer) - http://kitchenplanner.ikea.com [...] _Win32.cab
 O16 - DPF: {4DD20514-9520-40A7-9CD6-66883​643A20B} (UviLaunch Control) - http://www.boaki.com/download/uviLaunch.cab
 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05C​B959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w [...] dfr-fr.cab
 O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730​F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.co [...] oscan8.cab
 O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89​B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolH​andler.dll
 O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-30783​02C2030} - C:\Windows\system32\browseui.d​ll
 O23 - Service: @%SystemRoot%\system32\aelupsv​c.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\Alg.exe​,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
 O23 - Service: @%systemroot%\system32\appinfo​.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceServi​ce.exe
 O23 - Service: @%SystemRoot%\system32\audiosr​v.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\audiosr​v.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\bfe.dll​,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\qmgr.dl​l,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.ex​e
 O23 - Service: @%systemroot%\system32\browser​.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\bthserv​.dll,-101 (BthServ) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\certpro​p.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvc​s.exe
 O23 - Service: @%SystemRoot%\system32\cryptsv​c.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe
 O23 - Service: @%SystemRoot%\system32\dhcpcsv​c.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\dnsapi.​dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\dot3svc​.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\dps.dll​,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\eapsvc.​dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\ehome\ehrecvr.ex​e,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
 O23 - Service: @%SystemRoot%\ehome\ehsched.ex​e,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
 O23 - Service: @%SystemRoot%\ehome\ehstart.dl​l,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\emdmgmt​.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wevtsvc​.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\fdPHost​.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\fdrespu​b.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\FntCach​e.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: France Telecom Routing Table Service (FTRTSVC) - Unknown owner - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
 O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpda​te.exe
 O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 O23 - Service: HDD & SSD access service - BinarySense Ltd. - C:\Program Files\Common Files\BinarySense\disksvc.exe
 O23 - Service: @%SystemRoot%\System32\hidserv​.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\kmsvc.d​ll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\ikeext.​dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\IPBusEn​um.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\iphlpsv​c.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
 O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
 O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\srvsvc.​dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\wkssvc.​dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\lltdres​.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\lmhsvc.​dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (file missing)
 O23 - Service: @%systemroot%\system32\mmcss.d​ll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\Firewal​lAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
 O23 - Service: @%SystemRoot%\system32\iscsids​c.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\msimsg.​dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.ex​e
 O23 - Service: @%SystemRoot%\system32\qagentr​t.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\netlogo​n.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
 O23 - Service: @%SystemRoot%\system32\netman.​dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\netprof​.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\nlasvc.​dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset  - C:\Program Files\Eset\nod32krn.exe
 O23 - Service: @%SystemRoot%\system32\nsisvc.​dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\p2psvc.​dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\p2psvc.​dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\pcasvc.​dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\pla.dll​,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\umpnpmg​r.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\p2psvc.​dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\p2psvc.​dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\polstor​e.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\profsvc​.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\psbase.​dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
 O23 - Service: @%SystemRoot%\system32\qwave.d​ll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%windir%\WindowsMobile\rapimg​r.dll,-104 (RapiMgr) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\rasauto​.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\rasmans​.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\Locator​.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.ex​e
 O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\samsrv.​dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
 O23 - Service: @%SystemRoot%\System32\SCardSv​r.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\schedsv​c.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\certpro​p.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\sdrsvc.​dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\seclogo​n.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\Sens.dl​l,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\SessEnv​.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\ipnathl​p.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\shsvcs.​dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\SLsvc.e​xe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
 O23 - Service: @%SystemRoot%\system32\SLUINot​ify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\TOSHIBA\SmartFaceV\Smart​FaceVWatchSrv.exe
 O23 - Service: @%SystemRoot%\system32\snmptra​p.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.e​xe
 O23 - Service: @%systemroot%\system32\spoolsv​.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.ex​e
 O23 - Service: @%systemroot%\system32\ssdpsrv​.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\sstpsvc​.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wiaserv​c.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\swprv.d​ll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\sysmain​.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\TabSvc.​dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\tapisrv​.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\tbssvc.​dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
 O23 - Service: @%SystemRoot%\System32\termsrv​.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\shsvcs.​dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\mmcss.d​ll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
 O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.ex​e
 O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
 O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
 O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\​TosIPCSrv.exe
 O23 - Service: @%SystemRoot%\system32\trkwks.​dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\servicing\Truste​dInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedIn​staller.exe
 O23 - Service: @%SystemRoot%\system32\ui0dete​ct.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.​exe
 O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
 O23 - Service: @%systemroot%\system32\upnphos​t.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\dwm.exe​,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\vds.exe​,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
 O23 - Service: @%systemroot%\system32\vssvc.e​xe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
 O23 - Service: @%SystemRoot%\system32\w32time​.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%windir%\WindowsMobile\wcesco​mm.dll,-40079 (WcesComm) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wcncsvc​.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\WcsPlug​InService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\wdi.dll​,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\wdi.dll​,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\webclnt​.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wecsvc.​dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\wercpls​upport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\wersvc.​dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\winhttp​.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\wbem\wm​isvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\wsmsvc.​dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\wlansvc​.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\wbem\wm​iapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiAp​Srv.exe
 O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
 O23 - Service: @%SystemRoot%\system32\wpcsvc.​dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wpdbuse​num.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @C:\Windows\Microsoft.NET\Fram​ework\v4.0.30319\WPF\WPFFontCa​che_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Frame​work\v4.0.30319\WPF\WPFFontCac​he_v0400.exe
 O23 - Service: @%SystemRoot%\System32\wscsvc.​dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\SearchI​ndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchInde​xer.exe
 O23 - Service: @%systemroot%\system32\wuaueng​.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wudfsvc​.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xa​udio.exe

 --
 End of file - 28236 bytes

 ======Scheduled tasks folder======

 C:\Windows\tasks\Google Software Updater.job
 C:\Windows\tasks\GoogleUpdateT​askMachineCore.job
 C:\Windows\tasks\GoogleUpdateT​askMachineUA.job
 C:\Windows\tasks\User_Feed_Syn​chronization-{499926D8-25B1-47​1A-834C-B091103D39ED}.job

 ======Registry dump======

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
 Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelperShim.dll [2010-09-22 75200]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
 RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer​\BrowserRecordPlugin\IE\rpbrow​serrecordplugin.dll [2010-04-10 341600]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
 Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
 Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
 Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNoti​fier\5.5.4723.1820\swg.dll [2010-02-07 812528]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
 LimeWire Toolbar - C:\Program Files\Ask.com\GenericAskToolba​r.dll [2010-10-11 1244040]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
 Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-15 41760]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}]
 OfferBox - C:\Program Files\OfferBox\OfferBoxBHO.dll [2010-10-08 135000]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\Toolbar]
 {D4027C7F-154A-4066-A1AD-4243D​8127440} - LimeWire Toolbar - C:\Program Files\Ask.com\GenericAskToolba​r.dll [2010-10-11 1244040]

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Run]
 "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
 "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe [2007-12-06 1029416]
 "NDSTray.exe"=NDSTray.exe []
 "cfFncEnabler.exe"=cfFncEnable​r.exe []
 "Google EULA Launcher"=c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe [2008-05-28 20480]
 "topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]
 "IgfxTray"=C:\Windows\system32​\igfxtray.exe [2008-06-25 150040]
 "HotKeysCmds"=C:\Windows\syste​m32\hkcmd.exe [2008-06-25 170520]
 "Persistence"=C:\Windows\syste​m32\igfxpers.exe [2008-06-25 145944]
 "RtHDVCpl"=C:\Windows\RtHDVCpl​.exe [2008-04-08 6037504]
 "TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456]
 "SmoothView"=C:\Program Files\Toshiba\SmoothView\Smoot​hView.exe [2008-06-24 509816]
 "00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdM​ain.exe [2008-05-09 716800]
 "Toshiba Registration"=C:\Program Files\Toshiba\Registration\Tos​hibaRegistration.exe [2008-01-11 574864]
 "Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2008-04-29 417792]
 "Samsung Common SM"=C:\Windows\Samsung\ComSMMg​r\ssmmgr.exe [2005-07-03 372736]
 "nod32kui"=C:\Program Files\Eset\nod32kui.exe [2009-04-10 949376]
 "Toshiba TEMPRO"=C:\Program Files\Toshiba TEMPRO\TemproTray.exe [2009-04-21 1045904]
 "Windows Mobile Device Center"=C:\Windows\WindowsMobi​le\wmdc.exe [2007-05-31 648072]
 "ORAHSSSessionManager"=C:\Prog​ram Files\OrangeHSS\SessionManager​\SessionManager.exe [2007-12-12 107248]
 "TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched​.exe [2010-04-10 202256]
 "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-18 421888]
 "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-07-21 141608]
 "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
 "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.e​xe [2010-09-20 932288]
 "UpdateReminder"=C:\Program Files\Eset\UpdateReminder.exe [2010-11-03 413696]
 "SunJavaUpdateSched"=C:\Progra​m Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

 [HKEY_CURRENT_USER\Software\Mic​rosoft\Windows\CurrentVersion\​Run]
 "TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSP​D.exe [2008-04-24 430080]
 "MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-09-22 4240760]
 "ehTray.exe"=C:\Windows\ehome\​ehTray.exe [2008-01-21 125952]
 "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2010-08-24 247144]
 "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

 C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Startup
 McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
 WinZip Quick Pick.lnk - D:\Karim\WZQKPICK.EXE

 C:\Users\mous et salima\AppData\Roaming\Microso​ft\Windows\Start Menu\Programs\Startup
 LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe
 OneNote 2007 - Capture d'écran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
 OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
 C:\Windows\system32\igfxdev.dl​l [2008-06-12 208896]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\WudfPf]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\WudfRd]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\WudfSvc]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\WudfUsbccidDriver]

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Policies\System]
 "dontdisplaylastusername"=0
 "legalnoticecaption"=
 "legalnoticetext"=
 "shutdownwithoutlogon"=1
 "undockwithoutlogon"=1
 "EnableUIADesktopToggle"=0

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Policies\explorer]
 "BindDirectlyToPropertySetStor​age"=0

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\standardprofile\authorizedap​plications\list]
 "C:\Program Files\OrangeHSS\Connectivity\C​onnectivityManager.exe"="C:\Pr​ogram Files\OrangeHSS\Connectivity\C​onnectivityManager.exe:*:enabl​ed:CSS"

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\domainprofile\authorizedappl​ications\list]

 ======File associations======

 .js - edit - C:\Windows\System32\Notepad.ex​e %1
 .js - open - C:\Windows\System32\WScript.ex​e "%1" %*

 ======List of files/folders created in the last 1 months======

 2010-11-15 16:59:43 ----A---- C:\Windows\system32\javaws.exe
 2010-11-15 16:59:43 ----A---- C:\Windows\system32\javaw.exe
 2010-11-15 16:59:43 ----A---- C:\Windows\system32\java.exe
 2010-11-07 12:44:15 ----D---- C:\Users\mous et salima\AppData\Roaming\Windows Live Writer
 2010-11-05 18:42:41 ----D---- C:\Users\mous et salima\AppData\Roaming\freeCom​pressor
 2010-11-05 18:39:02 ----D---- C:\Users\mous et salima\AppData\Roaming\OfferBo​x
 2010-11-05 18:39:02 ----D---- C:\Program Files\OfferBox
 2010-10-31 09:54:16 ----D---- C:\Program Files\Tomtomax Maxi-Box
 2010-10-28 02:19:30 ----SHD---- C:\found.000
 2010-10-27 16:02:45 ----A---- C:\Windows\system32\gameux.dll
 2010-10-27 16:02:43 ----A---- C:\Windows\system32\Apphlpdm.d​ll
 2010-10-27 16:02:42 ----A---- C:\Windows\system32\GameUXLega​cyGDFs.dll
 2010-10-24 18:55:35 ----D---- C:\Windows\fr
 2010-10-24 18:48:35 ----A---- C:\Windows\system32\XAudio2_5.​dll
 2010-10-24 18:48:35 ----A---- C:\Windows\system32\XAPOFX1_3.​dll
 2010-10-24 18:48:35 ----A---- C:\Windows\system32\d3dx10_42.​dll
 2010-10-24 18:46:11 ----A---- C:\Windows\system32\webservice​s.dll

 ======List of files/folders modified in the last 1 months======

 2010-11-20 11:16:54 ----D---- C:\Windows\Prefetch
 2010-11-20 11:16:48 ----D---- C:\Program Files\Trend Micro
 2010-11-20 11:16:46 ----D---- C:\Windows\Temp
 2010-11-20 11:12:10 ----D---- C:\Windows\Tasks
 2010-11-19 23:19:02 ----D---- C:\Windows\winsxs
 2010-11-19 23:12:41 ----AD---- C:\Windows\System32
 2010-11-19 23:12:40 ----D---- C:\Windows\inf
 2010-11-19 23:12:40 ----A---- C:\Windows\system32\PerfString​Backup.INI
 2010-11-19 18:29:42 ----D---- C:\Users\mous et salima\AppData\Roaming\LimeWir​e
 2010-11-19 18:28:25 ----D---- C:\Windows\system32\catroot
 2010-11-19 18:24:40 ----SHD---- C:\System Volume Information
 2010-11-16 09:01:13 ----D---- C:\Windows\Logs
 2010-11-15 17:09:53 ----D---- C:\Windows\system32\Tasks
 2010-11-15 17:09:49 ----SHD---- C:\Windows\Installer
 2010-11-15 17:09:49 ----HD---- C:\Config.Msi
 2010-11-15 17:09:49 ----D---- C:\Program Files\Common Files\Java
 2010-11-15 16:59:41 ----D---- C:\Program Files\Java
 2010-11-15 10:49:59 ----D---- C:\Windows\Minidump
 2010-11-15 10:49:52 ----D---- C:\Windows
 2010-11-12 22:23:56 ----SD---- C:\Users\mous et salima\AppData\Roaming\Microso​ft
 2010-11-11 03:06:08 ----D---- C:\ProgramData\Microsoft Help
 2010-11-11 03:04:54 ----D---- C:\Program Files\Windows Mail
 2010-11-11 03:01:57 ----A---- C:\Windows\system32\mrt.exe
 2010-11-05 20:35:26 ----D---- C:\Windows\system32\catroot2
 2010-11-05 20:34:44 ----RD---- C:\Program Files
 2010-11-03 17:03:30 ----D---- C:\Program Files\ESET
 2010-11-01 20:41:01 ----D---- C:\Program Files\Mozilla Firefox
 2010-11-01 09:48:32 ----D---- C:\Windows\rescache
 2010-10-30 15:05:17 ----D---- C:\Program Files\Ask.com
 2010-10-28 02:16:12 ----D---- C:\Windows\AppPatch
 2010-10-24 18:58:48 ----D---- C:\Windows\Microsoft.NET
 2010-10-24 18:57:36 ----RSD---- C:\Windows\assembly
 2010-10-24 18:53:44 ----D---- C:\Program Files\Windows Live
 2010-10-24 18:51:03 ----SD---- C:\ProgramData\Microsoft
 2010-10-24 18:51:01 ----RSD---- C:\Windows\Fonts
 2010-10-24 18:50:16 ----D---- C:\Program Files\Common Files\microsoft shared
 2010-10-24 18:46:33 ----D---- C:\Windows\system32\fr-FR

 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\ia​Stor.sys [2008-04-15 312344]
 R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\Px​Help20.sys [2008-11-20 43872]
 R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\to​s_sps32.sys [2008-07-18 279376]
 R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TV​ALZ_O.SYS [2007-11-09 23640]
 R1 nod32drv;nod32drv; C:\Windows\system32\drivers\no​d32drv.sys [2009-04-10 15424]
 R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver; C:\Windows\system32\DRIVERS\rt​lprot.sys [2007-04-23 25896]
 R2 AMON;AMON; C:\Windows\system32\drivers\am​on.sys [2009-04-10 512096]
 R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\md​mxsdk.sys [2006-06-18 12672]
 R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xa​udio.sys [2007-10-17 8704]
 R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\Fw​Lnk.sys [2006-11-20 7168]
 R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GE​ARAspiWDM.sys [2009-05-18 26600]
 R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HS​X_DPV.sys [2007-10-31 985600]
 R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HS​XHWAZL.sys [2007-10-31 208896]
 R3 igfx;igfx; C:\Windows\system32\DRIVERS\ig​dkmd32.sys [2008-06-12 2381312]
 R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RT​KVHDA.sys [2008-04-09 2095512]
 R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rt​lh86.sys [2008-04-15 118784]
 R3 RTL8187B;Adaptateur réseau USB 2.0 54Mbps, 802.11b/g sans fil Realtek RTL8187B; C:\Windows\system32\DRIVERS\RT​L8187B.sys [2007-12-26 290304]
 R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\Sy​nTP.sys [2007-12-06 196400]
 R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\td​cmdpst.sys [2006-10-18 16128]
 R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\us​bvideo.sys [2008-01-21 134016]
 R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UV​CFTR_S.SYS [2007-12-17 18432]
 R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HS​X_CNXT.sys [2007-10-31 661504]
 S2 DgiVecp;Team MFP Comm Driver; C:\Windows\System32\Drivers\Dg​iVecp.sys [2004-05-17 41984]
 S3 AgereSoftModem;Modem Soft Agere Systems; C:\Windows\system32\DRIVERS\AG​RSM.sys [2006-11-02 983552]
 S3 catchme;catchme; \??\C:\Users\MOUSET~1\AppData\​Local\Temp\catchme.sys []
 S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\dr​mkaud.sys [2008-01-21 5632]
 S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\Hd​Audio.sys [2006-11-02 235520]
 S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VS​TAZL3.SYS [2008-01-21 200704]
 S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MS​KSSRV.sys [2008-01-21 8192]
 S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MS​PCLOCK.sys [2008-01-21 5888]
 S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MS​PQM.sys [2008-01-21 5504]
 S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MS​TEE.sys [2008-01-21 6016]
 S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\cc​dcmb.sys [2008-05-02 17536]
 S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\cc​dcmbo.sys [2008-05-02 20864]
 S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PC​AMp50.sys [2006-11-28 28224]
 S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PC​ASp50.sys [2006-11-28 27072]
 S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RT​STOR.SYS [2008-04-02 62976]
 S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\us​bser_lowerflt.sys [2008-05-02 8064]
 S3 usb_rndisx;Carte RNDIS USB; C:\Windows\system32\DRIVERS\us​b8023x.sys [2009-04-11 15872]
 S3 usbser;Nokia USB Serial Port; C:\Windows\system32\DRIVERS\us​bser.sys [2009-04-11 27648]
 S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\us​bser_lowerfltj.sys [2008-05-02 8064]
 S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wp​dusb.sys [2009-10-01 40448]
 S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WU​DFRd.sys [2008-01-21 83328]
 S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\er​rdev.sys [2008-01-21 6656]
 S4 MegaSR;MegaSR; C:\Windows\system32\drivers\me​gasr.sys [2008-01-21 386616]

 ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceServi​ce.exe [2010-06-10 144176]
 R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.ex​e [2010-05-18 345376]
 R2 BthServ;@%SystemRoot%\System32​\bthserv.dll,-101; C:\Windows\system32\svchost.ex​e [2008-01-21 21504]
 R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvc​s.exe [2008-04-16 40960]
 R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-12-11 65536]
 R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
 R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2009-04-10 552064]
 R2 RapiMgr;@%windir%\WindowsMobil​e\rapimgr.dll,-104; C:\Windows\system32\svchost.ex​e [2008-01-21 21504]
 R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
 R2 TemproMonitoringService;Notebo​ok Performance Tuning Service (TEMPRO); C:\Program Files\Toshiba TEMPRO\TemproSvc.exe [2009-04-21 116104]
 R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-07-18 83312]
 R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.ex​e [2007-11-21 129632]
 R2 TomTomHOMEService;TomTomHOMESe​rvice; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008]
 R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2008-01-17 431456]
 R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\​TosIPCSrv.exe [2008-02-06 126976]
 R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
 R2 WcesComm;@%windir%\WindowsMobi​le\wcescomm.dll,-40079; C:\Windows\system32\svchost.ex​e [2008-01-21 21504]
 R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
 R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xa​udio.exe [2007-10-17 386560]
 R3 FontCache;@%systemroot%\system​32\FntCache.dll,-100; C:\Windows\system32\svchost.ex​e [2008-01-21 21504]
 R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-07-21 540968]
 R3 SmartFaceVWatchSrv;SmartFaceVW​atchSrv; C:\Program Files\TOSHIBA\SmartFaceV\Smart​FaceVWatchSrv.exe [2008-04-24 73728]
 S2 clr_optimization_v4.0.30319_32​;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Frame​work\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
 S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpda​te.exe [2010-10-16 136176]
 S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe [2009-06-11 183280]
 S2 HDD & SSD access service;HDD & SSD access service; C:\Program Files\Common Files\BinarySense\disksvc.exe [2009-11-13 205976]
 S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe []
 S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
 S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
 S3 WPFFontCache_v0400;@C:\Windows​\Microsoft.NET\Framework\v4.0.​30319\WPF\WPFFontCache_v0400.e​xe,-100; C:\Windows\Microsoft.NET\Frame​work\v4.0.30319\WPF\WPFFontCac​he_v0400.exe [2010-03-18 753504]

 -----------------EOF----------​-------

loulalie
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 20/11/2010 à 12:05:30  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
je n'en reviens pas, depuis que j'ai fais cette manip, mon clavier fonctionne à nouveau!  :youpi:  

 pourvus que ça dure!

 est ce qu'il y avait un virus dédétraqué?

loulalie
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 20/11/2010 à 14:41:13  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:sweat:  FAUSSE JOIE ça ne fonctionne plus à nouveau

(Publicité)
Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 20/11/2010 à 18:11:40  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut LOULALIE


 
  • Télécharge AD-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

 [:blue_fire:9]Désactive provisoirement et seulement le temps de l'utilisation de AD-Remover, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de nettoyage de l'outil.
 Déconnecte-toi et ferme toutes applications en cours [:blue_fire:9]

 
  • Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).

 
  • Double-clique sur l'icône AD-Remover située sur ton Bureau.
(Vista/Seven - Faire un clique droit sur l'icône AD-Remover située sur ton Bureau et choisir exécuter en tant qu'administrateur.)
 
  • Au menu principal, choisis l'option Nettoyer.
  • Poste le rapport qui apparaît à la fin.

 (Le rapport est sauvegardé aussi sous C:\Ad-report(clean).Txt

 (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

 Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure

 Aide : http://commentcestfait.forumac [...] r-t775.htm


 -----


 
  • Télécharge et installe MalwareByte's Anti-Malware
http://www.01net.com/telecharg [...] 44096.html

 
  • Mets le à jour (Important)


 
  • Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
  • Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
  • clique sur Rechercher

 
  • Une fois le scan terminé, une fenêtre s'ouvre, clique sur  sur Ok

 
  • Si MalwareByte's n'a rien détecté, clique sur Ok  Un rapport va apparaître ferme-le.

 
  • Si MalwareByte's a détecté des infections, clique sur Afficher les résultats  ensuite sur Supprimer la sélection

 
  • Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.

 Note : Si MalwareByte's  a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok

 Tutoriel pour MalwareByte's ici :
 http://www.malekal.com/tutoria [...] alware.php


 @++   :)

loulalie
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 20/11/2010 à 19:03:43  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
======= RAPPORT D'AD-REMOVER 2.0.0.2,B | UNIQUEMENT XP/VISTA/7 =======

 Mis à jour par TeamXscript le 11/11/10 à 11:40
 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
 Site web: http://www.teamxscript.org

 C:\Program Files\Ad-Remover\main.exe (CLEAN [2]) -> Lancé à 18:53:50 le 20/11/2010, Mode normal

 Microsoft® Windows Vista™ Édition Familiale Premium  Service Pack 2 (X86)
 mous et salima@PC-DE-MOUSETSAL (TOSHIBA Satellite L300)
 
 ============== ACTION(S) ==============



 (!) -- Fichiers temporaires supprimés.


 Erreur suppression clé: HKLM\Software\Microsoft\Window​s NT\CurrentVersion\Schedule\Tas​kCache\Tree\Scheduled Update for Ask Toolbar


 ============== SCAN ADDITIONNEL ==============

 ** Mozilla Firefox Version [3.6.12 (fr)] **

 -- C:\Users\mous et salima\AppData\Roaming\Mozilla​\FireFox\Profiles\rviwc0qr.def​ault\Prefs.js --
 browser.search.selectedEngine, Google
 browser.startup.homepage_overr​ide.mstone, rv:1.9.2.12

 ==============================​==========

 ** Internet Explorer Version [8.0.6001.18975] **

 [HKCU\Software\Microsoft\Intern​et Explorer\Main]
 AutoHide: yes
 Default_Page_URL: hxxp://www.microsoft.com/isapi​/redir.dll?prd=ie&pver=6&ar=ms​nhome
 Default_Search_URL: hxxp://www.microsoft.com/isapi​/redir.dll?prd=ie&ar=iesearch
 Do404Search: 0x01000000
 Local Page: C:\Windows\system32\blank.htm
 Search bar: hxxp://go.microsoft.com/fwlink​/?linkid=54896
 Show_ToolBar: yes
 Start Page: hxxp://fr.msn.com/

 [HKLM\Software\Microsoft\Intern​et Explorer\Main]
 AutoHide: yes
 Default_Page_URL: hxxp://go.microsoft.com/fwlink​/?LinkId=54896
 Default_Search_URL: hxxp://www.microsoft.com/isapi​/redir.dll?prd=ie&ar=iesearch
 Delete_Temp_Files_On_Exit: yes
 Local Page: C:\Windows\System32\blank.htm
 Search bar: hxxp://search.msn.com/spbasic.​htm
 Search Page: hxxp://www.microsoft.com/isapi​/redir.dll?prd=ie&ar=iesearch
 Start Page: hxxp://fr.msn.com/

 [HKLM\Software\Microsoft\Intern​et Explorer\ABOUTURLS]
 Tabs: res://ieframe.dll/tabswelcome.​htm
 Blank: res://mshtml.dll/blank.htm

 ==============================​==========

 C:\Program Files\Ad-Remover\Quarantine: 241 Fichier(s)
 C:\Program Files\Ad-Remover\Backup: 17 Fichier(s)

 C:\Ad-Report-CLEAN[1].txt - 20/11/2010 (9303 Octet(s))
 C:\Ad-Report-CLEAN[2].txt - 20/11/2010 (2257 Octet(s))

 Fin à: 18:55:32, 20/11/2010
 
 ============== E.O.F ==============

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 20/11/2010 à 20:33:54  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut LOULALIE


 Faire la suite avec MBAM et poste le rapport


 @++   :)

(Publicité)
loulalie
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 21/11/2010 à 00:54:38  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Malwarebytes' Anti-Malware 1.46
 www.malwarebytes.org

 Version de la base de données: 5157

 Windows 6.0.6002 Service Pack 2
 Internet Explorer 8.0.6001.18975

 20/11/2010 20:56:26
 mbam-log-2010-11-20 (20-56-26).txt

 Type d'examen: Examen complet (C:\|E:\|)
 Elément(s) analysé(s): 286850
 Temps écoulé: 1 heure(s), 25 minute(s), 41 seconde(s)

 Processus mémoire infecté(s): 0
 Module(s) mémoire infecté(s): 0
 Clé(s) du Registre infectée(s): 0
 Valeur(s) du Registre infectée(s): 0
 Elément(s) de données du Registre infecté(s): 0
 Dossier(s) infecté(s): 0
 Fichier(s) infecté(s): 0

 Processus mémoire infecté(s):
 (Aucun élément nuisible détecté)

 Module(s) mémoire infecté(s):
 (Aucun élément nuisible détecté)

 Clé(s) du Registre infectée(s):
 (Aucun élément nuisible détecté)

 Valeur(s) du Registre infectée(s):
 (Aucun élément nuisible détecté)

 Elément(s) de données du Registre infecté(s):
 (Aucun élément nuisible détecté)

 Dossier(s) infecté(s):
 (Aucun élément nuisible détecté)

 Fichier(s) infecté(s):
 (Aucun élément nuisible détecté)

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 21/11/2010 à 02:03:32  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut LOULALIE


 Télécharge OTL (de OldTimer) et enregistre-le sur ton Bureau.

 - Quitte les applications en cours afin de ne pas interrompre le scan.
 - Faire un clique droit sur OTL.exe présent sur le bureau et choisir exécuter en tant qu'administrateur pour lancer le programme
 - Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche "Rapport minimal". Fais de même avec "Tous les utilisateurs" à coté.
 - Coche également les cases à côté de "Recherche LOP" et "Recherche Purity".

 Ne modifie pas les autres paramètres !

 Copie la liste qui se trouve en gras ci-dessous, et colle-la dans la zone sous " Personnalisation "

 netsvcs
 %SYSTEMDRIVE%\*.*
 %SYSTEMDRIVE%\*.exe
 %PROGRAMFILES%\*.*
 %PROGRAMFILES%\*.
 /md5start
 eventlog.dll
 winlogon.exe
 scecli.dll
 netlogon.dll
 cngaudit.dll
 sceclt.dll
 ntelogon.dll
 logevent.dll
 iaStor.sys
 nvstor.sys
 atapi.sys
 IdeChnDr.sys
 viasraid.sys
 AGP440.sys
 vaxscsi.sys
 nvatabus.sys
 viamraid.sys
 wininit.exe
 nvata.sys
 nvgts.sys
 iastorv.sys
 ViPrt.sys
 eNetHook.dll
 explorer.exe
 svchost.exe
 userinit.exe
 qmgr.dll
 ws2_32.dll
 proquota.exe
 imm32.dll
 kernel32.dll
 ndis.sys
 autochk.exe
 spoolsv.exe
 xmlprov.dll
 ntmssvc.dll
 mswsock.dll
 Beep.SYS
 ntfs.sys
 termsrv.dll
 sfcfiles.dll
 st3shark.sys
 winlogon.exe
 /md5stop
 %systemroot%\*. /mp /s
 %systemroot%\system32\*.dll /lockedfiles
 %systemroot%\Tasks\*.job /lockedfiles
 %systemroot%\system32\drivers\​*.sys /lockedfiles
 %systemroot%\System32\config\*​.sav
 c:\$recycle.bin\*.* /s



 - Clique sur le bouton Analyse.
 - Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTListIT2 (donc par défaut sur le Bureau).

