Multiples infections (Gomeo,....)

Salut, désactives la restauration système et fais un scan avec malwarebyte antimalware pour commencer.

Ensuite, installe spybot, vaccination et scan aussi.

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Version de la base de données: 6920

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

28/06/2011 22:57:34
mbam-log-2011-06-28 (22-57-34).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 157565
Temps écoulé: 4 minute(s), 58 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

28.06.2011 23:08:10 - ##### check started #####
28.06.2011 23:08:10 - ### Version: 1.6.2
28.06.2011 23:08:10 - ### Date: 28/06/2011 23:08:10
28.06.2011 23:08:16 - ##### checking bots #####
28.06.2011 23:08:32 - found: MeMedia.AdVantage Root class
28.06.2011 23:08:46 - found: Babylon.Toolbar Réglages
28.06.2011 23:08:46 - found: Babylon.Toolbar Type library
28.06.2011 23:16:18 - found: Fraud.WindowsRecovery Réglages
28.06.2011 23:16:18 - found: Fraud.WindowsRecovery Réglages
28.06.2011 23:17:30 - found: Toolbar.Facemood ID Application
28.06.2011 23:17:30 - found: Toolbar.Facemood Class ID
28.06.2011 23:17:30 - found: Toolbar.Facemood Root class
28.06.2011 23:17:30 - found: Toolbar.Facemood Root class
28.06.2011 23:49:09 - ##### check finished #####

--- Report generated: 2011-06-28 23:49 ---

MeMedia.AdVantage: [SBI $E0E6B2C4] Root class (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MEAD.1

Babylon.Toolbar: [SBI $AA4747ED] Réglages (Clé du registre, nothing done)
HKEY_CLASSES_ROOT\AppID\escort.DLL

Babylon.Toolbar: [SBI $4AB6C1F6] Type library (Clé du registre, nothing done)
HKEY_CLASSES_ROOT\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}

Fraud.WindowsRecovery: [SBI $9C8FE954] Réglages (Valeur du registre, nothing done)
HKEY_USERS\S-1-5-21-1237001430-92446686-3516833831-1000\Software\75fa38b7-8b94-4995-ad32-52e938867954

Fraud.WindowsRecovery: [SBI $597FC39E] Réglages (Valeur du registre, nothing done)
HKEY_USERS\S-1-5-21-1237001430-92446686-3516833831-1000\Software\BD

Toolbar.Facemood: [SBI $8F44A361] ID Application (Clé du registre, nothing done)
HKEY_CLASSES_ROOT\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}

Toolbar.Facemood: [SBI $CDB19D2C] Class ID (Clé du registre, nothing done)
HKEY_CLASSES_ROOT\CLSID\{DDE2C74F-58CC-4d71-8CE1-09DEBB8CFB78}

Toolbar.Facemood: [SBI $040843B5] Root class (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\facemoods.facemoodsHlpr

Toolbar.Facemood: [SBI $040843B5] Root class (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\facemoods.facemoodsHlpr.1


--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2011-06-28 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2011-03-18 Includes\Adware.sbi (*)
2011-06-21 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2010-12-14 Includes\Dialer.sbi (*)
2011-03-08 Includes\DialerC.sbi (*)
2011-02-24 Includes\HeavyDuty.sbi (*)
2011-03-29 Includes\Hijackers.sbi (*)
2011-05-16 Includes\HijackersC.sbi (*)
2010-09-15 Includes\iPhone.sbi (*)
2010-12-14 Includes\Keyloggers.sbi (*)
2011-03-08 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2011-04-05 Includes\Malware.sbi (*)
2011-06-22 Includes\MalwareC.sbi (*)
2011-02-24 Includes\PUPS.sbi (*)
2011-05-24 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2011-02-24 Includes\Security.sbi (*)
2011-05-03 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2011-02-24 Includes\Spyware.sbi (*)
2011-06-14 Includes\SpywareC.sbi (*)
2010-03-08 Includes\Tracks.uti
2011-06-20 Includes\Trojans.sbi (*)
2011-05-11 Includes\TrojansC-02.sbi (*)
2011-05-11 Includes\TrojansC-03.sbi (*)
2011-06-20 Includes\TrojansC-04.sbi (*)
2011-06-21 Includes\TrojansC-05.sbi (*)
2011-06-14 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll

voici les rapports. Puis je corriger les problemes signalés dans spybot? Merci beaucoup pour ton aide précieuse.

 

Oui corriger le tout et faire ceci:



Téléchargement d' Ad-remover (Windows XP/Vista/7 32/64 bits)

http://www.teamxscript.org/too/AD-R.exe

Pour les systèmes Vista/7 désactiver l' UAC et cliquer sur Ad-Remover sur le Bureau.

Séléctionner l'option "scanner" et quand il a terminée et trouvé des choses vous fermez le logiciel et le réouvrir et prendre l'option "nettoyage" pour supprimer le tout.

Le scan terminée, une fenêtre va s'ouvrir dans le "bloc note". (C:\Ad-Report-CLEAN[1].log) Je veux le scan avec écrit supprimé et non celui avec trouvé et présent.


Pour me copier/coller les log dans le "Bloc note" vous allez dans le menu Édition et cliquer sur "Sélectionner tout" et retourner dans "Édition" et cliquer sur "copier"
Sur le forum, faire un click droit et cliquer sur "coller".

Oui !

Refais un scan pour voir ce que ça donne.

désinstalle spybot, il sert à rien à part ralentir ton PC, fais ce que g225 te dit et post le rapport et fais aussi sa :

1)

[#ff9000]TDSS Killer[/#ff]

telecharge sur ton bureau http://support.kaspersky.com/downloads/utils/tdsskiller... , dezippe le et execute le , un rapport sera crée ici:

C:\TDSSKillerVersion_Date_Time_log.txt.<< copie_colle son contenu

tu as aussi directement l'executable là : http://support.kaspersky.com/downloads/utils/tdsskiller...

o execute le , La fenêtre suivante va s'ouvrir::



o Clique sur Start scan et laisse l'outil scanner ton disque dur sans l'interrompre et sans utiliser le PC.
o Si des fichiers infectés sont trouvées, une nouvelle fenêtre va s'ouvrir:



o Si TDSS.tdl2 est détecté l'option delete sera cochée par défaut.

o Si TDSS.tdl3 est détecté assure toi que Cure est bien cochée.

o Si TDSS.tdl4(\HardDisk0\MBR) est détecté assure toi que Cure est bien cochée.

o Si Suspicious file est indiqué, laisse l'option cochée sur Skip

o Clique sur Continue puis sur Reboot now pour redémarrer le PC.

o Copie-colle le rapport généré dans ta prochaine réponse (Il est aussi sauvegardé à la racine de ta partition système sous le nom C:\TDSSKiller_Quarantine\JJ.MM.AA_HH.MM.SS. (JJ.MM.AA date du passage de l'outil, HH.MM.SS heure de passage).

tutoriel--> http://support.kaspersky.com/viruses/solutions?qid=2082...

bonjour et merci de votre suivi, voici le rapport AD

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [4]) -> Lancé à 19:00:26 le 29/06/2011, Mode normal

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86)
Guillaume@PC-DE-GUILLAUME (TOSHIBA Satellite P200)

============== RECHERCHE ==============





============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [5.0 (fr)] ****

HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKLM_MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0 (x)
HKLM_MozillaPlugins\Adobe Reader (x)
HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Searchplugins\fcmdSrchddr.xml ( hxxp://start.facemoods.com/?a=ddr&f=4&q={searchTerms}/)
Components\browsercomps.dll (Mozilla Foundation)

-- C:\Users\Guillaume\AppData\Roaming\Mozilla\FireFox\Profiles\lz6vnylv.default --
Extensions\illimitux@illimitux.net (Illimitux)
Extensions\nostmp (?)
Prefs.js - browser.search.selectedEngine, Search The Web
Prefs.js - browser.startup.homepage, hxxp://www.google.fr/
Prefs.js - browser.startup.homepage_override.buildID, 20110615151330
Prefs.js - browser.startup.homepage_override.mstone, rv:5.0

========================================

**** Internet Explorer Version [9.0.8112.16421] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU_Main|Start Page - hxxp://google.fr/
HKLM_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_ElevationPolicy\{12CC1876-EA8F-48D1-B1A5-8E5E535BD1B8} - C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe (x)
HKCU_ElevationPolicy\{29D4D10D-3DAF-4AC3-8450-42DC9AE2BF79} - C:\Windows\System32\Macromed\Flash\FlashUtil10o_ActiveX.exe (x)
HKCU_ElevationPolicy\{2B7CF7D7-3FBF-40E2-B805-16658976D05A} - C:\Windows\System32\Macromed\Flash\FlashUtil10d.exe (x)
HKCU_ElevationPolicy\{3A4A6777-C3E3-49F6-84F6-DE3C7DCF537E} - C:\Windows\System32\Macromed\Flash\FlashUtil9f.exe (x)
HKCU_ElevationPolicy\{562EDAF2-6129-406B-B213-61778227914C} - C:\Program Files\Windows Live\Toolbar\wltuser.exe (x)
HKCU_ElevationPolicy\{7538CDE5-85F2-49F7-8E63-3243E6B70551} - C:\Program Files\Microsoft Office\Office12\POWERPNT.EXE (x)
HKCU_ElevationPolicy\{77377A8C-FAC2-4CAA-B493-AC45DF9ECBCB} - C:\Program Files\Pando Networks\Pando\pando.exe (Pando Networks)
HKCU_ElevationPolicy\{914E97F8-6449-4EF2-A402-738AD9603C45} - C:\Program Files\BitTorrent\bittorrent.exe (x)
HKCU_ElevationPolicy\{A4B78EDB-E312-4F19-A79A-600D3056DDCB} - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (x)
HKCU_ElevationPolicy\{B62862F2-38AB-45E4-93B1-E170ACFFE0DD} - C:\Windows\System32\Macromed\Flash\FlashUtil10a.exe (x)
HKCU_ElevationPolicy\{BD57C507-3FE1-4EC7-ADEC-2C206EEBB58D} - C:\Windows\System32\Macromed\Flash\FlashUtil10q_ActiveX.exe (x)
HKCU_ElevationPolicy\{FE426366-CFD7-4A51-BD21-B9B1BB4180E3} - C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe (x)
HKLM_ElevationPolicy\{3A1704E0-708D-11DE-89C7-D8AE56D89593} - C:\Program Files\Pando Networks\Pando\Pando.exe (Pando Networks)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_Extensions\{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - "@C:\Windows\WindowsMobile\INetRepl.dll,-222" (C:\Windows\WindowsMobile\INetRepl.dll,210)
HKLM_Extensions\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - "?" (?)
HKLM_Extensions\{76577871-04EC-495E-A12B-91F7C3600AFA} - "eBay - Achetez, Vendez" (C:\Toshiba\Webshops\eBay\ebay.ico)
HKLM_Extensions\{8A918C1D-E123-4E36-B562-5C1519E434CE} - "Amazon.fr" (C:\Toshiba\Webshops\Amazon\amazon.ico)
HKLM_Extensions\{C08CAF1D-C0A3-40D5-9970-06D067EAC017} - "eBay" (C:\Toshiba\ebay\ebay.ico)
BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 5 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 25/06/2011 19:13:09 (6546 Octet(s))
C:\Ad-Report-SCAN[1].txt - 22/06/2011 23:12:03 (6780 Octet(s))
C:\Ad-Report-SCAN[2].txt - 25/06/2011 17:04:38 (6805 Octet(s))
C:\Ad-Report-SCAN[3].txt - 29/06/2011 17:36:46 (5106 Octet(s))
C:\Ad-Report-SCAN[4].txt - 29/06/2011 19:00:30 (5033 Octet(s))

Fin à: 19:01:29, 29/06/2011

============== E.O.F ==============

j'envoie le rapport de nettoyage des qu'il aura fini merci.

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [2]) -> Lancé à 19:40:10 le 29/06/2011, Mode normal

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86)
Guillaume@PC-DE-GUILLAUME (TOSHIBA Satellite P200)

============== ACTION(S) ==============



(!) -- Fichiers temporaires supprimés.




============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [5.0 (fr)] ****

HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKLM_MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0 (x)
HKLM_MozillaPlugins\Adobe Reader (x)
HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Searchplugins\fcmdSrchddr.xml ( hxxp://start.facemoods.com/?a=ddr&f=4&q={searchTerms}/)
Components\browsercomps.dll (Mozilla Foundation)

-- C:\Users\Guillaume\AppData\Roaming\Mozilla\FireFox\Profiles\lz6vnylv.default --
Extensions\illimitux@illimitux.net (Illimitux)
Extensions\nostmp (?)
Prefs.js - browser.search.selectedEngine, Search The Web
Prefs.js - browser.startup.homepage, hxxp://www.google.fr/
Prefs.js - browser.startup.homepage_override.buildID, 20110615151330
Prefs.js - browser.startup.homepage_override.mstone, rv:5.0

========================================

**** Internet Explorer Version [9.0.8112.16421] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_ElevationPolicy\{12CC1876-EA8F-48D1-B1A5-8E5E535BD1B8} - C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe (x)
HKCU_ElevationPolicy\{29D4D10D-3DAF-4AC3-8450-42DC9AE2BF79} - C:\Windows\System32\Macromed\Flash\FlashUtil10o_ActiveX.exe (x)
HKCU_ElevationPolicy\{2B7CF7D7-3FBF-40E2-B805-16658976D05A} - C:\Windows\System32\Macromed\Flash\FlashUtil10d.exe (x)
HKCU_ElevationPolicy\{3A4A6777-C3E3-49F6-84F6-DE3C7DCF537E} - C:\Windows\System32\Macromed\Flash\FlashUtil9f.exe (x)
HKCU_ElevationPolicy\{562EDAF2-6129-406B-B213-61778227914C} - C:\Program Files\Windows Live\Toolbar\wltuser.exe (x)
HKCU_ElevationPolicy\{7538CDE5-85F2-49F7-8E63-3243E6B70551} - C:\Program Files\Microsoft Office\Office12\POWERPNT.EXE (x)
HKCU_ElevationPolicy\{77377A8C-FAC2-4CAA-B493-AC45DF9ECBCB} - C:\Program Files\Pando Networks\Pando\pando.exe (Pando Networks)
HKCU_ElevationPolicy\{914E97F8-6449-4EF2-A402-738AD9603C45} - C:\Program Files\BitTorrent\bittorrent.exe (x)
HKCU_ElevationPolicy\{A4B78EDB-E312-4F19-A79A-600D3056DDCB} - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (x)
HKCU_ElevationPolicy\{B62862F2-38AB-45E4-93B1-E170ACFFE0DD} - C:\Windows\System32\Macromed\Flash\FlashUtil10a.exe (x)
HKCU_ElevationPolicy\{BD57C507-3FE1-4EC7-ADEC-2C206EEBB58D} - C:\Windows\System32\Macromed\Flash\FlashUtil10q_ActiveX.exe (x)
HKCU_ElevationPolicy\{FE426366-CFD7-4A51-BD21-B9B1BB4180E3} - C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe (x)
HKLM_ElevationPolicy\{3A1704E0-708D-11DE-89C7-D8AE56D89593} - C:\Program Files\Pando Networks\Pando\Pando.exe (Pando Networks)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_Extensions\{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - "@C:\Windows\WindowsMobile\INetRepl.dll,-222" (C:\Windows\WindowsMobile\INetRepl.dll,210)
HKLM_Extensions\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - "?" (?)
HKLM_Extensions\{76577871-04EC-495E-A12B-91F7C3600AFA} - "eBay - Achetez, Vendez" (C:\Toshiba\Webshops\eBay\ebay.ico)
HKLM_Extensions\{8A918C1D-E123-4E36-B562-5C1519E434CE} - "Amazon.fr" (C:\Toshiba\Webshops\Amazon\amazon.ico)
HKLM_Extensions\{C08CAF1D-C0A3-40D5-9970-06D067EAC017} - "eBay" (C:\Toshiba\ebay\ebay.ico)
BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 20 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 25/06/2011 19:13:09 (6546 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 29/06/2011 19:40:13 (4809 Octet(s))
C:\Ad-Report-SCAN[1].txt - 22/06/2011 23:12:03 (6780 Octet(s))
C:\Ad-Report-SCAN[2].txt - 25/06/2011 17:04:38 (6805 Octet(s))
C:\Ad-Report-SCAN[3].txt - 29/06/2011 17:36:46 (5106 Octet(s))
C:\Ad-Report-SCAN[4].txt - 29/06/2011 19:00:30 (5171 Octet(s))

Fin à: 19:41:28, 29/06/2011

============== E.O.F ==============

Fais le TDSSKiller

le tdsskiller en fonctionne pas il ne se lance pas...

