Se connecter / S'enregistrer
Votre question

Virus postmaster@hotmail.com

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
Anonyme
18 Novembre 2010 15:55:13

Bonjour,
Bonjour, je viens vous demander secours car depuis quelque temps mon adresse hotmail est infectée sa m'agace et agace mes contact hotmail. Je recois toujours des mails postmaster@hotmail.com me disant que mon mail n'a pas été envoyer comme vous vous immaginer une mail que je nai jamais envoyer. et crtain de mes contacts recoivent ce mail pretendant que j vends des objet et de regarder une vodéo enfin des bétise dans l genre . j'aurais aimer savoir si je pouvais (la réparer) au lieu de me créer une autre adresse car aprés quelque recherche je n'ai pastrouver de réponse concrete et apparament il ya un diagnostique a réaliser donc ..... si vous pourriez me venir en aide sa serait vraimen sympa
je vous remerci d'avance :) 

Autres pages sur : virus postmaster hotmail com

18 Novembre 2010 21:20:30

Bonsoir

1

Change ton mot de passe hotmail

2


Télécharge DDS et sauvegarde-le sur ton bureau.
  • Désactive tout script bloquant, tels qu'un antivirus, un logiciel comme ad-block, noscript etc.
  • Double-clique sur dds.scr pour lancer l'outil.
  • Une fois le scan fini, un document texte, DDS.txt, va s'ouvrir .
  • Clique Oui à la prochaine invite Optional Scan.
  • Sauvegarde les deux rapports sur ton bureau et poste-moi uniquement le DDS.txt.

    <@_@>**<@_@>**<@_@>**<@_@>**<@_@>**@_@>**<@_@><@_@>**<@_@>**<@_@>**<@_@>**

    ++

    ****
    3

    Télécharge GMER à partir de ce lien : http://www.gmer.net/files.php - clic sur "Download EXE" et télécharge le fichier sur ton bureau.
    Voir le tutorial GMER, ça peut peut-être t'aider : http://www.malekal.com/tutorial_GMER.php

  • Désactive tes logiciels de protection (antivirus, antispyware etc) et ferme tous les programmes ouverts.
  • Double-clique sur le fichier GMER téléchargé.
    IMPORTANT: Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.
  • Clique sur l'onglet "rootkit"
  • A droite, coche tout.
  • Clique maintenant sur Scan.
  • Lorsque le scan est terminé, clique sur Copy.
  • Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
    Le rapport doit alors apparaître.
  • Enregistre le fichier sur ton Bureau et poste le contenu ici.
    4 Septembre 2011 12:40:02

    Bonjour Sham Rock, ayant le même problème pouvez vous m'aider ? J'ai suivi votre démarche, et voici le rapport DDS :