 Utilise cjoint.com pour poster en lien ton rapport :
 http://cjoint.com/

 - Clique sur Parcourir pour aller chercher le rapport
 - Clique sur Ouvrir ensuite sur Créer le lien Cjoint

 - Fais un copier/coller du lien qui est devant Le lien a été créé: dans ta prochaine réponse.



 @++   :)

loulalie
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 21/11/2010 à 18:09:40  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonjour dédétraqué

 desolée je ne sais toujours pas me servir de mcjoint alors je te fais un copier coller merci enc,ore de ton aide

 OTL Extras logfile created on: 21/11/2010 17:32:54 - Run 1
 OTL by OldTimer - Version 3.2.17.3     Folder = C:\Users\mous et salima\Downloads
 Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
 Internet Explorer (Version = 9.0.7930.16406)
 Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
 Paging file location(s): ?:\pagefile.sys [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
 Drive C: | 116,29 Gb Total Space | 19,79 Gb Free Space | 17,02% Space Free | Partition Type: NTFS
 Drive E: | 115,13 Gb Total Space | 109,90 Gb Free Space | 95,45% Space Free | Partition Type: NTFS
 
 Computer Name: PC-DE-MOUSETSAL | User Name: mous et salima | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: All users
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 ========== Extra Registry (SafeList) ==========
 
 
 ========== File Associations ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\<extension>]
 .cpl [@ = cplfile] -- C:\Windows\System32\control.ex​e (Microsoft Corporation)
 .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 .html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
 
 [HKEY_USERS\S-1-5-21-3914774487​-1322234642-4104364421-1000\SO​FTWARE\Classes\<extension&g​t;]
 .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
 ========== Shell Spawning ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\<key>\shell\[comma​nd]\command]
 batfile [open] -- "%1" %*
 cmdfile [open] -- "%1" %*
 comfile [open] -- "%1" %*
 cplfile [cplopen] -- %SystemRoot%\System32\control.​exe "%1",%* (Microsoft Corporation)
 exefile [open] -- "%1" %*
 helpfile [open] -- Reg Error: Key error.
 hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
 http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
 https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
 inffile [install] -- %SystemRoot%\System32\InfDefau​ltInstall.exe "%1" (Microsoft Corporation)
 piffile [open] -- "%1" %*
 regfile [merge] -- Reg Error: Key error.
 scrfile [config] -- "%1"
 scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
 scrfile [open] -- "%1" /S
 txtfile [edit] -- Reg Error: Key error.
 Unknown [openas] -- %SystemRoot%\system32\rundll32​.exe %SystemRoot%\system32\shell32.​dll,OpenAs_RunDLL %1
 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\​ONENOTE.EXE "%L" File not found
 Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
 Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
 Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
 Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
 ========== Security Center Settings ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center]
 "cval" = 1
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\McAfeeAntiSpyware]
 "DisableMonitoring" = 1
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Svc]
 "AntiVirusOverride" = 0
 "AntiSpywareOverride" = 0
 "FirewallOverride" = 0
 "VistaSp1" = Reg Error: Unknown registry data type -- File not found
 "VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Svc\Vol]
 
 ========== Firewall Settings ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Po​licies\Microsoft\WindowsFirewa​ll]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Po​licies\Microsoft\WindowsFirewa​ll\DomainProfile]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Po​licies\Microsoft\WindowsFirewa​ll\StandardProfile]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\DomainProfile]
 "EnableFirewall" = 1
 "DisableNotifications" = 0
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile]
 "EnableFirewall" = 1
 "DisableNotifications" = 0
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\GloballyOpen​Ports\List]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\PublicProfile]
 "EnableFirewall" = 1
 "DisableNotifications" = 0
 
 ========== Authorized Applications List ==========
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List]
 "C:\Program Files\OrangeHSS\Connectivity\C​onnectivityManager.exe" = C:\Program Files\OrangeHSS\Connectivity\C​onnectivityManager.exe:*:enabl​ed:CSS -- (France Telecom SA)
 
 
 ========== Vista Active Open Ports Exception List ==========
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\FirewallRules]
 "{0211B8B7-46C9-42D9-87EB-DDB1​590F1F36}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=c:\windows\system32\svchos​t.exe |
 "{03BA1FDC-044E-43C5-ABA1-79FA​CBD9C233}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile​\wmdhost.exe |
 "{0C60490B-74E8-435D-AAF0-AB8C​DDA3C1D8}" = rport=445 | protocol=6 | dir=out | app=system |
 "{1902FA5F-7A2E-4EE7-9EFA-FED5​3792C329}" = lport=2869 | protocol=6 | dir=in | app=system |
 "{1A4C9EFA-FD5F-476B-A7DA-059F​E9700098}" = rport=138 | protocol=17 | dir=out | app=system |
 "{1BD14E57-03E8-4FDF-870E-3E94​5B6D23EB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchos​t.exe |
 "{2065C0E0-3FE0-4AD8-B194-F4A8​E37F1C76}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{256C0BBA-86E8-48B7-B9F3-06EA​D5BEB0BD}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile​\wmdhost.exe |
 "{26DB34B9-9CBC-4E31-A5D0-21E0​AE856688}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=c:\windows\system32\svchos​t.exe |
 "{2882B29D-7084-4143-8D20-A10A​186519F8}" = rport=139 | protocol=6 | dir=out | app=system |
 "{28B7E425-3797-4E5E-A01D-B9D6​CB640E88}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobi​le\wmdcbase.exe,-4006 |
 "{2EC82980-1F57-4EC5-B562-E1A3​19441770}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobi​le\wmdcbase.exe,-4006 |
 "{3021DBDC-56B9-4AEA-B508-920D​0AD4D961}" = lport=139 | protocol=6 | dir=in | app=system |
 "{36BB8F6A-FFEE-442A-87FD-B69D​3F183731}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile​\wmdhost.exe |
 "{432F0D79-63E0-4D17-8DF7-725E​F47069BE}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{51DA27F0-6C23-43A5-947B-13E0​133AE94D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
 "{52999FDB-865D-4DB8-922C-DA40​8A9AD006}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchos​t.exe |
 "{5518FF4D-A011-4354-98C4-FB1A​4D12CBC7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
 "{6F9564BB-1E1B-4971-A8EE-6046​5DE8168D}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{71DE8239-C494-447D-97C8-8450​F661AA72}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=c:\windows\system32\svchos​t.exe |
 "{7533B107-5C0B-4157-B126-6A36​5384C772}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=c:\windows\system32\svchos​t.exe |
 "{7C142514-1DBD-4D9F-874E-1E7A​47945F88}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobi​le\wmdcbase.exe,-4006 |
 "{85BA3510-73DE-446F-B391-0D26​B42FD11A}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{866C8C99-FF4D-43E3-8952-DA4F​171974B0}" = lport=138 | protocol=17 | dir=in | app=system |
 "{878FB6F7-14C5-490A-806D-15CC​4ABF1C20}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile​\wmdhost.exe |
 "{8FC715C6-BF9A-4EF2-AAD5-0E57​BE6D350C}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile​\wmdhost.exe |
 "{9265D51F-6E0F-4301-82CA-A86F​27677652}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{95E9D1DB-2AE6-4DE9-937F-136C​DA6F181D}" = rport=137 | protocol=17 | dir=out | app=system |
 "{972E6609-B183-454E-B963-D62F​A84B7A79}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{9DF10E10-3F8C-4F28-AB77-216F​6B2018CA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=partage de fichiers et d'imprimantes (service spouleur - rpc-epmap) |
 "{A01B4D14-52A8-4C06-9BB4-4D1D​40A779BF}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{A76BB0F5-9284-4030-BA47-65F8​57DC994D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
 "{A7EA658B-AC02-48BA-A0A6-28C1​418B0ABD}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{B1EF5876-9041-4897-AFE6-DAE0​DCADABBB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=c:\windows\system32\svchos​t.exe |
 "{B2F4C5CC-BB19-4BA4-B35F-7AEF​AC07FA3B}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile​\wmdhost.exe |
 "{B3561F8F-AE62-41F2-9D6E-566A​FC95A096}" = lport=445 | protocol=6 | dir=in | app=system |
 "{CB6AC477-05CF-40F3-B65F-67F6​443F517A}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=c:\windows\system32\svchos​t.exe |
 "{E9B47BD7-F0CF-471D-A308-DDA7​768AA075}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=c:\windows\system32\spools​v.exe |
 "{F5D93BA1-4EFD-4697-BAD3-AED4​FB9F95D6}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{FE868B4D-B0CF-4A32-A611-A779​81E5301B}" = lport=137 | protocol=17 | dir=in | app=system |
 
 ========== Vista Active Application Exception List ==========
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\FirewallRules]
 "{0FBBF952-5AD8-43CA-B891-DBD1​4232843F}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
 "{11010031-580D-4580-8254-009E​4C41C967}" = protocol=58 | dir=in | name=partage de fichiers et d'imprimantes (demande d'écho - trafic entrant icmpv6) |
 "{3A5E7A0D-208E-4379-B38D-2F76​99B18034}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svch​ost.exe |
 "{3A9C7B92-80E0-496A-B8BD-CFFF​7A8D12E8}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{3FCD2A77-77E6-4288-99D2-AB5F​D907421D}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{42ED1F23-8700-4ABC-BD34-626B​B1755022}" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
 "{440AF812-5224-4FF6-A78A-8125​001D4EA1}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchos​t.exe |
 "{49B1F3E5-31EC-4F07-80A2-B43A​921154FF}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
 "{49B6143B-6A45-46BF-92A8-1BEA​27749A70}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svch​ost.exe |
 "{5D1A21BA-7A74-4533-BF4F-08B0​93FDF0A4}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
 "{5ED10D7A-2F1A-4FD6-8818-5964​5D4F29E0}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
 "{60D0D594-D808-4E81-9C2F-B8BD​A537C70A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
 "{6823EB3C-BE39-4A6A-936C-2977​D9D74D1B}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svch​ost.exe |
 "{6A7925EC-E646-4F34-B7D8-2362​28352430}" = protocol=1 | dir=in | name=partage de fichiers et d'imprimantes (demande d'écho - trafic entrant icmpv4) |
 "{6B88DA03-2D50-447D-844E-DFBA​9634D12A}" = protocol=1 | dir=out | name=partage de fichiers et d'imprimantes (demande d'écho - trafic sortant icmpv4) |
 "{6F4BABA3-56FE-423A-88B9-528E​AD41EA2A}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{826534C4-84EE-4383-BC97-A305​68D05035}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{8279132A-1E24-472E-B035-BFDC​13C5FEAD}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svch​ost.exe |
 "{84AB4565-47A9-4F55-A113-DAE5​712AD599}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.ex​e |
 "{84C67507-FDF9-4BA3-B647-0132​44DE854B}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svch​ost.exe |
 "{94956A55-2901-4AA1-9C66-7C45​12ED3ADF}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
 "{982BF0A9-F3CC-4739-9632-6B1A​E5035C50}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.ex​e |
 "{9F2DCB21-E3AA-4911-9B8C-E4AE​8A70B3AB}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svch​ost.exe |
 "{A2DE6C75-B3F3-4009-B92D-2218​B34DFCF6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
 "{A69ECD48-3D4F-4CD3-A377-6460​1F797A2F}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svch​ost.exe |
 "{AA33B06F-AB64-4EEF-B4FF-7409​7608667C}" = protocol=58 | dir=out | name=partage de fichiers et d'imprimantes (demande d'écho - trafic sortant icmpv6) |
 "{B2F47DB9-84D0-4693-930A-CDB2​EABEFD19}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svch​ost.exe |
 "{BD9B5CDF-6701-43D9-BA58-83ED​930CD9E5}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svch​ost.exe |
 "{C7935D03-BE8C-4B86-938F-C06C​4B9FD3DE}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.ex​e |
 "{D154D308-5606-43E7-98DF-4EDB​14BDEE5A}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
 "{DA2576CC-1DF7-43CA-898D-5519​9DC266EF}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
 "{DA6A4651-32E5-43FE-8953-1A69​B41443A3}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{DCB5E682-8403-4D5B-96B2-FE44​CB7D8E0C}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{DF38AE30-4418-4286-B758-9553​A5E400CC}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
 "{E726C043-36C5-443B-A2FC-7798​D991CA54}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.ex​e |
 "{E793C58E-DE35-4910-9E9E-7BF2​1B4DBFD6}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svch​ost.exe |
 "{EAAEC581-95CD-4265-9788-6CA9​BAEADA4B}" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
 "{EC57E810-8DFF-4E98-B4EE-56DA​81E1E976}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svch​ost.exe |
 "{F1205E90-CF21-4CD3-BF58-DE2E​E0C677C1}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
 "{F2F3EFD5-CAE6-48EA-90DC-F815​ED586799}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
 "{F4885AC5-30BD-496D-B613-ACB3​59EA9C3B}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{F78B1CA2-1784-49B2-8EBB-82E2​F363F341}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{FA5B3FAE-149E-4ECE-9F4B-46CF​78801FD1}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
 "{FF64F876-5AD7-4DA7-A4B7-6AE3​F39F86CF}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svch​ost.exe |
 "TCP Query User{020FF967-0400-4CEA-88F5-3​FDE3162B264}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
 "TCP Query User{20528A99-B210-41D1-B7C2-C​F53CE9D0A5F}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
 "TCP Query User{2E7A8540-E5D7-494E-B6C8-E​74C0770BD2E}C:\program files\tvants\tvants.exe" = protocol=6 | dir=in | app=c:\program files\tvants\tvants.exe |
 "TCP Query User{32CAC3C6-58DD-4F76-8E46-F​5F8803BF1C5}C:\program files\sopcast\adv\sopadver.exe​" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
 "TCP Query User{4E6D2207-5C26-4E55-853A-8​9E37D0C3431}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
 "TCP Query User{519EBD37-37BE-4733-AF52-7​7D284326F9D}C:\program files\tvants\tvants.exe" = protocol=6 | dir=in | app=c:\program files\tvants\tvants.exe |
 "TCP Query User{5ED8A5B5-AE55-4C64-B5B9-8​49BF9193B14}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
 "TCP Query User{6ED7F1F5-57DB-4BA7-8CA1-1​46CDD9333E2}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
 "TCP Query User{75905FB1-5E24-40C4-ABE1-2​0815C290B45}C:\program files\real\realplayer\realplay​.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay​.exe |
 "TCP Query User{94CB8F64-A424-4360-A0C5-1​1347034C465}C:\program files\sopcast\adv\sopadver.exe​" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
 "TCP Query User{A1B5A449-BDC4-4F9A-8F93-D​71E8404A220}C:\program files\webmediaplayer\webmediap​layer.exe" = protocol=6 | dir=in | app=c:\program files\webmediaplayer\webmediap​layer.exe |
 "TCP Query User{B405B9F1-830F-4B91-BF78-3​F4BC1EA85D7}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
 "TCP Query User{B6E0ACC8-A091-44C4-9D3F-2​21965540ACF}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
 "TCP Query User{BD4D9A54-955F-43F7-AE35-D​856E0209988}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
 "TCP Query User{D29219DA-A222-41F6-813F-F​70E589029FB}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
 "TCP Query User{DB0E8B58-2D34-46E5-8853-9​A5CEE227032}C:\program files\windows live\messenger\livecall.exe" = protocol=6 | dir=in | app=c:\program files\windows live\messenger\livecall.exe |
 "UDP Query User{08E8A4C7-9F08-40F3-80E8-3​8EFE9884063}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
 "UDP Query User{1AD830C1-6308-4DB4-A17F-5​29B43420BA8}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
 "UDP Query User{25839003-D847-4504-A945-3​4D4F69D2FE6}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
 "UDP Query User{2F9CB641-3A40-43EC-9FD6-6​918537FC030}C:\program files\windows live\messenger\livecall.exe" = protocol=17 | dir=in | app=c:\program files\windows live\messenger\livecall.exe |
 "UDP Query User{34E2A81C-F519-4AAD-AF14-7​34F11042C06}C:\program files\webmediaplayer\webmediap​layer.exe" = protocol=17 | dir=in | app=c:\program files\webmediaplayer\webmediap​layer.exe |
 "UDP Query User{374A1EBE-C56A-4423-86BE-0​8DFBBB8932B}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
 "UDP Query User{493D4BB6-3ED0-4676-8318-8​F4DF25B94D7}C:\program files\real\realplayer\realplay​.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay​.exe |
 "UDP Query User{592157D6-B5EB-4DB6-B95B-6​63B5522D8D9}C:\program files\tvants\tvants.exe" = protocol=17 | dir=in | app=c:\program files\tvants\tvants.exe |
 "UDP Query User{5923A71E-4324-49FC-8BA1-0​439CF6C2F38}C:\program files\sopcast\adv\sopadver.exe​" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
 "UDP Query User{609115A8-246C-41F4-94FC-B​13D6AAEE390}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
 "UDP Query User{861F7463-43E9-4C89-B187-2​506FB66F83D}C:\program files\tvants\tvants.exe" = protocol=17 | dir=in | app=c:\program files\tvants\tvants.exe |
 "UDP Query User{A508A694-B893-4FE2-B8DE-C​F2817B3518A}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
 "UDP Query User{AC4F50CA-179B-411A-A709-D​AD56AF9F77E}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
 "UDP Query User{B15D6541-F0F0-49E7-9608-B​557A9D7B47C}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
 "UDP Query User{DCEE5595-D797-4180-B231-8​F239EC58CF6}C:\program files\sopcast\adv\sopadver.exe​" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
 "UDP Query User{F692063F-3E02-4258-ACE8-6​745FFBCAA8C}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Uninstall]
 "{002D9D5E-29BA-3E6D-9BC4-3D7D​6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
 "{02CA24DD-C8B0-4280-BE53-7862​869C2EB1}" = Realtek WiFi Protected Setup Library
 "{09F56A49-A7B1-4AAB-95B9-D130​94254AD1}" = Windows Live UX Platform Language Pack
 "{0B0F231F-CE6A-483D-AA23-77B3​64F75917}" = Windows Live Installer
 "{0CA6047C-D28B-4295-834A-07C5​2BA20C2D}" = Extension de Windows Live Toolbar (Windows Live Toolbar)
 "{0CB9668D-F979-4F31-B8B8-67FE​90F929F8}" = Bonjour
 "{0CC70FEF-5068-4CD5-B4DE-86FF​D98EC929}" = Menus intelligents (Windows Live Toolbar)
 "{0D5D0BEE-FBA9-4928-A50D-6CDF​AB827755}" = TOSHIBA ConfigFree
 "{0F5B4A82-9DAF-3D13-8CB8-AEB2​5E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
 "{0FA44E79-CD7D-4E8D-A2EE-26FE​05F509B6}" = OpenOffice.org 3.1
 "{12B3A009-A080-4619-9A2A-C6DB​151D8D67}" = TOSHIBA Assist
 "{1F6AB0E7-8CDD-4B93-8A23-AA9E​B2FEFCE4}" = Junk Mail filter update
 "{200FEC62-3C34-4D60-9CE8-EC37​2E01C08F}" = Windows Live SOXE Definitions
 "{2075CB0A-D26F-4DAA-B424-5079​296B43BA}" = Windows Live FolderShare
 "{2290A680-4083-410A-ADCC-7092​C67FC052}" = Toshiba Online Product Information
 "{26A24AE4-039D-4CA4-87B4-2F83​216016FF}" = Java(TM) 6 Update 22
 "{2883F6F5-0509-43F3-868C-D503​30DD9DD3}" = TOSHIBA Hardware Setup
 "{2ADE2157-7A5E-122C-B51D-EB8A​01B15943}" = DeepBurner v1.9.0.228
 "{2EA870FA-585F-4187-903D-CB9F​FD21E2E0}" = DHTML Editing Component
 "{3248F0A8-6813-11D6-A77B-00B0​D0160060}" = Java(TM) 6 Update 6
 "{3336F667-9049-4D46-98B6-4C74​3EEBC5B1}" = Windows Live Photo Gallery
 "{34319F1F-7CF2-4CC9-B357-1AE7​D2FF3AC5}" = Windows Live
 "{37C866E4-AA67-4725-9E95-A399​68DD7960}" = Camera Assistant Software for Toshiba
 "{3B160861-7250-451E-B5EE-8B92​BF30A710}" = Microsoft Works
 "{3B9A92DA-6374-4872-B646-253F​18624D5F}" = Windows Live Writer
 "{3C3901C5-3455-3E0A-A214-0B09​3A5070A6}" = Microsoft .NET Framework 4 Client Profile
 "{3D9892BB-A751-4E48-ADC8-E428​9956CE1D}" = QuickTime
 "{3E31821C-7917-367E-938E-E65F​C413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
 "{3F92ABBB-6BBF-11D5-B229-0020​78017FBF}" = NetWaiting
 "{488F0347-C4A7-4374-91A7-3081​8BEDA710}" = Galerie de photos Windows Live
 "{4A03706F-666A-4037-7777-5F27​48764D10}" = Java Auto Updater
 "{4B1E87C3-00DE-4898-8E39-E390​AAEF2391}" = TOSHIBA Supervisor Password
 "{4CBABDFD-49F8-47FD-BE7D-ECDE​7270525A}" = Windows Live PIMT Platform
 "{56C049BE-79E9-4502-BEA7-9754​A3E60F9B}" = neroxml
 "{5B0202A8-CC6B-4443-AD73-FE9D​F1FC1622}" = Manuels TOSHIBA
 "{5DA0E02F-970B-424B-BF41-513A​5018E4C0}" = TOSHIBA Disc Creator
 "{5DD4FCBD-A3C1-4155-9E17-4161​C70AAABA}" = Segoe UI
 "{6057E21C-ABE9-4059-AE3E-3BEB​9925E660}" = Windows Live Messenger
 "{617C36FD-0CBE-4600-84B2-441C​EB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
 "{61AD15B2-50DB-4686-A739-14FE​180D4429}" = Windows Live ID Sign-in Assistant
 "{62687B11-58B5-4A18-9BC3-9DF4​CE03F194}" = Windows Live Writer Resources
 "{65DA2EC9-0642-47E9-AAE2-B526​7AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
 "{682B3E4F-696A-42DE-A41C-4C07​EA1678B4}" = Windows Live SOXE
 "{6956856F-B6B3-4BE0-BA0B-8F49​5BE32033}" = Apple Software Update
 "{69640730-B830-4C24-BB5C-222D​A1260548}" = Turbo Lister 2
 "{69FDFBB6-351D-4B8C-89D8-867D​C9D0A2A4}" = Windows Media Player Firefox Plugin
 "{6C5F3BDC-0A1B-4436-A696-5939​629D5C31}" = TOSHIBA DVD PLAYER
 "{6DEC8BD5-7574-47FA-B080-492B​BBE2FEA3}" = Windows Live Movie Maker
 "{7299052b-02a4-4627-81f2-1818​da5d550d}" = Microsoft Visual C++ 2005 Redistributable
 "{770657D0-A123-3C07-8E44-1C83​EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
 "{773970F1-5EBA-4474-ADEE-1EA3​B0A59492}" = TRDCReminder
 "{7C30283C-8DC7-4FBB-805E-52BE​A5F580E8}" = Toshiba TEMPRO
 "{81B5F83F-2291-48B0-8375-36B6​3A9BF5B0}" = Surligneur (Windows Live Toolbar)
 "{85991ED2-010C-4930-96FA-52F4​3C2CE98A}" = Apple Mobile Device Support
 "{8833FFB6-5B0C-4764-81AA-06DF​EED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
 "{895722FE-25FE-4854-95AC-B0C4​2F9DBEDA}" = REALTEK RTL8187B Wireless LAN Driver
 "{89F4137D-6C26-4A84-BDB8-2E5A​4BB71E00}" = Microsoft Silverlight
 "{8DD46C6A-0056-4FEC-B70A-28BB​16A1F11F}" = MSVCRT
 "{8F3C31C5-9C3A-4AA8-8EFA-7129​0A7AD533}" = TomTom HOME Visual Studio Merge Modules
 "{90024193-9F13-4877-89D5-A1CD​F0CBBF28}" = Feedback Tool
 "{9011040C-6000-11D3-8CFE-0150​048383C9}" = Microsoft Office Professional Edition 2003
 "{90120000-0016-040C-0000-0000​000FF1CE}" = Microsoft Office Excel MUI (French) 2007
 "{90120000-0016-040C-0000-0000​000FF1CE}_HOMESTUDENTR_{AE187E​0D-EBA5-4EE1-A397-BF1A577CB24C​}" = Microsoft Office 2007 Service Pack 2 (SP2)
 "{90120000-0018-040C-0000-0000​000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
 "{90120000-0018-040C-0000-0000​000FF1CE}_HOMESTUDENTR_{AE187E​0D-EBA5-4EE1-A397-BF1A577CB24C​}" = Microsoft Office 2007 Service Pack 2 (SP2)
 "{90120000-001B-040C-0000-0000​000FF1CE}" = Microsoft Office Word MUI (French) 2007
 "{90120000-001B-040C-0000-0000​000FF1CE}_HOMESTUDENTR_{AE187E​0D-EBA5-4EE1-A397-BF1A577CB24C​}" = Microsoft Office 2007 Service Pack 2 (SP2)
 "{90120000-001F-0401-0000-0000​000FF1CE}" = Microsoft Office Proof (Arabic) 2007
 "{90120000-001F-0401-0000-0000​000FF1CE}_HOMESTUDENTR_{14809F​99-C601-4D4A-9391-F1E8FAA964C5​}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
 "{90120000-001F-0407-0000-0000​000FF1CE}" = Microsoft Office Proof (German) 2007
 "{90120000-001F-0407-0000-0000​000FF1CE}_HOMESTUDENTR_{A05164​15-ED61-419A-981D-93596DA74165​}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
 "{90120000-001F-0409-0000-0000​000FF1CE}" = Microsoft Office Proof (English) 2007
 "{90120000-001F-0409-0000-0000​000FF1CE}_HOMESTUDENTR_{ABDDE9​72-355B-4AF1-89A8-DA50B7B5C045​}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
 "{90120000-001F-040C-0000-0000​000FF1CE}" = Microsoft Office Proof (French) 2007
 "{90120000-001F-040C-0000-0000​000FF1CE}_HOMESTUDENTR_{F580DD​D5-8D37-4998-968E-EBB76BB86787​}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
 "{90120000-001F-0413-0000-0000​000FF1CE}" = Microsoft Office Proof (Dutch) 2007
 "{90120000-001F-0413-0000-0000​000FF1CE}_HOMESTUDENTR_{D66D5A​44-E480-4BA4-B4F2-C554F6B30EBB​}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
 "{90120000-001F-0C0A-0000-0000​000FF1CE}" = Microsoft Office Proof (Spanish) 2007
 "{90120000-001F-0C0A-0000-0000​000FF1CE}_HOMESTUDENTR_{187308​AB-5FA7-4F14-9AB9-D290383A10D9​}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
 "{90120000-0020-040C-0000-0000​000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
 "{90120000-002C-040C-0000-0000​000FF1CE}" = Microsoft Office Proofing (French) 2007
 "{90120000-006E-040C-0000-0000​000FF1CE}" = Microsoft Office Shared MUI (French) 2007
 "{90120000-006E-040C-0000-0000​000FF1CE}_HOMESTUDENTR_{B165D3​C2-40AE-4D39-86F7-E5C87C4264C0​}" = Microsoft Office 2007 Service Pack 2 (SP2)
 "{90120000-00A1-040C-0000-0000​000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
 "{90120000-00A1-040C-0000-0000​000FF1CE}_HOMESTUDENTR_{AE187E​0D-EBA5-4EE1-A397-BF1A577CB24C​}" = Microsoft Office 2007 Service Pack 2 (SP2)
 "{904CCF62-818D-4675-BC76-D37E​B399F917}" = Gestionnaire pour appareils Windows Mobile
 "{9068B2BE-D93A-4C0A-861C-5E35​E2C0E09E}" = Intel® Matrix Storage Manager
 "{91120000-002F-0000-0000-0000​000FF1CE}" = Microsoft Office Home and Student 2007
 "{91120000-002F-0000-0000-0000​000FF1CE}_HOMESTUDENTR_{0B36C6​D6-F5D8-4EAF-BF94-4376A230AD5B​}" = Microsoft Office 2007 Service Pack 2 (SP2)
 "{91120000-002F-0000-0000-0000​000FF1CE}_HOMESTUDENTR_{3D0195​98-7B59-447A-80AE-815B703B84FF​}" = Security Update for Microsoft Office system 2007 (972581)
 "{91F7F3F3-CE80-48C3-8327-7D24​A0A5716A}" = iTunes
 "{92EA4134-10D1-418A-91E1-5A04​53131A38}" = Windows Live Movie Maker
 "{95120000-00AF-040C-0000-0000​000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
 "{95120000-00B9-0409-0000-0000​000FF1CE}" = Microsoft Application Error Reporting
 "{95FC26FB-19FD-4A96-BBB1-B106​2E8648F5}" = AGEIA PhysX v7.11.13
 "{9A25302D-30C0-39D9-BD6F-21E6​EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
 "{9D56775A-93F3-44A3-8092-840E​3826DE30}" = Windows Live Mail
 "{9FAE6E8D-E686-49F5-A574-0A58​DFD9580C}" = Windows Live Mail
 "{9FE35071-CAB2-4E79-93E7-BFC6​A2DC5C5D}" = Réducteur de bruit du lecteur de CD/DVD
 "{A10F672B-01C4-498F-ADBD-3E5B​144284B7}_is1" = Tomtomax Maxi-Box V2.0.21
 "{A726AE06-AAA3-43D1-87E3-70F5​10314F04}" = Windows Live Writer
 "{A92DAB39-4E2C-4304-9AB6-BC44​E68B55E2}" = Google Update Helper
 "{A9BDCA6B-3653-467B-AC83-9436​7DA3BFE3}" = Windows Live Photo Common
 "{AAAFC670-569B-4A2F-82B4-4294​5E0DE3EF}" = Windows Live Writer
 "{AC76BA86-7AD7-1036-7B44-A940​00000001}" = Adobe Reader 9.4.0 - Français
 "{AF844339-2F8A-4593-81B3-9F4C​54038C4E}" = Windows Live MIME IFilter
 "{B2544A03-10D0-4E5E-BA69-0362​FFC20D18}" = OGA Notifier 2.0.0048.0
 "{B2D328BE-45AD-4D92-96F9-2151​490A203E}" = Apple Application Support
 "{B5FDA445-CAC4-4BA6-A8FB-A721​2BD439DE}" = Microsoft XML Parser
 "{B65BBB06-1F8E-48F5-8A54-B024​A9E15FDF}" = TOSHIBA Recovery Disc Creator
 "{BC4AE628-81A4-4FC6-863A-7A9B​A2E2531F}" = Nokia Connectivity Cable Driver
 "{C730E42C-935A-45BB-A0C5-37E5​234D111B}" = TOSHIBA Face Recognition
 "{C893D8C0-1BA0-4517-B11C-E89B​65E72F70}" = Windows Live Photo Common
 "{CD95F661-A5C4-44F5-A6AA-ECDD​91C240B8}" = WinZip 12.1
 "{CE2CDD62-0124-36CA-84D3-9F4D​CF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
 "{CE95A79E-E4FC-4FFF-8A75-29F0​4B942FF2}" = Windows Live UX Platform
 "{CFF8B8E8-E086-4DE0-935F-FE22​CAB54F80}" = Microsoft Search Enhancement Pack
 "{D45240D3-B6B3-4FF9-B243-54EC​E3E10066}" = Windows Live Communications Platform
 "{DBC3FDEC-D5F4-439C-9A18-EF45​4A74E3DE}_is1" = NOD32 FiX
 "{DC24971E-1946-445D-8A82-CE68​5433FA7D}" = Realtek USB 2.0 Card Reader
 "{E09C4DB7-630C-4F06-A631-8EA7​239923AF}" = D3DX10
 "{E38C00D0-A68B-4318-A8A6-F7D4​B5B1DF0E}" = Windows Media Encoder 9 Series
 "{E65C7D8E-186D-484B-BEA8-DEF0​331CE600}" = TRORDCLauncher
 "{E7044E25-3038-4A76-9064-344A​C038043E}" = Mise à jour du pilote du Gestionnaire pour appareils Windows Mobile
 "{EB4DF488-AAEF-406F-A341-CB2A​AA315B90}" = Windows Live Messenger
 "{EE467474-04A8-48D5-8DDF-0F8D​3A3CCBE5}" = VirginMega.Fr Premium
 "{F0B430D1-B6AA-473D-9B06-AA3D​D01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
 "{F132AF7F-7BCA-4EDE-8A7C-9581​08FE7DBC}" = Realtek High Definition Audio Driver
 "{F214EAA4-A069-4BAF-9DA4-4DB8​BEEDE485}" = DVD MovieFactory for TOSHIBA
 "{F40BBEC7-C2A4-4A00-9B24-7A05​5A2C5262}" = Microsoft Office Live Add-in 1.5
 "{F4F4F84E-804F-4E9A-84D7-C342​83F0088F}" = RealUpgrade 1.0
 "{FC1C2427-5954-451C-9ED8-A92D​48ED7E07}" = Les Experts-Crime Scene Investigation-Morts programmées
 "{FEDD27A0-B306-45EF-BF58-B527​406B42C8}" = TOSHIBA Value Added Package
 "{ORAHSS}.UninstallSuite" = Orange - Logiciels Internet
 "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
 "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
 "Ad-Remover" = Ad-Remover By C_XX
 "AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
 "CCleaner" = CCleaner
 "CNXT_MODEM_PCI_VEN_14F1&DEV_2​C06&SUBSYS_14F10000" = HDAUDIO Soft Data Fax Modem with SmartCP
 "eMule" = eMule
 "Google Chrome" = Google Chrome
 "Google Updater" = Outil de mise à jour Google
 "HDMI" = Intel(R) Graphics Media Accelerator Driver
 "HOMESTUDENTR" = Microsoft Office Home and Student 2007
 "InstallShield_{617C36FD-0CBE-​4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
 "InstallShield_{69640730-B830-​4C24-BB5C-222DA1260548}" = Turbo Lister 2
 "InstallShield_{773970F1-5EBA-​4474-ADEE-1EA3B0A59492}" = TRDCReminder
 "InstallShield_{C730E42C-935A-​45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
 "InstallShield_{E65C7D8E-186D-​484B-BEA8-DEF0331CE600}" = TRORDCLauncher
 "InstallShield_{FEDD27A0-B306-​45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
 "KLiteCodecPack_is1" = K-Lite Codec Pack 4.2.5 (Full)
 "LimeWire" = LimeWire 5.5.14
 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
 "McAfee Security Scan" = McAfee Security Scan Plus
 "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
 "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
 "Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
 "myphotobook" = myphotobook 3.6
 "NOD32" = NOD32 Antivirus System
 "Picasa 3" = Picasa 3
 "RealPlayer 12.0" = RealPlayer
 "Samsung ML-1610 Series" = Samsung ML-1610 Series
 "SynTPDeinstKey" = Synaptics Pointing Device Driver
 "TomTom HOME" = TomTom HOME 2.7.6.2056
 "Veetle TV" = Veetle TV 0.9.18
 "VLC media player" = VLC media player 1.0.1
 "Windows Media Encoder 9" = Windows Media Encoder 9 Series
 "Windows Mobile Device Handbook" = Manuel de l'appareil Windows Mobile®
 "WinLiveSuite" = Windows Live
 "WinRAR archiver" = Archiveur WinRAR
 