Essaye ceci :

Télécharge aswMBR.exe (511KB) sur ton Bureau.

Double clique sur aswMBR.exe pour l'exécuter
Double-clique sur aswMBR.exe présent sur ton bureau.(Clic droit -> "Exécuter en tant qu'administrateur" pour VISTA / SEVEN

Clique sur le bouton «Scan»





Clic sur save log ,Enregistre le rapport sur le bureau
Poste le rapport dans ta prochaine réponse

CopyRight© hackinginterdit

voici le rapport par contre il a fait l'opération trés rapidement ( 30 secondes) est ce normal?

aswMBR version 0.9.7.675 Copyright(c) 2011 AVAST Software
Run date: 2011-06-29 20:28:52
-----------------------------
20:28:52.802 OS Version: Windows 6.0.6002 Service Pack 2
20:28:52.802 Number of processors: 2 586 0xF0D
20:28:52.804 ComputerName: PC-DE-GUILLAUME UserName: Guillaume
20:29:25.990 Initialize success
20:30:29.357 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
20:30:29.361 Disk 0 Vendor: Hitachi_ BBCO Size: 152627MB BusType: 3
20:30:29.377 Disk 0 MBR read successfully
20:30:29.381 Disk 0 MBR scan
20:30:29.387 Disk 0 unknown MBR code
20:30:29.393 Disk 0 scanning sectors +312578048
20:30:29.429 Disk 0 scanning C:\Windows\system32\drivers
20:30:36.659 Service scanning
20:30:39.055 Disk 0 trace - called modules:
20:30:39.087 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x87aec1ed]<<
20:30:39.096 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f21820]
20:30:39.103 3 CLASSPNP.SYS[893338b3] -> nt!IofCallDriver -> [0x86964668]
20:30:39.112 5 acpi.sys[806996bc] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x86447030]
20:30:39.117 \Driver\iaStor[0x8640c030] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0x87aec1ed
20:30:39.133 Scan finished successfully
20:31:39.267 Disk 0 MBR has been saved successfully to "C:\Users\Guillaume\Desktop\MBR.dat"
20:31:39.286 The log file has been saved successfully to "C:\Users\Guillaume\Desktop\aswMBR.txt"

Oui c'est normal, ta essayé clique droit " executer en tant qu'administrateur" pour TDSSKiller

oui rien n'y fait meme en sans echec.... aucune action....

C'est pas grave, on va faire un diagnostic plus complet du PC :

Diagnostic :

Télécharge OTL (de OldTimer[/#ff]) sur ton Bureau.

Ferme toutes tes fenêtres, puis double clique sur [#FF8000]OTL.exe

pour le lancer.
(Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")

Coche en haut la case devant "Tous les utilisateurs"

Sous Personnalisation, copie-colle l'ensemble du texte ci-dessous, laisse les autres options par défaut.

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.*
%SYSTEMDRIVE%\*.exe
%PROGRAMFILES%\*.*
%PROGRAMFILES%\*.
/md5start
volsnap.sys
hidserv.dll
appmgmts.dll
eventlog.dll
winlogon.exe
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
wininet.dll
wininit.exe
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
explorer.exe
svchost.exe
userinit.exe
qmgr.dll
ws2_32.dll
proquota.exe
imm32.dll
kernel32.dll
ndis.sys
autochk.exe
spoolsv.exe
xmlprov.dll
ntmssvc.dll
mswsock.dll
Beep.SYS
ntfs.sys
termsrv.dll
sfcfiles.dll
st3shark.sys
winlogon.exe
wininit.ini
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
c:\$recycle.bin\*.* /s

Clique sur le bouton Analyse en haut à gauche puis patiente quelques instants.

A la fin du scan, deux rapports s'ouvriront OTL.Txt et Extras.Txt. Copie/colle ici l'ensemble des rapports.
PS : Les rapports sont aussi enregistrés sur le bureau

Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.

rapport 1

OTL logfile created on: 29/06/2011 20:56:38 - Run 1
OTL by OldTimer - Version 3.2.24.2 Folder = C:\Users\Guillaume\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,99 Gb Total Physical Memory | 1,21 Gb Available Physical Memory | 60,59% Memory free
4,22 Gb Paging File | 2,98 Gb Available in Paging File | 70,72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,22 Gb Total Space | 11,59 Gb Free Space | 15,62% Space Free | Partition Type: NTFS
Drive E: | 73,36 Gb Total Space | 4,22 Gb Free Space | 5,75% Space Free | Partition Type: NTFS

Computer Name: PC-DE-GUILLAUME | User Name: Guillaume | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/29 20:51:54 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Guillaume\Desktop\OTL.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2009/11/25 00:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/11/25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/11/25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/11/25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/09/28 15:41:12 | 000,024,645 | ---- | M] (Apache Software Foundation) -- C:\OSGeo4W\apache\bin\httpd.exe
PRC - [2009/07/20 12:51:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/20 08:36:58 | 000,210,216 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynToshiba.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2007/09/19 11:01:12 | 000,077,824 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2007/09/03 12:39:22 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/03/29 10:39:00 | 000,427,576 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2007/03/29 10:39:00 | 000,411,192 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2007/02/12 14:38:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/02/12 14:37:58 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2006/05/25 19:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe


========== Modules (SafeList) ==========

MOD - [2011/06/29 20:51:54 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Guillaume\Desktop\OTL.exe
MOD - [2010/08/31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Running] -- Reg Error: Key error. -- (TrkWks)
SRV - File not found [Auto | Stopped] -- -- (TOSHIBA Bluetooth Service)
SRV - File not found [Unknown | Running] -- Reg Error: Key error. -- (RpcSs) Appel de procédure distante (RPC)
SRV - File not found [Auto | Stopped] -- -- (Planificateur LiveUpdate automatique)
SRV - File not found [Unknown | Running] -- Reg Error: Key error. -- (DcomLaunch)
SRV - File not found [Auto | Running] -- Reg Error: Key error. -- (BITS)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/20 14:50:18 | 000,152,064 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2010/03/25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009/11/25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/09/28 15:41:12 | 000,024,645 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\OSGeo4W\apache\bin\httpd.exe -- (ApacheOSGeo4WWebServer)
SRV - [2009/07/20 12:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/12/23 18:11:23 | 000,355,584 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2008/05/29 10:28:54 | 000,028,416 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2008/01/19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/19 11:01:12 | 000,077,824 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2007/05/31 10:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 10:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/03/29 10:39:00 | 000,427,576 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/02/12 14:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2006/12/14 17:00:00 | 000,544,768 | ---- | M] (Magix AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService)
SRV - [2006/05/25 19:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2005/11/17 15:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)


========== Driver Services (SafeList) ==========

DRV - [2011/06/19 16:49:34 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2011/06/19 16:49:34 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2009/11/25 00:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/11/25 00:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/11/25 00:49:48 | 000,053,328 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2009/11/25 00:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/11/25 00:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2008/08/24 13:04:55 | 000,685,816 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008/07/29 06:05:04 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/11/09 05:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/07/26 16:18:04 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2007/06/18 15:10:42 | 000,373,568 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acedrv09.sys -- (acedrv09)
DRV - [2007/05/30 18:54:22 | 000,201,696 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acehlp09.sys -- (acehlp09)
DRV - [2007/04/30 07:42:14 | 000,081,408 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007/04/16 10:19:10 | 000,011,776 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2007/03/13 14:53:47 | 000,252,928 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rt73.sys -- (RT73)
DRV - [2007/03/06 15:01:04 | 000,014,848 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\DRIVERS\CplIR.SYS -- (CplIR)
DRV - [2007/01/18 16:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)
DRV - [2007/01/18 16:40:56 | 000,219,392 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)
DRV - [2007/01/04 16:41:50 | 000,255,488 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr73.sys -- (netr73)
DRV - [2006/11/28 21:46:22 | 000,028,224 | -H-- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCAMp50.sys -- (PCAMp50)
DRV - [2006/11/28 21:46:20 | 000,027,072 | -H-- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2006/11/02 09:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/10/23 16:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2006/10/18 12:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006/07/28 16:25:26 | 000,019,456 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter)
DRV - [2006/07/10 18:19:58 | 000,027,032 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2006/07/06 13:44:00 | 000,168,448 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2006/07/05 14:39:29 | 000,059,256 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2006/06/14 16:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [1999/09/10 12:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\Aspi32.sys -- (Aspi32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Search The Web"
FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:4.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.103
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26

FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/26 14:03:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/26 14:03:18 | 000,000,000 | ---D | M]

[2010/06/22 12:49:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Guillaume\AppData\Roaming\Mozilla\Extensions
[2011/06/26 22:21:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\lz6vnylv.default\extensions
[2010/06/22 12:54:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\lz6vnylv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/10/30 22:07:46 | 000,000,000 | ---D | M] (Illimitux) -- C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\lz6vnylv.default\extensions\illimitux@illimitux.net
[2011/06/26 14:03:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\lz6vnylv.default\extensions\nostmp
[2011/06/26 14:03:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/30 00:17:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/27 17:20:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/05/30 20:53:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011/06/26 13:41:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2011/06/16 06:38:33 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/06/26 13:41:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/01/01 10:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/01/01 10:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/01/01 10:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2011/03/02 20:59:12 | 000,002,046 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrchddr.xml
[2010/01/01 10:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2010/01/01 10:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKCU..\Run: [] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O8 - Extra context menu item: &Envoyer à OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - File not found
O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - File not found
O9 - Extra Button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - File not found
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: mappy.com ([]http in Sites de confiance)
O15 - HKCU\..Trusted Domains: orange.fr ([]http in Sites de confiance)
O15 - HKCU\..Trusted Domains: voila.fr ([rw.search.ke] http in Sites de confiance)
O15 - HKCU\..Trusted Domains: weborama.fr ([orange] http in Sites de confiance)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1... (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-wind... (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/curren... (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows... (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-wind... (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-wind... (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 109.0.66.10 109.0.66.20
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/06/25 20:06:13 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/07/25 07:34:07 | 000,000,000 | ---D | M] - E:\autopano -- [ NTFS ]
O32 - AutoRun File - [2011/06/25 20:06:15 | 000,000,000 | RHSD | M] - E:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{4b4e8251-30b4-11de-94ce-001b38aa3947}\Shell - "" = AutoRun
O33 - MountPoints2\{4b4e8251-30b4-11de-94ce-001b38aa3947}\Shell\AutoRun\command - "" = K:\setup\rsrc\Autorun.exe
O33 - MountPoints2\{cdda72a5-899a-11dd-adea-001b38aa3947}\Shell\Auto\command - "" = AdobeR.exe e
O33 - MountPoints2\{cdda72a5-899a-11dd-adea-001b38aa3947}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software GmbH)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {0E0AD121-9B2B-25E9-D860-822530FA9A7E} - Browser Customizations
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {78CFE052-F5B3-3960-CDC4-A55037D4571A} - Internet Explorer
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.divxa32 - C:\Windows\System32\DivXa32.acm (Packed With Joy !)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: Nouvelle valeur #1 - File not found
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.ffds - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.vp60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.vp61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.vp62 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.X264 - C:\Windows\System32\x264vfw.dll ()
Drivers32: vidc.xvid - C:\Windows\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)