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 8.0.7601.17514
    Run by Yves ROBIN at 12:36:21 on 2011-09-04
    Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.3894.2020 [GMT 2:00]
    .
    AV: Norton Internet Security *Disabled/Outdated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
    FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\WLANExt.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\atieclxx.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    C:\Windows\SysWOW64\ezSharedSvcHost.exe
    C:\Windows\system32\hasplms.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe
    C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe
    C:\Program Files (x86)\uTorrent\uTorrent.exe
    C:\Program Files (x86)\Loudtalks Lite\Loudtalks.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Program Files\Java\jre6\bin\jucheck.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\explorer.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.sfr.fr/kit/adsl/
    uInternet Settings,ProxyOverride = *.local
    mWinlogon: Userinit=userinit.exe,
    BHO: Objet d'aide à la navigation SFR: {0f6e720a-1a6b-40e1-a294-1d4d19f156c8} - C:\Program Files (x86)\SFR\Kit\SFRNavErrorHelper.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: TBSB06155 Class: {2da14d1d-ae74-4a74-a0fe-c79504755db8} - C:\Program Files (x86)\seeearch\seeearch.dll
    BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
    BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
    BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\coIEPlg.dll
    BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\IPSBHO.DLL
    BHO: Programme d'aide de l'Assistant de connexion Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\coIEPlg.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    TB: IE Toolbar: {1fda7ddd-25ce-4034-9d5b-38a120a14218} - C:\Program Files (x86)\seeearch\seeearch.dll
    uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    uRun: [SuperCopier2.exe] C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe
    uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
    uRun: [Loudtalks] "C:\Program Files (x86)\Loudtalks Lite\Loudtalks.exe" /background
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
    mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" UNATTENDED
    mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    mRun: [<NO NAME>]
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-explorer: EnableShellExecuteHooks = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: HideFastUserSwitching = 0 (0x0)
    IE: E&xporter vers Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
    IE: Free YouTube Download - C:\Users\Yves ROBIN\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
    IE: Free YouTube to MP3 Converter - C:\Users\Yves ROBIN\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
    DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{3BE49035-716F-4FCF-B743-AF11B71FA024} : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{7F2690F9-774A-4B29-A02B-669626C3A421} : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{7F2690F9-774A-4B29-A02B-669626C3A421}\C496675626F687D236835383 : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{7F2690F9-774A-4B29-A02B-669626C3A421}\E6565766D2B69647 : DhcpNameServer = 192.168.1.1
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SEH: EasyBits ShellExecute Hook: {e54729e8-bb3d-4270-9d49-7389ea579090} - C:\Windows\SysWow64\EZUPBH~1.DLL
    mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
    {0F6E720A-1A6B-40E1-A294-1D4D19F156C8}
    {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
    {2DA14D1D-AE74-4A74-A0FE-C79504755DB8}
    {326E768D-4182-46FD-9C16-1449A49795F4}
    {593DDEC6-7468-4cdd-90E1-42DADAA222E9}
    {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}
    {6D53EC84-6AAE-4787-AEEE-F4628F01010C}
    {9030D464-4C02-4ABF-8ECC-5164760863C6}
    {9FDDE16B-836F-4806-AB1F-1455CBEFF289}
    {AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    {d2ce3e00-f94a-4740-988e-03dc2f38c34f}
    {DBC80044-A445-435b-BC74-9C25C1C588A9}
    {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
    {8dcb7100-df86-4384-8842-8fa844297b3f}
    {1FDA7DDD-25CE-4034-9D5B-38A120A14218}
    mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
    mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" UNATTENDED
    mRun-x64: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    mRun-x64: [(par d‚faut)]
    mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    SEH-X64: {E54729E8-BB3D-4270-9D49-7389EA579090}: EasyBits Security Shield Hook - prevents launching insecure programs by kids
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Yves ROBIN\AppData\Roaming\Mozilla\Firefox\Profiles\bngudo8q.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.seeearch.com/
    FF - prefs.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q=
    FF - prefs.js: network.proxy.type - 0
    FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
    FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn_2010_9_0_6\components\coFFPlgn.dll
    FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\components\IPSFFPl.dll
    FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
    FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npzylomgamesplayer.dll
    FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
    FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: browser.startup.homepage - hxxp://www.seeearch.com/
    FF - user.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q=
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1108000.005\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1108000.005\SYMDS64.SYS [?]
    R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1108000.005\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1108000.005\SYMEFA64.SYS [?]
    R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20101123.003\BHDrvx64.sys [2010-11-23 953904]
    R1 ccHP;Symantec Hash Provider;C:\Windows\system32\drivers\NISx64\1108000.005\ccHPx64.sys --> C:\Windows\system32\drivers\NISx64\1108000.005\ccHPx64.sys [?]