 ========== HKEY_USERS Uninstall List ==========
 
 [HKEY_USERS\S-1-5-21-3914774487​-1322234642-4104364421-1000\SO​FTWARE\Microsoft\Windows\Curre​ntVersion\Uninstall]
 "Notification de cadeaux MSN" = Notification de cadeaux MSN
 
 ========== Last 10 Event Log Errors ==========
 
 [ Application Events ]
 Error - 15/11/2010 05:47:48 | Computer Name = PC-de-mousetsal | Source = Bonjour Service | ID = 100
 Description = Task Scheduling Error: Continuously busy for more than a second
 
 Error - 15/11/2010 05:47:48 | Computer Name = PC-de-mousetsal | Source = Bonjour Service | ID = 100
 Description = Task Scheduling Error: m->NextScheduledEvent 640431
 
 Error - 15/11/2010 05:47:48 | Computer Name = PC-de-mousetsal | Source = Bonjour Service | ID = 100
 Description = Task Scheduling Error: m->NextScheduledSPRetry 640431
 
 Error - 15/11/2010 05:48:03 | Computer Name = PC-de-mousetsal | Source = Bonjour Service | ID = 100
 Description = Task Scheduling Error: Continuously busy for more than a second
 
 Error - 15/11/2010 05:48:03 | Computer Name = PC-de-mousetsal | Source = Bonjour Service | ID = 100
 Description = Task Scheduling Error: m->NextScheduledEvent 656031
 
 Error - 15/11/2010 05:48:03 | Computer Name = PC-de-mousetsal | Source = Bonjour Service | ID = 100
 Description = Task Scheduling Error: m->NextScheduledSPRetry 656031
 
 Error - 15/11/2010 05:51:27 | Computer Name = PC-de-mousetsal | Source = WinMgmt | ID = 10
 Description =
 
 Error - 15/11/2010 10:25:09 | Computer Name = PC-de-mousetsal | Source = Application Error | ID = 1000
 Description = Application défaillante AlertModule.exe, version 1.0.10.739, horodatage
 0x475ee256, module défaillant MFC71.DLL, version 7.10.3077.0, horodatage 0x3e77fdfd,
 code d’exception 0xc0000005, décalage d’erreur 0x00028f1d,  ID du processus 0x42c,
 heure de début de l’application 0x01cb84d0c6098618.
 
 Error - 15/11/2010 10:25:15 | Computer Name = PC-de-mousetsal | Source = WinMgmt | ID = 10
 Description =
 
 Error - 15/11/2010 11:53:06 | Computer Name = PC-de-mousetsal | Source = WinMgmt | ID = 10
 Description =
 
 [ System Events ]
 Error - 18/01/2009 05:52:54 | Computer Name = PC-de-mousetsal | Source = DCOM | ID = 10010
 Description =
 
 Error - 18/01/2009 11:53:36 | Computer Name = PC-de-mousetsal | Source = HTTP | ID = 15016
 Description =
 
 Error - 18/01/2009 20:48:12 | Computer Name = PC-de-mousetsal | Source = HTTP | ID = 15016
 Description =
 
 Error - 19/01/2009 06:30:12 | Computer Name = PC-de-mousetsal | Source = DCOM | ID = 10005
 Description =
 
 Error - 19/01/2009 06:30:12 | Computer Name = PC-de-mousetsal | Source = Service Control Manager | ID = 7009
 Description =
 
 Error - 19/01/2009 06:30:12 | Computer Name = PC-de-mousetsal | Source = Service Control Manager | ID = 7000
 Description =
 
 Error - 19/01/2009 10:56:29 | Computer Name = PC-de-mousetsal | Source = HTTP | ID = 15016
 Description =
 
 Error - 19/01/2009 11:27:25 | Computer Name = PC-de-mousetsal | Source = DCOM | ID = 10010
 Description =
 
 Error - 19/01/2009 14:34:49 | Computer Name = PC-de-mousetsal | Source = HTTP | ID = 15016
 Description =
 
 Error - 20/01/2009 05:38:20 | Computer Name = PC-de-mousetsal | Source = HTTP | ID = 15016
 Description =
 
 
 < End of report >
 ------------------------------​-----------------------------




 OTL Extras logfile created on: 21/11/2010 17:32:54 - Run 1
 OTL by OldTimer - Version 3.2.17.3     Folder = C:\Users\mous et salima\Downloads
 Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
 Internet Explorer (Version = 9.0.7930.16406)
 Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
 Paging file location(s): ?:\pagefile.sys [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
 Drive C: | 116,29 Gb Total Space | 19,79 Gb Free Space | 17,02% Space Free | Partition Type: NTFS
 Drive E: | 115,13 Gb Total Space | 109,90 Gb Free Space | 95,45% Space Free | Partition Type: NTFS
 
 Computer Name: PC-DE-MOUSETSAL | User Name: mous et salima | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: All users
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 ========== Extra Registry (SafeList) ==========
 
 
 ========== File Associations ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\<extension>]
 .cpl [@ = cplfile] -- C:\Windows\System32\control.ex​e (Microsoft Corporation)
 .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 .html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
 
 [HKEY_USERS\S-1-5-21-3914774487​-1322234642-4104364421-1000\SO​FTWARE\Classes\<extension&g​t;]
 .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
 ========== Shell Spawning ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\<key>\shell\[comma​nd]\command]
 batfile [open] -- "%1" %*
 cmdfile [open] -- "%1" %*
 comfile [open] -- "%1" %*
 cplfile [cplopen] -- %SystemRoot%\System32\control.​exe "%1",%* (Microsoft Corporation)
 exefile [open] -- "%1" %*
 helpfile [open] -- Reg Error: Key error.
 hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
 http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
 https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
 inffile [install] -- %SystemRoot%\System32\InfDefau​ltInstall.exe "%1" (Microsoft Corporation)
 piffile [open] -- "%1" %*
 regfile [merge] -- Reg Error: Key error.
 scrfile [config] -- "%1"
 scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
 scrfile [open] -- "%1" /S
 txtfile [edit] -- Reg Error: Key error.
 Unknown [openas] -- %SystemRoot%\system32\rundll32​.exe %SystemRoot%\system32\shell32.​dll,OpenAs_RunDLL %1
 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\​ONENOTE.EXE "%L" File not found
 Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
 Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
 Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
 Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
 ========== Security Center Settings ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center]
 "cval" = 1
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring\McAfeeAntiSpyware]
 "DisableMonitoring" = 1
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Svc]
 "AntiVirusOverride" = 0
 "AntiSpywareOverride" = 0
 "FirewallOverride" = 0
 "VistaSp1" = Reg Error: Unknown registry data type -- File not found
 "VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Svc\Vol]
 
 ========== Firewall Settings ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Po​licies\Microsoft\WindowsFirewa​ll]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Po​licies\Microsoft\WindowsFirewa​ll\DomainProfile]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Po​licies\Microsoft\WindowsFirewa​ll\StandardProfile]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\DomainProfile]
 "EnableFirewall" = 1
 "DisableNotifications" = 0
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile]
 "EnableFirewall" = 1
 "DisableNotifications" = 0
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\GloballyOpen​Ports\List]
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\PublicProfile]
 "EnableFirewall" = 1
 "DisableNotifications" = 0
 
 ========== Authorized Applications List ==========
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List]
 "C:\Program Files\OrangeHSS\Connectivity\C​onnectivityManager.exe" = C:\Program Files\OrangeHSS\Connectivity\C​onnectivityManager.exe:*:enabl​ed:CSS -- (France Telecom SA)
 
 
 ========== Vista Active Open Ports Exception List ==========
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\FirewallRules]
 "{0211B8B7-46C9-42D9-87EB-DDB1​590F1F36}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=c:\windows\system32\svchos​t.exe |
 "{03BA1FDC-044E-43C5-ABA1-79FA​CBD9C233}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile​\wmdhost.exe |
 "{0C60490B-74E8-435D-AAF0-AB8C​DDA3C1D8}" = rport=445 | protocol=6 | dir=out | app=system |
 "{1902FA5F-7A2E-4EE7-9EFA-FED5​3792C329}" = lport=2869 | protocol=6 | dir=in | app=system |
 "{1A4C9EFA-FD5F-476B-A7DA-059F​E9700098}" = rport=138 | protocol=17 | dir=out | app=system |
 "{1BD14E57-03E8-4FDF-870E-3E94​5B6D23EB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchos​t.exe |
 "{2065C0E0-3FE0-4AD8-B194-F4A8​E37F1C76}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{256C0BBA-86E8-48B7-B9F3-06EA​D5BEB0BD}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile​\wmdhost.exe |
 "{26DB34B9-9CBC-4E31-A5D0-21E0​AE856688}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=c:\windows\system32\svchos​t.exe |
 "{2882B29D-7084-4143-8D20-A10A​186519F8}" = rport=139 | protocol=6 | dir=out | app=system |
 "{28B7E425-3797-4E5E-A01D-B9D6​CB640E88}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobi​le\wmdcbase.exe,-4006 |
 "{2EC82980-1F57-4EC5-B562-E1A3​19441770}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobi​le\wmdcbase.exe,-4006 |
 "{3021DBDC-56B9-4AEA-B508-920D​0AD4D961}" = lport=139 | protocol=6 | dir=in | app=system |
 "{36BB8F6A-FFEE-442A-87FD-B69D​3F183731}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile​\wmdhost.exe |
 "{432F0D79-63E0-4D17-8DF7-725E​F47069BE}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{51DA27F0-6C23-43A5-947B-13E0​133AE94D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
 "{52999FDB-865D-4DB8-922C-DA40​8A9AD006}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchos​t.exe |
 "{5518FF4D-A011-4354-98C4-FB1A​4D12CBC7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
 "{6F9564BB-1E1B-4971-A8EE-6046​5DE8168D}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{71DE8239-C494-447D-97C8-8450​F661AA72}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=c:\windows\system32\svchos​t.exe |
 "{7533B107-5C0B-4157-B126-6A36​5384C772}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=c:\windows\system32\svchos​t.exe |
 "{7C142514-1DBD-4D9F-874E-1E7A​47945F88}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobi​le\wmdcbase.exe,-4006 |
 "{85BA3510-73DE-446F-B391-0D26​B42FD11A}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{866C8C99-FF4D-43E3-8952-DA4F​171974B0}" = lport=138 | protocol=17 | dir=in | app=system |
 "{878FB6F7-14C5-490A-806D-15CC​4ABF1C20}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile​\wmdhost.exe |
 "{8FC715C6-BF9A-4EF2-AAD5-0E57​BE6D350C}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile​\wmdhost.exe |
 "{9265D51F-6E0F-4301-82CA-A86F​27677652}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{95E9D1DB-2AE6-4DE9-937F-136C​DA6F181D}" = rport=137 | protocol=17 | dir=out | app=system |
 "{972E6609-B183-454E-B963-D62F​A84B7A79}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{9DF10E10-3F8C-4F28-AB77-216F​6B2018CA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=partage de fichiers et d'imprimantes (service spouleur - rpc-epmap) |
 "{A01B4D14-52A8-4C06-9BB4-4D1D​40A779BF}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{A76BB0F5-9284-4030-BA47-65F8​57DC994D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
 "{A7EA658B-AC02-48BA-A0A6-28C1​418B0ABD}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{B1EF5876-9041-4897-AFE6-DAE0​DCADABBB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=c:\windows\system32\svchos​t.exe |
 "{B2F4C5CC-BB19-4BA4-B35F-7AEF​AC07FA3B}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile​\wmdhost.exe |
 "{B3561F8F-AE62-41F2-9D6E-566A​FC95A096}" = lport=445 | protocol=6 | dir=in | app=system |
 "{CB6AC477-05CF-40F3-B65F-67F6​443F517A}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=c:\windows\system32\svchos​t.exe |
 "{E9B47BD7-F0CF-471D-A308-DDA7​768AA075}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=c:\windows\system32\spools​v.exe |
 "{F5D93BA1-4EFD-4697-BAD3-AED4​FB9F95D6}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{FE868B4D-B0CF-4A32-A611-A779​81E5301B}" = lport=137 | protocol=17 | dir=in | app=system |
 
 ========== Vista Active Application Exception List ==========
 
 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\FirewallRules]
 "{0FBBF952-5AD8-43CA-B891-DBD1​4232843F}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
 "{11010031-580D-4580-8254-009E​4C41C967}" = protocol=58 | dir=in | name=partage de fichiers et d'imprimantes (demande d'écho - trafic entrant icmpv6) |
 "{3A5E7A0D-208E-4379-B38D-2F76​99B18034}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svch​ost.exe |
 "{3A9C7B92-80E0-496A-B8BD-CFFF​7A8D12E8}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{3FCD2A77-77E6-4288-99D2-AB5F​D907421D}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{42ED1F23-8700-4ABC-BD34-626B​B1755022}" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
 "{440AF812-5224-4FF6-A78A-8125​001D4EA1}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchos​t.exe |
 "{49B1F3E5-31EC-4F07-80A2-B43A​921154FF}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
 "{49B6143B-6A45-46BF-92A8-1BEA​27749A70}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svch​ost.exe |
 "{5D1A21BA-7A74-4533-BF4F-08B0​93FDF0A4}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
 "{5ED10D7A-2F1A-4FD6-8818-5964​5D4F29E0}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
 "{60D0D594-D808-4E81-9C2F-B8BD​A537C70A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
 "{6823EB3C-BE39-4A6A-936C-2977​D9D74D1B}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svch​ost.exe |
 "{6A7925EC-E646-4F34-B7D8-2362​28352430}" = protocol=1 | dir=in | name=partage de fichiers et d'imprimantes (demande d'écho - trafic entrant icmpv4) |
 "{6B88DA03-2D50-447D-844E-DFBA​9634D12A}" = protocol=1 | dir=out | name=partage de fichiers et d'imprimantes (demande d'écho - trafic sortant icmpv4) |
 "{6F4BABA3-56FE-423A-88B9-528E​AD41EA2A}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{826534C4-84EE-4383-BC97-A305​68D05035}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{8279132A-1E24-472E-B035-BFDC​13C5FEAD}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svch​ost.exe |
 "{84AB4565-47A9-4F55-A113-DAE5​712AD599}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.ex​e |
 "{84C67507-FDF9-4BA3-B647-0132​44DE854B}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svch​ost.exe |
 "{94956A55-2901-4AA1-9C66-7C45​12ED3ADF}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
 "{982BF0A9-F3CC-4739-9632-6B1A​E5035C50}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.ex​e |
 "{9F2DCB21-E3AA-4911-9B8C-E4AE​8A70B3AB}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svch​ost.exe |
 "{A2DE6C75-B3F3-4009-B92D-2218​B34DFCF6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
 "{A69ECD48-3D4F-4CD3-A377-6460​1F797A2F}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svch​ost.exe |
 "{AA33B06F-AB64-4EEF-B4FF-7409​7608667C}" = protocol=58 | dir=out | name=partage de fichiers et d'imprimantes (demande d'écho - trafic sortant icmpv6) |
 "{B2F47DB9-84D0-4693-930A-CDB2​EABEFD19}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svch​ost.exe |
 "{BD9B5CDF-6701-43D9-BA58-83ED​930CD9E5}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svch​ost.exe |
 "{C7935D03-BE8C-4B86-938F-C06C​4B9FD3DE}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.ex​e |
 "{D154D308-5606-43E7-98DF-4EDB​14BDEE5A}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
 "{DA2576CC-1DF7-43CA-898D-5519​9DC266EF}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
 "{DA6A4651-32E5-43FE-8953-1A69​B41443A3}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{DCB5E682-8403-4D5B-96B2-FE44​CB7D8E0C}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{DF38AE30-4418-4286-B758-9553​A5E400CC}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
 "{E726C043-36C5-443B-A2FC-7798​D991CA54}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.ex​e |
 "{E793C58E-DE35-4910-9E9E-7BF2​1B4DBFD6}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svch​ost.exe |
 "{EAAEC581-95CD-4265-9788-6CA9​BAEADA4B}" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
 "{EC57E810-8DFF-4E98-B4EE-56DA​81E1E976}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svch​ost.exe |
 "{F1205E90-CF21-4CD3-BF58-DE2E​E0C677C1}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
 "{F2F3EFD5-CAE6-48EA-90DC-F815​ED586799}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
 "{F4885AC5-30BD-496D-B613-ACB3​59EA9C3B}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{F78B1CA2-1784-49B2-8EBB-82E2​F363F341}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svch​ost.exe |
 "{FA5B3FAE-149E-4ECE-9F4B-46CF​78801FD1}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
 "{FF64F876-5AD7-4DA7-A4B7-6AE3​F39F86CF}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svch​ost.exe |
 "TCP Query User{020FF967-0400-4CEA-88F5-3​FDE3162B264}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
 "TCP Query User{20528A99-B210-41D1-B7C2-C​F53CE9D0A5F}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
 "TCP Query User{2E7A8540-E5D7-494E-B6C8-E​74C0770BD2E}C:\program files\tvants\tvants.exe" = protocol=6 | dir=in | app=c:\program files\tvants\tvants.exe |
 "TCP Query User{32CAC3C6-58DD-4F76-8E46-F​5F8803BF1C5}C:\program files\sopcast\adv\sopadver.exe​" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
 "TCP Query User{4E6D2207-5C26-4E55-853A-8​9E37D0C3431}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
 "TCP Query User{519EBD37-37BE-4733-AF52-7​7D284326F9D}C:\program files\tvants\tvants.exe" = protocol=6 | dir=in | app=c:\program files\tvants\tvants.exe |
 "TCP Query User{5ED8A5B5-AE55-4C64-B5B9-8​49BF9193B14}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
 "TCP Query User{6ED7F1F5-57DB-4BA7-8CA1-1​46CDD9333E2}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
 "TCP Query User{75905FB1-5E24-40C4-ABE1-2​0815C290B45}C:\program files\real\realplayer\realplay​.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay​.exe |
 "TCP Query User{94CB8F64-A424-4360-A0C5-1​1347034C465}C:\program files\sopcast\adv\sopadver.exe​" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
 "TCP Query User{A1B5A449-BDC4-4F9A-8F93-D​71E8404A220}C:\program files\webmediaplayer\webmediap​layer.exe" = protocol=6 | dir=in | app=c:\program files\webmediaplayer\webmediap​layer.exe |
 "TCP Query User{B405B9F1-830F-4B91-BF78-3​F4BC1EA85D7}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
 "TCP Query User{B6E0ACC8-A091-44C4-9D3F-2​21965540ACF}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
 "TCP Query User{BD4D9A54-955F-43F7-AE35-D​856E0209988}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
 "TCP Query User{D29219DA-A222-41F6-813F-F​70E589029FB}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
 "TCP Query User{DB0E8B58-2D34-46E5-8853-9​A5CEE227032}C:\program files\windows live\messenger\livecall.exe" = protocol=6 | dir=in | app=c:\program files\windows live\messenger\livecall.exe |
 "UDP Query User{08E8A4C7-9F08-40F3-80E8-3​8EFE9884063}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
 "UDP Query User{1AD830C1-6308-4DB4-A17F-5​29B43420BA8}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
 "UDP Query User{25839003-D847-4504-A945-3​4D4F69D2FE6}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
 "UDP Query User{2F9CB641-3A40-43EC-9FD6-6​918537FC030}C:\program files\windows live\messenger\livecall.exe" = protocol=17 | dir=in | app=c:\program files\windows live\messenger\livecall.exe |
 "UDP Query User{34E2A81C-F519-4AAD-AF14-7​34F11042C06}C:\program files\webmediaplayer\webmediap​layer.exe" = protocol=17 | dir=in | app=c:\program files\webmediaplayer\webmediap​layer.exe |
 "UDP Query User{374A1EBE-C56A-4423-86BE-0​8DFBBB8932B}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
 "UDP Query User{493D4BB6-3ED0-4676-8318-8​F4DF25B94D7}C:\program files\real\realplayer\realplay​.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay​.exe |
 "UDP Query User{592157D6-B5EB-4DB6-B95B-6​63B5522D8D9}C:\program files\tvants\tvants.exe" = protocol=17 | dir=in | app=c:\program files\tvants\tvants.exe |
 "UDP Query User{5923A71E-4324-49FC-8BA1-0​439CF6C2F38}C:\program files\sopcast\adv\sopadver.exe​" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
 "UDP Query User{609115A8-246C-41F4-94FC-B​13D6AAEE390}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
 "UDP Query User{861F7463-43E9-4C89-B187-2​506FB66F83D}C:\program files\tvants\tvants.exe" = protocol=17 | dir=in | app=c:\program files\tvants\tvants.exe |
 "UDP Query User{A508A694-B893-4FE2-B8DE-C​F2817B3518A}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
 "UDP Query User{AC4F50CA-179B-411A-A709-D​AD56AF9F77E}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
 "UDP Query User{B15D6541-F0F0-49E7-9608-B​557A9D7B47C}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
 "UDP Query User{DCEE5595-D797-4180-B231-8​F239EC58CF6}C:\program files\sopcast\adv\sopadver.exe​" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
 "UDP Query User{F692063F-3E02-4258-ACE8-6​745FFBCAA8C}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Uninstall]
 "{002D9D5E-29BA-3E6D-9BC4-3D7D​6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
 "{02CA24DD-C8B0-4280-BE53-7862​869C2EB1}" = Realtek WiFi Protected Setup Library
 "{09F56A49-A7B1-4AAB-95B9-D130​94254AD1}" = Windows Live UX Platform Language Pack
 "{0B0F231F-CE6A-483D-AA23-77B3​64F75917}" = Windows Live Installer
 "{0CA6047C-D28B-4295-834A-07C5​2BA20C2D}" = Extension de Windows Live Toolbar (Windows Live Toolbar)
 "{0CB9668D-F979-4F31-B8B8-67FE​90F929F8}" = Bonjour
 "{0CC70FEF-5068-4CD5-B4DE-86FF​D98EC929}" = Menus intelligents (Windows Live Toolbar)
 "{0D5D0BEE-FBA9-4928-A50D-6CDF​AB827755}" = TOSHIBA ConfigFree
 "{0F5B4A82-9DAF-3D13-8CB8-AEB2​5E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
 "{0FA44E79-CD7D-4E8D-A2EE-26FE​05F509B6}" = OpenOffice.org 3.1
 "{12B3A009-A080-4619-9A2A-C6DB​151D8D67}" = TOSHIBA Assist
 "{1F6AB0E7-8CDD-4B93-8A23-AA9E​B2FEFCE4}" = Junk Mail filter update
 "{200FEC62-3C34-4D60-9CE8-EC37​2E01C08F}" = Windows Live SOXE Definitions
 "{2075CB0A-D26F-4DAA-B424-5079​296B43BA}" = Windows Live FolderShare
 "{2290A680-4083-410A-ADCC-7092​C67FC052}" = Toshiba Online Product Information
 "{26A24AE4-039D-4CA4-87B4-2F83​216016FF}" = Java(TM) 6 Update 22
 "{2883F6F5-0509-43F3-868C-D503​30DD9DD3}" = TOSHIBA Hardware Setup
 "{2ADE2157-7A5E-122C-B51D-EB8A​01B15943}" = DeepBurner v1.9.0.228
 "{2EA870FA-585F-4187-903D-CB9F​FD21E2E0}" = DHTML Editing Component
 "{3248F0A8-6813-11D6-A77B-00B0​D0160060}" = Java(TM) 6 Update 6
 "{3336F667-9049-4D46-98B6-4C74​3EEBC5B1}" = Windows Live Photo Gallery
 "{34319F1F-7CF2-4CC9-B357-1AE7​D2FF3AC5}" = Windows Live
 "{37C866E4-AA67-4725-9E95-A399​68DD7960}" = Camera Assistant Software for Toshiba
 "{3B160861-7250-451E-B5EE-8B92​BF30A710}" = Microsoft Works
 "{3B9A92DA-6374-4872-B646-253F​18624D5F}" = Windows Live Writer
 "{3C3901C5-3455-3E0A-A214-0B09​3A5070A6}" = Microsoft .NET Framework 4 Client Profile
 "{3D9892BB-A751-4E48-ADC8-E428​9956CE1D}" = QuickTime
 "{3E31821C-7917-367E-938E-E65F​C413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
 "{3F92ABBB-6BBF-11D5-B229-0020​78017FBF}" = NetWaiting
 "{488F0347-C4A7-4374-91A7-3081​8BEDA710}" = Galerie de photos Windows Live
 "{4A03706F-666A-4037-7777-5F27​48764D10}" = Java Auto Updater
 "{4B1E87C3-00DE-4898-8E39-E390​AAEF2391}" = TOSHIBA Supervisor Password
 "{4CBABDFD-49F8-47FD-BE7D-ECDE​7270525A}" = Windows Live PIMT Platform
 "{56C049BE-79E9-4502-BEA7-9754​A3E60F9B}" = neroxml
 "{5B0202A8-CC6B-4443-AD73-FE9D​F1FC1622}" = Manuels TOSHIBA
 "{5DA0E02F-970B-424B-BF41-513A​5018E4C0}" = TOSHIBA Disc Creator
 "{5DD4FCBD-A3C1-4155-9E17-4161​C70AAABA}" = Segoe UI
 "{6057E21C-ABE9-4059-AE3E-3BEB​9925E660}" = Windows Live Messenger
 "{617C36FD-0CBE-4600-84B2-441C​EB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
 "{61AD15B2-50DB-4686-A739-14FE​180D4429}" = Windows Live ID Sign-in Assistant
 "{62687B11-58B5-4A18-9BC3-9DF4​CE03F194}" = Windows Live Writer Resources
 "{65DA2EC9-0642-47E9-AAE2-B526​7AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
 "{682B3E4F-696A-42DE-A41C-4C07​EA1678B4}" = Windows Live SOXE
 "{6956856F-B6B3-4BE0-BA0B-8F49​5BE32033}" = Apple Software Update
 "{69640730-B830-4C24-BB5C-222D​A1260548}" = Turbo Lister 2
 "{69FDFBB6-351D-4B8C-89D8-867D​C9D0A2A4}" = Windows Media Player Firefox Plugin
 "{6C5F3BDC-0A1B-4436-A696-5939​629D5C31}" = TOSHIBA DVD PLAYER
 "{6DEC8BD5-7574-47FA-B080-492B​BBE2FEA3}" = Windows Live Movie Maker
 "{7299052b-02a4-4627-81f2-1818​da5d550d}" = Microsoft Visual C++ 2005 Redistributable
 "{770657D0-A123-3C07-8E44-1C83​EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
 "{773970F1-5EBA-4474-ADEE-1EA3​B0A59492}" = TRDCReminder
 "{7C30283C-8DC7-4FBB-805E-52BE​A5F580E8}" = Toshiba TEMPRO
 "{81B5F83F-2291-48B0-8375-36B6​3A9BF5B0}" = Surligneur (Windows Live Toolbar)
 "{85991ED2-010C-4930-96FA-52F4​3C2CE98A}" = Apple Mobile Device Support
 "{8833FFB6-5B0C-4764-81AA-06DF​EED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
 "{895722FE-25FE-4854-95AC-B0C4​2F9DBEDA}" = REALTEK RTL8187B Wireless LAN Driver
 "{89F4137D-6C26-4A84-BDB8-2E5A​4BB71E00}" = Microsoft Silverlight
 "{8DD46C6A-0056-4FEC-B70A-28BB​16A1F11F}" = MSVCRT
 "{8F3C31C5-9C3A-4AA8-8EFA-7129​0A7AD533}" = TomTom HOME Visual Studio Merge Modules
 "{90024193-9F13-4877-89D5-A1CD​F0CBBF28}" = Feedback Tool
 "{9011040C-6000-11D3-8CFE-0150​048383C9}" = Microsoft Office Professional Edition 2003
 "{90120000-0016-040C-0000-0000​000FF1CE}" = Microsoft Office Excel MUI (French)

(Publicité)
Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 21/11/2010 à 19:24:10  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut LOULALIE


 Tu as posté deux fois le rapport Extras.txt, poste moi l'autre rapport OTL.txt dans ta prochaine réponse.