========== Files/Folders - Created Within 30 Days ==========

[2011/06/29 20:51:51 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Guillaume\Desktop\OTL.exe
[2011/06/29 20:12:59 | 001,904,128 | ---- | C] (AVAST Software) -- C:\Users\Guillaume\Desktop\aswMBR.exe
[2011/06/29 19:53:50 | 001,448,752 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Guillaume\Desktop\TDSSKiller.exe
[2011/06/29 17:36:39 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
[2011/06/28 23:05:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011/06/28 23:05:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/06/28 23:05:08 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/06/28 22:43:21 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\Recent
[2011/06/27 21:12:23 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\Documents\VideoPad Projects
[2011/06/26 22:59:17 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/06/26 13:41:46 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/06/26 13:41:46 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/06/26 13:41:46 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/06/26 13:30:36 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2011/06/25 20:06:13 | 000,000,000 | RHSD | C] -- C:\Autorun.inf
[2011/06/22 23:19:48 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\Desktop\tdsskiller[1]
[2011/06/22 21:10:22 | 002,520,999 | ---- | C] (Nicolas Coolman ) -- C:\Users\Guillaume\Desktop\ZHPDiag2.exe
[2011/06/20 23:08:54 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/06/20 23:08:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/20 23:08:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/06/20 23:08:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/06/19 21:16:54 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software
[2011/06/19 21:16:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Related Programs
[2011/06/19 21:16:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
[2011/06/19 21:16:44 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2011/06/19 21:16:42 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Roaming\NCH Software
[2011/06/19 21:16:07 | 003,292,760 | ---- | C] (NCH Software) -- C:\Users\Guillaume\Desktop\vpsetup.exe
[2011/06/19 21:15:34 | 000,000,000 | ---D | C] -- C:\Windows\System32\custom matrices
[2011/06/19 21:15:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\QuickTime
[2011/06/19 21:15:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player - Codec Pack
[2011/06/19 21:15:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\C2MP
[2011/06/19 20:07:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/06/19 20:05:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011/06/19 20:03:59 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/06/19 20:03:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011/06/19 19:55:41 | 000,000,000 | ---D | C] -- C:\Riot Games
[2011/06/19 19:48:50 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\Desktop\telephone
[2011/06/19 19:36:30 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\Documents\MAGIX_Video_deluxe_2008_PLUS
[2011/06/19 19:36:30 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\Documents\MAGIX Téléchargements
[2011/06/19 19:20:51 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Local\Sony Ericsson
[2011/06/19 17:40:32 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Ericsson
[2011/06/19 17:16:45 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Local\Sony
[2011/06/19 17:15:35 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\Podcasts
[2011/06/19 17:15:35 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\Documents\Media Go
[2011/06/19 17:15:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2011/06/19 17:14:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sony Shared
[2011/06/19 17:14:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation
[2011/06/19 17:14:17 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2011/06/19 17:12:21 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Media Go Install
[2011/06/19 17:12:20 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Roaming\Sony
[2011/06/19 16:49:34 | 000,025,512 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\ggsemc.sys
[2011/06/19 16:49:34 | 000,013,224 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\ggflt.sys
[2011/06/19 16:40:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony Ericsson
[2011/06/19 16:40:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson
[2011/06/19 16:40:04 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Ericsson
[2011/06/18 21:18:36 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/06/18 21:18:34 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/06/18 21:18:34 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/06/18 21:18:33 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/29 21:00:00 | 000,000,512 | ---- | M] () -- C:\Windows\tasks\Maintenance en 1 clic.job
[2011/06/29 20:51:54 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Guillaume\Desktop\OTL.exe
[2011/06/29 20:31:39 | 000,000,512 | ---- | M] () -- C:\Users\Guillaume\Desktop\MBR.dat
[2011/06/29 20:13:10 | 001,904,128 | ---- | M] (AVAST Software) -- C:\Users\Guillaume\Desktop\aswMBR.exe
[2011/06/29 19:43:12 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/29 19:43:12 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/29 19:43:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/29 17:36:40 | 000,001,641 | ---- | M] () -- C:\Users\Guillaume\Desktop\AD-R.lnk
[2011/06/29 17:21:50 | 000,681,798 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2011/06/29 17:21:50 | 000,598,368 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/29 17:21:50 | 000,127,504 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2011/06/29 17:21:50 | 000,104,382 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/28 23:05:16 | 000,001,020 | ---- | M] () -- C:\Users\Guillaume\Desktop\Spybot - Search & Destroy.lnk
[2011/06/28 19:13:28 | 001,448,752 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Guillaume\Desktop\TDSSKiller.exe
[2011/06/26 20:24:54 | 000,508,506 | ---- | M] () -- C:\Users\Guillaume\Desktop\DSC_0092.jpg
[2011/06/26 14:03:21 | 000,000,835 | ---- | M] () -- C:\Users\Guillaume\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/06/26 13:41:22 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011/06/26 13:41:22 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/06/26 13:41:22 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/06/26 13:41:22 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/06/25 20:32:00 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin
[2011/06/23 19:07:31 | 000,000,138 | ---- | M] () -- C:\Users\Guillaume\defogger_reenable
[2011/06/22 23:28:04 | 001,007,120 | ---- | M] () -- C:\Users\Guillaume\Desktop\rkill.scr
[2011/06/22 21:12:09 | 000,000,800 | ---- | M] () -- C:\Users\Public\Desktop\MBRCheck.lnk
[2011/06/22 21:12:09 | 000,000,793 | ---- | M] () -- C:\Users\Public\Desktop\ZHPDiag.lnk
[2011/06/22 21:12:09 | 000,000,788 | ---- | M] () -- C:\Users\Public\Desktop\ZHPFix.lnk
[2011/06/22 09:30:38 | 002,520,999 | ---- | M] (Nicolas Coolman ) -- C:\Users\Guillaume\Desktop\ZHPDiag2.exe
[2011/06/21 22:50:33 | 000,169,984 | -H-- | M] () -- C:\Users\Guillaume\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/20 23:08:55 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/20 22:38:38 | 217,264,965 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/06/20 22:23:26 | 000,000,400 | ---- | M] () -- C:\ProgramData\45407992
[2011/06/20 22:20:31 | 000,000,240 | -H-- | M] () -- C:\ProgramData\~45407992
[2011/06/20 22:20:31 | 000,000,168 | -H-- | M] () -- C:\ProgramData\~45407992r
[2011/06/19 21:16:46 | 000,000,944 | ---- | M] () -- C:\Users\Public\Desktop\VideoPad Video Editor.lnk
[2011/06/19 21:16:30 | 003,292,760 | ---- | M] (NCH Software) -- C:\Users\Guillaume\Desktop\vpsetup.exe
[2011/06/19 17:47:54 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ggsemc_01007.Wdf
[2011/06/19 17:47:54 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ggflt_01007.Wdf
[2011/06/19 16:49:34 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\ggsemc.sys
[2011/06/19 16:49:34 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\ggflt.sys
[2011/06/07 18:56:16 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/29 20:31:39 | 000,000,512 | ---- | C] () -- C:\Users\Guillaume\Desktop\MBR.dat
[2011/06/28 23:05:16 | 000,001,020 | ---- | C] () -- C:\Users\Guillaume\Desktop\Spybot - Search & Destroy.lnk
[2011/06/27 20:43:13 | 000,508,506 | ---- | C] () -- C:\Users\Guillaume\Desktop\DSC_0092.jpg
[2011/06/26 14:03:21 | 000,000,823 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/06/26 13:38:27 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/06/23 19:07:12 | 000,000,138 | ---- | C] () -- C:\Users\Guillaume\defogger_reenable
[2011/06/22 23:28:00 | 001,007,120 | ---- | C] () -- C:\Users\Guillaume\Desktop\rkill.scr
[2011/06/22 23:06:50 | 000,001,641 | ---- | C] () -- C:\Users\Guillaume\Desktop\AD-R.lnk
[2011/06/22 21:15:32 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin
[2011/06/22 21:12:09 | 000,000,800 | ---- | C] () -- C:\Users\Public\Desktop\MBRCheck.lnk
[2011/06/22 21:12:09 | 000,000,793 | ---- | C] () -- C:\Users\Public\Desktop\ZHPDiag.lnk
[2011/06/22 21:12:09 | 000,000,788 | ---- | C] () -- C:\Users\Public\Desktop\ZHPFix.lnk
[2011/06/20 23:08:55 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/20 22:53:18 | 000,002,554 | ---- | C] () -- C:\Users\Guillaume\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk
[2011/06/20 22:53:18 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/06/20 22:53:18 | 000,000,967 | ---- | C] () -- C:\Users\Guillaume\Application Data\Microsoft\Internet Explorer\Quick Launch\Free Video Converter.lnk
[2011/06/20 22:53:18 | 000,000,948 | ---- | C] () -- C:\Users\Guillaume\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/06/20 22:53:18 | 000,000,944 | ---- | C] () -- C:\Users\Public\Desktop\VideoPad Video Editor.lnk
[2011/06/20 22:53:18 | 000,000,941 | ---- | C] () -- C:\Users\Guillaume\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2011/06/20 22:53:18 | 000,000,903 | ---- | C] () -- C:\Users\Guillaume\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/06/20 22:53:18 | 000,000,850 | ---- | C] () -- C:\Users\Public\Desktop\JDownloader.lnk
[2011/06/20 22:53:18 | 000,000,835 | ---- | C] () -- C:\Users\Guillaume\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/06/20 22:53:18 | 000,000,667 | ---- | C] () -- C:\Users\Guillaume\Application Data\Microsoft\Internet Explorer\Quick Launch\Autopano Pro.lnk
[2011/06/20 22:53:18 | 000,000,258 | ---- | C] () -- C:\Users\Guillaume\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/06/20 22:53:18 | 000,000,240 | ---- | C] () -- C:\Users\Guillaume\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/06/20 22:38:38 | 217,264,965 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/06/20 22:04:40 | 000,000,240 | -H-- | C] () -- C:\ProgramData\~45407992
[2011/06/20 22:04:40 | 000,000,168 | -H-- | C] () -- C:\ProgramData\~45407992r
[2011/06/20 22:04:34 | 000,000,400 | ---- | C] () -- C:\ProgramData\45407992
[2011/06/19 21:16:46 | 000,000,956 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk
[2011/06/19 20:04:07 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/06/19 17:47:54 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ggsemc_01007.Wdf
[2011/06/19 17:47:54 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ggflt_01007.Wdf
[2011/05/15 18:59:11 | 000,000,000 | ---- | C] () -- C:\ProgramData\Chorus
[2011/05/15 18:59:11 | 000,000,000 | ---- | C] () -- C:\ProgramData\Bundle
[2010/12/28 01:54:07 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/10/15 16:20:18 | 000,000,268 | R--- | C] () -- C:\ProgramData\HAL
[2010/10/15 16:20:18 | 000,000,268 | R--- | C] () -- C:\Users\Guillaume\AppData\Roaming\Graphics
[2010/10/15 16:20:18 | 000,000,020 | ---- | C] () -- C:\ProgramData\PKP_DLck.DAT
[2010/10/15 16:20:16 | 000,000,268 | R--- | C] () -- C:\ProgramData\Halftone
[2010/10/15 16:20:16 | 000,000,268 | R--- | C] () -- C:\Users\Guillaume\AppData\Roaming\Guides
[2010/10/15 16:18:18 | 000,000,020 | ---- | C] () -- C:\ProgramData\PKP_DLbx.DAT
[2010/09/19 14:28:03 | 000,001,456 | ---- | C] () -- C:\Users\Guillaume\AppData\Local\Adobe Enregistrer pour le Web 11.0 Prefs
[2010/06/10 13:47:17 | 000,033,792 | ---- | C] () -- C:\Windows\System32\Sp32w.dll
[2010/06/10 13:47:14 | 000,058,368 | ---- | C] () -- C:\Windows\System32\STB2P32.DLL
[2010/06/10 13:47:14 | 000,018,944 | ---- | C] () -- C:\Windows\System32\BPROP.DLL
[2010/05/24 21:33:00 | 004,670,829 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2010/05/24 21:33:00 | 001,529,856 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2010/05/24 21:33:00 | 001,447,921 | ---- | C] () -- C:\Windows\System32\ffmpegmt.dll
[2010/05/24 21:33:00 | 000,877,385 | ---- | C] () -- C:\Windows\System32\ff_x264.dll
[2010/05/24 21:33:00 | 000,810,113 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/05/24 21:33:00 | 000,336,384 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll
[2010/05/24 21:33:00 | 000,324,096 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2010/05/24 21:33:00 | 000,248,320 | ---- | C] () -- C:\Windows\System32\ff_kernelDeint.dll
[2010/05/24 21:33:00 | 000,216,576 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
[2010/05/24 21:33:00 | 000,151,552 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
[2010/05/24 21:33:00 | 000,145,408 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2010/05/24 21:33:00 | 000,139,944 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2010/05/24 21:33:00 | 000,121,856 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
[2010/05/24 21:33:00 | 000,116,736 | ---- | C] () -- C:\Windows\System32\ff_tremor.dll
[2010/05/24 21:33:00 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/05/24 21:33:00 | 000,100,864 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2010/05/24 21:33:00 | 000,097,792 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
[2010/05/19 22:59:20 | 000,150,528 | ---- | C] () -- C:\Windows\System32\mkx.dll
[2010/05/19 22:59:10 | 000,109,568 | ---- | C] () -- C:\Windows\System32\avi.dll
[2010/05/19 22:59:02 | 000,141,824 | ---- | C] () -- C:\Windows\System32\mp4.dll
[2010/05/19 22:58:52 | 000,123,392 | ---- | C] () -- C:\Windows\System32\ogm.dll
[2010/05/19 22:58:24 | 000,113,152 | ---- | C] () -- C:\Windows\System32\dsmux.exe
[2010/05/19 22:58:18 | 000,154,112 | ---- | C] () -- C:\Windows\System32\ts.dll
[2010/05/19 22:58:08 | 000,249,856 | ---- | C] () -- C:\Windows\System32\dxr.dll
[2010/05/19 22:57:42 | 000,097,792 | ---- | C] () -- C:\Windows\System32\avs.dll
[2010/05/19 22:57:38 | 000,137,728 | ---- | C] () -- C:\Windows\System32\mkv2vfr.exe
[2010/05/19 22:57:26 | 000,093,184 | ---- | C] () -- C:\Windows\System32\avss.dll
[2010/05/19 22:57:20 | 000,358,400 | ---- | C] () -- C:\Windows\System32\gdsmux.exe
[2010/05/19 22:55:40 | 000,080,384 | ---- | C] () -- C:\Windows\System32\mkzlib.dll
[2010/05/19 22:55:36 | 000,024,576 | ---- | C] () -- C:\Windows\System32\mkunicode.dll
[2010/03/23 20:53:31 | 000,000,000 | ---- | C] () -- C:\Windows\WINGEO.INI
[2010/03/01 23:07:49 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2010/02/17 21:33:31 | 000,000,016 | ---- | C] () -- C:\Users\Guillaume\AppData\Roaming\cqfyto.dat
[2009/11/19 22:35:00 | 000,498,688 | R--- | C] () -- C:\Windows\System32\MapSuiteRasterTiffX64.dll
[2009/11/19 22:35:00 | 000,413,696 | R--- | C] () -- C:\Windows\System32\MapSuiteRasterTiffX86.dll
[2009/11/19 22:35:00 | 000,274,478 | R--- | C] () -- C:\Windows\System32\MapSuiteProjectionX86.dll
[2009/11/19 22:35:00 | 000,256,512 | R--- | C] () -- C:\Windows\System32\MapSuiteProjectionX64.dll
[2009/11/19 22:35:00 | 000,044,032 | R--- | C] () -- C:\Windows\System32\Proj4ExtensionX64.dll
[2009/11/19 22:35:00 | 000,043,520 | R--- | C] () -- C:\Windows\System32\TiffWrapperX64.dll
[2009/11/19 22:35:00 | 000,034,304 | R--- | C] () -- C:\Windows\System32\TiffWrapperX86.dll
[2009/11/03 15:05:27 | 000,290,816 | ---- | C] () -- C:\Windows\System32\decdll.dll
[2009/10/06 21:15:57 | 000,446,464 | ---- | C] () -- C:\Windows\System32\Tx32.dll
[2009/10/06 21:15:57 | 000,000,151 | ---- | C] () -- C:\Windows\System32\ic32.ini
[2009/09/25 20:27:02 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/25 20:27:01 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/16 12:07:42 | 000,004,096 | ---- | C] () -- C:\Users\Guillaume\AppData\Local\keyfile3.drm
[2009/08/30 11:19:22 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2009/08/14 15:31:49 | 000,370,176 | ---- | C] () -- C:\Windows\System32\x264vfw.dll
[2009/08/11 23:21:26 | 000,087,552 | ---- | C] () -- C:\Windows\System32\ac3config.exe
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/06/07 18:24:04 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/04/23 15:24:38 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2009/04/23 15:24:12 | 000,006,642 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2009/04/08 14:24:29 | 000,000,000 | ---- | C] () -- C:\ProgramData\PKP_DLdw.DAT
[2009/04/08 14:24:29 | 000,000,000 | ---- | C] () -- C:\Users\Guillaume\AppData\Roaming\Classic Thick
[2009/04/08 14:20:52 | 000,000,000 | ---- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2009/02/26 12:38:40 | 001,498,564 | ---- | C] () -- C:\Windows\System32\igkrng400.bin
[2009/01/11 00:15:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\mmfinfo.dll
[2008/12/27 18:32:48 | 000,138,464 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2008/12/27 18:32:48 | 000,022,328 | ---- | C] () -- C:\Users\Guillaume\AppData\Roaming\PnkBstrK.sys
[2008/12/27 18:32:32 | 000,111,928 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2008/12/27 18:32:31 | 000,682,280 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2008/12/27 18:32:31 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2008/11/18 11:48:43 | 000,001,356 | ---- | C] () -- C:\Users\Guillaume\AppData\Local\d3d9caps.dat
[2008/11/06 17:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008/10/05 22:05:16 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/07/14 20:27:29 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2008/06/15 15:56:13 | 000,000,290 | R-S- | C] () -- C:\ProgramData\ntuser.pol
[2008/06/15 13:10:55 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2008/06/15 13:10:55 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2008/06/15 13:10:55 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2008/06/15 13:10:55 | 000,049,152 | ---- | C] () -- C:\Windows\VFind.exe
[2008/06/15 13:10:32 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008/06/15 00:19:51 | 000,109,807 | ---- | C] () -- C:\ProgramData\BM61d9d252.xml
[2008/06/15 00:19:51 | 000,000,022 | -H-- | C] () -- C:\ProgramData\pskt.ini
[2008/05/25 19:13:56 | 000,169,984 | -H-- | C] () -- C:\Users\Guillaume\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/05/25 18:32:31 | 000,026,340 | ---- | C] () -- C:\Users\Guillaume\AppData\Roaming\UserTile.png
[2007/10/15 19:51:52 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/10/13 11:30:20 | 000,000,137 | ---- | C] () -- C:\Windows\System32\Registration.ini
[2007/07/10 16:35:43 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2007/07/10 16:19:46 | 000,000,176 | R--- | C] () -- C:\Windows\System32\drivers\RTHDAEQ3.dat
[2007/07/10 16:19:46 | 000,000,176 | R--- | C] () -- C:\Windows\System32\drivers\RTHDAEQ2.dat
[2007/07/10 16:19:46 | 000,000,176 | R--- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2007/07/10 16:19:46 | 000,000,176 | R--- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2007/04/18 08:38:57 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2006/11/02 17:48:33 | 000,681,798 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
[2006/11/02 17:48:33 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
[2006/11/02 17:48:33 | 000,127,504 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
[2006/11/02 17:48:33 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
[2006/11/02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 14:47:37 | 002,376,896 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 12:33:01 | 000,598,368 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 12:33:01 | 000,104,382 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005/11/23 14:55:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
[2002/09/18 01:45:00 | 000,119,808 | ---- | C] () -- C:\Windows\lsb_un20.exe