    R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20101231.001\IDSviA64.sys [2011-1-2 476792]
    R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1108000.005\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1108000.005\Ironx64.SYS [?]
    R1 SYMTDIv;Symantec Vista Network Dispatch Driver;C:\Windows\system32\Drivers\NISx64\1108000.005\SYMTDIV.SYS --> C:\Windows\system32\Drivers\NISx64\1108000.005\SYMTDIV.SYS [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 acedrv11;acedrv11;\??\C:\Windows\system32\drivers\acedrv11.sys --> C:\Windows\system32\drivers\acedrv11.sys [?]
    R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-6-22 98208]
    R2 aksdf;aksdf;\??\C:\Windows\system32\drivers\aksdf.sys --> C:\Windows\system32\drivers\aksdf.sys [?]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
    R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe [2010-5-12 514232]
    R2 hasplms;Sentinel HASP License Manager;C:\Windows\system32\hasplms.exe -run --> C:\Windows\system32\hasplms.exe -run [?]
    R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-1-27 102968]
    R2 HPWMISVC;HPWMISVC;C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-1-18 20480]
    R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\ccsvchst.exe [2010-11-7 126392]
    R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-6-22 2320920]
    R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?]
    R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-11-4 132656]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
    R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
    R3 intelkmd;intelkmd;C:\Windows\system32\DRIVERS\igdpmd64.sys --> C:\Windows\system32\DRIVERS\igdpmd64.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 KMService;KMService;C:\Windows\System32\srvany.exe [2011-1-31 8192]
    S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
    S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
    S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
    S3 hwusbfake;Huawei DataCard USB Fake;C:\Windows\system32\DRIVERS\ewusbfake.sys --> C:\Windows\system32\DRIVERS\ewusbfake.sys [?]
    S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
    S3 PcaSp50a64;PcaSp50 NDIS Protocol Driver;C:\Windows\system32\Drivers\PcaSp50a64.sys --> C:\Windows\system32\Drivers\PcaSp50a64.sys [?]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-6-22 225280]
    S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
    S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
    S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
    S3 WatAdminSvc;Service Windows Activation Technologies;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2011-09-04 08:53:14 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{D571F3E7-0EDF-458C-9185-0FF50C444CC0}
    2011-09-04 08:53:02 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{EA0A2A45-AB30-4894-91B3-68960740EAF5}
    2011-09-04 08:51:34 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{47A90545-8D78-485C-89F6-AFE9E0F742DD}
    2011-09-04 08:51:22 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{4C852A4C-1A75-4622-8227-874AA2067A4D}
    2011-09-03 22:59:11 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{45A9BE69-76D0-4600-AB1F-16B36AE2593B}
    2011-09-03 22:58:53 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{2D1B9090-D4F0-4DC8-B13E-2B02D4C82F65}
    2011-09-03 22:07:58 89048 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libEGL.dll
    2011-09-03 22:07:58 785368 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
    2011-09-03 22:07:58 478168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libGLESv2.dll
    2011-09-03 22:07:58 2106216 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_43.dll
    2011-09-03 22:07:58 1998168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dx9_43.dll
    2011-09-03 22:07:58 1846232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
    2011-09-03 22:07:58 15832 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
    2011-09-03 22:07:58 134104 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
    2011-09-03 21:58:11 8862544 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4D5D830E-4F0D-4042-BCDF-A6E68DB3AC3E}\mpengine.dll
    2011-09-03 21:55:40 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{BF832D6C-2B42-4CF6-944D-080E2E1E1244}
    2011-09-03 21:55:28 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{A329329F-BA8D-4F88-9BE1-44BD30C8927F}
    2011-08-31 11:36:12 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{09A46E76-7474-47D2-98B4-1C12038478A8}
    2011-08-31 11:36:01 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{9B1E175C-AF83-4A10-B0D1-725120E69DBB}
    2011-08-31 11:12:45 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2011-08-31 11:12:45 2048 ----a-w- C:\Windows\System32\tzres.dll
    2011-08-31 11:05:38 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{929FA562-8EF6-4483-BBF6-F0FC1922863D}
    2011-08-31 11:05:27 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{E8270374-4EB5-49C4-AFDD-222ED30320FA}
    2011-08-30 16:53:00 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{BC955AEF-CE1A-434B-9330-2D76B7833826}
    2011-08-30 10:44:51 -------- d-----w- C:\Program Files (x86)\SFR
    2011-08-30 10:35:25 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{ACAEA158-E4CB-4508-90CD-15507765B74B}
    2011-08-28 09:15:06 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{CEB42748-961F-4DAC-ADC0-1F4E0EC9D52E}
    2011-08-26 20:02:34 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{74E481A6-B8E3-41F6-A495-9123205B9FCF}
    2011-08-25 20:05:30 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{1C4452EE-7835-4B58-9996-E07FBAD73A8B}
    2011-08-24 21:06:30 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{25EA14C3-C672-40DE-A92B-2166839500CC}
    2011-08-23 05:58:27 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{DEDBA7FD-63E9-4455-805C-013866254C13}
    2011-08-22 22:05:58 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{D5AE2ED9-757F-47E6-B8BA-18885D037B08}