 @++   :)

loulalie
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 22/11/2010 à 13:00:40  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
BONJOUR

 desolée pour le copier/coller en double  :whistle:

 j'espere te poster le BON cette fois ci


 OTL logfile created on: 22/11/2010 09:01:51 - Run 1
 OTL by OldTimer - Version 3.2.17.3     Folder = c:\Users\mous et salima\Downloads
 Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
 Internet Explorer (Version = 8.0.6001.18975)
 Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
 3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 51,00% Memory free
 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
 Paging file location(s): ?:\pagefile.sys [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
 Drive C: | 116,29 Gb Total Space | 18,55 Gb Free Space | 15,95% Space Free | Partition Type: NTFS
 Drive E: | 115,13 Gb Total Space | 109,90 Gb Free Space | 95,45% Space Free | Partition Type: NTFS
 
 Computer Name: PC-DE-MOUSETSAL | User Name: mous et salima | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: All users
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 ========== Processes (SafeList) ==========
 
 PRC - c:\Users\mous et salima\Downloads\OTL.exe (OldTimer Tools)
 PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
 PRC - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
 PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceServi​ce.exe (Apple Inc.)
 PRC - C:\Program Files\Common Files\Real\Update_OB\realsched​.exe (RealNetworks, Inc.)
 PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
 PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
 PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
 PRC - C:\Program Files\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH)
 PRC - C:\Windows\explorer.exe (Microsoft Corporation)
 PRC - C:\Program Files\Eset\nod32kui.exe (Eset )
 PRC - C:\Program Files\Eset\nod32krn.exe (Eset )
 PRC - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
 PRC - C:\Windows\System32\igfxext.ex​e (Intel Corporation)
 PRC - C:\Program Files\TOSHIBA\SmoothView\Smoot​hView.exe (TOSHIBA Corporation)
 PRC - C:\Program Files\TOSHIBA\FlashCards\TCrdM​ain.exe (TOSHIBA Corporation)
 PRC - C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe ()
 PRC - C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
 PRC - C:\Program Files\TOSHIBA\SmartFaceV\Smart​FaceVWatchSrv.exe (Toshiba)
 PRC - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSP​D.exe (TOSHIBA)
 PRC - C:\Program Files\TOSHIBA\ConfigFree\NDSTr​ay.exe (TOSHIBA CORPORATION)
 PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSvc​s.exe (TOSHIBA CORPORATION)
 PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSwM​gr.exe (TOSHIBA CORPORATION)
 PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
 PRC - C:\Program Files\TOSHIBA\SMARTLogService\​TosIPCSrv.exe (TOSHIBA Corporation)
 PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
 PRC - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
 PRC - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
 PRC - C:\Program Files\OrangeHSS\systray\systra​yapp.exe (France Telecom SA)
 PRC - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (France Telecom SA)
 PRC - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertMod​ule.exe (France Telecom SA)
 PRC - C:\Windows\System32\TODDSrv.ex​e (TOSHIBA Corporation)
 PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
 PRC - C:\Windows\Samsung\ComSMMgr\SS​MMgr.exe (Samsung Electronics.)
 
 
 ========== Modules (SafeList) ==========
 
 MOD - c:\Users\mous et salima\Downloads\OTL.exe (OldTimer Tools)
 MOD - C:\Windows\winsxs\x86_microsof​t.windows.common-controls_6595​b64144ccf1df_6.0.6002.18305_no​ne_5cb72f2a088b0ed3\comctl32.d​ll (Microsoft Corporation)
 
 
 ========== Win32 Services (SafeList) ==========
 
 SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe File not found
 SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
 SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
 SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceServi​ce.exe (Apple Inc.)
 SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Frame​work\v4.0.30319\WPF\WPFFontCac​he_v0400.exe (Microsoft Corporation)
 SRV - (clr_optimization_v4.0.30319_3​2) -- C:\Windows\Microsoft.NET\Frame​work\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
 SRV - (HDD & SSD access service) -- C:\Program Files\Common Files\BinarySense\disksvc.exe (BinarySense Ltd.)
 SRV - (FontCache) -- C:\Windows\System32\FntCache.d​ll (Microsoft Corporation)
 SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
 SRV - (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO) -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH)
 SRV - (NOD32krn) -- C:\Program Files\Eset\nod32krn.exe (Eset )
 SRV - (TNaviSrv) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
 SRV - (SmartFaceVWatchSrv) -- C:\Program Files\TOSHIBA\SmartFaceV\Smart​FaceVWatchSrv.exe (Toshiba)
 SRV - (ConfigFree Service) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvc​s.exe (TOSHIBA CORPORATION)
 SRV - (TOSHIBA SMART Log Service) -- C:\Program Files\TOSHIBA\SMARTLogService\​TosIPCSrv.exe (TOSHIBA Corporation)
 SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 SRV - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
 SRV - (FTRTSVC) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (France Telecom SA)
 SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.ex​e (TOSHIBA Corporation)
 SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcesc​omm.dll (Microsoft Corporation)
 SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapim​gr.dll (Microsoft Corporation)
 SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
 
 
 ========== Driver Services (SafeList) ==========
 
 DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nw​lnkfwd.sys File not found
 DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nw​lnkflt.sys File not found
 DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ip​inip.sys File not found
 DRV - (catchme) -- C:\Users\MOUSET~1\AppData\Loca​l\Temp\catchme.sys File not found
 DRV - (AMON) -- C:\Windows\system32\drivers\am​on.sys (Eset )
 DRV - (nod32drv) -- C:\Windows\system32\drivers\no​d32drv.sys ()
 DRV - (tos_sps32) -- C:\Windows\system32\DRIVERS\to​s_sps32.sys (TOSHIBA Corporation)
 DRV - (igfx) -- C:\Windows\System32\drivers\ig​dkmd32.sys (Intel Corporation)
 DRV - (UsbserFilt) -- C:\Windows\System32\drivers\us​bser_lowerfltj.sys (Windows (R) Codename Longhorn DDK provider)
 DRV - (nmwcdc) -- C:\Windows\System32\drivers\cc​dcmbo.sys (Nokia)
 DRV - (upperdev) -- C:\Windows\System32\drivers\us​bser_lowerflt.sys (Windows (R) Codename Longhorn DDK provider)
 DRV - (nmwcd) -- C:\Windows\System32\drivers\cc​dcmb.sys (Nokia)
 DRV - (iaStor) -- C:\Windows\system32\DRIVERS\ia​Stor.sys (Intel Corporation)
 DRV - (RTL8169) -- C:\Windows\System32\drivers\Rt​lh86.sys (Realtek Corporation                                            )
 DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RT​KVHDA.sys (Realtek Semiconductor Corp.)
 DRV - (RTSTOR) -- C:\Windows\System32\drivers\RT​STOR.sys (Realtek Semiconductor Corp.)
 DRV - (MegaSR) -- C:\Windows\system32\drivers\me​gasr.sys (LSI Corporation, Inc.)
 DRV - (adpu320) -- C:\Windows\system32\drivers\ad​pu320.sys (Adaptec, Inc.)
 DRV - (megasas) -- C:\Windows\system32\drivers\me​gasas.sys (LSI Corporation)
 DRV - (adpu160m) -- C:\Windows\system32\drivers\ad​pu160m.sys (Adaptec, Inc.)
 DRV - (SiSRaid4) -- C:\Windows\system32\drivers\si​sraid4.sys (Silicon Integrated Systems)
 DRV - (HpCISSs) -- C:\Windows\system32\drivers\hp​cisss.sys (Hewlett-Packard Company)
 DRV - (adpahci) -- C:\Windows\system32\drivers\ad​pahci.sys (Adaptec, Inc.)
 DRV - (LSI_SAS) -- C:\Windows\system32\drivers\ls​i_sas.sys (LSI Logic)
 DRV - (ql2300) -- C:\Windows\system32\drivers\ql​2300.sys (QLogic Corporation)
 DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1​G60I32.sys (Intel Corporation)
 DRV - (arcsas) -- C:\Windows\system32\drivers\ar​csas.sys (Adaptec, Inc.)
 DRV - (iaStorV) -- C:\Windows\system32\drivers\ia​storv.sys (Intel Corporation)
 DRV - (vsmraid) -- C:\Windows\system32\drivers\vs​mraid.sys (VIA Technologies Inc.,Ltd)
 DRV - (ulsata2) -- C:\Windows\system32\drivers\ul​sata2.sys (Promise Technology, Inc.)
 DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\ls​i_scsi.sys (LSI Logic)
 DRV - (LSI_FC) -- C:\Windows\system32\drivers\ls​i_fc.sys (LSI Logic)
 DRV - (arc) -- C:\Windows\system32\drivers\ar​c.sys (Adaptec, Inc.)
 DRV - (elxstor) -- C:\Windows\system32\drivers\el​xstor.sys (Emulex)
 DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VS​TAZL3.SYS (Conexant Systems, Inc.)
 DRV - (adp94xx) -- C:\Windows\system32\drivers\ad​p94xx.sys (Adaptec, Inc.)
 DRV - (nvraid) -- C:\Windows\system32\drivers\nv​raid.sys (NVIDIA Corporation)
 DRV - (nvstor) -- C:\Windows\system32\drivers\nv​stor.sys (NVIDIA Corporation)
 DRV - (uliahci) -- C:\Windows\system32\drivers\ul​iahci.sys (ULi Electronics Inc.)
 DRV - (viaide) -- C:\Windows\system32\drivers\vi​aide.sys (VIA Technologies, Inc.)
 DRV - (cmdide) -- C:\Windows\system32\drivers\cm​dide.sys (CMD Technology, Inc.)
 DRV - (aliide) -- C:\Windows\system32\drivers\al​iide.sys (Acer Laboratories Inc.)
 DRV - (RTL8187B) -- C:\Windows\System32\drivers\rt​l8187B.sys (Realtek Semiconductor Corporation                           )
 DRV - (UVCFTR) -- C:\Windows\System32\drivers\UV​CFTR_S.SYS (Chicony Electronics Co., Ltd.)
 DRV - (SynTP) -- C:\Windows\System32\drivers\Sy​nTP.sys (Synaptics, Inc.)
 DRV - (TVALZ) -- C:\Windows\system32\DRIVERS\TV​ALZ_O.SYS (TOSHIBA Corporation)
 DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HS​X_DPV.sys (Conexant Systems, Inc.)
 DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HS​XHWAZL.sys (Conexant Systems, Inc.)
 DRV - (winachsf) -- C:\Windows\System32\drivers\HS​X_CNXT.sys (Conexant Systems, Inc.)
 DRV - (XAudio) -- C:\Windows\System32\drivers\XA​udio.sys (Conexant Systems, Inc.)
 DRV - (RtlProt) -- C:\Windows\System32\drivers\Rt​lProt.sys (Windows (R) Codename Longhorn DDK provider)
 DRV - (PCAMp50) -- C:\Windows\System32\drivers\PC​AMp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
 DRV - (PCASp50) -- C:\Windows\System32\drivers\PC​ASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
 DRV - (FwLnk) -- C:\Windows\System32\drivers\Fw​Lnk.sys (TOSHIBA Corporation)
 DRV - (ql40xx) -- C:\Windows\system32\drivers\ql​40xx.sys (QLogic Corporation)
 DRV - (UlSata) -- C:\Windows\system32\drivers\ul​sata.sys (Promise Technology, Inc.)
 DRV - (nfrd960) -- C:\Windows\system32\drivers\nf​rd960.sys (IBM Corporation)
 DRV - (iirsp) -- C:\Windows\system32\drivers\ii​rsp.sys (Intel Corp./ICP vortex GmbH)
 DRV - (aic78xx) -- C:\Windows\system32\drivers\dj​svs.sys (Adaptec, Inc.)
 DRV - (iteraid) -- C:\Windows\system32\drivers\it​eraid.sys (Integrated Technology Express, Inc.)
 DRV - (iteatapi) -- C:\Windows\system32\drivers\it​eatapi.sys (Integrated Technology Express, Inc.)
 DRV - (Symc8xx) -- C:\Windows\system32\drivers\sy​mc8xx.sys (LSI Logic)
 DRV - (Sym_u3) -- C:\Windows\system32\drivers\sy​m_u3.sys (LSI Logic)
 DRV - (Mraid35x) -- C:\Windows\system32\drivers\mr​aid35x.sys (LSI Logic Corporation)
 DRV - (Sym_hi) -- C:\Windows\system32\drivers\sy​m_hi.sys (LSI Logic)
 DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\br​serid.sys (Brother Industries Ltd.)
 DRV - (BrUsbSer) -- C:\Windows\system32\drivers\br​usbser.sys (Brother Industries Ltd.)
 DRV - (BrFiltUp) -- C:\Windows\system32\drivers\br​filtup.sys (Brother Industries, Ltd.)
 DRV - (BrFiltLo) -- C:\Windows\system32\drivers\br​filtlo.sys (Brother Industries, Ltd.)
 DRV - (BrSerWdm) -- C:\Windows\system32\drivers\br​serwdm.sys (Brother Industries Ltd.)
 DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\br​usbmdm.sys (Brother Industries Ltd.)
 DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AG​RSM.sys (Agere Systems)
 DRV - (ntrigdigi) -- C:\Windows\system32\drivers\nt​rigdigi.sys (N-trig Innovative Technologies)
 DRV - (tdcmdpst) -- C:\Windows\System32\drivers\td​cmdpst.sys (TOSHIBA Corporation.)
 DRV - (DgiVecp) -- C:\Windows\System32\drivers\DG​IVECP.SYS (DeviceGuys, Inc.)
 
 
 ========== Standard Registry (SafeList) ==========
 
 
 ========== Internet Explorer ==========
 
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Start Page = http://www.cooxer.com/
 
 
 IE - HKU\.DEFAULT\Software\Microsof​t\Windows\CurrentVersion\Inter​net Settings: "ProxyEnable" = 0
 
 IE - HKU\S-1-5-18\Software\Microsof​t\Windows\CurrentVersion\Inter​net Settings: "ProxyEnable" = 0
 
 
 
 IE - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\SOFTWARE\​Microsoft\Internet Explorer\Main,Search Page =
 IE - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\SOFTWARE\​Microsoft\Internet Explorer\Main,SearchDefaultBra​nded = 1
 IE - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\SOFTWARE\​Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
 IE - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\SOFTWARE\​Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
 IE - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\SOFTWARE\​Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
 IE - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\SOFTWARE\​Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 E0 A6 0A 66 B5 C9 01  [binary data]
 IE - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\SOFTWARE\​Microsoft\Internet Explorer\Main,StartPageCache = 1
 IE - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\..\URLSea​rchHook: {00000000-6E41-4FD3-8538-502F5​495E5FC} - C:\Program Files\Ask.com\GenericAskToolba​r.dll (Ask.com)
 IE - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\..\URLSea​rchHook: {08C06D61-F1F3-4799-86F8-BE1A8​9362C85} - C:\Program Files\OrangeHSS\SearchURLHook\​SearchPageURL.dll ()
 IE - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\Software\​Microsoft\Windows\CurrentVersi​on\Internet Settings: "ProxyEnable" = 0
 IE - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\Software\​Microsoft\Windows\CurrentVersi​on\Internet Settings: "ProxyOverride" = *.local
 
 ========== FireFox ==========
 
 FF - prefs.js..browser.search.defau​ltengine: "Ask.com"
 FF - prefs.js..browser.search.defau​ltenginename: "Ask.com"
 FF - prefs.js..browser.search.order​.1: "Ask.com"
 FF - prefs.js..browser.search.selec​tedEngine: "Google"
 FF - prefs.js..browser.search.useDB​ForOrder: true
 FF - prefs.js..extensions.enabledIt​ems: illimitux@illimitux.net:4.0
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0020-ABCDE​FFEDCBA}:6.0.20
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0021-ABCDE​FFEDCBA}:6.0.21
 FF - prefs.js..extensions.enabledIt​ems: {ABDE892B-13A8-4d1b-88E6-365A6​E755758}:1.1.3
 FF - prefs.js..extensions.enabledIt​ems: {635abd67-4fe9-1b23-4f01-e679f​a7484c1}:2.1.2.20100119091315
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0022-ABCDE​FFEDCBA}:6.0.22
 FF - prefs.js..keyword.URL: "http://websearch.ask.com/redi​rect?client=ff&src=kw&tb=LMW2&​o=16050&locale=fr_FR&q="
 
 
 FF - HKLM\software\mozilla\Firefox\​Extensions\\{ABDE892B-13A8-4d1​b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer​\BrowserRecordPlugin\Firefox\E​xt [2010/04/10 16:53:43 | 000,000,000 | ---D | M]
 FF - HKLM\software\mozilla\Firefox\​Extensions\\offerboxffx@offerb​ox.com: C:\Program Files\OfferBox\offerboxffx@off​erbox.com [2010/11/21 18:29:24 | 000,000,000 | ---D | M]
 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/21 18:29:23 | 000,000,000 | ---D | M]
 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/21 21:34:13 | 000,000,000 | ---D | M]
 
 [2009/05/01 13:21:47 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\mozilla​\Extensions
 [2009/05/01 13:21:47 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\mozilla​\Extensions\home2@tomtom.com
 [2009/03/31 22:07:23 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\mozilla​\Extensions\mozswing@mozswing.​org
 [2010/11/21 18:29:28 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\mozilla​\Firefox\Profiles\rviwc0qr.def​ault\extensions
 [2010/04/27 14:41:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\mous et salima\AppData\Roaming\mozilla​\Firefox\Profiles\rviwc0qr.def​ault\extensions\{20a82645-c095​-46ed-80e3-08825760534b}
 [2010/02/18 09:03:27 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\mous et salima\AppData\Roaming\mozilla​\Firefox\Profiles\rviwc0qr.def​ault\extensions\{635abd67-4fe9​-1b23-4f01-e679fa7484c1}
 [2010/03/16 12:51:47 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\mozilla​\Firefox\Profiles\rviwc0qr.def​ault\extensions\illimitux@illi​mitux.net
 [2010/11/21 18:29:29 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\mozilla​\Firefox\Profiles\rviwc0qr.def​ault\extensions\toolbar@ask.co​m
 [2010/11/20 19:06:04 | 000,002,650 | ---- | M] () -- C:\Users\mous et salima\AppData\Roaming\Mozilla​\FireFox\Profiles\rviwc0qr.def​ault\searchplugins\bing.xml
 [2010/11/21 11:15:53 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
 [2010/06/14 04:54:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0​016-0000-0020-ABCDEFFEDCBA}
 [2010/09/18 09:17:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0​016-0000-0021-ABCDEFFEDCBA}
 [2010/11/15 17:00:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0​016-0000-0022-ABCDEFFEDCBA}
 [2008/12/17 13:35:45 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\realplayer@​partners.mozilla.com
 [2010/07/17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.​dll
 [2010/10/09 18:28:42 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-f​rance.xml
 [2010/10/09 18:28:42 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tl​fi-fr.xml
 [2010/10/09 18:28:42 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-fra​nce.xml
 [2010/10/09 18:28:42 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedi​a-fr.xml
 [2010/10/09 18:28:42 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-fr​ance.xml
 
 O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | -HS- | M]) - C:\Windows\System32\drivers\et​c\hosts
 O1 - Hosts: 127.0.0.1       localhost
 O1 - Hosts: ::1             localhost
 O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C091​46192CA} - C:\ProgramData\Real\RealPlayer​\BrowserRecordPlugin\IE\rpbrow​serrecordplugin.dll (RealPlayer)
 O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3A​AC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
 O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.5.4723.1820\swg.dll (Google Inc.)
 O2 - BHO: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D​8127440} - C:\Program Files\Ask.com\GenericAskToolba​r.dll (Ask.com)
 O2 - BHO: (OfferBox) - {FC0D62C2-9640-4AEB-A5D5-CF25D​F11FA8C} - C:\Program Files\OfferBox\OfferBoxBHO.dll (Secure Digital Services Limited)
 O3 - HKLM\..\Toolbar: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D​8127440} - C:\Program Files\Ask.com\GenericAskToolba​r.dll (Ask.com)
 O3 - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\..\Toolba​r\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - No CLSID value found.
 O3 - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\..\Toolba​r\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B​4FF55D0} - No CLSID value found.
 O3 - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\..\Toolba​r\WebBrowser: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D​8127440} - C:\Program Files\Ask.com\GenericAskToolba​r.dll (Ask.com)
 O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdM​ain.exe (TOSHIBA Corporation)
 O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
 O4 - HKLM..\Run: [cfFncEnabler.exe]  File not found
 O4 - HKLM..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe ( )
 O4 - HKLM..\Run: [NDSTray.exe]  File not found
 O4 - HKLM..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe (Eset )
 O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager​\SessionManager.exe (France Telecom SA)
 O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
 O4 - HKLM..\Run: [Samsung Common SM] C:\Windows\Samsung\ComSMMgr\ss​mmgr.exe (Samsung Electronics.)
 O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\Smoot​hView.exe (TOSHIBA Corporation)
 O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched​.exe (RealNetworks, Inc.)
 O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
 O4 - HKLM..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\Tos​hibaRegistration.exe (Toshiba)
 O4 - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
 O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE (TOSHIBA Corporation)
 O4 - HKLM..\Run: [UpdateReminder] C:\Program Files\Eset\UpdateReminder.exe (ESET, spol. s r.o.)
 O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
 O4 - HKU\.DEFAULT..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.​EXE File not found
 O4 - HKU\S-1-5-18..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.​EXE File not found
 O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.d​ll (Microsoft Corporation)
 O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.d​ll (Microsoft Corporation)
 O4 - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
 O4 - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSP​D.exe (TOSHIBA)
 O4 - Startup: C:\Users\Default\AppData\Roami​ng\Microsoft\Windows\Start Menu\Programs\Startup\TRDCRemi​nder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRD​CReminder.exe (TOSHIBA Europe)
 O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft​\Windows\Start Menu\Programs\Startup\TRDCRemi​nder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRD​CReminder.exe (TOSHIBA Europe)
 O4 - Startup: C:\Users\mous et salima\AppData\Roaming\Microso​ft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
 O4 - Startup: C:\Users\mous et salima\AppData\Roaming\Microso​ft\Windows\Start Menu\Programs\Startup\OpenOffi​ce.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.sc​r (Google Inc.)
 O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterS​hortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll (Microsoft Corporation)
 O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterS​hortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll (Microsoft Corporation)
 O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~2\Office12\​ONBttnIE.dll (Microsoft Corporation)
 O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~2\Office12\​ONBttnIE.dll (Microsoft Corporation)
 O9 - Extra Button: @C:\Windows\WindowsMobile\INet​Repl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04​FAE2D4F} - C:\Windows\WindowsMobile\INetR​epl.dll (Microsoft Corporation)
 O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INet​Repl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04​FAE2D4F} - C:\Windows\WindowsMobile\INetR​epl.dll (Microsoft Corporation)
 O9 - Extra Button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C​3600AFA} -  File not found
 O9 - Extra Button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C151​9E434CE} -  File not found
 O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\​REFIEBAR.DLL (Microsoft Corporation)
 O10 - NameSpace_Catalog5\Catalog_Ent​ries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
 O13 - gopher Prefix: missing
 O16 - DPF: {17492023-C23A-453E-A040-C7C58​0BBF700} http://download.microsoft.com/ [...] ontrol.cab (Windows Genuine Advantage Validation Tool)
 O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D​5CC64F2} http://kitchenplanner.ikea.com [...] _Win32.cab (20-20 3D Viewer)
 O16 - DPF: {4DD20514-9520-40A7-9CD6-66883​643A20B} http://www.boaki.com/download/uviLaunch.cab (UviLaunch Control)
 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05C​B959537} http://gfx1.hotmail.com/mail/w [...] dfr-fr.cab (MSN Photo Upload Tool)
 O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730​F4EE499} http://download.bitdefender.co [...] oscan8.cab (BDSCANONLINE Control)
 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805​F499D93} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_21)
 O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_06)
 O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_21)
 O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_21)
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
 O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-00500​48385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\​WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
 O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F773​8E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\​WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
 O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7B​E1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
 O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89​B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolH​andler.dll (Microsoft Corporation)
 O18 - Protocol\Filter\application/oc​tet-stream {1E66F26B-79EE-11D2-8710-00C04​F79ED0D} - mscoree.dll (Microsoft Corporation)
 O18 - Protocol\Filter\application/x-​complus {1E66F26B-79EE-11D2-8710-00C04​F79ED0D} - mscoree.dll (Microsoft Corporation)
 O18 - Protocol\Filter\application/x-​msdownload {1E66F26B-79EE-11D2-8710-00C04​F79ED0D} - mscoree.dll (Microsoft Corporation)
 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
 O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - igfxdev.dll (Intel Corporation)
 O24 - Desktop WallPaper: C:\Users\mous et salima\AppData\Roaming\Microso​ft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
 O24 - Desktop BackupWallPaper: C:\Users\mous et salima\AppData\Roaming\Microso​ft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
 O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
 O32 - HKLM CDRom: AutoRun - 1
 O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
 O33 - MountPoints2\{1a810ff0-47fa-11​df-b75a-001e337e3c3e}\Shell\Au​toRun\command - "" = D:\InstallTomTomHOME.exe -- File not found
 O33 - MountPoints2\D\Shell - "" = AutoRun
 O33 - MountPoints2\D\Shell\AutoRun\c​ommand - "" = D:\LaunchU3.exe -- File not found
 O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
 O35 - HKLM\..comfile [open] -- "%1" %*
 O35 - HKLM\..exefile [open] -- "%1" %*
 O37 - HKLM\...com [@ = comfile] -- "%1" %*
 O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
 NetSvcs: FastUserSwitchingCompatibility -  File not found
 NetSvcs: Ias -  File not found
 NetSvcs: Nla -  File not found
 NetSvcs: Ntmssvc -  File not found
 NetSvcs: NWCWorkstation -  File not found
 NetSvcs: Nwsapagent -  File not found
 NetSvcs: SRService -  File not found
 NetSvcs: WmdmPmSp -  File not found
 NetSvcs: LogonHours -  File not found
 NetSvcs: PCAudit -  File not found
 NetSvcs: helpsvc -  File not found
 NetSvcs: uploadmgr -  File not found
 