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2011/06/25 19:14:28 | 000,006,546 | ---- | M] () -- C:\Ad-Report-CLEAN[1].txt
[2011/06/29 19:41:30 | 000,005,208 | ---- | M] () -- C:\Ad-Report-CLEAN[2].txt
[2011/06/22 23:13:43 | 000,006,780 | ---- | M] () -- C:\Ad-Report-SCAN[1].txt
[2011/06/25 17:05:39 | 000,006,805 | ---- | M] () -- C:\Ad-Report-SCAN[2].txt
[2011/06/29 17:38:47 | 000,005,106 | ---- | M] () -- C:\Ad-Report-SCAN[3].txt
[2011/06/29 19:01:29 | 000,005,171 | ---- | M] () -- C:\Ad-Report-SCAN[4].txt
[2006/09/18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 08:36:36 | 000,333,257 | R-S- | M] () -- C:\bootmgr
[2007/04/18 07:03:08 | 000,008,192 | ---- | M] () -- C:\BOOTSECT.BAK
[2008/06/15 13:31:36 | 000,004,985 | ---- | M] () -- C:\Bug.txt
[2006/09/18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2008/06/15 12:32:36 | 000,000,000 | ---- | M] () -- C:\gxojmpsv
[2008/10/14 19:57:48 | 000,000,000 | ---- | M] () -- C:\IO.SYS
[2007/04/19 07:42:46 | 000,002,606 | ---- | M] () -- C:\Manuel de l'utilisateur A200.lnk
[2007/04/19 07:42:58 | 000,002,586 | ---- | M] () -- C:\Manuel de l'utilisateur P200.lnk
[2008/11/08 20:22:02 | 000,000,384 | ---- | M] () -- C:\MDL 2.0 Debug.txt
[2008/10/14 19:57:48 | 000,000,000 | ---- | M] () -- C:\MSDOS.SYS
[2011/06/29 19:42:59 | 2451,243,008 | -HS- | M] () -- C:\pagefile.sys
[2011/06/25 20:32:00 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin
[2007/04/18 07:57:46 | 000,000,420 | ---- | M] () -- C:\RHDSetup.log
[2011/06/22 23:30:08 | 000,000,370 | ---- | M] () -- C:\rkill.log
[2007/10/16 06:42:55 | 000,000,282 | ---- | M] () -- C:\SWSTAMP.TXT
[2011/06/28 22:43:26 | 000,003,116 | ---- | M] () -- C:\TCleaner.txt
[2011/06/26 13:52:56 | 000,011,388 | ---- | M] () -- C:\ZHPExportRegistry-26-06-2011-13-52-56.txt
[2007/10/15 17:05:25 | 000,024,504 | ---- | M] () -- C:\_wdsuef.dmp

< %SYSTEMDRIVE%\*.exe >

< %PROGRAMFILES%\*.* >
[2008/10/04 13:15:43 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %PROGRAMFILES%\*. >
[2011/06/29 17:36:40 | 000,000,000 | ---D | M] -- C:\Program Files\Ad-Remover
[2011/06/26 13:38:12 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/08/30 11:07:41 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe Photoshop CS5
[2010/07/26 22:21:56 | 000,000,000 | ---D | M] -- C:\Program Files\AGEIA Technologies
[2009/09/08 09:06:29 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2011/06/19 20:04:06 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2010/05/03 21:06:21 | 000,000,000 | ---D | M] -- C:\Program Files\Astonsoft
[2011/05/15 18:51:01 | 000,000,000 | ---D | M] -- C:\Program Files\Audacity
[2008/05/24 17:27:08 | 000,000,000 | ---D | M] -- C:\Program Files\Camera Assistant Software for Toshiba
[2008/05/25 17:59:46 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2011/06/19 20:05:14 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2010/03/19 21:58:57 | 000,000,000 | ---D | M] -- C:\Program Files\D3E Electronique
[2008/08/24 13:09:17 | 000,000,000 | ---D | M] -- C:\Program Files\DAEMON Tools
[2008/06/03 21:34:09 | 000,000,000 | ---D | M] -- C:\Program Files\directx
[2011/05/16 07:31:33 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2011/06/26 22:59:17 | 000,000,000 | ---D | M] -- C:\Program Files\ESET
[2009/11/07 11:13:22 | 000,000,000 | ---D | M] -- C:\Program Files\ffdshow
[2008/05/24 17:35:31 | 000,000,000 | -HSD | M] -- C:\Program Files\Fichiers communs
[2010/05/02 20:09:48 | 000,000,000 | ---D | M] -- C:\Program Files\FileZilla FTP Client
[2009/11/03 15:08:26 | 000,000,000 | ---D | M] -- C:\Program Files\Free FLV Converter
[2009/11/03 15:05:27 | 000,000,000 | ---D | M] -- C:\Program Files\Free Video Converter
[2010/04/08 10:08:22 | 000,000,000 | ---D | M] -- C:\Program Files\GeoConcept SA
[2009/10/06 21:30:23 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2011/06/19 19:55:33 | 000,000,000 | ---D | M] -- C:\Program Files\InstallShield Installation Information
[2009/08/30 11:19:13 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2011/06/18 21:28:15 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2009/05/27 14:04:53 | 000,000,000 | ---D | M] -- C:\Program Files\InterVideo
[2011/06/26 12:50:51 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2011/06/21 22:53:57 | 000,000,000 | ---D | M] -- C:\Program Files\JDownloader
[2009/04/23 17:44:16 | 000,000,000 | ---D | M] -- C:\Program Files\MAGIX
[2011/06/20 23:08:57 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/11/07 22:28:59 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger Plus! Live
[2009/10/06 21:13:46 | 000,000,000 | ---D | M] -- C:\Program Files\Micro Application
[2010/06/01 09:34:07 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2010/08/25 14:12:55 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Analysis Services
[2008/05/25 19:52:43 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2006/11/02 14:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2010/08/25 14:17:46 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2011/06/18 21:30:40 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2010/08/25 14:17:42 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2009/09/20 23:53:40 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework
[2010/08/25 14:18:52 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Synchronization Services
[2010/08/25 14:15:58 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio 8
[2010/08/25 14:17:42 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/08/13 17:44:48 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2011/06/26 14:03:20 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2010/08/25 14:20:08 |

EXTRA.TXT

OTL Extras logfile created on: 29/06/2011 20:56:38 - Run 1
OTL by OldTimer - Version 3.2.24.2 Folder = C:\Users\Guillaume\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,99 Gb Total Physical Memory | 1,21 Gb Available Physical Memory | 60,59% Memory free
4,22 Gb Paging File | 2,98 Gb Available in Paging File | 70,72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,22 Gb Total Space | 11,59 Gb Free Space | 15,62% Space Free | Partition Type: NTFS
Drive E: | 73,36 Gb Total Space | 4,22 Gb Free Space | 5,75% Space Free | Partition Type: NTFS