 ========== Files/Folders - Created Within 30 Days ==========
 
 [2010/11/21 18:37:04 | 000,000,000 | ---D | C] -- C:\Users\mous et salima\AppData\Roaming\OfferBo​x
 [2010/11/20 19:28:27 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
 [2010/11/20 18:25:28 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
 [2010/11/07 12:44:15 | 000,000,000 | ---D | C] -- C:\Users\mous et salima\AppData\Roaming\Windows Live Writer
 [2010/11/07 12:44:15 | 000,000,000 | ---D | C] -- C:\Users\mous et salima\AppData\Local\Windows Live Writer
 [2010/11/05 18:42:51 | 000,000,000 | ---D | C] -- C:\Users\mous et salima\AppData\Local\freecompr​essor Air
 [2010/11/05 18:42:41 | 000,000,000 | ---D | C] -- C:\Users\mous et salima\AppData\Roaming\freeCom​pressor
 [2010/11/05 18:39:02 | 000,000,000 | ---D | C] -- C:\Program Files\OfferBox
 [2010/10/31 09:54:16 | 000,000,000 | ---D | C] -- C:\Program Files\Tomtomax Maxi-Box
 [2010/10/28 02:19:30 | 000,000,000 | -HSD | C] -- C:\found.000
 [2010/10/27 16:02:45 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
 [2010/10/27 16:02:43 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.d​ll
 [2010/10/27 16:02:42 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLega​cyGDFs.dll
 [2010/10/24 18:55:35 | 000,000,000 | ---D | C] -- C:\Windows\fr
 [2010/10/24 18:48:35 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.​dll
 [2010/10/24 18:48:35 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.​dll
 [2010/10/24 18:48:35 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.​dll
 [2010/10/24 18:46:59 | 000,000,000 | ---D | C] -- C:\Users\mous et salima\AppData\Local\Windows Live
 [2010/10/24 18:46:11 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservice​s.dll
 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
 ========== Files - Modified Within 30 Days ==========
 
 [2010/11/22 09:04:00 | 000,000,436 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Syn​chronization-{499926D8-25B1-47​1A-834C-B091103D39ED}.job
 [2010/11/22 08:16:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askMachineUA.job
 [2010/11/22 07:49:16 | 000,679,042 | ---- | M] () -- C:\Windows\System32\perfh00C.d​at
 [2010/11/22 07:49:16 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.d​at
 [2010/11/22 07:49:16 | 000,126,626 | ---- | M] () -- C:\Windows\System32\perfc00C.d​at
 [2010/11/22 07:49:16 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.d​at
 [2010/11/22 07:47:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
 [2010/11/21 22:44:21 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
 [2010/11/21 22:42:13 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askMachineCore.job
 [2010/11/21 22:42:07 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-3​76B-497e-B012-9C450E1B7327-2P-​1.C7483456-A289-439d-8115-6016​32D005A0
 [2010/11/21 22:42:07 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-3​76B-497e-B012-9C450E1B7327-2P-​0.C7483456-A289-439d-8115-6016​32D005A0
 [2010/11/21 21:34:13 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
 [2010/11/06 19:23:31 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
 [2010/11/05 23:17:46 | 000,001,976 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
 [2010/10/27 16:13:06 | 000,424,376 | ---- | M] () -- C:\Windows\System32\FNTCACHE.D​AT
 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
 ========== Files Created - No Company Name ==========
 
 [2010/02/09 16:26:28 | 000,000,000 | ---- | C] () -- C:\Windows\System32\D3DCompile​r_33.dll
 [2009/10/18 18:10:41 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI
 [2009/08/16 14:28:31 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuth​n.dll
 [2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckCo​ntrol.dll
 [2009/04/12 12:10:34 | 000,031,007 | ---- | C] () -- C:\Users\mous et salima\AppData\Roaming\UserTil​e.png
 [2009/04/10 17:27:15 | 000,015,424 | ---- | C] () -- C:\Windows\System32\drivers\no​d32drv.sys
 [2009/03/31 23:03:23 | 000,000,000 | ---- | C] () -- C:\Users\mous et salima\AppData\Roaming\wklnhst​.dat
 [2009/03/02 18:33:49 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
 [2009/01/05 15:44:10 | 000,000,453 | ---- | C] () -- C:\Windows\bdoscandellang.ini
 [2008/12/20 20:20:05 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
 [2008/12/20 20:20:05 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
 [2008/12/20 20:20:02 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.d​ll
 [2008/12/20 20:20:02 | 000,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.d​ll
 [2008/12/20 20:20:02 | 000,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dl​l
 [2008/12/20 20:20:01 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
 [2008/12/15 20:07:56 | 000,000,680 | ---- | C] () -- C:\Users\mous et salima\AppData\Local\d3d9caps.​dat
 [2008/12/15 15:43:36 | 000,183,808 | ---- | C] () -- C:\Users\mous et salima\AppData\Local\DCBC2A71-​70D8-4DAN-EHR8-E0D61DEA3FDF.in​i
 [2008/12/15 12:18:27 | 000,131,072 | ---- | C] () -- C:\Windows\System32\EnumDevLib​.dll
 [2008/12/15 10:58:00 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.i​ni
 [2008/12/15 10:58:00 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.d​ll
 [2008/12/15 10:58:00 | 000,009,496 | ---- | C] () -- C:\Windows\System32\tosmreg.in​i
 [2008/12/15 10:58:00 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.in​i
 [2008/08/07 16:29:43 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW​7.dll
 [2008/08/07 16:29:43 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA​6.dll
 [2008/08/07 16:29:43 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP​6.dll
 [2008/08/07 16:29:43 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM​6.dll
 [2008/08/07 16:29:43 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizeP​X.dll
 [2008/08/07 16:29:43 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.​dll
 [2008/08/07 16:21:03 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
 [2008/08/07 16:06:00 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v​1502.dll
 [2008/08/07 15:19:14 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInsta​ller01000.dll
 [2008/04/24 18:43:50 | 000,057,344 | ---- | C] () -- C:\Windows\System32\SmartFaceV​Capt.dll
 [2008/04/24 18:42:44 | 000,479,232 | ---- | C] () -- C:\Windows\System32\SmartFaceV​CP.dll
 [2008/04/24 18:25:46 | 006,701,056 | ---- | C] () -- C:\Windows\System32\FaceHI.dll
 [2008/04/24 18:25:46 | 000,995,328 | ---- | C] () -- C:\Windows\System32\FaceRec.dl​l
 [2008/04/24 18:25:46 | 000,126,976 | ---- | C] () -- C:\Windows\System32\SmartFaceV​Ctrl.dll
 [2008/04/24 18:23:58 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IppLib.dll
 [2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTr​aditionalChinese.dll
 [2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSw​edish.dll
 [2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSp​anish.dll
 [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSi​mplifiedChinese.dll
 [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPo​rtugese.dll
 [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKo​rean.dll
 [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJa​panese.dll
 [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGe​rman.dll
 [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFr​ench.dll
 [2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE​.dll
 [2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.i​ni
 [2003/04/01 09:58:02 | 000,005,260 | ---- | C] () -- C:\Windows\System32\OUTLPERF.I​NI
 
 ========== LOP Check ==========
 
 [2009/01/11 13:10:04 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\DeepBur​ner
 [2010/11/05 18:42:44 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\freeCom​pressor
 [2010/01/08 14:25:05 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\ImgBurn
 [2010/11/21 22:43:03 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\LimeWir​e
 [2010/04/12 19:49:09 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\myphoto​book
 [2010/11/21 18:37:12 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\OfferBo​x
 [2009/10/06 08:57:15 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\OpenOff​ice.org
 [2009/04/12 12:10:34 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\PeerNet​working
 [2009/10/31 21:36:41 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\Templat​e
 [2009/05/01 13:21:46 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\TomTom
 [2008/12/15 14:07:47 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\Toshiba
 [2009/01/14 22:11:38 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\uTorren​t
 [2010/11/07 12:44:15 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\Windows Live Writer
 [2010/11/06 19:23:31 | 000,032,492 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 [2010/11/22 09:04:00 | 000,000,436 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Syn​chronization-{499926D8-25B1-47​1A-834C-B091103D39ED}.job
 
 ========== Purity Check ==========
 
 
 
 ========== Custom Scans ==========
 
 
 < %SYSTEMDRIVE%\*.*  >
 [2010/11/20 18:36:26 | 000,009,303 | ---- | M] () -- C:\Ad-Report-CLEAN[1].txt
 [2010/11/20 18:55:33 | 000,002,387 | ---- | M] () -- C:\Ad-Report-CLEAN[2].txt
 [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
 [2009/04/11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
 [2006/09/18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
 [2009/04/25 12:51:42 | 000,000,558 | ---- | M] () -- C:\InstallHelper.log
 [2009/03/22 11:44:33 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
 [2009/03/22 11:44:33 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
 [2004/02/29 16:44:34 | 000,052,576 | ---- | M] () -- C:\orange.bmp
 [2010/11/21 22:41:43 | 3396,603,904 | -HS- | M] () -- C:\pagefile.sys
 [2008/08/12 15:54:10 | 000,000,123 | -H-- | M] () -- C:\SWSTAMP.TXT
 
 < %SYSTEMDRIVE%\*.exe  >
 
 < %PROGRAMFILES%\*.*  >
 [2008/01/21 03:43:21 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
 
 < %PROGRAMFILES%\*.  >
 [2008/08/07 16:54:21 | 000,000,000 | ---D | M] -- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
 [2010/11/20 18:25:35 | 000,000,000 | ---D | M] -- C:\Program Files\Ad-Remover
 [2010/10/09 17:58:35 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
 [2010/02/09 16:27:42 | 000,000,000 | ---D | M] -- C:\Program Files\AGEIA Technologies
 [2009/01/21 11:22:01 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
 [2009/04/10 17:48:01 | 000,000,000 | ---D | M] -- C:\Program Files\Anti Trojan Elite
 [2009/05/27 14:18:42 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
 [2010/11/21 18:29:19 | 000,000,000 | ---D | M] -- C:\Program Files\Ask.com
 [2009/01/11 13:04:46 | 000,000,000 | ---D | M] -- C:\Program Files\Astonsoft
 [2009/12/27 14:57:50 | 000,000,000 | ---D | M] -- C:\Program Files\BinarySense
 [2010/08/04 10:01:48 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
 [2008/12/15 12:16:22 | 000,000,000 | ---D | M] -- C:\Program Files\Camera Assistant Software for Toshiba
 [2010/05/09 20:17:09 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
 [2009/10/18 19:36:24 | 000,000,000 | ---D | M] -- C:\Program Files\Cobian Backup 9
 [2010/10/09 17:58:35 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
 [2008/12/15 10:57:26 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
 [2009/04/25 12:51:24 | 000,000,000 | ---D | M] -- C:\Program Files\eBay
 [2009/01/16 19:32:27 | 000,000,000 | ---D | M] -- C:\Program Files\eMule
 [2010/11/03 17:03:30 | 000,000,000 | ---D | M] -- C:\Program Files\ESET
 [2008/12/15 12:09:44 | 000,000,000 | -HSD | M] -- C:\Program Files\Fichiers communs
 [2010/10/02 14:17:06 | 000,000,000 | ---D | M] -- C:\Program Files\Gibcom
 [2010/10/16 19:45:23 | 000,000,000 | ---D | M] -- C:\Program Files\Google
 [2010/02/19 14:36:40 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
 [2008/12/15 10:52:08 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
 [2010/11/21 18:29:10 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
 [2008/08/07 16:29:43 | 000,000,000 | ---D | M] -- C:\Program Files\InterVideo
 [2010/08/04 10:07:47 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
 [2010/08/04 10:08:41 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
 [2010/11/15 16:59:41 | 000,000,000 | ---D | M] -- C:\Program Files\Java
 [2009/10/06 08:54:24 | 000,000,000 | ---D | M] -- C:\Program Files\JRE
 [2008/12/20 20:20:03 | 000,000,000 | ---D | M] -- C:\Program Files\K-Lite Codec Pack
 [2010/09/25 20:57:02 | 000,000,000 | ---D | M] -- C:\Program Files\LimeWire
 [2010/11/20 19:28:33 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
 [2010/05/31 21:46:18 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee Security Scan
 [2010/05/30 09:02:04 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
 [2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
 [2009/10/18 18:07:20 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
 [2010/10/03 03:30:26 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
 [2008/12/15 17:02:51 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
 [2009/10/18 18:06:55 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
 [2010/08/12 02:06:27 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
 [2010/06/26 02:01:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
 [2010/08/12 02:22:26 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
 [2010/11/01 20:41:01 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
 [2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
 [2008/08/07 15:28:18 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
 [2008/08/07 16:47:19 | 000,000,000 | ---D | M] -- C:\Program Files\myphotobook
 [2008/12/15 10:57:58 | 000,000,000 | ---D | M] -- C:\Program Files\NetWaiting
 [2010/11/21 18:29:24 | 000,000,000 | ---D | M] -- C:\Program Files\OfferBox
 [2009/10/06 08:54:23 | 000,000,000 | ---D | M] -- C:\Program Files\OpenOffice.org 3
 [2010/01/13 18:52:58 | 000,000,000 | ---D | M] -- C:\Program Files\OrangeHSS
 [2009/05/27 13:07:16 | 000,000,000 | ---D | M] -- C:\Program Files\QUAD Utilities
 [2010/08/04 10:06:01 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
 [2010/04/10 16:52:43 | 000,000,000 | ---D | M] -- C:\Program Files\Real
 [2008/12/15 12:18:27 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
 [2008/12/15 10:59:04 | 000,000,000 | ---D | M] -- C:\Program Files\REALTEK RTL8187B Wireless LAN Driver
 [2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
 [2009/03/03 11:22:44 | 000,000,000 | ---D | M] -- C:\Program Files\Samsung ML-1610 Series
 [2008/12/25 19:47:49 | 000,000,000 | ---D | M] -- C:\Program Files\Securitoo
 [2008/08/07 16:09:54 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
 [2009/05/01 13:18:01 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom DesktopSuite
 [2009/05/01 13:21:37 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom HOME 2
 [2009/05/01 13:21:43 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom International B.V
 [2010/10/31 09:54:23 | 000,000,000 | ---D | M] -- C:\Program Files\Tomtomax Maxi-Box
 [2008/12/15 12:18:10 | 000,000,000 | ---D | M] -- C:\Program Files\TOSHIBA
 [2009/05/11 22:58:51 | 000,000,000 | ---D | M] -- C:\Program Files\Toshiba TEMPRO
 [2010/11/21 18:29:24 | 000,000,000 | ---D | M] -- C:\Program Files\Trend Micro
 [2010/02/18 15:30:53 | 000,000,000 | ---D | M] -- C:\Program Files\Ubisoft
 [2008/08/07 16:25:53 | 000,000,000 | ---D | M] -- C:\Program Files\Ulead Systems
 [2006/11/02 14:01:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
 [2010/08/10 21:43:24 | 000,000,000 | ---D | M] -- C:\Program Files\Veetle
 [2008/12/19 16:39:43 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
 [2008/12/16 13:14:54 | 000,000,000 | ---D | M] -- C:\Program Files\VirginMega
 [2009/08/19 11:47:30 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
 [2009/08/19 11:47:25 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
 [2009/08/19 11:46:55 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
 [2009/08/19 11:47:24 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
 [2010/10/24 18:53:44 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
 [2009/01/22 16:10:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live Toolbar
 [2010/09/18 09:33:27 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
 [2008/08/07 16:29:14 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Components
 [2010/10/15 02:27:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
 [2009/06/22 14:02:30 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mobile Device Handbook
 [2008/12/15 12:09:44 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
 [2009/08/19 11:47:20 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
 [2009/11/25 03:18:45 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
 [2009/08/19 11:47:26 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
 [2009/04/10 16:59:57 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
 
 
 < MD5 for: AGP440.SYS  >
 [2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37D​B0D360 -- C:\Windows\System32\drivers\AG​P440.sys
 [2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37D​B0D360 -- C:\Windows\System32\DriverStor​e\FileRepository\machine.inf_5​1b95d75\AGP440.sys
 [2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37D​B0D360 -- C:\Windows\System32\DriverStor​e\FileRepository\machine.inf_f​750e484\AGP440.sys
 [2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37D​B0D360 -- C:\Windows\winsxs\x86_machine.​inf_31bf3856ad364e35_6.0.6001.​18000_none_ba12ed3bbeb0d97a\AG​P440.sys
 [2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37D​B0D360 -- C:\Windows\winsxs\x86_machine.​inf_31bf3856ad364e35_6.0.6002.​18005_none_bbfe6647bbd2a4c6\AG​P440.sys
 [2008/03/25 04:22:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=2D77788D0B7FE269044F58C86A​E099CE -- C:\Windows\System32\DriverStor​e\FileRepository\machine.inf_3​e1ecd89\AGP440.sys
 [2008/03/25 04:22:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=2D77788D0B7FE269044F58C86A​E099CE -- C:\Windows\winsxs\x86_machine.​inf_31bf3856ad364e35_6.0.6001.​22142_none_ba734aead7ed1bb6\AG​P440.sys
 [2008/03/26 04:38:23 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=ED91751834103DB2A74470CD76​3A49FE -- C:\Windows\System32\DriverStor​e\FileRepository\machine.inf_e​4087235\AGP440.sys
 [2008/03/26 04:38:23 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=ED91751834103DB2A74470CD76​3A49FE -- C:\Windows\winsxs\x86_machine.​inf_31bf3856ad364e35_6.0.6000.​20800_none_b8b64d46daa7e57a\AG​P440.sys
 [2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825C​EAD7D8 -- C:\Windows\System32\DriverStor​e\FileRepository\machine.inf_9​20a2c1f\AGP440.sys
 
 < MD5 for: ATAPI.SYS  >
 [2008/03/12 07:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893F​E7518C -- C:\Windows\System32\DriverStor​e\FileRepository\mshdc.inf_4c9​c5a00\atapi.sys
 [2008/03/12 07:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893F​E7518C -- C:\Windows\winsxs\x86_mshdc.in​f_31bf3856ad364e35_6.0.6001.18​034_none_dd1bb97e219e87cb\atap​i.sys
 [2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B​880BC4 -- C:\Windows\System32\drivers\at​api.sys
 [2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B​880BC4 -- C:\Windows\System32\DriverStor​e\FileRepository\mshdc.inf_b12​d8e84\atapi.sys
 [2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B​880BC4 -- C:\Windows\winsxs\x86_mshdc.in​f_31bf3856ad364e35_6.0.6002.18​005_none_df23a1261eab99e8\atap​i.sys
 [2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562D​E40ED9 -- C:\Windows\System32\DriverStor​e\FileRepository\mshdc.inf_cc1​8792d\atapi.sys
 [2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562D​E40ED9 -- C:\Windows\winsxs\x86_mshdc.in​f_31bf3856ad364e35_6.0.6001.18​000_none_dd38281a2189ce9c\atap​i.sys
 [2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7E​C7300F -- C:\Windows\System32\DriverStor​e\FileRepository\mshdc.inf_c6c​2e699\atapi.sys
 [2008/03/12 07:24:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935​425C59 -- C:\Windows\winsxs\x86_mshdc.in​f_31bf3856ad364e35_6.0.6001.22​134_none_dda556493abc2795\atap​i.sys
 
 < MD5 for: AUTOCHK.EXE  >
 [2009/04/11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E995​09F5E7 -- C:\Windows\System32\autochk.ex​e
 [2009/04/11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E995​09F5E7 -- C:\Windows\winsxs\x86_microsof​t-windows-autochk_31bf3856ad36​4e35_6.0.6002.18005_none_e3df6​655bee2ee3b\autochk.exe
 [2008/01/21 03:24:45 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4​908FC3 -- C:\Windows\winsxs\x86_microsof​t-windows-autochk_31bf3856ad36​4e35_6.0.6001.18000_none_e1f3e​d49c1c122ef\autochk.exe
 
 < MD5 for: BEEP.SYS  >
 [2008/01/21 03:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD0​14DFB6 -- C:\Windows\System32\drivers\be​ep.sys
 [2008/01/21 03:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD0​14DFB6 -- C:\Windows\winsxs\x86_microsof​t-windows-beepsys_31bf3856ad36​4e35_6.0.6001.18000_none_c420a​153079d485b\beep.sys
 
 < MD5 for: CNGAUDIT.DLL  >
 [2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D​5FED4D -- C:\Windows\System32\cngaudit.d​ll
 [2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D​5FED4D -- C:\Windows\winsxs\x86_microsof​t-windows-cngaudit-dll_31bf385​6ad364e35_6.0.6000.16386_none_​e62d292932a96ce6\cngaudit.dll
 
 < MD5 for: EXPLORER.EXE  >
 [2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7A​BF06BE -- C:\Windows\winsxs\x86_microsof​t-windows-explorer_31bf3856ad3​64e35_6.0.6000.16771_none_4f83​bb287ccdb7e3\explorer.exe
 [2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5B​A1089D -- C:\Windows\winsxs\x86_microsof​t-windows-explorer_31bf3856ad3​64e35_6.0.6001.18164_none_5177​ca9879e978e8\explorer.exe
 [2008/10/30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3​BC606E -- C:\Windows\winsxs\x86_microsof​t-windows-explorer_31bf3856ad3​64e35_6.0.6001.22298_none_51e4​f8c7931bd1e1\explorer.exe
 [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F​2A1253 -- C:\Windows\explorer.exe
 [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F​2A1253 -- C:\Windows\winsxs\x86_microsof​t-windows-explorer_31bf3856ad3​64e35_6.0.6002.18005_none_53a0​201e76de3a0b\explorer.exe
 [2008/10/28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE​06E5FB -- C:\Windows\winsxs\x86_microsof​t-windows-explorer_31bf3856ad3​64e35_6.0.6000.20947_none_5033​cb5995cd990b\explorer.exe
 [2008/01/21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E​174F9F -- C:\Windows\winsxs\x86_microsof​t-windows-explorer_31bf3856ad3​64e35_6.0.6001.18000_none_51b4​a71279bc6ebf\explorer.exe
 
 < MD5 for: IASTOR.SYS  >
 [2008/04/15 17:54:16 | 000,388,120 | ---- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC9​1CBD97 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
 [2008/04/15 17:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9C​D9CB87 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
 [2008/04/15 17:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9C​D9CB87 -- C:\Windows\System32\drivers\ia​Stor.sys
 [2008/04/15 17:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9C​D9CB87 -- C:\Windows\System32\DriverStor​e\FileRepository\iaahci.inf_77​c04a30\iaStor.sys
 
 < MD5 for: IASTORV.SYS  >
 [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3​AC3A14 -- C:\Windows\System32\drivers\ia​StorV.sys
 [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3​AC3A14 -- C:\Windows\System32\DriverStor​e\FileRepository\iastorv.inf_c​9df7691\iaStorV.sys
 [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3​AC3A14 -- C:\Windows\winsxs\x86_iastorv.​inf_31bf3856ad364e35_6.0.6001.​18000_none_af11527887c7fa8f\ia​StorV.sys
 [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101​E6C906 -- C:\Windows\System32\DriverStor​e\FileRepository\iastorv.inf_3​7cdafa4\iaStorV.sys
 
 < MD5 for: IMM32.DLL  >
 [2008/01/21 03:24:24 | 000,114,688 | ---- | M] (Microsoft Corporation) MD5=EC17194A193CD8E90D27CFB93D​FA9A2E -- C:\Windows\winsxs\x86_microsof​t-windows-imm32_31bf3856ad364e​35_6.0.6001.18000_none_5c561e1​67a6afd02\imm32.dll
 [2009/04/11 07:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\imm32.dll
 [2009/04/11 07:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsof​t-windows-imm32_31bf3856ad364e​35_6.0.6002.18005_none_5e41972​2778cc84e\imm32.dll
 
 < MD5 for: KERNEL32.DLL  >
 [2009/02/13 09:21:09 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=1987D817D08F5EAF0B7F334026​FDDB79 -- C:\Windows\winsxs\x86_microsof​t-windows-kernel32_31bf3856ad3​64e35_6.0.6001.22376_none_9401​d8206f9c7e67\kernel32.dll
 [2009/02/13 08:26:37 | 000,875,520 | ---- | M] (Microsoft Corporation) MD5=B82C7AC1D559F0FD088792171D​64C7F3 -- C:\Windows\winsxs\x86_microsof​t-windows-kernel32_31bf3856ad3​64e35_6.0.6000.16820_none_91c2​0a8f593529ed\kernel32.dll
 [2009/02/13 08:13:01 | 000,875,520 | ---- | M] (Microsoft Corporation) MD5=BB792054BD990EC05D9E260D50​FEAD39 -- C:\Windows\winsxs\x86_microsof​t-windows-kernel32_31bf3856ad3​64e35_6.0.6000.21010_none_9256​4f68724ae108\kernel32.dll
 [2009/02/13 09:49:05 | 000,888,832 | ---- | M] (Microsoft Corporation) MD5=DB6E3731E6F5C8AE2843F80B57​87F7C6 -- C:\Windows\winsxs\x86_microsof​t-windows-kernel32_31bf3856ad3​64e35_6.0.6001.18215_none_93b8​1a93564f1da0\kernel32.dll
 [2008/01/21 03:24:13 | 000,888,320 | ---- | M] (Microsoft Corporation) MD5=DC2338093F91BA4E0512208E60​206DDD -- C:\Windows\winsxs\x86_microsof​t-windows-kernel32_31bf3856ad3​64e35_6.0.6001.18000_none_93bd​e541564b88ae\kernel32.dll
 [2009/04/11 07:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\kernel32.d​ll
 [2009/04/11 07:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsof​t-windows-kernel32_31bf3856ad3​64e35_6.0.6002.18005_none_95a9​5e4d536d53fa\kernel32.dll
 
 < MD5 for: MSWSOCK.DLL  >
 [2009/04/11 07:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092​751BCB -- C:\Windows\System32\mswsock.dl​l
 [2009/04/11 07:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092​751BCB -- C:\Windows\winsxs\x86_microsof​t-windows-w..-infrastructure-b​sp_31bf3856ad364e35_6.0.6002.1​8005_none_ba3ed0122a6d89da\msw​sock.dll
 [2008/01/21 03:24:02 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=89FD0595EEA4E505CABEFCF700​8F2612 -- C:\Windows\winsxs\x86_microsof​t-windows-w..-infrastructure-b​sp_31bf3856ad364e35_6.0.6001.1​8000_none_b85357062d4bbe8e\msw​sock.dll
 
 < MD5 for: NDIS.SYS  >
 [2009/04/11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D​7BBB42 -- C:\Windows\System32\drivers\nd​is.sys
 [2009/04/11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D​7BBB42 -- C:\Windows\winsxs\x86_microsof​t-windows-ndis_31bf3856ad364e3​5_6.0.6002.18005_none_a9b2a4d3​1930d864\ndis.sys
 [2008/01/21 03:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B​1BD0B1 -- C:\Windows\winsxs\x86_microsof​t-windows-ndis_31bf3856ad364e3​5_6.0.6001.18000_none_a7c72bc7​1c0f0d18\ndis.sys
 
 < MD5 for: NETLOGON.DLL  >
 [2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54​E37DDE -- C:\Windows\System32\netlogon.d​ll
 [2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54​E37DDE -- C:\Windows\winsxs\x86_microsof​t-windows-security-netlogon_31​bf3856ad364e35_6.0.6002.18005_​none_ffa3304f351bb3a3\netlogon​.dll
 [2008/01/21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025​D4E37F -- C:\Windows\winsxs\x86_microsof​t-windows-security-netlogon_31​bf3856ad364e35_6.0.6001.18000_​none_fdb7b74337f9e857\netlogon​.dll
 
 < MD5 for: NTFS.SYS  >
 [2009/04/11 07:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA​4BAA47 -- C:\Windows\System32\drivers\nt​fs.sys
 [2009/04/11 07:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA​4BAA47 -- C:\Windows\winsxs\x86_microsof​t-windows-ntfs_31bf3856ad364e3​5_6.0.6002.18005_none_a85ca2c9​1a0d64df\ntfs.sys
 [2008/01/21 03:23:51 | 001,081,912 | ---- | M] (Microsoft Corporation) MD5=B4EFFE29EB4F15538FD8A96811​08492D -- C:\Windows\winsxs\x86_microsof​t-windows-ntfs_31bf3856ad364e3​5_6.0.6001.18000_none_a67129bd​1ceb9993\ntfs.sys
 
 < MD5 for: NTMSSVC.DLL  >
 [2008/01/21 03:25:28 | 000,460,288 | ---- | M] (Microsoft Corporation) MD5=A7DFF9642D510BE1EEC6664CD0​369953 -- C:\Windows\winsxs\x86_microsof​t-windows-r..emanagement-servi​ce_31bf3856ad364e35_6.0.6001.1​8000_none_0e3e31f00e12b007\ntm​ssvc.dll
 
 < MD5 for: NVSTOR.SYS  >
 [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB​76DFFC -- C:\Windows\System32\DriverStor​e\FileRepository\nvraid.inf_73​3654ff\nvstor.sys
 [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2​688177 -- C:\Windows\System32\drivers\nv​stor.sys
 [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2​688177 -- C:\Windows\System32\DriverStor​e\FileRepository\nvraid.inf_31​c3d71d\nvstor.sys
 [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2​688177 -- C:\Windows\winsxs\x86_nvraid.i​nf_31bf3856ad364e35_6.0.6001.1​8000_none_39dac327befea467\nvs​tor.sys
 
 < MD5 for: PROQUOTA.EXE  >
 [2006/11/02 10:45:33 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=C31AE90F24870B9A51655C36A9​EB4BF3 -- C:\Windows\System32\proquota.e​xe
 [2006/11/02 10:45:33 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=C31AE90F24870B9A51655C36A9​EB4BF3 -- C:\Windows\winsxs\x86_microsof​t-windows-proquota_31bf3856ad3​64e35_6.0.6000.16386_none_2590​35db957a1715\proquota.exe
 
 < MD5 for: QMGR.DLL  >
 [2008/01/21 03:25:00 | 000,758,272 | ---- | M] (Microsoft Corporation) MD5=02ED7B4DBC2A3232A389106DA7​515C3D -- C:\Windows\winsxs\x86_microsof​t-windows-bits-client_31bf3856​ad364e35_6.0.6001.18000_none_2​390c4ecf9720b8c\qmgr.dll
 [2009/04/11 07:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) MD5=93952506C6D67330367F7E7934​B6A02F -- C:\Windows\System32\qmgr.dll
 [2009/04/11 07:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) MD5=93952506C6D67330367F7E7934​B6A02F -- C:\Windows\winsxs\x86_microsof​t-windows-bits-client_31bf3856​ad364e35_6.0.6002.18005_none_2​57c3df8f693d6d8\qmgr.dll
 
 < MD5 for: SCECLI.DLL  >
 [2008/01/21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D5​91E0B9 -- C:\Windows\winsxs\x86_microsof​t-windows-s..urationengineclie​nt_31bf3856ad364e35_6.0.6001.1​8000_none_380de25bd91b6f12\sce​cli.dll
 [2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044​105EE1 -- C:\Windows\System32\scecli.dll
 [2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044​105EE1 -- C:\Windows\winsxs\x86_microsof​t-windows-s..urationengineclie​nt_31bf3856ad364e35_6.0.6002.1​8005_none_39f95b67d63d3a5e\sce​cli.dll
 
 < MD5 for: SPOOLSV.EXE  >
 [2010/08/17 14:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65​A09B19 -- C:\Windows\winsxs\x86_microsof​t-windows-printing-spooler-cor​e_31bf3856ad364e35_6.0.6001.18​511_none_d641dcfdc18fec21\spoo​lsv.exe
 [2009/04/11 07:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) MD5=524BFBEA40E6E404737CCBC754​647A2E -- C:\Windows\winsxs\x86_microsof​t-windows-printing-spooler-cor​e_31bf3856ad364e35_6.0.6002.18​005_none_d8371c2dbeaa9062\spoo​lsv.exe
 [2008/01/21 03:24:45 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=846CDF9A3CF4D

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 23/11/2010 à 04:42:51  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut LOULALIE


 Le rapport n'est pas complet, voir peut-être avec un autre hébergeur :
 http://www.cijoint.fr/


 Faire un scan de ce fichier kernel32.dll ici :

 http://www.virustotal.com/fr/


 
  • Dans l'onglet Upload a file, clique sur Parcourir
  • Une nouvelle fenêtre va s'ouvrir, dans cette fenêtre dans le bas ou c'est marqué Nom de fichier tu copie/colle ceci :
C:\Windows\System32\kernel32.d​ll

 
  • Après tu clique sur Ouvrir et sur Envoyer le fichier et attendre le résultat de l’analyse.
  • Si il te dit que le fichier a déjà été analysé, sélectionne le bouton
http://cjoint.com/data/0lgqQTo​Xd6j_reanalyse.JPG

 Attendre le résultat de l'analyse, poste le résultat au complet ou le lien de la page.

 Faire également un scan de ce fichier :
 C:\Windows\System32\imm32.dll


 @++   :)

(Publicité)
loulalie
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 23/11/2010 à 09:35:35  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 

 bonjour dédétraqué,

 je n'arrive pas à poster le "otl.txt" avec cijoint

 j'ai fais les scan et posté les liens, j'espere ne m'etre pas trompée



 http://www.virustotal.com/file [...] rnel32.dll



 8c451fa2ba8e38d83e50ebf1d9f56f​cbcbc7e2c6898c15254fe9f337f279​e0c1-1290499935

loulalie
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 23/11/2010 à 09:59:29  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
OTL logfile created on: 22/11/2010 09:01:51 - Run 1
 OTL by OldTimer - Version 3.2.17.3     Folder = c:\Users\mous et salima\Downloads
 Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
 Internet Explorer (Version = 8.0.6001.18975)
 Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
 3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 51,00% Memory free
 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
 Paging file location(s): ?:\pagefile.sys [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
 Drive C: | 116,29 Gb Total Space | 18,55 Gb Free Space | 15,95% Space Free | Partition Type: NTFS
 Drive E: | 115,13 Gb Total Space | 109,90 Gb Free Space | 95,45% Space Free | Partition Type: NTFS
 
 Computer Name: PC-DE-MOUSETSAL | User Name: mous et salima | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: All users
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 ========== Processes (SafeList) ==========
 
 PRC - c:\Users\mous et salima\Downloads\OTL.exe (OldTimer Tools)
 PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
 PRC - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
 PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceServi​ce.exe (Apple Inc.)
 PRC - C:\Program Files\Common Files\Real\Update_OB\realsched​.exe (RealNetworks, Inc.)
 PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
 PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
 PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
 PRC - C:\Program Files\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH)
 PRC - C:\Windows\explorer.exe (Microsoft Corporation)
 PRC - C:\Program Files\Eset\nod32kui.exe (Eset )
 PRC - C:\Program Files\Eset\nod32krn.exe (Eset )
 PRC - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
 PRC - C:\Windows\System32\igfxext.ex​e (Intel Corporation)
 PRC - C:\Program Files\TOSHIBA\SmoothView\Smoot​hView.exe (TOSHIBA Corporation)
 PRC - C:\Program Files\TOSHIBA\FlashCards\TCrdM​ain.exe (TOSHIBA Corporation)
 PRC - C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe ()
 PRC - C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
 PRC - C:\Program Files\TOSHIBA\SmartFaceV\Smart​FaceVWatchSrv.exe (Toshiba)
 PRC - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSP​D.exe (TOSHIBA)
 PRC - C:\Program Files\TOSHIBA\ConfigFree\NDSTr​ay.exe (TOSHIBA CORPORATION)
 PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSvc​s.exe (TOSHIBA CORPORATION)
 PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSwM​gr.exe (TOSHIBA CORPORATION)
 PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
 PRC - C:\Program Files\TOSHIBA\SMARTLogService\​TosIPCSrv.exe (TOSHIBA Corporation)
 PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
 PRC - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
 PRC - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
 PRC - C:\Program Files\OrangeHSS\systray\systra​yapp.exe (France Telecom SA)
 PRC - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (France Telecom SA)
 PRC - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertMod​ule.exe (France Telecom SA)
 PRC - C:\Windows\System32\TODDSrv.ex​e (TOSHIBA Corporation)
 PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
 PRC - C:\Windows\Samsung\ComSMMgr\SS​MMgr.exe (Samsung Electronics.)
 
 
 ========== Modules (SafeList) ==========
 
 MOD - c:\Users\mous et salima\Downloads\OTL.exe (OldTimer Tools)
 MOD - C:\Windows\winsxs\x86_microsof​t.windows.common-controls_6595​b64144ccf1df_6.0.6002.18305_no​ne_5cb72f2a088b0ed3\comctl32.d​ll (Microsoft Corporation)
 
 
 ========== Win32 Services (SafeList) ==========
 
 SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe File not found
 SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
 SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
 SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceServi​ce.exe (Apple Inc.)
 SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Frame​work\v4.0.30319\WPF\WPFFontCac​he_v0400.exe (Microsoft Corporation)
 SRV - (clr_optimization_v4.0.30319_3​2) -- C:\Windows\Microsoft.NET\Frame​work\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
 SRV - (HDD & SSD access service) -- C:\Program Files\Common Files\BinarySense\disksvc.exe (BinarySense Ltd.)
 SRV - (FontCache) -- C:\Windows\System32\FntCache.d​ll (Microsoft Corporation)
 SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
 SRV - (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO) -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH)
 SRV - (NOD32krn) -- C:\Program Files\Eset\nod32krn.exe (Eset )
 SRV - (TNaviSrv) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
 SRV - (SmartFaceVWatchSrv) -- C:\Program Files\TOSHIBA\SmartFaceV\Smart​FaceVWatchSrv.exe (Toshiba)
 SRV - (ConfigFree Service) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvc​s.exe (TOSHIBA CORPORATION)
 SRV - (TOSHIBA SMART Log Service) -- C:\Program Files\TOSHIBA\SMARTLogService\​TosIPCSrv.exe (TOSHIBA Corporation)
 SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 SRV - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
 SRV - (FTRTSVC) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (France Telecom SA)
 SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.ex​e (TOSHIBA Corporation)
 SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcesc​omm.dll (Microsoft Corporation)
 SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapim​gr.dll (Microsoft Corporation)
 SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
 
 
 ========== Driver Services (SafeList) ==========
 
 DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nw​lnkfwd.sys File not found
 DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nw​lnkflt.sys File not found
 DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ip​inip.sys File not found
 DRV - (catchme) -- C:\Users\MOUSET~1\AppData\Loca​l\Temp\catchme.sys File not found
 DRV - (AMON) -- C:\Windows\system32\drivers\am​on.sys (Eset )
 DRV - (nod32drv) -- C:\Windows\system32\drivers\no​d32drv.sys ()
 DRV - (tos_sps32) -- C:\Windows\system32\DRIVERS\to​s_sps32.sys (TOSHIBA Corporation)
 DRV - (igfx) -- C:\Windows\System32\drivers\ig​dkmd32.sys (Intel Corporation)
 DRV - (UsbserFilt) -- C:\Windows\System32\drivers\us​bser_lowerfltj.sys (Windows (R) Codename Longhorn DDK provider)
 DRV - (nmwcdc) -- C:\Windows\System32\drivers\cc​dcmbo.sys (Nokia)
 DRV - (upperdev) -- C:\Windows\System32\drivers\us​bser_lowerflt.sys (Windows (R) Codename Longhorn DDK provider)
 DRV - (nmwcd) -- C:\Windows\System32\drivers\cc​dcmb.sys (Nokia)
 DRV - (iaStor) -- C:\Windows\system32\DRIVERS\ia​Stor.sys (Intel Corporation)
 DRV - (RTL8169) -- C:\Windows\System32\drivers\Rt​lh86.sys (Realtek Corporation                                            )
 DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RT​KVHDA.sys (Realtek Semiconductor Corp.)
 DRV - (RTSTOR) -- C:\Windows\System32\drivers\RT​STOR.sys (Realtek Semiconductor Corp.)
 DRV - (MegaSR) -- C:\Windows\system32\drivers\me​gasr.sys (LSI Corporation, Inc.)
 DRV - (adpu320) -- C:\Windows\system32\drivers\ad​pu320.sys (Adaptec, Inc.)
 DRV - (megasas) -- C:\Windows\system32\drivers\me​gasas.sys (LSI Corporation)
 DRV - (adpu160m) -- C:\Windows\system32\drivers\ad​pu160m.sys (Adaptec, Inc.)
 DRV - (SiSRaid4) -- C:\Windows\system32\drivers\si​sraid4.sys (Silicon Integrated Systems)
 DRV - (HpCISSs) -- C:\Windows\system32\drivers\hp​cisss.sys (Hewlett-Packard Company)
 DRV - (adpahci) -- C:\Windows\system32\drivers\ad​pahci.sys (Adaptec, Inc.)
 DRV - (LSI_SAS) -- C:\Windows\system32\drivers\ls​i_sas.sys (LSI Logic)
 DRV - (ql2300) -- C:\Windows\system32\drivers\ql​2300.sys (QLogic Corporation)
 DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1​G60I32.sys (Intel Corporation)
 DRV - (arcsas) -- C:\Windows\system32\drivers\ar​csas.sys (Adaptec, Inc.)
 DRV - (iaStorV) -- C:\Windows\system32\drivers\ia​storv.sys (Intel Corporation)
 DRV - (vsmraid) -- C:\Windows\system32\drivers\vs​mraid.sys (VIA Technologies Inc.,Ltd)
 DRV - (ulsata2) -- C:\Windows\system32\drivers\ul​sata2.sys (Promise Technology, Inc.)
 DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\ls​i_scsi.sys (LSI Logic)
 DRV - (LSI_FC) -- C:\Windows\system32\drivers\ls​i_fc.sys (LSI Logic)
 DRV - (arc) -- C:\Windows\system32\drivers\ar​c.sys (Adaptec, Inc.)
 DRV - (elxstor) -- C:\Windows\system32\drivers\el​xstor.sys (Emulex)
 DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VS​TAZL3.SYS (Conexant Systems, Inc.)
 DRV - (adp94xx) -- C:\Windows\system32\drivers\ad​p94xx.sys (Adaptec, Inc.)
 DRV - (nvraid) -- C:\Windows\system32\drivers\nv​raid.sys (NVIDIA Corporation)
 DRV - (nvstor) -- C:\Windows\system32\drivers\nv​stor.sys (NVIDIA Corporation)
 DRV - (uliahci) -- C:\Windows\system32\drivers\ul​iahci.sys (ULi Electronics Inc.)
 DRV - (viaide) -- C:\Windows\system32\drivers\vi​aide.sys (VIA Technologies, Inc.)
 DRV - (cmdide) -- C:\Windows\system32\drivers\cm​dide.sys (CMD Technology, Inc.)
 DRV - (aliide) -- C:\Windows\system32\drivers\al​iide.sys (Acer Laboratories Inc.)
 DRV - (RTL8187B) -- C:\Windows\System32\drivers\rt​l8187B.sys (Realtek Semiconductor Corporation                           )
 DRV - (UVCFTR) -- C:\Windows\System32\drivers\UV​CFTR_S.SYS (Chicony Electronics Co., Ltd.)
 DRV - (SynTP) -- C:\Windows\System32\drivers\Sy​nTP.sys (Synaptics, Inc.)
 DRV - (TVALZ) -- C:\Windows\system32\DRIVERS\TV​ALZ_O.SYS (TOSHIBA Corporation)
 DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HS​X_DPV.sys (Conexant Systems, Inc.)
 DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HS​XHWAZL.sys (Conexant Systems, Inc.)
 DRV - (winachsf) -- C:\Windows\System32\drivers\HS​X_CNXT.sys (Conexant Systems, Inc.)
 DRV - (XAudio) -- C:\Windows\System32\drivers\XA​udio.sys (Conexant Systems, Inc.)
 DRV - (RtlProt) -- C:\Windows\System32\drivers\Rt​lProt.sys (Windows (R) Codename Longhorn DDK provider)
 DRV - (PCAMp50) -- C:\Windows\System32\drivers\PC​AMp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
 DRV - (PCASp50) -- C:\Windows\System32\drivers\PC​ASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
 DRV - (FwLnk) -- C:\Windows\System32\drivers\Fw​Lnk.sys (TOSHIBA Corporation)
 DRV - (ql40xx) -- C:\Windows\system32\drivers\ql​40xx.sys (QLogic Corporation)
 DRV - (UlSata) -- C:\Windows\system32\drivers\ul​sata.sys (Promise Technology, Inc.)
 DRV - (nfrd960) -- C:\Windows\system32\drivers\nf​rd960.sys (IBM Corporation)
 DRV - (iirsp) -- C:\Windows\system32\drivers\ii​rsp.sys (Intel Corp./ICP vortex GmbH)
 DRV - (aic78xx) -- C:\Windows\system32\drivers\dj​svs.sys (Adaptec, Inc.)
 DRV - (iteraid) -- C:\Windows\system32\drivers\it​eraid.sys (Integrated Technology Express, Inc.)
 DRV - (iteatapi) -- C:\Windows\system32\drivers\it​eatapi.sys (Integrated Technology Express, Inc.)
 DRV - (Symc8xx) -- C:\Windows\system32\drivers\sy​mc8xx.sys (LSI Logic)
 DRV - (Sym_u3) -- C:\Windows\system32\drivers\sy​m_u3.sys (LSI Logic)
 DRV - (Mraid35x) -- C:\Windows\system32\drivers\mr​aid35x.sys (LSI Logic Corporation)
 DRV - (Sym_hi) -- C:\Windows\system32\drivers\sy​m_hi.sys (LSI Logic)
 DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\br​serid.sys (Brother Industries Ltd.)
 DRV - (BrUsbSer) -- C:\Windows\system32\drivers\br​usbser.sys (Brother Industries Ltd.)
 DRV - (BrFiltUp) -- C:\Windows\system32\drivers\br​filtup.sys (Brother Industries, Ltd.)
 DRV - (BrFiltLo) -- C:\Windows\system32\drivers\br​filtlo.sys (Brother Industries, Ltd.)
 DRV - (BrSerWdm) -- C:\Windows\system32\drivers\br​serwdm.sys (Brother Industries Ltd.)
 DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\br​usbmdm.sys (Brother Industries Ltd.)
 DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AG​RSM.sys (Agere Systems)
 DRV - (ntrigdigi) -- C:\Windows\system32\drivers\nt​rigdigi.sys (N-trig Innovative Technologies)
 DRV - (tdcmdpst) -- C:\Windows\System32\drivers\td​cmdpst.sys (TOSHIBA Corporation.)
 DRV - (DgiVecp) -- C:\Windows\System32\drivers\DG​IVECP.SYS (DeviceGuys, Inc.)
 
 
 ========== Standard Registry (SafeList) ==========
 
 
 ========== Internet Explorer ==========
 
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Start Page = http://www.cooxer.com/
 
 
 IE - HKU\.DEFAULT\Software\Microsof​t\Windows\CurrentVersion\Inter​net Settings: "ProxyEnable" = 0
 
 IE - HKU\S-1-5-18\Software\Microsof​t\Windows\CurrentVersion\Inter​net Settings: "ProxyEnable" = 0
 
 
 
 IE - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\SOFTWARE\​Microsoft\Internet Explorer\Main,Search Page =
 IE - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\SOFTWARE\​Microsoft\Internet Explorer\Main,SearchDefaultBra​nded = 1
 IE - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\SOFTWARE\​Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
 IE - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\SOFTWARE\​Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
 IE - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\SOFTWARE\​Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
 IE - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\SOFTWARE\​Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 E0 A6 0A 66 B5 C9 01  [binary data]
 IE - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\SOFTWARE\​Microsoft\Internet Explorer\Main,StartPageCache = 1
 IE - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\..\URLSea​rchHook: {00000000-6E41-4FD3-8538-502F5​495E5FC} - C:\Program Files\Ask.com\GenericAskToolba​r.dll (Ask.com)
 IE - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\..\URLSea​rchHook: {08C06D61-F1F3-4799-86F8-BE1A8​9362C85} - C:\Program Files\OrangeHSS\SearchURLHook\​SearchPageURL.dll ()
 IE - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\Software\​Microsoft\Windows\CurrentVersi​on\Internet Settings: "ProxyEnable" = 0
 IE - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\Software\​Microsoft\Windows\CurrentVersi​on\Internet Settings: "ProxyOverride" = *.local
 
 ========== FireFox ==========
 
 FF - prefs.js..browser.search.defau​ltengine: "Ask.com"
 FF - prefs.js..browser.search.defau​ltenginename: "Ask.com"
 FF - prefs.js..browser.search.order​.1: "Ask.com"
 FF - prefs.js..browser.search.selec​tedEngine: "Google"
 FF - prefs.js..browser.search.useDB​ForOrder: true
 FF - prefs.js..extensions.enabledIt​ems: illimitux@illimitux.net:4.0
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0020-ABCDE​FFEDCBA}:6.0.20
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0021-ABCDE​FFEDCBA}:6.0.21
 FF - prefs.js..extensions.enabledIt​ems: {ABDE892B-13A8-4d1b-88E6-365A6​E755758}:1.1.3
 FF - prefs.js..extensions.enabledIt​ems: {635abd67-4fe9-1b23-4f01-e679f​a7484c1}:2.1.2.20100119091315
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0022-ABCDE​FFEDCBA}:6.0.22
 FF - prefs.js..keyword.URL: "http://websearch.ask.com/redi​rect?client=ff&src=kw&tb=LMW2&​o=16050&locale=fr_FR&q="
 
 
 FF - HKLM\software\mozilla\Firefox\​Extensions\\{ABDE892B-13A8-4d1​b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer​\BrowserRecordPlugin\Firefox\E​xt [2010/04/10 16:53:43 | 000,000,000 | ---D | M]
 FF - HKLM\software\mozilla\Firefox\​Extensions\\offerboxffx@offerb​ox.com: C:\Program Files\OfferBox\offerboxffx@off​erbox.com [2010/11/21 18:29:24 | 000,000,000 | ---D | M]
 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/21 18:29:23 | 000,000,000 | ---D | M]
 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/21 21:34:13 | 000,000,000 | ---D | M]
 
 [2009/05/01 13:21:47 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\mozilla​\Extensions
 [2009/05/01 13:21:47 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\mozilla​\Extensions\home2@tomtom.com
 [2009/03/31 22:07:23 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\mozilla​\Extensions\mozswing@mozswing.​org
 [2010/11/21 18:29:28 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\mozilla​\Firefox\Profiles\rviwc0qr.def​ault\extensions
 [2010/04/27 14:41:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\mous et salima\AppData\Roaming\mozilla​\Firefox\Profiles\rviwc0qr.def​ault\extensions\{20a82645-c095​-46ed-80e3-08825760534b}
 [2010/02/18 09:03:27 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\mous et salima\AppData\Roaming\mozilla​\Firefox\Profiles\rviwc0qr.def​ault\extensions\{635abd67-4fe9​-1b23-4f01-e679fa7484c1}
 [2010/03/16 12:51:47 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\mozilla​\Firefox\Profiles\rviwc0qr.def​ault\extensions\illimitux@illi​mitux.net
 [2010/11/21 18:29:29 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\mozilla​\Firefox\Profiles\rviwc0qr.def​ault\extensions\toolbar@ask.co​m
 [2010/11/20 19:06:04 | 000,002,650 | ---- | M] () -- C:\Users\mous et salima\AppData\Roaming\Mozilla​\FireFox\Profiles\rviwc0qr.def​ault\searchplugins\bing.xml
 [2010/11/21 11:15:53 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
 [2010/06/14 04:54:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0​016-0000-0020-ABCDEFFEDCBA}
 [2010/09/18 09:17:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0​016-0000-0021-ABCDEFFEDCBA}
 [2010/11/15 17:00:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0​016-0000-0022-ABCDEFFEDCBA}
 [2008/12/17 13:35:45 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\realplayer@​partners.mozilla.com
 [2010/07/17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.​dll
 [2010/10/09 18:28:42 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-f​rance.xml
 [2010/10/09 18:28:42 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tl​fi-fr.xml
 [2010/10/09 18:28:42 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-fra​nce.xml
 [2010/10/09 18:28:42 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedi​a-fr.xml
 [2010/10/09 18:28:42 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-fr​ance.xml
 
 O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | -HS- | M]) - C:\Windows\System32\drivers\et​c\hosts
 O1 - Hosts: 127.0.0.1       localhost
 O1 - Hosts: ::1             localhost
 O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C091​46192CA} - C:\ProgramData\Real\RealPlayer​\BrowserRecordPlugin\IE\rpbrow​serrecordplugin.dll (RealPlayer)
 O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3A​AC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
 O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.5.4723.1820\swg.dll (Google Inc.)
 O2 - BHO: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D​8127440} - C:\Program Files\Ask.com\GenericAskToolba​r.dll (Ask.com)
 O2 - BHO: (OfferBox) - {FC0D62C2-9640-4AEB-A5D5-CF25D​F11FA8C} - C:\Program Files\OfferBox\OfferBoxBHO.dll (Secure Digital Services Limited)
 O3 - HKLM\..\Toolbar: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D​8127440} - C:\Program Files\Ask.com\GenericAskToolba​r.dll (Ask.com)
 O3 - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\..\Toolba​r\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - No CLSID value found.
 O3 - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\..\Toolba​r\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B​4FF55D0} - No CLSID value found.
 O3 - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\..\Toolba​r\WebBrowser: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D​8127440} - C:\Program Files\Ask.com\GenericAskToolba​r.dll (Ask.com)
 O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdM​ain.exe (TOSHIBA Corporation)
 O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
 O4 - HKLM..\Run: [cfFncEnabler.exe]  File not found
 O4 - HKLM..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe ( )
 O4 - HKLM..\Run: [NDSTray.exe]  File not found
 O4 - HKLM..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe (Eset )
 O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager​\SessionManager.exe (France Telecom SA)
 O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
 O4 - HKLM..\Run: [Samsung Common SM] C:\Windows\Samsung\ComSMMgr\ss​mmgr.exe (Samsung Electronics.)
 O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\Smoot​hView.exe (TOSHIBA Corporation)
 O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched​.exe (RealNetworks, Inc.)
 O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
 O4 - HKLM..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\Tos​hibaRegistration.exe (Toshiba)
 O4 - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
 O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE (TOSHIBA Corporation)
 O4 - HKLM..\Run: [UpdateReminder] C:\Program Files\Eset\UpdateReminder.exe (ESET, spol. s r.o.)
 O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
 O4 - HKU\.DEFAULT..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.​EXE File not found
 O4 - HKU\S-1-5-18..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.​EXE File not found
 O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.d​ll (Microsoft Corporation)
 O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.d​ll (Microsoft Corporation)
 O4 - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
 O4 - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSP​D.exe (TOSHIBA)
 O4 - Startup: C:\Users\Default\AppData\Roami​ng\Microsoft\Windows\Start Menu\Programs\Startup\TRDCRemi​nder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRD​CReminder.exe (TOSHIBA Europe)
 O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft​\Windows\Start Menu\Programs\Startup\TRDCRemi​nder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRD​CReminder.exe (TOSHIBA Europe)
 O4 - Startup: C:\Users\mous et salima\AppData\Roaming\Microso​ft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
 O4 - Startup: C:\Users\mous et salima\AppData\Roaming\Microso​ft\Windows\Start Menu\Programs\Startup\OpenOffi​ce.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.sc​r (Google Inc.)
 O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterS​hortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll (Microsoft Corporation)
 O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterS​hortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll (Microsoft Corporation)
 O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~2\Office12\​ONBttnIE.dll (Microsoft Corporation)
 O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~2\Office12\​ONBttnIE.dll (Microsoft Corporation)
 O9 - Extra Button: @C:\Windows\WindowsMobile\INet​Repl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04​FAE2D4F} - C:\Windows\WindowsMobile\INetR​epl.dll (Microsoft Corporation)
 O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INet​Repl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04​FAE2D4F} - C:\Windows\WindowsMobile\INetR​epl.dll (Microsoft Corporation)
 O9 - Extra Button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C​3600AFA} -  File not found
 O9 - Extra Button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C151​9E434CE} -  File not found
 O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\​REFIEBAR.DLL (Microsoft Corporation)
 O10 - NameSpace_Catalog5\Catalog_Ent​ries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
 O13 - gopher Prefix: missing
 O16 - DPF: {17492023-C23A-453E-A040-C7C58​0BBF700} http://download.microsoft.com/ [...] ontrol.cab (Windows Genuine Advantage Validation Tool)
 O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D​5CC64F2} http://kitchenplanner.ikea.com [...] _Win32.cab (20-20 3D Viewer)
 O16 - DPF: {4DD20514-9520-40A7-9CD6-66883​643A20B} http://www.boaki.com/download/uviLaunch.cab (UviLaunch Control)
 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05C​B959537} http://gfx1.hotmail.com/mail/w [...] dfr-fr.cab (MSN Photo Upload Tool)
 O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730​F4EE499} http://download.bitdefender.co [...] oscan8.cab (BDSCANONLINE Control)
 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805​F499D93} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_21)
 O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_06)
 O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_21)
 O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_21)
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
 O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-00500​48385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\​WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
 O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F773​8E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\​WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
 O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7B​E1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
 O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89​B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolH​andler.dll (Microsoft Corporation)
 O18 - Protocol\Filter\application/oc​tet-stream {1E66F26B-79EE-11D2-8710-00C04​F79ED0D} - mscoree.dll (Microsoft Corporation)
 O18 - Protocol\Filter\application/x-​complus {1E66F26B-79EE-11D2-8710-00C04​F79ED0D} - mscoree.dll (Microsoft Corporation)
 O18 - Protocol\Filter\application/x-​msdownload {1E66F26B-79EE-11D2-8710-00C04​F79ED0D} - mscoree.dll (Microsoft Corporation)
 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
 O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - igfxdev.dll (Intel Corporation)
 O24 - Desktop WallPaper: C:\Users\mous et salima\AppData\Roaming\Microso​ft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
 O24 - Desktop BackupWallPaper: C:\Users\mous et salima\AppData\Roaming\Microso​ft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
 O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
 O32 - HKLM CDRom: AutoRun - 1
 O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
 O33 - MountPoints2\{1a810ff0-47fa-11​df-b75a-001e337e3c3e}\Shell\Au​toRun\command - "" = D:\InstallTomTomHOME.exe -- File not found
 O33 - MountPoints2\D\Shell - "" = AutoRun
 O33 - MountPoints2\D\Shell\AutoRun\c​ommand - "" = D:\LaunchU3.exe -- File not found
 O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
 O35 - HKLM\..comfile [open] -- "%1" %*
 O35 - HKLM\..exefile [open] -- "%1" %*
 O37 - HKLM\...com [@ = comfile] -- "%1" %*
 O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
 NetSvcs: FastUserSwitchingCompatibility -  File not found
 NetSvcs: Ias -  File not found
 NetSvcs: Nla -  File not found
 NetSvcs: Ntmssvc -  File not found
 NetSvcs: NWCWorkstation -  File not found
 NetSvcs: Nwsapagent -  File not found
 NetSvcs: SRService -  File not found
 NetSvcs: WmdmPmSp -  File not found
 NetSvcs: LogonHours -  File not found
 NetSvcs: PCAudit -  File not found
 NetSvcs: helpsvc -  File not found
 NetSvcs: uploadmgr -  File not found
 
 ========== Files/Folders - Created Within 30 Days ==========
 
 [2010/11/21 18:37:04 | 000,000,000 | ---D | C] -- C:\Users\mous et salima\AppData\Roaming\OfferBo​x
 [2010/11/20 19:28:27 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
 [2010/11/20 18:25:28 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
 [2010/11/07 12:44:15 | 000,000,000 | ---D | C] -- C:\Users\mous et salima\AppData\Roaming\Windows Live Writer
 [2010/11/07 12:44:15 | 000,000,000 | ---D | C] -- C:\Users\mous et salima\AppData\Local\Windows Live Writer
 [2010/11/05 18:42:51 | 000,000,000 | ---D | C] -- C:\Users\mous et salima\AppData\Local\freecompr​essor Air
 [2010/11/05 18:42:41 | 000,000,000 | ---D | C] -- C:\Users\mous et salima\AppData\Roaming\freeCom​pressor
 [2010/11/05 18:39:02 | 000,000,000 | ---D | C] -- C:\Program Files\OfferBox
 [2010/10/31 09:54:16 | 000,000,000 | ---D | C] -- C:\Program Files\Tomtomax Maxi-Box
 [2010/10/28 02:19:30 | 000,000,000 | -HSD | C] -- C:\found.000
 [2010/10/27 16:02:45 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
 [2010/10/27 16:02:43 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.d​ll
 [2010/10/27 16:02:42 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLega​cyGDFs.dll
 [2010/10/24 18:55:35 | 000,000,000 | ---D | C] -- C:\Windows\fr
 [2010/10/24 18:48:35 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.​dll
 [2010/10/24 18:48:35 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.​dll
 [2010/10/24 18:48:35 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.​dll
 [2010/10/24 18:46:59 | 000,000,000 | ---D | C] -- C:\Users\mous et salima\AppData\Local\Windows Live
 [2010/10/24 18:46:11 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservice​s.dll
 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
 ========== Files - Modified Within 30 Days ==========
 