Computer Name: PC-DE-GUILLAUME | User Name: Guillaume | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 1
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0157D41C-704A-448C-BAC5-5E7A7387C29D}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{022B48EC-27CF-4F2F-A897-14EE17FFE2EF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{04E648EC-5775-4AAB-A7E2-CF70B61D7F6D}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{0AEF356D-53CF-45EE-B3A3-3FEFE007B976}" = rport=10243 | protocol=6 | dir=out | app=system |
"{0F8B2843-310B-4E1A-ACA5-ED48648DA3AF}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1019B55A-99A9-4463-A482-A66E549A204D}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{10E4C291-9FE6-4FF7-A93C-7096E14F502F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{126714E3-94CB-4673-B54A-EF37CEC81D0D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{16E67438-3BD2-4C5A-A853-26F306143F0A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{18400869-B70B-4EC1-A37E-14928BFFADFE}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{1E797E91-AA93-4DD4-8FBE-7D6B566D910A}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{20660884-6593-4DD5-93C0-5BD503E8C19C}" = lport=56815 | protocol=17 | dir=in | name=pando p2p udp listening port |
"{2076FAAE-3E55-4F92-A657-73CC45345A35}" = lport=2869 | protocol=6 | dir=in | app=system |
"{21E0F011-3B8F-4090-AF92-53B8DC950E10}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2B9BBA32-47EF-4890-B9B2-D9AB2C2BF6FC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2D61ED77-319F-490C-B698-33A54D3522C3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{2EE8FEE8-028E-457E-B35B-4889BFA26F5A}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{2FF23AA1-38FA-4292-9903-FCEC5A45663B}" = lport=56815 | protocol=6 | dir=in | name=pando p2p tcp listening port |
"{32706EA9-9D16-4C0F-89BE-87B0474FA838}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{442AED35-C3C9-42EC-8716-8C58150F1E80}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{46E33A80-E09D-422F-8AE6-E77C5005C858}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{5C9F5265-AFC9-45B7-99DE-EC817AFA27F7}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{5D2B31DB-A384-4691-BCA8-DEE113D4AA9D}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{607F1ABC-E52C-49DB-B114-620D287AF209}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{61CBAA62-E32E-4420-87D2-BF4380EF3BDD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6489F7E8-6097-4079-AE9F-97652D46C9E5}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{698EB0F8-02D4-41D6-B7D9-DB4C8606E683}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6BD35426-5077-4057-A4AA-B6226597D29E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6FF827E3-83EB-4C32-83FF-7A963E0B1403}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{7230B2F1-ACEB-4158-8B0E-711090C06DF2}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
"{7243DAF8-44BE-46EB-BE42-4C868ABE7E21}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{77A8E40C-9FDB-422F-8616-C839EB121633}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{7B5C9227-E321-42E4-93B1-5A57D4F36D19}" = lport=443 | protocol=6 | dir=in | app=system |
"{7E477565-2C95-4993-B57F-5640592E1B49}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{817B8854-A326-4246-9FF4-552B5012AC3E}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{83ACE16D-6DDA-4E7E-B0F1-502C8E36B643}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{8594DBFD-8F89-4B3E-85E6-4C829059B61B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{8BD03AF3-3C40-43EC-9D25-5E0071B77C0D}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{904CC250-594B-425A-9DE2-EF5D713B4975}" = lport=10243 | protocol=6 | dir=in | app=system |
"{979AA042-1346-44DD-A3F0-EE5EDD9B5112}" = lport=445 | protocol=6 | dir=in | app=system |
"{A093F838-0350-4C57-B551-6CF7751618BC}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{A136AE62-DC07-44B3-9288-04C270F72407}" = rport=5357 | protocol=6 | dir=out | app=system |
"{A56ABF70-3100-45E8-9249-267F45ACCD68}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A91BD91F-6CE1-412B-A69C-13EDB6923030}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{BAA70C55-91BC-4DDB-85E9-513A0C30FBDC}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{BC2286BF-4DD8-4480-AEE6-DBA7995B3EC6}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{CA3DC667-075F-4D2A-99EC-C959A7C8B44A}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{CD1E025A-8D20-40D8-84E1-76A418A8A3B5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CEFC6562-95C3-4FF6-AB81-DE28DB5A6A62}" = lport=5357 | protocol=6 | dir=in | app=system |
"{DA0F765C-B7F1-435E-8331-A324F6202C51}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{DC2B02E0-313F-4B0C-B410-3CC315C9DB49}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{DDD398E4-2041-4F6D-93BC-816663D7EACB}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{E0E5AA8C-EA60-48F2-8C63-FB38AF21635C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E3D5FB25-2064-4270-994D-E531BB1F7089}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E6A65046-F314-4100-AE34-C766647B1D17}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{E7128DD5-6C69-4F6E-8E3F-FB9F5F5BD190}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{E7521162-CEC6-4E22-BB24-75BE08E5698C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E85854FE-91FE-4206-AA75-CC43996ABA64}" = lport=5358 | protocol=6 | dir=in | app=system |
"{E96A2832-E1A2-44BE-BDAC-56DB62A0538B}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{ED96BB61-B1CF-406B-8B76-3BD07231779A}" = rport=5358 | protocol=6 | dir=out | app=system |
"{F7B00FBE-5DCF-4C87-8F36-977D27FB8A1D}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{FA05FF8F-9817-456B-AC88-CB2E58683E5C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{FCF85CF2-DD42-4E4B-A182-1AC620573627}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FE745ECD-F50D-4166-AF19-D9E013B8D7C6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FF2C9ACE-2B7F-49DC-BF4D-10851364C9E8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03D1E7CB-805C-4D0C-B30B-3154EC023D05}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{072A7F87-DDB4-4F6B-A508-651BC021DC61}" = protocol=6 | dir=in | app=c:\program files\kalypso\sins of a solar empire\sins of a solar empire.exe |
"{095D5789-1D20-48E4-A831-9CBB1A8BE055}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0BC2AD8C-8B68-43E7-8FC1-2709D5302B91}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{0D86B1CC-A211-4108-A2D8-53705876C7A5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0DD2138C-B1E9-496A-9E2B-AD054A032199}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0E6F001D-50C6-4F58-90DA-0DFD5D13FD0A}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{11E1F7DD-4708-4E9E-A195-C1DD7F443008}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{14911E60-75A1-4BD2-8F88-3AD7B225731C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1833FBB0-305B-4BBF-91A3-D4AD4DA3E18A}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe |
"{1D54D9BE-BF8B-4F96-AD4C-3C5D371F1FD4}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{2E65E2FC-E4B0-41FE-8670-C25A782AEA18}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{2F0C5288-DEA5-4828-90B8-96006EBB1BB5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3233DEE7-3BB8-4DA8-A77C-9658C7817607}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{399BB380-0A56-4571-BD46-1A2558E9D40A}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{41A2403C-073F-4CA1-90F4-0CA90FED08D5}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{4573F8FA-8D5F-4658-8C23-C06AF57C1167}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{48B0B5B2-FB21-44A2-B227-98FBDEC4598F}" = dir=in | app=c:\program files\pando networks\pando\pando.exe |
"{4E92514D-B3F5-4323-85A5-C932B6ACD508}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{52FFE16B-3FF2-446A-B589-E4A09F00255F}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{535155E0-3588-49C9-B5AD-0A21E321D14E}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{543E08F8-DBC6-482A-9AFC-CDBC17E7DBD9}" = protocol=6 | dir=out | app=system |
"{5921F8D5-EFA3-43EB-B1E5-E11F0487809C}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{5CB91D4B-2BA4-42F6-A6CB-01C04A868A60}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{5E6C310E-0EA4-4E2D-89D6-7B268DBF54A6}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{67CC43BA-7A15-4FB2-9CE8-CA720DE20BA2}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{69F210E8-17E1-4CF7-B9FC-4117FE144E1C}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{6C03C71B-9A3E-4820-A8A4-B2E730B7A55D}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{7307D994-8793-405C-A7D0-313D32386614}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"{75B60154-9488-42CD-9448-095D79F0D1EC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{79DEB3BB-2FA2-4651-9AEF-643D84AD3CD1}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{7B4DBE30-5C35-4055-A9FA-118372074223}" = protocol=6 | dir=out | app=system |
"{800E7F19-2EAF-48FD-848D-889503F3A390}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{824923B7-FA3B-4AB3-B367-BA9B5E0127BD}" = protocol=17 | dir=in | app=c:\program files\kalypso\sins of a solar empire\sins of a solar empire.exe |
"{84229966-EA53-4A69-8102-A0BAEE431CAE}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{86EADF41-6851-4CFC-9B4E-768DF3FCB900}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{8E405976-B25D-43FA-8AA8-AE9577C8C934}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{8EE621B7-5A30-4BAB-B88F-6FE9031F7B38}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{8F2ED063-F23E-4AA9-B11C-FC60611DDB5C}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{90F8C3C8-ECDC-400A-9616-A0DB2B3C0482}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{9229124D-3864-4D26-B66B-C68A1C006351}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{951E05E1-F2C0-483C-BCFD-16FD5AB93DB0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{955DAC7D-1078-46FC-AF95-6AA79ABE1964}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{A0660504-E63F-4A59-8DB8-4D540D59854B}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe |
"{A070EE52-1367-45B2-976E-89C96822ECCA}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{A357345C-59B9-45B4-A219-7EFDFC2E2C18}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A3B27744-23C1-47BC-97DE-27B6C3E71351}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{A4B4E0C7-420C-4B6D-81C3-09D52399E8D0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{ABC288FF-6D31-4550-ADCF-B8C1E0A2FA03}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{ACF942BD-64A0-4A84-9FDF-5A36A3D35946}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{ADBC4473-5416-4AA0-B0FF-005AD415EBDC}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{B80CA702-1492-4EDC-AD02-E70988F36F3D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BA4C7F80-1AA3-4B6B-B722-D165EA2D35C5}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{CD348548-EE39-4944-B33A-65E093FDEF2A}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"{CFBE7E4B-838C-432B-BF16-0B6123743742}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{D059CB31-E540-4707-899A-21178E89602C}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{D318CEBF-5F66-4AE4-8C31-347AD391DC7D}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{D759CA85-7DDB-4B2B-9037-2A36A2E9373E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{E616E0F7-D8C2-4BCE-9BF5-75B673FF1EC8}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{ED73FAB2-CF24-4784-9CD4-F87F2CF3C041}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{EF4D003E-2AAA-489D-A1B6-8B60AE5642E0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EFE48591-160B-4F45-9E04-1A1D8E9E347C}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{F5620249-37DE-4D58-976E-74D9FED47F7A}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{F7B93E07-11A5-4059-A5C9-5D66D41E48CE}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{FACEA317-E0F5-4D91-97A9-26A4A1099058}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{FD49FEAE-4CD5-43FF-B082-FE9D87386322}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FF2D0E94-5673-4085-A875-48419901AF0D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FF5B4F44-50A1-45AA-8294-D1A95350C121}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"TCP Query User{04429B8F-4926-4F6E-9E47-04873DB61899}E:\ut3\binaries\ut3.exe" = protocol=6 | dir=in | app=e:\ut3\binaries\ut3.exe |
"TCP Query User{0FF26530-E887-4592-BEE0-3472543D1BF0}C:\program files\orange\telephone sur pc\telephonesurpc.exe" = protocol=6 | dir=in | app=c:\program files\orange\telephone sur pc\telephonesurpc.exe |
"TCP Query User{3E839EBF-5E70-4ADE-8947-358DAAF31336}C:\program files\turbonote\tbnote.exe" = protocol=6 | dir=in | app=c:\program files\turbonote\tbnote.exe |
"TCP Query User{5C16DEC7-904F-40F2-AE8B-97F54C1F2176}C:\program files\turbonote\tbnote.exe" = protocol=6 | dir=in | app=c:\program files\turbonote\tbnote.exe |
"TCP Query User{5D67FB63-7D16-4B15-B0B1-EF9D4505FBBA}C:\program files\post-net\post-net.exe" = protocol=6 | dir=in | app=c:\program files\post-net\post-net.exe |
"TCP Query User{640FB9C1-A85F-4F7C-902C-24073F9D69E4}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{6B7C7611-3224-4ACD-87DD-3B3B833CDC33}E:\call of duty install\coduomp.exe" = protocol=6 | dir=in | app=e:\call of duty install\coduomp.exe |
"TCP Query User{6F667FB1-3806-4CD2-814E-EAED450B7E57}C:\program files\codemasters\worms 4 mayhem\worms 4 mayhem.exe" = protocol=6 | dir=in | app=c:\program files\codemasters\worms 4 mayhem\worms 4 mayhem.exe |
"TCP Query User{7913DA40-532E-4753-BA89-342C116F496D}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{82D39F40-431F-422F-A852-9B1178652D46}C:\ut2004\system\ut2004.exe" = protocol=6 | dir=in | app=c:\ut2004\system\ut2004.exe |
"TCP Query User{8826808A-75AA-43EF-8DD5-27D401DA9CB0}E:\call of duty install\codmp.exe" = protocol=6 | dir=in | app=e:\call of duty install\codmp.exe |
"TCP Query User{95F5FA63-ECC4-44F1-AA4F-933CC494F9A7}C:\osgeo4w\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\osgeo4w\apache\bin\httpd.exe |
"TCP Query User{9D328454-6FE1-4B66-BBD3-31F2D1D5871F}C:\users\guillaume\desktop\stage\my mobile\mymobiler\mymobiler.exe" = protocol=6 | dir=in | app=c:\users\guillaume\desktop\stage\my mobile\mymobiler\mymobiler.exe |
"TCP Query User{B380814E-9F0A-4DDA-B835-6ECD3AF66F41}E:\cod4\iw3mp.exe" = protocol=6 | dir=in | app=e:\cod4\iw3mp.exe |
"TCP Query User{BBF25367-4627-4354-A2CE-122368C290E7}E:\worms 4 mayhem astroboy\crack\worms 4 mayhem.exe" = protocol=6 | dir=in | app=e:\worms 4 mayhem astroboy\crack\worms 4 mayhem.exe |
"TCP Query User{C12D61DB-F854-4846-B174-32DF647A9F7A}C:\unrealtournament\system\unrealtournament.exe" = protocol=6 | dir=in | app=c:\unrealtournament\system\unrealtournament.exe |
"TCP Query User{CABD9871-8315-4B05-92A1-41261334AA5E}C:\users\guillaume\desktop\my mobile\mymobiler\mymobiler.exe" = protocol=6 | dir=in | app=c:\users\guillaume\desktop\my mobile\mymobiler\mymobiler.exe |
"TCP Query User{D1962FA1-9D4A-4BA7-B765-1BD0F4BAA353}C:\program files\pando networks\pando\pando.exe" = protocol=6 | dir=in | app=c:\program files\pando networks\pando\pando.exe |
"TCP Query User{D2A29562-C04F-469D-8540-5E73F2E0813D}C:\program files\messengerdiscovery\messengerdiscovery live.exe" = protocol=6 | dir=in | app=c:\program files\messengerdiscovery\messengerdiscovery live.exe |
"TCP Query User{E7B0D710-17A2-444B-AD9A-1DB0EA05B808}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{EACF27DC-670E-4C5E-B27F-50A13E3C8F89}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{EDF8D2E3-5DBF-4730-9A72-E0A0A3A18415}C:\program files\codemasters\worms 4 mayhem\worms 4 mayhem.exe" = protocol=6 | dir=in | app=c:\program files\codemasters\worms 4 mayhem\worms 4 mayhem.exe |
"TCP Query User{F95CDE8D-DB6F-4608-8237-C4CE2106081D}C:\program files\pando networks\pando\pando.exe" = protocol=6 | dir=in | app=c:\program files\pando networks\pando\pando.exe |
"TCP Query User{FB0323C0-0827-4D7F-B62B-25B9A2B1B341}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{FD80194B-5F7C-48D6-807F-46D4CD907A2F}E:\dragon age\bin_ship\daorigins.exe" = protocol=6 | dir=in | app=e:\dragon age\bin_ship\daorigins.exe |
"UDP Query User{035BA5A7-FBEF-49AC-8048-CF1AFFB3B0E4}E:\cod4\iw3mp.exe" = protocol=17 | dir=in | app=e:\cod4\iw3mp.exe |
"UDP Query User{038B7D05-8776-4276-96E6-236DDA6FA9CB}C:\program files\turbonote\tbnote.exe" = protocol=17 | dir=in | app=c:\program files\turbonote\tbnote.exe |
"UDP Query User{186CCF81-8EC6-4DDC-BADA-A3FCB6E9D313}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{20B5A5BE-0439-40A6-B614-47F9D34B45A8}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{478495F1-AD1E-46DF-896E-AB5D40EF979E}C:\program files\messengerdiscovery\messengerdiscovery live.exe" = protocol=17 | dir=in | app=c:\program files\messengerdiscovery\messengerdiscovery live.exe |
"UDP Query User{523FB4C7-71CC-40DA-BA59-E772FD9AE436}C:\program files\codemasters\worms 4 mayhem\worms 4 mayhem.exe" = protocol=17 | dir=in | app=c:\program files\codemasters\worms 4 mayhem\worms 4 mayhem.exe |
"UDP Query User{64E70BA2-FA6B-4417-8D05-400FB92E6202}C:\program files\pando networks\pando\pando.exe" = protocol=17 | dir=in | app=c:\program files\pando networks\pando\pando.exe |
"UDP Query User{6C972812-9FDF-4CD8-A82E-71838DA713F5}C:\osgeo4w\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\osgeo4w\apache\bin\httpd.exe |
"UDP Query User{7CE8A914-7764-4D3B-89E1-CAE0F263E56F}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{8958CBEB-5ED7-447E-A7A2-2FC52C6999BB}E:\call of duty install\codmp.exe" = protocol=17 | dir=in | app=e:\call of duty install\codmp.exe |
"UDP Query User{8DFCD0FE-2B51-4FAC-B662-4FD263A177C0}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{913C2DC6-D5BB-464E-A5EA-82C04B73C767}E:\ut3\binaries\ut3.exe" = protocol=17 | dir=in | app=e:\ut3\binaries\ut3.exe |
"UDP Query User{9F081FEB-B4A8-4FED-8F4E-9921F151741B}E:\call of duty install\coduomp.exe" = protocol=17 | dir=in | app=e:\call of duty install\coduomp.exe |
"UDP Query User{BF342E3F-0DF9-48EB-89EC-75008B395062}C:\program files\orange\telephone sur pc\telephonesurpc.exe" = protocol=17 | dir=in | app=c:\program files\orange\telephone sur pc\telephonesurpc.exe |
"UDP Query User{C34E5922-C711-4B9C-8AF9-B48EF59A17DA}C:\program files\turbonote\tbnote.exe" = protocol=17 | dir=in | app=c:\program files\turbonote\tbnote.exe |
"UDP Query User{C9AEA27B-E445-4130-96C1-C207A37767BD}C:\ut2004\system\ut2004.exe" = protocol=17 | dir=in | app=c:\ut2004\system\ut2004.exe |
"UDP Query User{CABAB2F5-7CA0-43FD-8506-B02492AE0161}C:\unrealtournament\system\unrealtournament.exe" = protocol=17 | dir=in | app=c:\unrealtournament\system\unrealtournament.exe |
"UDP Query User{D60A8C44-977D-4FAF-9EC0-5200D36B95F5}C:\program files\post-net\post-net.exe" = protocol=17 | dir=in | app=c:\program files\post-net\post-net.exe |
"UDP Query User{EAE521D8-3F3F-4EB2-86DA-4319CDA11644}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{EB8AE21C-A232-437F-952F-5DA141EC032A}C:\program files\codemasters\worms 4 mayhem\worms 4 mayhem.exe" = protocol=17 | dir=in | app=c:\program files\codemasters\worms 4 mayhem\worms 4 mayhem.exe |
"UDP Query User{EBAE2C3C-B145-4347-840F-6D1B8B2A1E54}C:\users\guillaume\desktop\my mobile\mymobiler\mymobiler.exe" = protocol=17 | dir=in | app=c:\users\guillaume\desktop\my mobile\mymobiler\mymobiler.exe |
"UDP Query User{F1511777-5119-4A80-B288-F78154EACAA3}C:\users\guillaume\desktop\stage\my mobile\mymobiler\mymobiler.exe" = protocol=17 | dir=in | app=c:\users\guillaume\desktop\stage\my mobile\mymobiler\mymobiler.exe |
"UDP Query User{F2555F42-6455-429C-A524-5C5945D88708}E:\dragon age\bin_ship\daorigins.exe" = protocol=17 | dir=in | app=e:\dragon age\bin_ship\daorigins.exe |
"UDP Query User{F3825D62-34E2-43E2-8148-4EF286049FC7}E:\worms 4 mayhem astroboy\crack\worms 4 mayhem.exe" = protocol=17 | dir=in | app=e:\worms 4 mayhem astroboy\crack\worms 4 mayhem.exe |
"UDP Query User{FEB31EAB-268D-414A-8F28-59ACA670B241}C:\program files\pando networks\pando\pando.exe" = protocol=17 | dir=in | app=c:\program files\pando networks\pando\pando.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00E656EB-2663-410E-B258-862AAAFBA6CF}" = GeoConcept Solution cdgc/1517-1
"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{0F895695-33CC-4203-9C47-25EF2AC9441C}" = Media Go
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5888428E-699C-4E71-BF71-94EE06B497DA}" = TuneUp Utilities 2008
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{654A0B5D-BBF2-4681-9BD2-81191026F890}" = TOEIC Mastery
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6DE585D3-F3EA-43B8-8564-C7BAF0B55DF3}" = ArpentGIS-Expert
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{846fe509-b448-47f0-b03f-e59916557a92}" = Nero 9 Essentials
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-00B2-040C-0000-0000000FF1CE}" = Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2010
"{90140000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2010
"{90140000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2010
"{90140000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2010
"{90140000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2010
"{90140000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2010
"{90140000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2010
"{90140000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2010
"{90140000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2010
"{90140000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2010
"{90140000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2010
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Gestionnaire pour appareils Windows Mobile
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{9578C0CD-8108-4379-9026-4601F59859A0}" = Google Earth Pro
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = Réducteur de bruit lect. CD/DVD
"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
"{A644254B-92F6-4970-8635-AB0775371E72}" = InterVideo AVControlSDK
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AB480DA0-7EE9-465D-9C12-4CDE65BF18FB}" = Pando
"{AB93C51F-71F9-4A28-8134-FE1B5B9373E9}" = Windows Live Remote Service Resources
"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Français
"{AFC02C27-473F-4EC5-9372-30771EFFB35F}" = VC80_CRT_x86
"{B03B4BC8-8D65-4717-9B2D-CEC74B1322E0}" = GeoConcept (6.5.1517)
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}" = Windows Live Remote Client Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Codeur Windows Media Série 9
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{E91E8912-769D-42F0-8408-0E329443BABC}" = Ralink Wireless LAN Card
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.01.192
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = TIPCI
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ad-Remover" = Ad-Remover par C_XX
"Autopano Pro" = Autopano Pro
"avast!" = avast! Antivirus
"CCleaner" = CCleaner (remove only)
"ESET Online Scanner" = ESET Online Scanner v3
"Firebird SQL Server F" = Firebird SQL Server - MAGIX Edition
"Free FLV Converter_is1" = Free FLV Converter V 6.7.3
"Free Video Converter_is1" = Free Video Converter V 2.3
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Mot de passe responsable
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"JDownloader" = JDownloader
"MAGIX Music Manager 2007 F" = MAGIX Music Manager 2007 8.1.1.102 (F)
"MAGIX Photo Manager 2007 F" = MAGIX Photo Manager 2007 4.2.0.85 (F)
"MAGIX Video deluxe 2008 PLUS F" = MAGIX Video deluxe 2008 PLUS 7.0.2.3 (F)
"MAGIX Xtreme Photo Designer 6 F" = MAGIX Xtreme Photo Designer 6 6.0.20.0 (F)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Media Player - Codec Pack" = Media Player Codec Pack 3.9.6
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 5.0 (x86 fr)" = Mozilla Firefox 5.0 (x86 fr)
"Office14.PROPLUS" = Microsoft Office Professionnel Plus 2010
"ProtectDisc Driver" = ProtectDisc Helper Driver
"PunkBusterSvc" = PunkBuster Services
"ReNamer_is1" = ReNamer
"StatBox" = StatBox (Désinstallation)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TVWiz" = Intel(R) TV Wizard
"Update Engine" = Sony Ericsson Update Engine
"Update Service" = Sony Ericsson Update Service
"Usbfix" = UsbFix By TeamXscript
"UT2004" = Unreal Tournament 2004
"VideoPad" = VideoPad Video Editor
"VLC media player" = VLC media player 1.1.4
"WBFS Manager 3.0" = WBFS Manager 3.0
"Windows Media Encoder 9" = Codeur Windows Media Série 9
"WinLiveSuite" = Windows Live
"WinRAR archiver" = Archiveur WinRAR
"x264 Revision 305 x264.nl" = x264 Revision 305 x264.nl (remove only)
"ZHPDiag_is1" = ZHPDiag 1.27