 [2010/11/22 09:04:00 | 000,000,436 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Syn​chronization-{499926D8-25B1-47​1A-834C-B091103D39ED}.job
 [2010/11/22 08:16:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askMachineUA.job
 [2010/11/22 07:49:16 | 000,679,042 | ---- | M] () -- C:\Windows\System32\perfh00C.d​at
 [2010/11/22 07:49:16 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.d​at
 [2010/11/22 07:49:16 | 000,126,626 | ---- | M] () -- C:\Windows\System32\perfc00C.d​at
 [2010/11/22 07:49:16 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.d​at
 [2010/11/22 07:47:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
 [2010/11/21 22:44:21 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
 [2010/11/21 22:42:13 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askMachineCore.job
 [2010/11/21 22:42:07 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-3​76B-497e-B012-9C450E1B7327-2P-​1.C7483456-A289-439d-8115-6016​32D005A0
 [2010/11/21 22:42:07 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-3​76B-497e-B012-9C450E1B7327-2P-​0.C7483456-A289-439d-8115-6016​32D005A0
 [2010/11/21 21:34:13 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
 [2010/11/06 19:23:31 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
 [2010/11/05 23:17:46 | 000,001,976 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
 [2010/10/27 16:13:06 | 000,424,376 | ---- | M] () -- C:\Windows\System32\FNTCACHE.D​AT
 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
 ========== Files Created - No Company Name ==========
 
 [2010/02/09 16:26:28 | 000,000,000 | ---- | C] () -- C:\Windows\System32\D3DCompile​r_33.dll
 [2009/10/18 18:10:41 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI
 [2009/08/16 14:28:31 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuth​n.dll
 [2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckCo​ntrol.dll
 [2009/04/12 12:10:34 | 000,031,007 | ---- | C] () -- C:\Users\mous et salima\AppData\Roaming\UserTil​e.png
 [2009/04/10 17:27:15 | 000,015,424 | ---- | C] () -- C:\Windows\System32\drivers\no​d32drv.sys
 [2009/03/31 23:03:23 | 000,000,000 | ---- | C] () -- C:\Users\mous et salima\AppData\Roaming\wklnhst​.dat
 [2009/03/02 18:33:49 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
 [2009/01/05 15:44:10 | 000,000,453 | ---- | C] () -- C:\Windows\bdoscandellang.ini
 [2008/12/20 20:20:05 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
 [2008/12/20 20:20:05 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
 [2008/12/20 20:20:02 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.d​ll
 [2008/12/20 20:20:02 | 000,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.d​ll
 [2008/12/20 20:20:02 | 000,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dl​l
 [2008/12/20 20:20:01 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
 [2008/12/15 20:07:56 | 000,000,680 | ---- | C] () -- C:\Users\mous et salima\AppData\Local\d3d9caps.​dat
 [2008/12/15 15:43:36 | 000,183,808 | ---- | C] () -- C:\Users\mous et salima\AppData\Local\DCBC2A71-​70D8-4DAN-EHR8-E0D61DEA3FDF.in​i
 [2008/12/15 12:18:27 | 000,131,072 | ---- | C] () -- C:\Windows\System32\EnumDevLib​.dll
 [2008/12/15 10:58:00 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.i​ni
 [2008/12/15 10:58:00 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.d​ll
 [2008/12/15 10:58:00 | 000,009,496 | ---- | C] () -- C:\Windows\System32\tosmreg.in​i
 [2008/12/15 10:58:00 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.in​i
 [2008/08/07 16:29:43 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW​7.dll
 [2008/08/07 16:29:43 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA​6.dll
 [2008/08/07 16:29:43 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP​6.dll
 [2008/08/07 16:29:43 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM​6.dll
 [2008/08/07 16:29:43 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizeP​X.dll
 [2008/08/07 16:29:43 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.​dll
 [2008/08/07 16:21:03 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
 [2008/08/07 16:06:00 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v​1502.dll
 [2008/08/07 15:19:14 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInsta​ller01000.dll
 [2008/04/24 18:43:50 | 000,057,344 | ---- | C] () -- C:\Windows\System32\SmartFaceV​Capt.dll
 [2008/04/24 18:42:44 | 000,479,232 | ---- | C] () -- C:\Windows\System32\SmartFaceV​CP.dll
 [2008/04/24 18:25:46 | 006,701,056 | ---- | C] () -- C:\Windows\System32\FaceHI.dll
 [2008/04/24 18:25:46 | 000,995,328 | ---- | C] () -- C:\Windows\System32\FaceRec.dl​l
 [2008/04/24 18:25:46 | 000,126,976 | ---- | C] () -- C:\Windows\System32\SmartFaceV​Ctrl.dll
 [2008/04/24 18:23:58 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IppLib.dll
 [2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTr​aditionalChinese.dll
 [2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSw​edish.dll
 [2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSp​anish.dll
 [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSi​mplifiedChinese.dll
 [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPo​rtugese.dll
 [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKo​rean.dll
 [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJa​panese.dll
 [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGe​rman.dll
 [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFr​ench.dll
 [2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE​.dll
 [2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.i​ni
 [2003/04/01 09:58:02 | 000,005,260 | ---- | C] () -- C:\Windows\System32\OUTLPERF.I​NI
 
 ========== LOP Check ==========
 
 [2009/01/11 13:10:04 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\DeepBur​ner
 [2010/11/05 18:42:44 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\freeCom​pressor
 [2010/01/08 14:25:05 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\ImgBurn
 [2010/11/21 22:43:03 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\LimeWir​e
 [2010/04/12 19:49:09 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\myphoto​book
 [2010/11/21 18:37:12 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\OfferBo​x
 [2009/10/06 08:57:15 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\OpenOff​ice.org
 [2009/04/12 12:10:34 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\PeerNet​working
 [2009/10/31 21:36:41 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\Templat​e
 [2009/05/01 13:21:46 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\TomTom
 [2008/12/15 14:07:47 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\Toshiba
 [2009/01/14 22:11:38 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\uTorren​t
 [2010/11/07 12:44:15 | 000,000,000 | ---D | M] -- C:\Users\mous et salima\AppData\Roaming\Windows Live Writer
 [2010/11/06 19:23:31 | 000,032,492 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 [2010/11/22 09:04:00 | 000,000,436 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Syn​chronization-{499926D8-25B1-47​1A-834C-B091103D39ED}.job
 
 ========== Purity Check ==========
 
 
 
 ========== Custom Scans ==========
 
 
 < %SYSTEMDRIVE%\*.*  >
 [2010/11/20 18:36:26 | 000,009,303 | ---- | M] () -- C:\Ad-Report-CLEAN[1].txt
 [2010/11/20 18:55:33 | 000,002,387 | ---- | M] () -- C:\Ad-Report-CLEAN[2].txt
 [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
 [2009/04/11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
 [2006/09/18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
 [2009/04/25 12:51:42 | 000,000,558 | ---- | M] () -- C:\InstallHelper.log
 [2009/03/22 11:44:33 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
 [2009/03/22 11:44:33 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
 [2004/02/29 16:44:34 | 000,052,576 | ---- | M] () -- C:\orange.bmp
 [2010/11/21 22:41:43 | 3396,603,904 | -HS- | M] () -- C:\pagefile.sys
 [2008/08/12 15:54:10 | 000,000,123 | -H-- | M] () -- C:\SWSTAMP.TXT
 
 < %SYSTEMDRIVE%\*.exe  >
 
 < %PROGRAMFILES%\*.*  >
 [2008/01/21 03:43:21 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
 
 < %PROGRAMFILES%\*.  >
 [2008/08/07 16:54:21 | 000,000,000 | ---D | M] -- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
 [2010/11/20 18:25:35 | 000,000,000 | ---D | M] -- C:\Program Files\Ad-Remover
 [2010/10/09 17:58:35 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
 [2010/02/09 16:27:42 | 000,000,000 | ---D | M] -- C:\Program Files\AGEIA Technologies
 [2009/01/21 11:22:01 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
 [2009/04/10 17:48:01 | 000,000,000 | ---D | M] -- C:\Program Files\Anti Trojan Elite
 [2009/05/27 14:18:42 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
 [2010/11/21 18:29:19 | 000,000,000 | ---D | M] -- C:\Program Files\Ask.com
 [2009/01/11 13:04:46 | 000,000,000 | ---D | M] -- C:\Program Files\Astonsoft
 [2009/12/27 14:57:50 | 000,000,000 | ---D | M] -- C:\Program Files\BinarySense
 [2010/08/04 10:01:48 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
 [2008/12/15 12:16:22 | 000,000,000 | ---D | M] -- C:\Program Files\Camera Assistant Software for Toshiba
 [2010/05/09 20:17:09 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
 [2009/10/18 19:36:24 | 000,000,000 | ---D | M] -- C:\Program Files\Cobian Backup 9
 [2010/10/09 17:58:35 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
 [2008/12/15 10:57:26 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
 [2009/04/25 12:51:24 | 000,000,000 | ---D | M] -- C:\Program Files\eBay
 [2009/01/16 19:32:27 | 000,000,000 | ---D | M] -- C:\Program Files\eMule
 [2010/11/03 17:03:30 | 000,000,000 | ---D | M] -- C:\Program Files\ESET
 [2008/12/15 12:09:44 | 000,000,000 | -HSD | M] -- C:\Program Files\Fichiers communs
 [2010/10/02 14:17:06 | 000,000,000 | ---D | M] -- C:\Program Files\Gibcom
 [2010/10/16 19:45:23 | 000,000,000 | ---D | M] -- C:\Program Files\Google
 [2010/02/19 14:36:40 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
 [2008/12/15 10:52:08 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
 [2010/11/21 18:29:10 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
 [2008/08/07 16:29:43 | 000,000,000 | ---D | M] -- C:\Program Files\InterVideo
 [2010/08/04 10:07:47 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
 [2010/08/04 10:08:41 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
 [2010/11/15 16:59:41 | 000,000,000 | ---D | M] -- C:\Program Files\Java
 [2009/10/06 08:54:24 | 000,000,000 | ---D | M] -- C:\Program Files\JRE
 [2008/12/20 20:20:03 | 000,000,000 | ---D | M] -- C:\Program Files\K-Lite Codec Pack
 [2010/09/25 20:57:02 | 000,000,000 | ---D | M] -- C:\Program Files\LimeWire
 [2010/11/20 19:28:33 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
 [2010/05/31 21:46:18 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee Security Scan
 [2010/05/30 09:02:04 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
 [2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
 [2009/10/18 18:07:20 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
 [2010/10/03 03:30:26 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
 [2008/12/15 17:02:51 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
 [2009/10/18 18:06:55 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
 [2010/08/12 02:06:27 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
 [2010/06/26 02:01:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
 [2010/08/12 02:22:26 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
 [2010/11/01 20:41:01 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
 [2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
 [2008/08/07 15:28:18 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
 [2008/08/07 16:47:19 | 000,000,000 | ---D | M] -- C:\Program Files\myphotobook
 [2008/12/15 10:57:58 | 000,000,000 | ---D | M] -- C:\Program Files\NetWaiting
 [2010/11/21 18:29:24 | 000,000,000 | ---D | M] -- C:\Program Files\OfferBox
 [2009/10/06 08:54:23 | 000,000,000 | ---D | M] -- C:\Program Files\OpenOffice.org 3
 [2010/01/13 18:52:58 | 000,000,000 | ---D | M] -- C:\Program Files\OrangeHSS
 [2009/05/27 13:07:16 | 000,000,000 | ---D | M] -- C:\Program Files\QUAD Utilities
 [2010/08/04 10:06:01 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
 [2010/04/10 16:52:43 | 000,000,000 | ---D | M] -- C:\Program Files\Real
 [2008/12/15 12:18:27 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
 [2008/12/15 10:59:04 | 000,000,000 | ---D | M] -- C:\Program Files\REALTEK RTL8187B Wireless LAN Driver
 [2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
 [2009/03/03 11:22:44 | 000,000,000 | ---D | M] -- C:\Program Files\Samsung ML-1610 Series
 [2008/12/25 19:47:49 | 000,000,000 | ---D | M] -- C:\Program Files\Securitoo
 [2008/08/07 16:09:54 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
 [2009/05/01 13:18:01 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom DesktopSuite
 [2009/05/01 13:21:37 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom HOME 2
 [2009/05/01 13:21:43 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom International B.V
 [2010/10/31 09:54:23 | 000,000,000 | ---D | M] -- C:\Program Files\Tomtomax Maxi-Box
 [2008/12/15 12:18:10 | 000,000,000 | ---D | M] -- C:\Program Files\TOSHIBA
 [2009/05/11 22:58:51 | 000,000,000 | ---D | M] -- C:\Program Files\Toshiba TEMPRO
 [2010/11/21 18:29:24 | 000,000,000 | ---D | M] -- C:\Program Files\Trend Micro
 [2010/02/18 15:30:53 | 000,000,000 | ---D | M] -- C:\Program Files\Ubisoft
 [2008/08/07 16:25:53 | 000,000,000 | ---D | M] -- C:\Program Files\Ulead Systems
 [2006/11/02 14:01:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
 [2010/08/10 21:43:24 | 000,000,000 | ---D | M] -- C:\Program Files\Veetle
 [2008/12/19 16:39:43 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
 [2008/12/16 13:14:54 | 000,000,000 | ---D | M] -- C:\Program Files\VirginMega
 [2009/08/19 11:47:30 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
 [2009/08/19 11:47:25 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
 [2009/08/19 11:46:55 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
 [2009/08/19 11:47:24 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
 [2010/10/24 18:53:44 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
 [2009/01/22 16:10:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live Toolbar
 [2010/09/18 09:33:27 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
 [2008/08/07 16:29:14 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Components
 [2010/10/15 02:27:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
 [2009/06/22 14:02:30 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mobile Device Handbook
 [2008/12/15 12:09:44 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
 [2009/08/19 11:47:20 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
 [2009/11/25 03:18:45 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
 [2009/08/19 11:47:26 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
 [2009/04/10 16:59:57 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
 
 
 < MD5 for: AGP440.SYS  >
 [2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37D​B0D360 -- C:\Windows\System32\drivers\AG​P440.sys
 [2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37D​B0D360 -- C:\Windows\System32\DriverStor​e\FileRepository\machine.inf_5​1b95d75\AGP440.sys
 [2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37D​B0D360 -- C:\Windows\System32\DriverStor​e\FileRepository\machine.inf_f​750e484\AGP440.sys
 [2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37D​B0D360 -- C:\Windows\winsxs\x86_machine.​inf_31bf3856ad364e35_6.0.6001.​18000_none_ba12ed3bbeb0d97a\AG​P440.sys
 [2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37D​B0D360 -- C:\Windows\winsxs\x86_machine.​inf_31bf3856ad364e35_6.0.6002.​18005_none_bbfe6647bbd2a4c6\AG​P440.sys
 [2008/03/25 04:22:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=2D77788D0B7FE269044F58C86A​E099CE -- C:\Windows\System32\DriverStor​e\FileRepository\machine.inf_3​e1ecd89\AGP440.sys
 [2008/03/25 04:22:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=2D77788D0B7FE269044F58C86A​E099CE -- C:\Windows\winsxs\x86_machine.​inf_31bf3856ad364e35_6.0.6001.​22142_none_ba734aead7ed1bb6\AG​P440.sys
 [2008/03/26 04:38:23 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=ED91751834103DB2A74470CD76​3A49FE -- C:\Windows\System32\DriverStor​e\FileRepository\machine.inf_e​4087235\AGP440.sys
 [2008/03/26 04:38:23 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=ED91751834103DB2A74470CD76​3A49FE -- C:\Windows\winsxs\x86_machine.​inf_31bf3856ad364e35_6.0.6000.​20800_none_b8b64d46daa7e57a\AG​P440.sys
 [2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825C​EAD7D8 -- C:\Windows\System32\DriverStor​e\FileRepository\machine.inf_9​20a2c1f\AGP440.sys
 
 < MD5 for: ATAPI.SYS  >
 [2008/03/12 07:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893F​E7518C -- C:\Windows\System32\DriverStor​e\FileRepository\mshdc.inf_4c9​c5a00\atapi.sys
 [2008/03/12 07:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893F​E7518C -- C:\Windows\winsxs\x86_mshdc.in​f_31bf3856ad364e35_6.0.6001.18​034_none_dd1bb97e219e87cb\atap​i.sys
 [2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B​880BC4 -- C:\Windows\System32\drivers\at​api.sys
 [2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B​880BC4 -- C:\Windows\System32\DriverStor​e\FileRepository\mshdc.inf_b12​d8e84\atapi.sys
 [2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B​880BC4 -- C:\Windows\winsxs\x86_mshdc.in​f_31bf3856ad364e35_6.0.6002.18​005_none_df23a1261eab99e8\atap​i.sys
 [2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562D​E40ED9 -- C:\Windows\System32\DriverStor​e\FileRepository\mshdc.inf_cc1​8792d\atapi.sys
 [2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562D​E40ED9 -- C:\Windows\winsxs\x86_mshdc.in​f_31bf3856ad364e35_6.0.6001.18​000_none_dd38281a2189ce9c\atap​i.sys
 [2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7E​C7300F -- C:\Windows\System32\DriverStor​e\FileRepository\mshdc.inf_c6c​2e699\atapi.sys
 [2008/03/12 07:24:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935​425C59 -- C:\Windows\winsxs\x86_mshdc.in​f_31bf3856ad364e35_6.0.6001.22​134_none_dda556493abc2795\atap​i.sys
 
 < MD5 for: AUTOCHK.EXE  >
 [2009/04/11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E995​09F5E7 -- C:\Windows\System32\autochk.ex​e
 [2009/04/11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E995​09F5E7 -- C:\Windows\winsxs\x86_microsof​t-windows-autochk_31bf3856ad36​4e35_6.0.6002.18005_none_e3df6​655bee2ee3b\autochk.exe
 [2008/01/21 03:24:45 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4​908FC3 -- C:\Windows\winsxs\x86_microsof​t-windows-autochk_31bf3856ad36​4e35_6.0.6001.18000_none_e1f3e​d49c1c122ef\autochk.exe
 
 < MD5 for: BEEP.SYS  >
 [2008/01/21 03:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD0​14DFB6 -- C:\Windows\System32\drivers\be​ep.sys
 [2008/01/21 03:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD0​14DFB6 -- C:\Windows\winsxs\x86_microsof​t-windows-beepsys_31bf3856ad36​4e35_6.0.6001.18000_none_c420a​153079d485b\beep.sys
 
 < MD5 for: CNGAUDIT.DLL  >
 [2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D​5FED4D -- C:\Windows\System32\cngaudit.d​ll
 [2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D​5FED4D -- C:\Windows\winsxs\x86_microsof​t-windows-cngaudit-dll_31bf385​6ad364e35_6.0.6000.16386_none_​e62d292932a96ce6\cngaudit.dll
 
 < MD5 for: EXPLORER.EXE  >
 [2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7A​BF06BE -- C:\Windows\winsxs\x86_microsof​t-windows-explorer_31bf3856ad3​64e35_6.0.6000.16771_none_4f83​bb287ccdb7e3\explorer.exe
 [2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5B​A1089D -- C:\Windows\winsxs\x86_microsof​t-windows-explorer_31bf3856ad3​64e35_6.0.6001.18164_none_5177​ca9879e978e8\explorer.exe
 [2008/10/30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3​BC606E -- C:\Windows\winsxs\x86_microsof​t-windows-explorer_31bf3856ad3​64e35_6.0.6001.22298_none_51e4​f8c7931bd1e1\explorer.exe
 [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F​2A1253 -- C:\Windows\explorer.exe
 [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F​2A1253 -- C:\Windows\winsxs\x86_microsof​t-windows-explorer_31bf3856ad3​64e35_6.0.6002.18005_none_53a0​201e76de3a0b\explorer.exe
 [2008/10/28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE​06E5FB -- C:\Windows\winsxs\x86_microsof​t-windows-explorer_31bf3856ad3​64e35_6.0.6000.20947_none_5033​cb5995cd990b\explorer.exe
 [2008/01/21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E​174F9F -- C:\Windows\winsxs\x86_microsof​t-windows-explorer_31bf3856ad3​64e35_6.0.6001.18000_none_51b4​a71279bc6ebf\explorer.exe
 
 < MD5 for: IASTOR.SYS  >
 [2008/04/15 17:54:16 | 000,388,120 | ---- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC9​1CBD97 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
 [2008/04/15 17:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9C​D9CB87 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
 [2008/04/15 17:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9C​D9CB87 -- C:\Windows\System32\drivers\ia​Stor.sys
 [2008/04/15 17:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9C​D9CB87 -- C:\Windows\System32\DriverStor​e\FileRepository\iaahci.inf_77​c04a30\iaStor.sys
 
 < MD5 for: IASTORV.SYS  >
 [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3​AC3A14 -- C:\Windows\System32\drivers\ia​StorV.sys
 [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3​AC3A14 -- C:\Windows\System32\DriverStor​e\FileRepository\iastorv.inf_c​9df7691\iaStorV.sys
 [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3​AC3A14 -- C:\Windows\winsxs\x86_iastorv.​inf_31bf3856ad364e35_6.0.6001.​18000_none_af11527887c7fa8f\ia​StorV.sys
 [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101​E6C906 -- C:\Windows\System32\DriverStor​e\FileRepository\iastorv.inf_3​7cdafa4\iaStorV.sys
 
 < MD5 for: IMM32.DLL  >
 [2008/01/21 03:24:24 | 000,114,688 | ---- | M] (Microsoft Corporation) MD5=EC17194A193CD8E90D27CFB93D​FA9A2E -- C:\Windows\winsxs\x86_microsof​t-windows-imm32_31bf3856ad364e​35_6.0.6001.18000_none_5c561e1​67a6afd02\imm32.dll
 [2009/04/11 07:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\imm32.dll
 [2009/04/11 07:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsof​t-windows-imm32_31bf3856ad364e​35_6.0.6002.18005_none_5e41972​2778cc84e\imm32.dll
 
 < MD5 for: KERNEL32.DLL  >
 [2009/02/13 09:21:09 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=1987D817D08F5EAF0B7F334026​FDDB79 -- C:\Windows\winsxs\x86_microsof​t-windows-kernel32_31bf3856ad3​64e35_6.0.6001.22376_none_9401​d8206f9c7e67\kernel32.dll
 [2009/02/13 08:26:37 | 000,875,520 | ---- | M] (Microsoft Corporation) MD5=B82C7AC1D559F0FD088792171D​64C7F3 -- C:\Windows\winsxs\x86_microsof​t-windows-kernel32_31bf3856ad3​64e35_6.0.6000.16820_none_91c2​0a8f593529ed\kernel32.dll
 [2009/02/13 08:13:01 | 000,875,520 | ---- | M] (Microsoft Corporation) MD5=BB792054BD990EC05D9E260D50​FEAD39 -- C:\Windows\winsxs\x86_microsof​t-windows-kernel32_31bf3856ad3​64e35_6.0.6000.21010_none_9256​4f68724ae108\kernel32.dll
 [2009/02/13 09:49:05 | 000,888,832 | ---- | M] (Microsoft Corporation) MD5=DB6E3731E6F5C8AE2843F80B57​87F7C6 -- C:\Windows\winsxs\x86_microsof​t-windows-kernel32_31bf3856ad3​64e35_6.0.6001.18215_none_93b8​1a93564f1da0\kernel32.dll
 [2008/01/21 03:24:13 | 000,888,320 | ---- | M] (Microsoft Corporation) MD5=DC2338093F91BA4E0512208E60​206DDD -- C:\Windows\winsxs\x86_microsof​t-windows-kernel32_31bf3856ad3​64e35_6.0.6001.18000_none_93bd​e541564b88ae\kernel32.dll
 [2009/04/11 07:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\kernel32.d​ll
 [2009/04/11 07:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsof​t-windows-kernel32_31bf3856ad3​64e35_6.0.6002.18005_none_95a9​5e4d536d53fa\kernel32.dll
 
 < MD5 for: MSWSOCK.DLL  >
 [2009/04/11 07:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092​751BCB -- C:\Windows\System32\mswsock.dl​l
 [2009/04/11 07:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092​751BCB -- C:\Windows\winsxs\x86_microsof​t-windows-w..-infrastructure-b​sp_31bf3856ad364e35_6.0.6002.1​8005_none_ba3ed0122a6d89da\msw​sock.dll
 [2008/01/21 03:24:02 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=89FD0595EEA4E505CABEFCF700​8F2612 -- C:\Windows\winsxs\x86_microsof​t-windows-w..-infrastructure-b​sp_31bf3856ad364e35_6.0.6001.1​8000_none_b85357062d4bbe8e\msw​sock.dll
 
 < MD5 for: NDIS.SYS  >
 [2009/04/11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D​7BBB42 -- C:\Windows\System32\drivers\nd​is.sys
 [2009/04/11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D​7BBB42 -- C:\Windows\winsxs\x86_microsof​t-windows-ndis_31bf3856ad364e3​5_6.0.6002.18005_none_a9b2a4d3​1930d864\ndis.sys
 [2008/01/21 03:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B​1BD0B1 -- C:\Windows\winsxs\x86_microsof​t-windows-ndis_31bf3856ad364e3​5_6.0.6001.18000_none_a7c72bc7​1c0f0d18\ndis.sys
 
 < MD5 for: NETLOGON.DLL  >
 [2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54​E37DDE -- C:\Windows\System32\netlogon.d​ll
 [2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54​E37DDE -- C:\Windows\winsxs\x86_microsof​t-windows-security-netlogon_31​bf3856ad364e35_6.0.6002.18005_​none_ffa3304f351bb3a3\netlogon​.dll
 [2008/01/21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025​D4E37F -- C:\Windows\winsxs\x86_microsof​t-windows-security-netlogon_31​bf3856ad364e35_6.0.6001.18000_​none_fdb7b74337f9e857\netlogon​.dll
 
 < MD5 for: NTFS.SYS  >
 [2009/04/11 07:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA​4BAA47 -- C:\Windows\System32\drivers\nt​fs.sys
 [2009/04/11 07:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA​4BAA47 -- C:\Windows\winsxs\x86_microsof​t-windows-ntfs_31bf3856ad364e3​5_6.0.6002.18005_none_a85ca2c9​1a0d64df\ntfs.sys
 [2008/01/21 03:23:51 | 001,081,912 | ---- | M] (Microsoft Corporation) MD5=B4EFFE29EB4F15538FD8A96811​08492D -- C:\Windows\winsxs\x86_microsof​t-windows-ntfs_31bf3856ad364e3​5_6.0.6001.18000_none_a67129bd​1ceb9993\ntfs.sys
 
 < MD5 for: NTMSSVC.DLL  >
 [2008/01/21 03:25:28 | 000,460,288 | ---- | M] (Microsoft Corporation) MD5=A7DFF9642D510BE1EEC6664CD0​369953 -- C:\Windows\winsxs\x86_microsof​t-windows-r..emanagement-servi​ce_31bf3856ad364e35_6.0.6001.1​8000_none_0e3e31f00e12b007\ntm​ssvc.dll
 
 < MD5 for: NVSTOR.SYS  >
 [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB​76DFFC -- C:\Windows\System32\DriverStor​e\FileRepository\nvraid.inf_73​3654ff\nvstor.sys
 [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2​688177 -- C:\Windows\System32\drivers\nv​stor.sys
 [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2​688177 -- C:\Windows\System32\DriverStor​e\FileRepository\nvraid.inf_31​c3d71d\nvstor.sys
 [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2​688177 -- C:\Windows\winsxs\x86_nvraid.i​nf_31bf3856ad364e35_6.0.6001.1​8000_none_39dac327befea467\nvs​tor.sys
 
 < MD5 for: PROQUOTA.EXE  >
 [2006/11/02 10:45:33 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=C31AE90F24870B9A51655C36A9​EB4BF3 -- C:\Windows\System32\proquota.e​xe
 [2006/11/02 10:45:33 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=C31AE90F24870B9A51655C36A9​EB4BF3 -- C:\Windows\winsxs\x86_microsof​t-windows-proquota_31bf3856ad3​64e35_6.0.6000.16386_none_2590​35db957a1715\proquota.exe
 
 < MD5 for: QMGR.DLL  >
 [2008/01/21 03:25:00 | 000,758,272 | ---- | M] (Microsoft Corporation) MD5=02ED7B4DBC2A3232A389106DA7​515C3D -- C:\Windows\winsxs\x86_microsof​t-windows-bits-client_31bf3856​ad364e35_6.0.6001.18000_none_2​390c4ecf9720b8c\qmgr.dll
 [2009/04/11 07:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) MD5=93952506C6D67330367F7E7934​B6A02F -- C:\Windows\System32\qmgr.dll
 [2009/04/11 07:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) MD5=93952506C6D67330367F7E7934​B6A02F -- C:\Windows\winsxs\x86_microsof​t-windows-bits-client_31bf3856​ad364e35_6.0.6002.18005_none_2​57c3df8f693d6d8\qmgr.dll
 
 < MD5 for: SCECLI.DLL  >
 [2008/01/21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D5​91E0B9 -- C:\Windows\winsxs\x86_microsof​t-windows-s..urationengineclie​nt_31bf3856ad364e35_6.0.6001.1​8000_none_380de25bd91b6f12\sce​cli.dll
 [2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044​105EE1 -- C:\Windows\System32\scecli.dll
 [2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044​105EE1 -- C:\Windows\winsxs\x86_microsof​t-windows-s..urationengineclie​nt_31bf3856ad364e35_6.0.6002.1​8005_none_39f95b67d63d3a5e\sce​cli.dll
 
 < MD5 for: SPOOLSV.EXE  >
 [2010/08/17 14:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65​A09B19 -- C:\Windows\winsxs\x86_microsof​t-windows-printing-spooler-cor​e_31bf3856ad364e35_6.0.6001.18​511_none_d641dcfdc18fec21\spoo​lsv.exe
 [2009/04/11 07:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) MD5=524BFBEA40E6E404737CCBC754​647A2E -- C:\Windows\winsxs\x86_microsof​t-windows-printing-spooler-cor​e_31bf3856ad364e35_6.0.6002.18​005_none_d8371c2dbeaa9062\spoo​lsv.exe
 [2008/01/21 03:24:45 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=846CDF9A3CF4DA9B306ADFB7D5​5EE4C2 -- C:\Windows\winsxs\x86_microsof​t-windows-printing-spooler-cor​e_31bf3856ad364e35_6.0.6001

loulalie
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 23/11/2010 à 10:07:21  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
< MD5 for: SPOOLSV.EXE  >
 [2010/08/17 14:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65​A09B19 -- C:\Windows\winsxs\x86_microsof​t-windows-printing-spooler-cor​e_31bf3856ad364e35_6.0.6001.18​511_none_d641dcfdc18fec21\spoo​lsv.exe
 [2009/04/11 07:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) MD5=524BFBEA40E6E404737CCBC754​647A2E -- C:\Windows\winsxs\x86_microsof​t-windows-printing-spooler-cor​e_31bf3856ad364e35_6.0.6002.18​005_none_d8371c2dbeaa9062\spoo​lsv.exe
 [2008/01/21 03:24:45 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=846CDF9A3CF4DA9B306ADFB7D5​5EE4C2 -- C:\Windows\winsxs\x86_microsof​t-windows-printing-spooler-cor​e_31bf3856ad364e35_6.0.6001.18​000_none_d64ba321c188c516\spoo​lsv.exe
 [2010/08/17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A​1B35F4 -- C:\Windows\System32\spoolsv.ex​e
 [2010/08/17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A​1B35F4 -- C:\Windows\winsxs\x86_microsof​t-windows-printing-spooler-cor​e_31bf3856ad364e35_6.0.6002.18​294_none_d7d4d063bef46cd2\spoo​lsv.exe
 [2010/08/17 15:20:09 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=AAE98B295E88D439A6E0F6E892​9424FB -- C:\Windows\winsxs\x86_microsof​t-windows-printing-spooler-cor​e_31bf3856ad364e35_6.0.6002.22​468_none_d882e000d7f61b4c\spoo​lsv.exe
 [2010/08/17 14:27:48 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=E807FC542C295BA256CE356782​9E02A6 -- C:\Windows\winsxs\x86_microsof​t-windows-printing-spooler-cor​e_31bf3856ad364e35_6.0.6001.22​743_none_d6ad0c7edac40f93\spoo​lsv.exe
 
 < MD5 for: SVCHOST.EXE  >
 [2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EE​F025AF -- C:\Windows\System32\svchost.ex​e
 [2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EE​F025AF -- C:\Windows\winsxs\x86_microsof​t-windows-services-svchost_31b​f3856ad364e35_6.0.6001.18000_n​one_b5bb59a1054dbde5\svchost.e​xe
 
 < MD5 for: TERMSRV.DLL  >
 [2009/04/11 07:28:24 | 000,449,024 | ---- | M] (Microsoft Corporation) MD5=BB95DA09BEF6E7A131BFF3BA50​32090D -- C:\Windows\System32\termsrv.dl​l
 [2009/04/11 07:28:24 | 000,449,024 | ---- | M] (Microsoft Corporation) MD5=BB95DA09BEF6E7A131BFF3BA50​32090D -- C:\Windows\winsxs\x86_microsof​t-windows-t..teconnectionmanag​er_31bf3856ad364e35_6.0.6002.1​8005_none_908abad45165e2ae\ter​msrv.dll
 [2008/01/21 03:24:12 | 000,448,512 | ---- | M] (Microsoft Corporation) MD5=D605031E225AACCBCEB5B76A4F​1603A6 -- C:\Windows\winsxs\x86_microsof​t-windows-t..teconnectionmanag​er_31bf3856ad364e35_6.0.6001.1​8000_none_8e9f41c854441762\ter​msrv.dll
 
 < MD5 for: USERINIT.EXE  >
 [2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6​FBCBF9 -- C:\Windows\System32\userinit.e​xe
 [2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6​FBCBF9 -- C:\Windows\winsxs\x86_microsof​t-windows-userinit_31bf3856ad3​64e35_6.0.6001.18000_none_dc28​ba15d1aff80b\userinit.exe
 
 < MD5 for: WININIT.EXE  >
 [2008/01/21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C​06B5ED -- C:\Users\mous et salima\Documents\Upload_Me\win​init.exe
 [2008/01/21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C​06B5ED -- C:\Windows\System32\wininit.ex​e
 [2008/01/21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C​06B5ED -- C:\Windows\winsxs\x86_microsof​t-windows-wininit_31bf3856ad36​4e35_6.0.6001.18000_none_30f2b​8cf0450a6a2\wininit.exe
 
 < MD5 for: WINLOGON.EXE  >
 [2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264​D55452 -- C:\Windows\System32\winlogon.e​xe
 [2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264​D55452 -- C:\Windows\System32\winlogon.e​xe
 [2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264​D55452 -- C:\Windows\winsxs\x86_microsof​t-windows-winlogon_31bf3856ad3​64e35_6.0.6002.18005_none_71ae​7a22d2134741\winlogon.exe
 [2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264​D55452 -- C:\Windows\winsxs\x86_microsof​t-windows-winlogon_31bf3856ad3​64e35_6.0.6002.18005_none_71ae​7a22d2134741\winlogon.exe
 [2008/01/21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B9​65CB24 -- C:\Users\mous et salima\Documents\Upload_Me\win​logon.exe
 [2008/01/21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B9​65CB24 -- C:\Users\mous et salima\Documents\Upload_Me\win​logon.exe
 [2008/01/21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B9​65CB24 -- C:\Windows\winsxs\x86_microsof​t-windows-winlogon_31bf3856ad3​64e35_6.0.6001.18000_none_6fc3​0116d4f17bf5\winlogon.exe
 [2008/01/21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B9​65CB24 -- C:\Windows\winsxs\x86_microsof​t-windows-winlogon_31bf3856ad3​64e35_6.0.6001.18000_none_6fc3​0116d4f17bf5\winlogon.exe
 
 < MD5 for: WS2_32.DLL  >
 [2008/01/21 03:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
 [2008/01/21 03:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsof​t-windows-w..nfrastructure-ws2​32_31bf3856ad364e35_6.0.6001.1​8000_none_f2b7b0c2ce5605c4\ws2​_32.dll
 
 < %systemroot%\*. /mp /s  >
 
 < %systemroot%\system32\*.dll /lockedfiles  >
 [2009/04/11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
 [2009/04/11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
 
 < %systemroot%\Tasks\*.job /lockedfiles  >
 
 < %systemroot%\system32\drivers\​*.sys /lockedfiles  >
 
 < %systemroot%\System32\config\*​.sav  >
 [2008/01/21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COM​PONENTS.SAV
 [2008/01/21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEF​AULT.SAV
 [2008/01/21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SEC​URITY.SAV
 [2006/11/02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOF​TWARE.SAV
 [2006/11/02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYS​TEM.SAV
 
 < c:\$recycle.bin\*.* /s >
 [2010/09/25 20:59:25 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-39147​74487-1322234642-4104364421-10​00\$I18H3TB.exe
 [2010/11/22 09:02:36 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-39147​74487-1322234642-4104364421-10​00\$I2OASY8.Txt
 [2010/11/22 09:02:30 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-39147​74487-1322234642-4104364421-10​00\$IER7ZG2.lnk
 [2010/09/25 21:02:24 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-39147​74487-1322234642-4104364421-10​00\$IFD7NVP.exe
 [2010/09/25 21:00:00 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-39147​74487-1322234642-4104364421-10​00\$IFLDTNY.exe
 [2010/09/25 21:00:14 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-39147​74487-1322234642-4104364421-10​00\$IG436HM.exe
 [2010/09/19 17:20:25 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-39147​74487-1322234642-4104364421-10​00\$INOR1PE.avi
 [2010/11/22 09:02:42 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-39147​74487-1322234642-4104364421-10​00\$IR4NVUX.Txt
 [2010/09/25 20:59:38 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-39147​74487-1322234642-4104364421-10​00\$IV7M20A.exe
 [2010/09/08 17:26:37 | 030,049,944 | ---- | M] (Lime Wire LLC) -- c:\$recycle.bin\S-1-5-21-39147​74487-1322234642-4104364421-10​00\$R18H3TB.exe
 [2010/11/21 18:10:47 | 000,077,026 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-39147​74487-1322234642-4104364421-10​00\$R2OASY8.Txt
 [2010/11/22 08:54:48 | 000,002,416 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-39147​74487-1322234642-4104364421-10​00\$RER7ZG2.lnk
 [2009/02/07 23:06:28 | 004,156,336 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-39147​74487-1322234642-4104364421-10​00\$RFD7NVP.exe
 [2009/09/13 01:19:36 | 018,863,384 | ---- | M] (Lime Wire LLC) -- c:\$recycle.bin\S-1-5-21-39147​74487-1322234642-4104364421-10​00\$RFLDTNY.exe
 [2009/03/31 22:02:37 | 016,509,288 | ---- | M] (Lime Wire LLC) -- c:\$recycle.bin\S-1-5-21-39147​74487-1322234642-4104364421-10​00\$RG436HM.exe
 [2010/08/30 10:21:56 | 967,355,392 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-39147​74487-1322234642-4104364421-10​00\$RNOR1PE.avi
 [2010/11/21 18:10:54 | 000,154,188 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-39147​74487-1322234642-4104364421-10​00\$RR4NVUX.Txt
 [2010/04/10 16:36:39 | 024,184,872 | ---- | M] (Lime Wire LLC) -- c:\$recycle.bin\S-1-5-21-39147​74487-1322234642-4104364421-10​00\$RV7M20A.exe
 [2008/12/15 12:19:00 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-39147​74487-1322234642-4104364421-10​00\desktop.ini
 [2009/05/19 21:31:54 | 000,000,385 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-39147​74487-1322234642-4104364421-10​00\$RICH2KM\desktop.ini
 
 ========== Alternate Data Streams ==========
 
 @Alternate Data Stream - 64 bytes -> c:\$recycle.bin\S-1-5-21-39147​74487-1322234642-4104364421-10​00\$RNOR1PE.avi:TOC.WMV

 < End of report >

loulalie
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 23/11/2010 à 10:17:14  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
http://www.virustotal.com/file [...] 1290503501


 c le lien du second scan desolé, je suis brouillon, j'espere que tu t'y retrouve

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 24/11/2010 à 04:56:48  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut LOULALIE


 Double clic sur OTL.exe pour le lancer.
 (Vista/Seven --> Faire un clique droit sur OTL.exe pour lancer le programme et choisi "Exécuter en tant qu'administrateur".

 * Copie la liste qui se trouve en citation ci-dessous, et colle-la dans la zone sous " Personnalisation "

 



:OTL
 SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe File not found    
 DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nw​lnkfwd.sys File not found    
 DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nw​lnkflt.sys File not found    
 DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ip​inip.sys File not found    
 DRV - (catchme) -- C:\Users\MOUSET~1\AppData\Loca​l\Temp\catchme.sys File not found
 IE - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\..\URLSea​rchHook: {00000000-6E41-4FD3-8538-502F5​495E5FC} - C:\Program Files\Ask.com\GenericAskToolba​r.dll (Ask.com)    
 FF - prefs.js..browser.search.defau​ltengine: "Ask.com"
 FF - prefs.js..browser.search.defau​ltenginename: "Ask.com"
 FF - prefs.js..browser.search.order​.1: "Ask.com"
 FF - HKLM\software\mozilla\Firefox\​Extensions\\offerboxffx@offerb​ox.com: C:\Program Files\OfferBox\offerboxffx@off​erbox.com [2010/11/21 18:29:24 | 000,000,000 | ---D | M]    
 O2 - BHO: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D​8127440} - C:\Program Files\Ask.com\GenericAskToolba​r.dll (Ask.com)    
 O2 - BHO: (OfferBox) - {FC0D62C2-9640-4AEB-A5D5-CF25D​F11FA8C} - C:\Program Files\OfferBox\OfferBoxBHO.dll (Secure Digital Services Limited)    
 O3 - HKLM\..\Toolbar: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D​8127440} - C:\Program Files\Ask.com\GenericAskToolba​r.dll (Ask.com)    
 O3 - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\..\Toolba​r\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - No CLSID value found.    
 O3 - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\..\Toolba​r\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B​4FF55D0} - No CLSID value found.    
 O3 - HKU\S-1-5-21-3914774487-132223​4642-4104364421-1000\..\Toolba​r\WebBrowser: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D​8127440} - C:\Program Files\Ask.com\GenericAskToolba​r.dll (Ask.com)    
 O4 - HKLM..\Run: [cfFncEnabler.exe] File not found
 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 @Alternate Data Stream - 64 bytes -> c:\$recycle.bin\S-1-5-21-39147​74487-1322234642-4104364421-10​00\$RNOR1PE.avi:TOC.WMV

 :Files
 C:\Users\mous et salima\AppData\Roaming\mozilla​\Firefox\Profiles\rviwc0qr.def​ault\extensions\toolbar@ask.co​m
 C:\Program Files\OfferBox
 C:\Users\mous et salima\AppData\Roaming\OfferBo​x
 C:\found.000
 C:\Program Files\Ask.com

 :Commands
 [Emptytemp]





 * Clique sur " Correction " pour lancer la suppression.

 * Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur Oui.

 * Au redémarrage , autorise OTL a s'exécuter.

 * Poste le rapport généré par OTL.


 @++   :)

loulalie
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 25/11/2010 à 00:02:20  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 

 Bonsoir dédétraqué voici ce que j'ai eu apres redemarrage du systeme




 All processes killed
 ========== OTL ==========
 Service McComponentHostService stopped successfully!
 Service McComponentHostService deleted successfully!
 File  C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe File not found not found.
 Service NwlnkFwd stopped successfully!
 Service NwlnkFwd deleted successfully!
 File  C:\Windows\System32\DRIVERS\nw​lnkfwd.sys File not found not found.
 Service NwlnkFlt stopped successfully!
 Service NwlnkFlt deleted successfully!
 File  C:\Windows\System32\DRIVERS\nw​lnkflt.sys File not found not found.
 Service IpInIp stopped successfully!
 Service IpInIp deleted successfully!
 File  C:\Windows\System32\DRIVERS\ip​inip.sys File not found not found.
 Service catchme stopped successfully!
 Service catchme deleted successfully!
 File  C:\Users\MOUSET~1\AppData\Loca​l\Temp\catchme.sys File not found not found.
 Registry value HKEY_USERS\S-1-5-21-3914774487​-1322234642-4104364421-1000\So​ftware\Microsoft\Internet Explorer\URLSearchHooks\\{0000​0000-6E41-4FD3-8538-502F5495E5​FC} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{00000000-6E41-4FD​3-8538-502F5495E5FC}\ deleted successfully.
 C:\Program Files\Ask.com\GenericAskToolba​r.dll moved successfully.
 Prefs.js: "Ask.com" removed from browser.search.defaultengine
 Prefs.js: "Ask.com" removed from browser.search.defaultenginena​me
 Prefs.js: "Ask.com" removed from browser.search.order.1
 Registry value HKEY_LOCAL_MACHINE\software\mo​zilla\Firefox\Extensions\\offe​rboxffx@offerbox.com deleted successfully.
 C:\Program Files\OfferBox\offerboxffx@off​erbox.com\components folder moved successfully.
 C:\Program Files\OfferBox\offerboxffx@off​erbox.com\chrome\content folder moved successfully.
 C:\Program Files\OfferBox\offerboxffx@off​erbox.com\chrome folder moved successfully.
 C:\Program Files\OfferBox\offerboxffx@off​erbox.com folder moved successfully.
 Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1​AD-4243D8127440}\ deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{D4027C7F-154A-406​6-A1AD-4243D8127440}\ deleted successfully.
 File C:\Program Files\Ask.com\GenericAskToolba​r.dll not found.
 Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5​D5-CF25DF11FA8C}\ deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{FC0D62C2-9640-4AE​B-A5D5-CF25DF11FA8C}\ deleted successfully.
 C:\Program Files\OfferBox\OfferBoxBHO.dll moved successfully.
 Registry value HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Internet Explorer\Toolbar\\{D4027C7F-15​4A-4066-A1AD-4243D8127440} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{D4027C7F-154A-406​6-A1AD-4243D8127440}\ not found.
 File C:\Program Files\Ask.com\GenericAskToolba​r.dll not found.
 Registry value HKEY_USERS\S-1-5-21-3914774487​-1322234642-4104364421-1000\So​ftware\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{​21FA44EF-376D-4D53-9B0F-8A89D3​229068} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{21FA44EF-376D-4D5​3-9B0F-8A89D3229068}\ not found.
 Registry value HKEY_USERS\S-1-5-21-3914774487​-1322234642-4104364421-1000\So​ftware\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{​BDAD1DAD-C946-4A17-ADC1-64B5B4​FF55D0} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{BDAD1DAD-C946-4A1​7-ADC1-64B5B4FF55D0}\ not found.
 Registry value HKEY_USERS\S-1-5-21-3914774487​-1322234642-4104364421-1000\So​ftware\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{​D4027C7F-154A-4066-A1AD-4243D8​127440} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{D4027C7F-154A-406​6-A1AD-4243D8127440}\ not found.
 File C:\Program Files\Ask.com\GenericAskToolba​r.dll not found.
 Registry value HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Run\\cfFncEnabler.exe deleted successfully.
 C:\Windows\msdownld.tmp folder deleted successfully.
 ADS c:\$recycle.bin\S-1-5-21-39147​74487-1322234642-4104364421-10​00\$RNOR1PE.avi:TOC.WMV deleted successfully.
 ========== FILES ==========
 C:\Users\mous et salima\AppData\Roaming\mozilla​\Firefox\Profiles\rviwc0qr.def​ault\extensions\toolbar@ask.co​m\defaults\preferences folder moved successfully.
 C:\Users\mous et salima\AppData\Roaming\mozilla​\Firefox\Profiles\rviwc0qr.def​ault\extensions\toolbar@ask.co​m\defaults folder moved successfully.
 C:\Users\mous et salima\AppData\Roaming\mozilla​\Firefox\Profiles\rviwc0qr.def​ault\extensions\toolbar@ask.co​m\chrome\temp folder moved successfully.
 C:\Users\mous et salima\AppData\Roaming\mozilla​\Firefox\Profiles\rviwc0qr.def​ault\extensions\toolbar@ask.co​m\chrome\skin folder moved successfully.
 C:\Users\mous et salima\AppData\Roaming\mozilla​\Firefox\Profiles\rviwc0qr.def​ault\extensions\toolbar@ask.co​m\chrome\content folder moved successfully.
 C:\Users\mous et salima\AppData\Roaming\mozilla​\Firefox\Profiles\rviwc0qr.def​ault\extensions\toolbar@ask.co​m\chrome folder moved successfully.
 C:\Users\mous et salima\AppData\Roaming\mozilla​\Firefox\Profiles\rviwc0qr.def​ault\extensions\toolbar@ask.co​m folder moved successfully.
 C:\Program Files\OfferBox folder moved successfully.
 C:\Users\mous et salima\AppData\Roaming\OfferBo​x folder moved successfully.
 C:\found.000\dir0000.chk folder moved successfully.
 C:\found.000 folder moved successfully.
 C:\Program Files\Ask.com folder moved successfully.
 ========== COMMANDS ==========
 
 [EMPTYTEMP]
 
 User: All Users
 
 User: Default
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 33170 bytes
 
 User: Default User
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 
 User: mous et salima
 ->Temp folder emptied: 91472641 bytes
 ->Temporary Internet Files folder emptied: 27744410 bytes
 ->Java cache emptied: 72465810 bytes
 ->FireFox cache emptied: 83872785 bytes
 ->Google Chrome cache emptied: 0 bytes
 ->Flash cache emptied: 103141 bytes
 
 User: Public
 
 %systemdrive% .tmp files removed: 0 bytes
 %systemroot% .tmp files removed: 0 bytes
 %systemroot%\System32 .tmp files removed: 0 bytes
 %systemroot%\System32\drivers .tmp files removed: 0 bytes
 Windows Temp folder emptied: 74642 bytes
 %systemroot%\system32\config\s​ystemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
 RecycleBin emptied: 93998275 bytes
 
 Total Files Cleaned = 353,00 mb
 
 
 OTL by OldTimer - Version 3.2.17.3 log created on 11242010_235324

 Files\Folders moved on Reboot...
 C:\Users\mous et salima\AppData\Local\Microsoft​\Windows\Temporary Internet Files\Low\Content.IE5\JMUL1NJL​\messages-1[1].htm moved successfully.
 C:\Users\mous et salima\AppData\Local\Microsoft​\Windows\Temporary Internet Files\Low\Content.IE5\0VZ1518G​\likebox[1].htm moved successfully.
 C:\Users\mous et salima\AppData\Local\Microsoft​\Windows\Temporary Internet Files\Low\AntiPhishing\2CEDBFB​C-DBA8-43AA-B1FD-CC8E6316E3E2.​dat moved successfully.
 C:\Users\mous et salima\AppData\Local\Microsoft​\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

 Registry entries deleted on Reboot...

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 25/11/2010 à 04:52:26  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut LOULALIE


 As-tu encore ton souci de clavier?

 On va vérifier si rien de caché :
 Faire un scan avec Nod32 en ligne (il faut utiliser Internet Explorer) ici :
 http://www.eset.com/onlinescan/

 A la fin, colle le rapport : C:\Program Files\EsetOnlineScanner\log.txt


 @++   :)

loulalie
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 25/11/2010 à 12:02:38  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour dédétraqué,

 je n'arrive pas à faire le scan en ligne, est ce que je peux faire un scan avec le  nod 32 que j'ai ds mon ordi?

 sinon, mon clavier fait encore des siennes mais j'ai l'impression que c'est pire des que je vais sur mon compte facebook, est ce qu'il se pourrait que j'ai un virus sur facebook, comme sur msn?

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 25/11/2010 à 13:15:24  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut LOULALIE


 OK pas de souci, faire le scan avec ton Antivirus...


 @++    :)

loulalie
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 25/11/2010 à 16:26:31  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
je suis en train e faire une analyse approfondie avec nod 32 et il a trouvé cela


 Le fichier C:\Users\mous et salima\Downloads\VLCSetup.exe est infecté par une variante de Win32/Adware.HotBar.G application. Ce fichier peut être supprimé. Assurez-vous d'avoir sauvegardé vos données avant le nettoyage.

 j'ai fais supprimer l'analyse n'est pas terminée, je te poste le rapport plus tard

 :hello:

loulalie
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 25/11/2010 à 19:18:59  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
apres analyse et suppression du virus, mon clavier fonctionne à nouveau, si il est supprimé, cela signifie qu'il est dans ma corbeille? je voudrais la vider mais je ne sais pas comment faire.

 je ne suis pas arrivée à copier coller le rapport de nod 32? est ce que tu sais comment faire.

 en tout cas je suis rassurée de voir que c'est réparable mon portable est recent

 merci encore pour m'avoir aidé

loulalie
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 25/11/2010 à 21:46:32  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
ça marche tjrs :youpi:  je suis trop contente!

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 26/11/2010 à 03:16:15  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut LOULALIE


 



si il est supprimé, cela signifie qu'il est dans ma corbeille?



 Non, il est dans la quarantaine de Nod32 :
 ouvre nod32 -> passe en affichage avancée, puis outils -> quarantaine

 Pour des raisons de sécurité et surtout pour garder ton PC propre, on va désactiver la restauration système sur tous les lecteurs :

 - Clique droit sur le Poste de travail sur le bureau, dans propriété tu cliques sur l'onglet Restauration système

 - Coche la case désactiver la restauration et applique

 Redémarre l’ordinateur et réactive la restauration système.

 Tutoriel XP :  http://www.libellules.ch/desac [...] ration.php

 Tutoriel Vista : http://www.commentcamarche.net [...] e-de-vista

 Tutoriel Seven :
 http://www.commentcamarche.net [...] -windows-7


 -----


 On va faire un ménage des outils téléchargés pour la désinfection, télécharge Tools Cleaner sur le bureau :

 http://pc-system.fr/TC/ToolsCleaner2.exe


 - Double clique sur ToolsCleaner2.exe sur le bureau
 - (Vista/Seven - Clique droit sur ToolsCleaner2.exe sur le bureau, et choisi exécuter en tant qu'administrateur)
 - Clique sur Recherche et laisse le scan agir.
 - Clique sur Suppression pour finaliser.
 - Tu peux, si tu le souhaites, te servir des Options facultatives.
 - Clique sur Quitter pour obtenir le rapport.
 - Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
 - Si des outils restes après le passage de Tools Cleaner, tu pourras les supprimer manuellement ainsi que tous les rapports qui on été généré lors de la désinfection.


 -----


 Important de mettre à jour Windows et tes logiciels :
 Mettre Windows(catégories critique, Services Pack et Services Release) à jour : http://www.windowsupdate.com/

 Faire un scan de vulnérabilités afin de vérifier que tes logiciels soit à jour sans failles de sécurités et mettre à jour :
 http://www.malekal.com/scan_vulnerabilite.php

 Faire un ménage des fichiers inutiles et de la base de registre :
 http://www.malekal.com/tutorial_CCleaner.html

 Dis moi quand cela est fais où si tu as des soucis et on passe à la résolution du sujet par la suite.


 @++    :)  

loulalie
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 26/11/2010 à 17:26:36  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonjour dédétraqué,

 mon clavier par moments se remet à deconner, je n'y comprends rien  :sweat:


 



- Clique droit sur le Poste de travail sur le bureau, dans propriété tu cliques sur l'onglet Restauration système

 - Coche la case désactiver la restauration et applique

 Redémarre l’ordinateur et réactive la restauration système.

 




 je n'arrive pas à faire cette manip, je ne trouve pas le poste de travail, il a peut etre un autre nom sur mon pc ( j'ai trouvé la restauration du systeme, mais il n'y a pas de coche pour la desactiver)


loulalie
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 26/11/2010 à 22:54:11  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
mes problemes de clavier recidivent! si c'est un virus, il est coriace!

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 27/11/2010 à 23:29:21  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut LOULALIE


 Je pense pas que le problème soit viral, voir dans le Gestionnaire de périphériques, va dans le menu démarrer/Exécuter et tape devmgmt.msc clic sur OK, voir si tu as des ? où ! jaune.


 @++   :)

loulalie
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 29/11/2010 à 15:38:48  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonjour dédétraqué,

 j'espere que tu as passé un bon weekend!

 ce que tu me dis là ne me rassure pas :sweat:  j'ai fais la manipulation et il n'y a pas de ? ou de ! jaune

 par moment mon clavier fonctionne bien et puis d'une seconde à l'autre il debloque!

 au moins on a eliminé la piste du virus!

 a +

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 01/12/2010 à 04:34:38  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut LOULALIE


 Retourne dans le Gestionnaire de périphériques, clique sur le petit plus + a coté de Clavier et tu devrais voir le nom du driver, faire un clique droit et clique sur désinstaller, redémarre le PC et Windows va réinstaller le driver au démarrage.


 @++   :)

loulalie
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 01/12/2010 à 21:28:20  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
BONJOUR  dédétraqué

 depuis qq jours je n'ai plus de problemes avec mon clavier

 je te remercie pour ton aide et je pense qu'on va pouvoir passer à la resolution, mais je ne sais pas le faire

 a bientot  :super:

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 02/12/2010 à 05:47:40  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut LOULALIE


 Bien de rien, je te donne quelques consignes de sécurité :

 
  • pare-feu bien paramétré, je te conseil : ZoneAlarm
  • antivirus bien paramétré et mis à jour régulièrement (quotidiennement s'il le faut) avec un scan complet régulier (journalier s'il le faut).
  • une attitude prudente vis à vis de la navigation (pas de sites douteux : cracks, warez, sexe...) et vis à vis de la messagerie (fichiers joints aux messages doivent être scannés avant d'être ouverts)
  • pas de téléchargement illégal, qui est le principal facteur d’infection (µTorrent, BitTorrent, eMule, Limewire, etc..)   Le danger des cracks !
Les risques sécuritaires du peer-to-peer
 
  • une attitude vigilante (être à l'affût d'un fonctionnement inhabituel de son système)
  • faire régulièrement un scan de vulnérabilités afin de vérifier que tes logiciels soit à jour sans failles de sécurités :
http://www.malekal.com/scan_vulnerabilite.php

 De bonne lecture si tu veux en savoir plus sur la sécurité et le fonctionnement de Windows :
 http://www.malekal.com/menu_windows_general.php
 http://www.malekal.com/menu_windows_securite.php

 Si tu considère ton problème comme résolu, édite http://www.01net.com/img/forum​/v6/picto_edit.gif ton premier poste et ajoute [résolu] dans le titre.

 Bonne journée/soirée et bon surf    :super:  


 @++  :)

loulalie
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 29/12/2010 à 22:13:09  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonsoir dédétraqué!

 je te remercie encore je ne rencontre plus de probleme avec mon clavier, j'ai changé le titre de mon message et je vais tâcher de suivre tes conseils!

 encore merci  :super:

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 29/12/2010 à 22:25:45  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut LOULALIE


 [:Captain MAD:3]


 [:maracudja:7]

 Page :
1

Aller à :
 

Sujets relatifs
PC infeste > ecran qui tremble, passage clavier en qwerty Infecté par Adware Gibmedia et Ecobar [résolu]
n fenetres firefox, clavier bloqué! souri et clavier bloqués
mon clavier fait "bip" cuseur fou incontrôlable.
Plus de sujets relatifs à : clavier FOU ( RESOLU )

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
Infection multiple par toolbar 12
Virus sur mon PC professionnel : demande d'aide 3
Problèmes avec Windows 7 1
infecté par TROJAN FAKEALERT [ RESOLU] 17
une lenteur incontrolable 34