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.3.2.1

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 18/09/2009 13:35:31 | Computer Name = PC-de-Guillaume | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://static.ak.fbcdn.net/rsrc.php/zE90X/hash/2y1fhxzc... failed, 00000070.

Error - 18/09/2009 13:35:31 | Computer Name = PC-de-Guillaume | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://static.ak.fbcdn.net/rsrc.php/zDF8H/hash/b25gx7in... failed, 00000070.

Error - 18/09/2009 13:35:31 | Computer Name = PC-de-Guillaume | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://www.facebook.com/home.php?ref=home failed, 00000070.

Error - 18/09/2009 13:35:32 | Computer Name = PC-de-Guillaume | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://b.static.ak.fbcdn.net/rsrc.php/zCY19/hash/em7e4s... failed, 00000070.


Error - 18/09/2009 13:36:06 | Computer Name = PC-de-Guillaume | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://www.daemon-search.com/star failed, 00000070.

Error - 23/12/2009 15:29:19 | Computer Name = PC-de-Guillaume | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\Guillaume\AppData\Roaming\Microsoft\Office\Recent\Bureau.LNK failed, 00000026.


Error - 03/02/2010 14:17:22 | Computer Name = PC-de-Guillaume | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://www480.megaupload.com/files/d6aeeeac34022fff00a4...
failed, 00000084.

Error - 04/02/2010 13:39:34 | Computer Name = PC-de-Guillaume | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://www558.megaupload.com/files/211e44dcb43e858f7694...
failed, 00000084.

Error - 30/11/2010 09:30:24 | Computer Name = PC-de-Guillaume | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Windows\SoftwareDistribution\Download\f289c300b83a19b98c88117c5e7b259e\BIT496E.tmp
failed, 00000026.

Error - 20/06/2011 16:39:42 | Computer Name = PC-de-Guillaume | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Windows\System32\conime.exe failed, 00000005.

[ Application Events ]
Error - 20/06/2011 16:33:47 | Computer Name = PC-de-Guillaume | Source = EventSystem | ID = 4609
Description =

Error - 20/06/2011 16:35:54 | Computer Name = PC-de-Guillaume | Source = System Restore | ID = 8193
Description =

Error - 23/06/2011 13:19:01 | Computer Name = PC-de-Guillaume | Source = EventSystem | ID = 4609
Description =

Error - 23/06/2011 13:55:56 | Computer Name = PC-de-Guillaume | Source = Perflib | ID = 1010
Description =

Error - 24/06/2011 11:19:19 | Computer Name = PC-de-Guillaume | Source = Application Error | ID = 1000
Description = Application défaillante jaucheck.exe, version 2.0.4.1, horodatage
0x4d2781a9, module défaillant jaucheck.exe, version 2.0.4.1, horodatage 0x4d2781a9,
code d’exception 0xc0000005, décalage d’erreur 0x0000cf00, ID du processus 0x10d0,
heure de début de l’application 0x01cc328214043854.

Error - 24/06/2011 14:06:17 | Computer Name = PC-de-Guillaume | Source = Application Hang | ID = 1002
Description = Le programme ZHPDiag.exe version 1.2.7.2343 a cessé d’interagir avec
Windows et a été fermé. Pour déterminer si des informations supplémentaires sont
disponibles, consultez l’historique du problème dans l’application Rapports et
solutions aux problèmes du Panneau de configuration. ID de processus : 1110 Heure
de début : 01cc329827b12374 Heure de fin : 5

Error - 26/06/2011 20:10:30 | Computer Name = PC-de-Guillaume | Source = Application Hang | ID = 1002
Description = Le programme firefox.exe version 5.0.0.4183 a cessé d’interagir avec
Windows et a été fermé. Pour déterminer si des informations supplémentaires sont
disponibles, consultez l’historique du problème dans l’application Rapports et
solutions aux problèmes du Panneau de configuration. ID de processus : ff0 Heure de
début : 01cc345e60775f9f Heure de fin : 55

Error - 27/06/2011 14:33:53 | Computer Name = PC-de-Guillaume | Source = Application Hang | ID = 1002
Description = Le programme MediaGo.exe version 1.7.0.254 a cessé d’interagir avec
Windows et a été fermé. Pour déterminer si des informations supplémentaires sont
disponibles, consultez l’historique du problème dans l’application Rapports et
solutions aux problèmes du Panneau de configuration. ID de processus : 1394 Heure
de début : 01cc34f89d98d232 Heure de fin : 13

Error - 28/06/2011 15:31:22 | Computer Name = PC-de-Guillaume | Source = Application Hang | ID = 1002
Description = Le programme ToolsCleaner2.exe version 0.0.0.0 a cessé d’interagir
avec Windows et a été fermé. Pour déterminer si des informations supplémentaires
sont disponibles, consultez l’historique du problème dans l’application Rapports
et solutions aux problèmes du Panneau de configuration. ID de processus : d00 Heure
de début : 01cc35c9bd294159 Heure de fin : 15

Error - 28/06/2011 15:33:01 | Computer Name = PC-de-Guillaume | Source = Application Hang | ID = 1002
Description = Le programme ToolsCleaner2.exe version 0.0.0.0 a cessé d’interagir
avec Windows et a été fermé. Pour déterminer si des informations supplémentaires
sont disponibles, consultez l’historique du problème dans l’application Rapports
et solutions aux problèmes du Panneau de configuration. ID de processus : 1600 Heure
de début : 01cc35ca1650e4e9 Heure de fin : 8

[ System Events ]
Error - 29/06/2011 11:54:44 | Computer Name = PC-de-Guillaume | Source = Service Control Manager | ID = 7000
Description =

Error - 29/06/2011 11:54:44 | Computer Name = PC-de-Guillaume | Source = Service Control Manager | ID = 7000
Description =

Error - 29/06/2011 11:54:44 | Computer Name = PC-de-Guillaume | Source = Service Control Manager | ID = 7000
Description =

Error - 29/06/2011 13:13:49 | Computer Name = PC-de-Guillaume | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 192.168.2.10 pour la carte réseau dont l'adresse
réseau est 001B9E666319 a été refusé par le serveur DHCP 192.168.2.1 (celui-ci
a envoyé un message DHCPNACK).

Error - 29/06/2011 13:43:06 | Computer Name = PC-de-Guillaume | Source = Microsoft-Windows-Eventlog | ID = 22
Description =

Error - 29/06/2011 13:43:34 | Computer Name = PC-de-Guillaume | Source = Service Control Manager | ID = 7000
Description =

Error - 29/06/2011 13:43:34 | Computer Name = PC-de-Guillaume | Source = Service Control Manager | ID = 7000
Description =

Error - 29/06/2011 13:43:34 | Computer Name = PC-de-Guillaume | Source = Service Control Manager | ID = 7000
Description =

Error - 29/06/2011 13:43:34 | Computer Name = PC-de-Guillaume | Source = Service Control Manager | ID = 7000
Description =

Error - 29/06/2011 14:12:03 | Computer Name = PC-de-Guillaume | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 192.168.2.10 pour la carte réseau dont l'adresse
réseau est 001B9E666319 a été refusé par le serveur DHCP 192.168.2.1 (celui-ci
a envoyé un message DHCPNACK).


< End of report >

FIN DU RAPPORT 1!!!

2010/08/25 14:20:08 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2008/08/13 11:00:32 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2007/07/10 15:49:51 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2011/06/19 21:16:46 | 000,000,000 | ---D | M] -- C:\Program Files\NCH Software
[2009/12/22 20:12:42 | 000,000,000 | ---D | M] -- C:\Program Files\Nero
[2010/10/15 16:18:25 | 000,000,000 | ---D | M] -- C:\Program Files\Nikon
[2010/04/05 10:15:44 | 000,000,000 | ---D | M] -- C:\Program Files\OrangeHSS
[2011/05/15 18:42:42 | 000,000,000 | ---D | M] -- C:\Program Files\Pando Networks
[2009/04/23 17:48:17 | 000,000,000 | ---D | M] -- C:\Program Files\ProtectDisc Driver Installer
[2011/06/19 20:07:36 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2008/08/10 17:40:15 | 000,000,000 | ---D | M] -- C:\Program Files\RALINK
[2007/10/15 19:40:34 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
[2006/11/02 14:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2010/10/19 15:11:26 | 000,000,000 | ---D | M] -- C:\Program Files\ReNamer
[2011/05/15 18:58:01 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2011/06/19 17:14:51 | 000,000,000 | ---D | M] -- C:\Program Files\Sony
[2011/06/19 17:38:13 | 000,000,000 | ---D | M] -- C:\Program Files\Sony Ericsson
[2011/06/19 17:12:28 | 000,000,000 | ---D | M] -- C:\Program Files\Sony Media Go Install
[2011/06/28 23:07:14 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2008/05/24 17:31:52 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2008/08/23 16:01:59 | 000,000,000 | ---D | M] -- C:\Program Files\TOSHIBA
[2011/06/28 22:43:05 | 000,000,000 | ---D | M] -- C:\Program Files\Trend Micro
[2008/12/23 18:11:29 | 000,000,000 | ---D | M] -- C:\Program Files\TuneUp Utilities 2008
[2006/11/02 15:01:55 | 000,000,000 | ---D | M] -- C:\Program Files\Uninstall Information
[2008/08/14 21:10:43 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2011/02/13 19:06:00 | 000,000,000 | ---D | M] -- C:\Program Files\WBFS
[2009/07/28 13:00:18 | 000,000,000 | ---D | M] -- C:\Program Files\WinASPI
[2009/09/25 22:10:37 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2009/09/25 22:10:36 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2009/09/25 22:10:35 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2009/09/25 22:10:36 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2011/06/19 19:56:46 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2011/06/18 21:16:33 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2007/04/18 08:46:54 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Components
[2010/10/14 10:04:46 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2008/05/24 17:35:31 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009/09/25 22:10:36 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2009/11/17 10:45:09 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2009/09/25 22:10:37 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2008/06/01 16:23:21 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
[2009/08/14 15:31:49 | 000,000,000 | ---D | M] -- C:\Program Files\x264


< MD5 for: AGP440.SYS >
[2008/01/19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/05/24 18:34:33 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008/05/24 18:34:33 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008/05/24 18:34:33 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/04/11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009/04/11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008/01/19 09:33:01 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2006/11/02 11:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe

< MD5 for: BEEP.SYS >
[2008/01/19 07:49:10 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys
[2008/01/19 07:49:10 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys
[2006/11/02 10:51:03 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=AC3DD1708B22761EBD7CBE14DCC3B5D7 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6000.16386_none_c1e9df570ab23787\beep.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: EXPLORER.EXE >
[2008/10/29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008/05/24 18:37:41 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008/05/24 18:37:40 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006/11/02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008/01/19 09:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HIDSERV.DLL >
[2009/04/11 08:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=84067081F3318162797385E11A8F0582 -- C:\Windows\System32\hidserv.dll
[2009/04/11 08:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=84067081F3318162797385E11A8F0582 -- C:\Windows\winsxs\x86_microsoft-windows-hid-user_31bf3856ad364e35_6.0.6002.18005_none_d897c17984907383\hidserv.dll
[2006/11/02 11:46:05 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=8FA640195279ACE21BEA91396A0054FC -- C:\Windows\winsxs\x86_microsoft-windows-hid-user_31bf3856ad364e35_6.0.6000.16386_none_d47586718a839763\hidserv.dll

< MD5 for: IASTOR.SYS >
[2007/02/12 14:37:22 | 000,537,368 | ---- | M] (Intel Corporation) MD5=2EE127D5407DA3957EE54711C9AED6EC -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2007/02/12 14:37:22 | 000,537,368 | ---- | M] (Intel Corporation) MD5=2EE127D5407DA3957EE54711C9AED6EC -- C:\Toshiba\Drivers\Robson\Winall\Driver64\IaStor.sys
[2007/02/12 14:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\iaStor.sys
[2007/02/12 14:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Toshiba\Drivers\Robson\Winall\Driver\iaStor.sys
[2007/02/12 14:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\System32\drivers\iaStor.sys
[2007/02/12 14:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_1cb29a96\iaStor.sys

< MD5 for: IASTORV.SYS >
[2008/01/19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: IMM32.DLL >
[2009/04/11 08:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) MD5=C8BDCECEE082B54F0BAC838BF0A34597 -- C:\Windows\System32\imm32.dll
[2009/04/11 08:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) MD5=C8BDCECEE082B54F0BAC838BF0A34597 -- C:\Windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_5e419722778cc84e\imm32.dll
[2008/01/19 09:34:33 | 000,114,688 | ---- | M] (Microsoft Corporation) MD5=EC17194A193CD8E90D27CFB93DFA9A2E -- C:\Windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_5c561e167a6afd02\imm32.dll
[2006/11/02 11:46:05 | 000,115,200 | ---- | M] (Microsoft Corporation) MD5=EE12864398F1C3BF5BEE91F6AF9842E1 -- C:\Windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6000.16386_none_5a1f5c1a7d7fec2e\imm32.dll

< MD5 for: KERNEL32.DLL >
[2009/02/13 10:21:09 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=1987D817D08F5EAF0B7F334026FDDB79 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_9401d8206f9c7e67\kernel32.dll
[2006/11/02 11:46:05 | 000,874,496 | ---- | M] (Microsoft Corporation) MD5=1E36AE445E4DA83B82D51FEB2D4F8772 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16386_none_91872345596077da\kernel32.dll
[2009/02/13 09:26:37 | 000,875,520 | ---- | M] (Microsoft Corporation) MD5=B82C7AC1D559F0FD088792171D64C7F3 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_91c20a8f593529ed\kernel32.dll
[2009/02/13 09:13:01 | 000,875,520 | ---- | M] (Microsoft Corporation) MD5=BB792054BD990EC05D9E260D50FEAD39 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_92564f68724ae108\kernel32.dll
[2009/04/11 08:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) MD5=BB8509089E7DF514310814E1B2593FFC -- C:\Windows\System32\kernel32.dll
[2009/04/11 08:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) MD5=BB8509089E7DF514310814E1B2593FFC -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_95a95e4d536d53fa\kernel32.dll
[2009/02/13 10:49:05 | 000,888,832 | ---- | M] (Microsoft Corporation) MD5=DB6E3731E6F5C8AE2843F80B5787F7C6 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_93b81a93564f1da0\kernel32.dll
[2008/01/19 09:34:36 | 000,888,320 | ---- | M] (Microsoft Corporation) MD5=DC2338093F91BA4E0512208E60206DDD -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_93bde541564b88ae\kernel32.dll

< MD5 for: MSWSOCK.DLL >
[2006/11/02 11:46:10 | 000,227,328 | ---- | M] (Microsoft Corporation) MD5=54E9576169A248AD62A1EB9773225826 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6000.16386_none_b61c950a3060adba\mswsock.dll
[2009/04/11 08:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB -- C:\Windows\System32\mswsock.dll
[2009/04/11 08:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll
[2008/01/19 09:35:15 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=89FD0595EEA4E505CABEFCF7008F2612 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062d4bbe8e\mswsock.dll

< MD5 for: NDIS.SYS >
[2009/04/11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009/04/11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2006/11/02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2008/01/19 09:43:31 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
[2007/04/18 07:26:40 | 000,503,480 | ---- | M] (Microsoft Corporation) MD5=FFFE00134C554E113EE186EEDDB0FF30 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.20509_none_a67388ba37fe05b2\ndis.sys

< MD5 for: NETLOGON.DLL >
[2006/11/02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NTFS.SYS >
[2008/05/24 18:34:35 | 001,060,920 | ---- | M] (Microsoft Corporation) MD5=2620822A21B76375F5FD6E0986407CD1 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.16586_none_a43a6b8d2000830d\ntfs.sys
[2008/05/24 18:36:10 | 001,060,920 | ---- | M] (Microsoft Corporation) MD5=37430AA7A66D7A63407ADC2C0D05E9F6 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.16615_none_a4851c9d1fc8a346\ntfs.sys
[2006/11/02 11:51:47 | 001,056,360 | ---- | M] (Microsoft Corporation) MD5=3F379380A4A2637F559444E338CF1B51 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.16386_none_a43a67c1200088bf\ntfs.sys
[2009/04/11 08:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\System32\drivers\ntfs.sys
[2009/04/11 08:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_a85ca2c91a0d64df\ntfs.sys
[2008/01/19 09:43:40 | 001,081,912 | ---- | M] (Microsoft Corporation) MD5=B4EFFE29EB4F15538FD8A9681108492D -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_a67129bd1ceb9993\ntfs.sys
[2008/05/24 18:34:35 | 001,061,432 | ---- | M] (Microsoft Corporation) MD5=B5BE45B1F554DF9E1976CBC855365E60 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.20709_none_a51d8a7c38da8c7b\ntfs.sys
[2008/05/24 18:36:10 | 001,061,944 | ---- | M] (Microsoft Corporation) MD5=F08824715CA6076F5E73E005AB83B9C8 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.20740_none_a4e9483239031830\ntfs.sys

< MD5 for: NTMSSVC.DLL >
[2006/11/02 14:36:25 | 000,460,288 | ---- | M] (Microsoft Corporation) MD5=957CC0F372BB5D79C477363952276859 -- C:\Windows\winsxs\x86_microsoft-windows-r..emanagement-service_31bf3856ad364e35_6.0.6000.16386_none_0c076ff411279f33\ntmssvc.dll
[2008/01/19 09:35:58 | 000,460,288 | ---- | M] (Microsoft Corporation) MD5=A7DFF9642D510BE1EEC6664CD0369953 -- C:\Windows\winsxs\x86_microsoft-windows-r..emanagement-service_31bf3856ad364e35_6.0.6001.18000_none_0e3e31f00e12b007\ntmssvc.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: PROQUOTA.EXE >
[2006/11/02 11:45:33 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=C31AE90F24870B9A51655C36A9EB4BF3 -- C:\Windows\System32\proquota.exe
[2006/11/02 11:45:33 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=C31AE90F24870B9A51655C36A9EB4BF3 -- C:\Windows\winsxs\x86_microsoft-windows-proquota_31bf3856ad364e35_6.0.6000.16386_none_259035db957a1715\proquota.exe

< MD5 for: QMGR.DLL >
[2008/01/19 09:36:13 | 000,758,272 | ---- | M] (Microsoft Corporation) MD5=02ED7B4DBC2A3232A389106DA7515C3D -- C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_2390c4ecf9720b8c\qmgr.dll
[2006/11/02 11:46:12 | 000,749,568 | ---- | M] (Microsoft Corporation) MD5=733FB484A06B9D6A44DD9CA1D3BE937B -- C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6000.16386_none_215a02f0fc86fab8\qmgr.dll
[2009/04/11 08:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) MD5=93952506C6D67330367F7E7934B6A02F -- C:\Windows\System32\qmgr.dll
[2009/04/11 08:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) MD5=93952506C6D67330367F7E7934B6A02F -- C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_257c3df8f693d6d8\qmgr.dll
[2008/05/24 18:22:30 | 000,750,080 | ---- | M] (Microsoft Corporation) MD5=DA551697E34D2B9943C8B1C8EAFFE89A -- C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6000.16531_none_218b14e6fc62ea9e\qmgr.dll
[2008/05/24 18:22:30 | 000,750,080 | ---- | M] (Microsoft Corporation) MD5=F1148566FA5173A4FD48AF8E8BC09401 -- C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6000.20647_none_220fe38215833e63\qmgr.dll

< MD5 for: SCECLI.DLL >
[2008/01/19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SPOOLSV.EXE >
[2010/08/17 15:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65A09B19 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
[2009/04/11 08:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) MD5=524BFBEA40E6E404737CCBC754647A2E -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
[2008/01/19 09:33:32 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=846CDF9A3CF4DA9B306ADFB7D55EE4C2 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe
[2010/08/17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\System32\spoolsv.exe
[2010/08/17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
[2010/08/17 16:20:09 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=AAE98B295E88D439A6E0F6E8929424FB -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
[2006/11/02 11:45:46 | 000,124,928 | ---- | M] (Microsoft Corporation) MD5=DA612EF2556776DF2630B68BF2D48935 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6000.16386_none_d414e125c49db442\spoolsv.exe
[2010/08/17 15:27:48 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=E807FC542C295BA256CE3567829E02A6 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2006/11/02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008/01/19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TERMSRV.DLL >
[2009/04/11 08:28:24 | 000,449,024 | ---- | M] (Microsoft Corporation) MD5=BB95DA09BEF6E7A131BFF3BA5032090D -- C:\Windows\System32\termsrv.dll
[2009/04/11 08:28:24 | 000,449,024 | ---- | M] (Microsoft Corporation) MD5=BB95DA09BEF6E7A131BFF3BA5032090D -- C:\Windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_908abad45165e2ae\termsrv.dll
[2008/01/19 09:36:39 | 000,448,512 | ---- | M] (Microsoft Corporation) MD5=D605031E225AACCBCEB5B76A4F1603A6 -- C:\Windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_8e9f41c854441762\termsrv.dll
[2006/11/02 11:46:13 | 000,427,520 | ---- | M] (Microsoft Corporation) MD5=FAD71C1E8E4047B154E899AE31EB8CAA -- C:\Windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6000.16386_none_8c687fcc5759068e\termsrv.dll

< MD5 for: USERINIT.EXE >
[2008/01/19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006/11/02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: VOLSNAP.SYS >
[2006/11/02 11:51:18 | 000,208,488 | ---- | M] (Microsoft Corporation) MD5=11EF6C1CAEF76B685233450A126125D6 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_9320b452\volsnap.sys
[2009/04/11 08:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\System32\drivers\volsnap.sys
[2009/04/11 08:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_1e6030e4\volsnap.sys
[2009/04/11 08:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys
[2008/05/24 18:34:32 | 000,211,000 | ---- | M] (Microsoft Corporation) MD5=327639D2EC931B057F3826A51ADC73E9 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6000.20709_none_146318401803edb5\volsnap.sys
[2008/05/24 18:34:33 | 000,211,000 | ---- | M] (Microsoft Corporation) MD5=80DC0C9BCB579ED9815001A4D37CBFD5 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_f47b2c78\volsnap.sys
[2008/05/24 18:34:33 | 000,211,000 | ---- | M] (Microsoft Corporation) MD5=80DC0C9BCB579ED9815001A4D37CBFD5 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6000.16586_none_137ff950ff29e447\volsnap.sys
[2008/01/19 09:42:48 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_f53a1785\volsnap.sys
[2008/01/19 09:42:48 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys

< MD5 for: WININET.DLL >
[2011/02/22 08:21:28 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=047CDEFF94B63F0A4791372B47427B60 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19048_none_e4aeb3d1b7b9b7a1\wininet.dll
[2009/11/21 17:03:43 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=0B603B1B76FF6CA2D88B658A9ECC40E8 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22956_none_e52ba614d0e11045\wininet.dll
[2010/01/02 16:56:17 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=1DC5E46312CBA5C1614B3D3359DB09C5 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22973_none_e513055ed0f3fc22\wininet.dll
[2007/10/15 18:14:49 | 000,823,296 | ---- | M] (Microsoft Corporation) MD5=1EA5200F3D45EFDFC25F630A52DDF9E5 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20547_none_0068102cbde44796\wininet.dll
[2006/11/02 11:46:14 | 000,822,272 | ---- | M] (Microsoft Corporation) MD5=214A456AADCC7DD1B36E2287BA71A9CA -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16386_none_ffb23181a4e80112\wininet.dll
[2010/02/23 17:06:06 | 000,919,040 | ---- | M] (Microsoft Corporation) MD5=24427C9C96556887A2F161800F00B2DE -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22995_none_e4ff661ad10266b2\wininet.dll
[2007/10/15 18:28:39 | 000,823,808 | ---- | M] (Microsoft Corporation) MD5=355F1F19DAAD8F769936752F993EA8BF -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20583_none_0038cf54be0851fe\wininet.dll
[2009/07/18 13:47:51 | 000,828,928 | ---- | M] (Microsoft Corporation) MD5=387B0601FCA64AF5117C321E46C4C4E2 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22180_none_04028882b857ddd1\wininet.dll
[2009/07/18 13:35:05 | 000,828,416 | ---- | M] (Microsoft Corporation) MD5=408A0A6E83333F98D564D95CDBB6D3C6 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18071_none_0384bbed9f313b6d\wininet.dll
[2008/04/25 06:35:23 | 000,826,880 | ---- | M] (Microsoft Corporation) MD5=44FD3968AD885026D94450832A78DE8A -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18063_none_01ab14d3a2010591\wininet.dll
[2008/01/19 09:36:55 | 000,825,856 | ---- | M] (Microsoft Corporation) MD5=455D715A840579BDC1CF8E5C1DA76849 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_01e8f37da1d311e6\wininet.dll
[2008/05/24 18:25:14 | 000,826,880 | ---- | M] (Microsoft Corporation) MD5=482BCCBF1FCBB3378100FF97081438C1 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18023_none_01d65483a1e095cd\wininet.dll
[2008/10/16 06:38:28 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=4944C9FFE8903A276590D4215F74B937 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22288_none_0224151ebb2a5917\wininet.dll
[2007/10/15 19:24:02 | 000,824,320 | ---- | M] (Microsoft Corporation) MD5=4E0726724C9387B9012BA90928A2AF4F -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20627_none_007db1eabdd40cdb\wininet.dll
[2008/05/24 18:25:14 | 000,826,880 | ---- | M] (Microsoft Corporation) MD5=4E962B645608E6EDB7D31B75921D07FA -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22120_none_025cf070bb00e992\wininet.dll
[2010/09/08 08:01:28 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=545264F1F3AC5BD57B159EBBDC4FDC58 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18975_none_e48b6b0db7d48c2d\wininet.dll
[2010/11/02 08:01:54 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=5681261BF2572F8776E1344DCB090C0B -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18999_none_e479cc5db7e1296b\wininet.dll
[2008/06/27 06:15:28 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=618A51B5FB9DD5810960F6044C0E9289 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18099_none_0190a6cba213f16e\wininet.dll
[2009/07/21 23:52:28 | 000,915,456 | ---- | M] (Microsoft Corporation) MD5=6206A2BF9741B31C258ACC51972AFCAA -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18813_none_e4ca481bb7a5b4b2\wininet.dll
[2008/10/16 06:24:00 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=622FE627D15DD920238A993021F0A4D1 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20937_none_0072e7b0bddc2041\wininet.dll
[2009/01/15 06:19:13 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=65647F41CEC0C8EEC9DF5BC1168EC76C -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20996_none_003107debe0dae90\wininet.dll
[2009/01/16 07:00:04 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=6A986C2CD30633447DAB21A4852E40D6 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22355_none_024185eabb14b666\wininet.dll
[2008/10/02 05:34:49 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=6B2591CDCEFEB8451594288426677CBB -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22278_none_022ee50abb223d26\wininet.dll
[2009/03/08 13:34:57 | 000,914,944 | ---- | M] (Microsoft Corporation) MD5=6CE32F7778061CCC5814D5E0F282D369 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\wininet.dll
[2010/09/08 08:25:04 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=6D4B5C39BB00A8BD98462664E73AC403 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23067_none_e521ae94d0e878cf\wininet.dll
[2010/12/18 08:27:04 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=74BCC23D622F32DA0450D164735ACAB1 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19019_none_e4d023dfb7a07d25\wininet.dll
[2010/06/26 08:05:49 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=78D42E00B5AB233F34116C0EF07F1BC9 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18943_none_e4a9da3db7be05ac\wininet.dll
[2010/12/18 09:18:09 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=7D6AACE6BF60B5A1D572E082DEC9F0F0 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23111_none_e551be5ad0c55237\wininet.dll
[2007/10/15 18:14:49 | 000,822,784 | ---- | M] (Microsoft Corporation) MD5=7DBB98EBB2D267ACF9E6BC04AEC6CBF3 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16448_none_ffdf73aba4c5c123\wininet.dll
[2009/07/18 13:56:28 | 000,828,416 | ---- | M] (Microsoft Corporation) MD5=7FCA93009963EE8A7AF1740661412F1E -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22475_none_022be7f8bb24eb6f\wininet.dll
[2009/04/11 08:28:25 | 000,828,416 | ---- | M] (Microsoft Corporation) MD5=8777B44511D8BCCF47B5A7CBDC02DE11 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\wininet.dll
[2009/07/18 14:17:15 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=87D84C48693EB949350FA938D63512D8 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16890_none_ffa16957a4f576bc\wininet.dll
[2008/10/02 05:49:06 | 000,826,368 | ---- | M] (Microsoft Corporation) MD5=8BF7D225505A4ADA25D9444E91811CEA -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16757_none_ffd3a927a4cebb32\wininet.dll
[2008/10/16 06:47:35 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=8F89FFECF6989DD7D9ECCEC6D95D7419 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18157_none_01b9e7cda1f54c23\wininet.dll
[2008/04/25 06:23:11 | 000,826,368 | ---- | M] (Microsoft Corporation) MD5=9191790BF02A8D759EC2B4E4FA868407 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16681_none_ffad35c1a4ec79d4\wininet.dll
[2010/01/02 08:38:20 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=91B8712BDC74295DA14A08F519B70D65 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18882_none_e47d985db7df5ef2\wininet.dll
[2007/10/15 18:28:39 | 000,822,784 | ---- | M] (Microsoft Corporation) MD5=9C1C977FA682D428C7133CF29013211B -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16473_none_ffba0275a4e29643\wininet.dll
[2010/05/04 08:31:32 | 000,919,040 | ---- | M] (Microsoft Corporation) MD5=9DF755B063C647A1CAEB17F3E2FDDE1D -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23019_none_e559bec4d0be1fc8\wininet.dll
[2011/05/11 23:01:16 | 001,126,912 | ---- | M] (Microsoft Corporation) MD5=A1236375B74EA63C75657D564890C436 -- C:\Windows\System32\wininet.dll
[2011/05/11 23:01:16 | 001,126,912 | ---- | M] (Microsoft Corporation) MD5=A1236375B74EA63C75657D564890C436 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16421_none_c1dc2e6ddfb757f8\wininet.dll
[2008/04/25 06:22:01 | 000,826,880 | ---- | M] (Microsoft Corporation) MD5=A86218059C228E7691A13E4CB63C4CDF -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22167_none_0238b2c6bb1b0ab7\wininet.dll
[2008/06/27 05:49:46 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=AE7150C0696C656D02FDD48259F4EFF5 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20868_none_00537650bdf39044\wininet.dll
[2011/02/22 09:18:35 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=B3A938D522F085171387FEF112AEECF5 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23143_none_e5334f2ad0dbd8b8\wininet.dll
[2008/10/02 05:49:19 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=C373C19F10601C1AFE7E40907AE48694 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18148_none_01c5b803a1ec4989\wininet.dll
[2008/10/02 05:30:45 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=C85EF7DE97ABBF00B16AD11EDFEAC637 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20927_none_007db79cbdd40450\wininet.dll
[2009/08/27 15:29:46 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=D0DD9439DB3C927209CFFE095AA1F097 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22918_none_e558e658d0bed32f\wininet.dll
[2009/07/18 14:16:25 | 000,828,928 | ---- | M] (Microsoft Corporation) MD5=D1E1447C4E2077BDFFDD547972FEBDEB -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21089_none_003eb0cabe0311e6\wininet.dll
[2010/11/02 09:12:02 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=D364DEB34DB229A4C1EFB1BC68F505C4 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23091_none_e4fb3d14d1063498\wininet.dll
[2008/05/24 18:25:26 | 000,826,368 | ---- | M] (Microsoft Corporation) MD5=DAEED2799D4D19F955C3E90B22A1E91E -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16643_none_ffda7605a4ca3cbe\wininet.dll
[2009/11/21 08:40:20 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=DCB9E422810877D7C4115BACE54B084C -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18865_none_e4963913b7cc7315\wininet.dll
[2009/08/27 07:22:28 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=E3AB6EBE520E1898663B011D2FC0DF11 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18828_none_e4c479a1b7a94f56\wininet.dll
[2009/07/22 08:03:04 | 000,915,456 | ---- | M] (Microsoft Corporation) MD5=E48ADF567FE3EFCC2EB88A2BE5E020CB -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22903_none_e55eb4d2d0bb388b\wininet.dll
[2008/06/27 05:54:49 | 000,826,368 | ---- | M] (Microsoft Corporation) MD5=E74D932CA7B3DA8CDB7A5F11F5A03ABC -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16711_none_fff8e71ba4b3b364\wininet.dll
[2007/10/15 19:24:02 | 000,823,808 | ---- | M] (Microsoft Corporation) MD5=E7E09F39D29388CD34F21C188E462BD9 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16512_none_fff9e399a4b2d26d\wininet.dll
[2010/02/23 08:39:13 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=EC3B3E6071E3FCD4290BFD42676EE064 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18904_none_e4d61a37b79caf3f\wininet.dll
[2008/06/27 05:50:35 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=EDF59D63DDBC8BE0BB4836EFFFC04BDC -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22212_none_0269c2d6baf6fd76\wininet.dll
[2008/10/16 06:40:37 | 000,826,368 | ---- | M] (Microsoft Corporation) MD5=F18C1B151A0B18C35BF0919A9BA0FA0F -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16764_none_ffc5d85da4d98b1e\wininet.dll
[2010/05/04 07:59:21 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=F317362AEB06140E7FB1B29331FDC038 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18928_none_e4c47b87b7a94c7d\wininet.dll
[2008/04/25 06:09:57 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=F40594128A6BFDA6C3F0900796895078 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20823_none_0079b48ebdd7a1cd\wininet.dll
[2010/06/26 08:51:32 | 000,919,040 | ---- | M] (Microsoft Corporation) MD5=F60F99762FABCD7F4B53A4A0EBAE3505 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23040_none_e5304c66d0de8f8c\wininet.dll
[2008/05/24 18:25:26 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=F7FF1E0D443788D6AE4CBCA593530099 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20777_none_0047a434bdfc95b7\wininet.dll
[2009/01/15 08:11:16 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=FB79A2AA5E92653B9A394FE26D799BF8 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18203_none_01ebf827a1d05839\wininet.dll
[2009/07/18 18:06:20 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=FCB4E3234667317905333B6A4CDF85FC -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18294_none_018ba925a2186d09\wininet.dll
[2009/01/15 06:16:03 | 000,826,368 | ---- | M] (Microsoft Corporation) MD5=FF35D495AC08549154D1D96990513CD9 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16809_none_000bbb3da4a45f52\wininet.dll

< MD5 for: WININIT.EXE >
[2008/01/19 09:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008/01/19 09:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[2006/11/02 11:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe

< MD5 for: WININIT.INI >
[2008/06/09 20:29:10 | 000,000,097 | -H-- | M] () MD5=163627C95ADFC0FD20EBBC19B3279086 -- C:\Users\Guillaume\AppData\Local\VirtualStore\Windows\WININIT.INI

< MD5 for: WINLOGON.EXE >
[2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006/11/02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2006/11/02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008/01/19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[2008/01/19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008/01/19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\System32\ws2_32.dll
[2008/01/19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
[2006/11/02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2007/04/18 07:02:58 | 006,664,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2007/04/18 07:02:56 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2007/04/18 07:02:58 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2007/04/18 07:03:05 | 015,720,448 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2007/04/18 07:03:06 | 006,008,832 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< c:\$recycle.bin\*.* /s >
[2011/06/25 19:43:10 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-1237001430-92446686-3516833831-1000\desktop.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP FC5A2B2

< End of report >

Ok, voici la suite :

1/
Programmes à désinstaller via "ajout et suppressions de programmes" :
- Spybot S&D

2/
Met à jour ta version d'Avast

3/
Va sur VirusTotal.com et fais analyser ce fichier :

Post moi le rapport

4/
Le fix OTL arrive, j'attend juste le résultat du scan pour voir si je dois le rajouter ou pas

File name:
BM61d9d252.xml
Submission date:
2011-06-29 20:25:05 (UTC)
Current status:
finished
Result:
0/ 42 (0.0%)

Ta fait le 1/ et le 2/ ?

oui   merci beaucoup

Voici le fix,
/!\ Sauvegarde tout tes fichiers importants sur un périphérique externe /!\

[#ff9000]Fix OTL :[/#ff]

Relance OTL.exe.

Copie exactement le texte ci-dessous :

:OTL
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
[2011/06/28 23:05:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011/06/28 23:05:16 | 000,001,020 | ---- | M] () -- C:\Users\Guillaume\Desktop\Spybot - Search & Destroy.lnk
[2011/06/20 22:23:26 | 000,000,400 | ---- | M] () -- C:\ProgramData\45407992
[2011/06/20 22:20:31 | 000,000,240 | -H-- | M] () -- C:\ProgramData\~45407992
[2011/06/20 22:20:31 | 000,000,168 | -H-- | M] () -- C:\ProgramData\~45407992r
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:DFC5A2B2
:commands
[emptytemp]

Colle-le dans le cadre Personnalisation en bas à gauche.

Clique sur le bouton [#ff9000]Correction[/#ff] en haut à gauche.

Si le pc te demande de redémarrer, confirme l'opération.

Un rapport après le redémarrage va apparaître, copie/colle-le dans ta prochaine réponse.

""Voici le fix,
/!\ Sauvegarde tout tes fichiers importants sur un périphérique externe /!\""

arf, avec 150 Go de données toutes plus ou moins importantes c'est pas gagné...

D'aprés toi cette manip est trés risquée?

Que ferais tu à ma place?

Enfaite en règle générale, je dis de faire ca parce qu'on est jamais à l'abris d'une mauvaise manip de moi comme toi.
J'ai un léger doute sur les trois dossiers en C:\ProgramData .
Regarde ce que tu trouve dans ces trois dossiers

bon je vais tenter au pire les données seront toujours sur le DD et je trouverai un moyen de les recuperer... je te remercie beaucoup pour ton aide. Par contre je fais cette manip ce soir mais je ne serai pas présent jusqu'a lundi prochain.

Merci beaucoup pour ton aide encore une fois.

De rien   Tu trouve quoi dans ces trois dossiers :

Ce netais pas d dossier maus des fichier, jai tenté quand meme mais... Le pc demare plus ni en san échec il bloke juste avan lekran windows avec fond noir et souri c tout.... Help lol jsui sur mon telefone....

Dis moi cr que TEN pense mais si tu veux on trouvera une solucion mardi??? Il doit bien y avoir un moyen de redemarer......

Oui j'ai une solution, mais je t'ai dit de le faire avec mon accord !
/!\ je rappelle que toutes les décisions doivent être prise par moi pour éviter ce genre d'incident /!\
On va trouver une solution

Arf trop confiance jai lol. Jai essayé avec le cd et en invité commande mai c parey ca bloke.... Ca sen le formatage :-(

Essaye en faisant le mode sans echec en appuyant tout de suite au démarrage sur F8 et en faisant un truc du genre, dernière bonne configuration connue

Idem bne config retenue fait le meme démarrage

Op aten il vien dsalumer!!!!!!

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy\ not found.
File C:\Users\Guillaume\Desktop\Spybot - Search & Destroy.lnk not found.
C:\ProgramData\45407992 moved successfully.
C:\ProgramData\~45407992 moved successfully.
C:\ProgramData\~45407992r moved successfully.
ADS C:\ProgramData\TEMP FC5A2B2 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guillaume
->Temp folder emptied: 72940375 bytes
->Temporary Internet Files folder emptied: 53127297 bytes
->Java cache emptied: 4004893 bytes
->FireFox cache emptied: 138496398 bytes
->Flash cache emptied: 1622 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 256,00 mb


OTL by OldTimer - Version 3.2.24.2 log created on 06292011_232615

Files\Folders moved on Reboot...
File\Folder C:\Users\Guillaume\AppData\Local\Temp\hsperfdata_Guillaume\1776 not found!
C:\Users\Guillaume\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MLULC9HC\about[1].htm moved successfully.
C:\Users\Guillaume\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MLULC9HC\ac3[1].htm moved successfully.
File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Bonjour,   me revoila présent et pret pour une nouvelle séance de bidouillage pour soigner mon Pc.

Au plaisir de te lire.

GP

Tu peux refaire un scan OTL

1)




Les dangers du P2P (comme emule, limewire...) : http://forum.zebulon.fr/index.php?showtopic=85544

Pour télécharger gratuitement et légalement, je te conseille Beezik , qui a pour avantages :

Une meilleure qualité de son

Pas de virus !

Les dangers des cracks, des keygens : http://forum.malekal.com/danger-des-cracks-t893.html

Rappels sur les OS piratés : http://redirectingat.com/?id=1402X522807&xs=1&url=http%...

********************************

Logiciels de sécurité conseillés :

Anti-virus : Avast 6.0

Pour scanner tes fichiers : MBAM

********************************

Attention, contrairement aux idées reçues :

Ne jamais avoir deux anti-virus avec la protection en temps réelle activée, c'est la meilleure façon de créer des conflits. Plusieurs anti-virus actifs peuvent s'entraver, et, au final, le PC que l'on croyait plus sécurisé devient une vraie passoire...

Les anti-spywares ne servent à rien !!

Je te conseille fortement de ne pas installer des packs de "transformation', qui donnent par exemple l'allure de Windows Vista à un Windows XP. Ce genre de programmes posent beaucoup de problèmes !!!

Enfin, n'oublie pas que la meilleure manière de protéger ton ordinateur c'est toi !

2)

Si tu estimes que ton problème est résolu, et que je t'ai aidé à résoudre ton problème, élis une de mes réponses en tant que meilleure réponse.




Quel programme veux -tu enlever du démarrage ?

Oui j'ai oublié de préciser, les anti-spyware gratuit :
http://forum.malekal.com/antispyware-gratuit-sert-rien-...
Une preuve  

pourtant Malwarebytes, Ad-remover, OTL, Smitfraudfix, VundoFix, TDSS Killer, Hijackthis........etc; tous ces antispywares ou modules servant au diagnostic sont gratuit et largement utilisés!

Malware'Bytes est un anti-malware, après TDSS Killer, OTL, ... sont des tools servant de diagnostic et certains servant de supression mais ils ne servent à rien si un helper qui sait utiliser l'outil n'est pas la. Ces tools sont gratuit car c'est des helpers/ programmeurs des forum d'helper qui les programmes et qui les mettent en ligne ( gratuit ou payant ).

okok j'ai bien compris c'est le principal!!  

comme je te l'ai dit en MP j'ai fini par reformater le pc. je rencontre encore quelques soucis dans les MAJ des erreurs qui surviennent. J'attend que ca se stabilise et que je remette tout a niveau et je suis tes conseils avec un scan au cas où, et un bilan des logiciels a virer   merci pour votre suivi a tous  

donc, serteinement que tu as du donné ton adress"e email voila quelqu'un utilise ton adresse email pour s'en servir contre ton otrdinateur ...

Rien à voir.