    2011-08-21 22:15:58 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{5BA2E94F-FA1B-497F-A7B3-30A9F4C6A47B}
    2011-08-21 21:11:33 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{F260A7D7-D8F6-4473-9A5C-83ED7AE22C5C}
    2011-08-21 10:59:25 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{588F772A-BD26-49CE-BD54-0FA988C998A0}
    2011-08-21 10:59:12 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{1D632081-B4C3-4F36-ADBF-965BC4E95691}
    2011-08-21 10:58:43 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{5C6AD7ED-9F96-422D-B0ED-A228032A2FA9}
    2011-08-20 18:09:57 -------- d-----w- C:\.jagex_cache_32
    2011-08-20 16:57:31 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{F664E70C-1322-4885-8093-4802EC3216DF}
    2011-08-19 12:27:52 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{BAB3B501-4FD0-46EC-BD73-5DF01E5A85AE}
    2011-08-19 12:27:40 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{E5AFEF68-7191-4FDB-A1A1-BB1A373C7078}
    2011-08-19 12:27:10 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{02D0E33C-8E85-4B67-826B-34F8F52F3384}
    2011-08-19 12:26:58 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{1AADC219-036E-40D6-A8C8-C123DC518DC8}
    2011-08-18 20:23:32 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{6A10C109-4411-4688-8862-E7A576A39C17}
    2011-08-18 20:23:20 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{3EDF52E1-FA00-498C-A28A-CA3D75FD9887}
    2011-08-18 08:23:43 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{462ACCBC-64D0-433B-A3A5-516D08390EE5}
    2011-08-18 08:23:23 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{F20BAD02-5BC0-4CC1-BFD0-823872128CAB}
    2011-08-18 08:23:10 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{F2119C88-A300-44FB-8FD5-0C744BD61F6B}
    2011-08-18 08:22:56 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{6ADE6656-7624-4C28-B03E-8266A224F5B5}
    2011-08-17 21:00:06 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{0CB2298A-8CEF-4E1C-B4A5-9F6D0EE8A940}
    2011-08-17 20:59:54 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{7BC3D15B-9EAD-4CB5-A3A0-B797F118A01F}
    2011-08-17 15:52:26 -------- d-----w- C:\Program Files (x86)\WildTangent Games
    2011-08-17 08:25:34 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{EC6AD276-1C8D-4863-B9B3-F4CEB4D64E8A}
    2011-08-17 08:25:21 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{271AF5FD-CAE3-4035-96A6-44D11253F917}
    2011-08-17 08:24:13 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{3D5CE076-A42B-49BB-8F27-81438958DE82}
    2011-08-17 08:24:00 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{045E34CB-F1B0-4222-B3ED-4CBA640DB767}
    2011-08-16 21:41:57 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{903A0E5C-9216-4A39-88D3-CFC94E3E76DE}
    2011-08-16 21:41:44 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{3F8377F2-EF84-464A-9AFB-039EAD331F1C}
    2011-08-16 09:42:02 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{D93B96C4-3B92-4F24-86F3-7C42D79583EF}
    2011-08-16 09:41:44 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{56DF5E1E-0C9E-454E-9709-A7DE89D3A826}
    2011-08-16 07:57:34 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{FAB12E46-5222-448A-88BE-2040A203835C}
    2011-08-16 07:57:13 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{8F6BC58F-3EE5-4724-9E9D-62E74598372E}
    2011-08-16 07:57:01 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{BFED565B-890C-49E9-A457-9CEE802E4B28}
    2011-08-16 07:56:48 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{6CEE55A3-DD20-4C5E-9040-7194F2334575}
    2011-08-15 22:18:05 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{84DC9199-987C-4E53-B784-C94B4AB7CF71}
    2011-08-15 22:17:49 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{E74610FB-46FF-4B40-BB7B-E668366C545A}
    2011-08-15 10:18:43 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{66548901-B415-44C9-9767-3BAB2713A6A2}
    2011-08-15 10:18:29 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{62287960-C3FC-4F1E-9709-F5A1366D8BA5}
    2011-08-15 10:18:03 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{3E4E4BCA-C879-4D57-9D0E-94B5AE3F7D90}
    2011-08-15 10:17:49 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{1243042E-045D-40E0-8B99-5E2530F3E470}
    2011-08-14 12:45:15 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{F5E2BBC7-90F3-4593-9EDF-1C18D53C63E2}
    2011-08-14 12:45:04 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{C46F976B-00AA-4625-8D3C-5FC60C7FA40D}
    2011-08-14 11:02:50 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{3529D6CA-C962-4FB4-A772-7C2F08B202E1}
    2011-08-14 11:02:39 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{FFDBE44D-05B1-4F24-9EA0-B9820A392D0C}
    2011-08-13 10:45:34 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{625222E9-3726-418F-93BD-F0BCDC0493DE}
    2011-08-13 10:45:22 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{6777816D-58EA-4B4B-9CFF-2AA212CE6822}
    2011-08-13 09:53:28 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{F64927E9-DC28-46FF-B37B-244DA315AD7A}
    2011-08-13 09:53:15 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{464164AB-A607-4871-9537-942141D2D930}
    2011-08-12 22:06:12 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{E469E1A1-EB45-4ED8-BFB3-866C6BAB6620}
    2011-08-12 22:06:00 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{7FF1B92E-188B-4A23-B824-EF0C9506F5A1}
    2011-08-12 09:02:08 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{0C1510D2-1EEE-431C-A0E2-F8876CE143A1}
    2011-08-12 09:01:55 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{70DB616A-18B2-45A8-9EBB-7C0C8949103D}
    2011-08-12 09:01:34 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{CC91351E-2C33-4FD0-B6AE-0ADE54097FA8}
    2011-08-12 09:01:19 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{8FF2706C-885B-40BD-94EC-330D14F86336}
    2011-08-11 09:30:32 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{705247DA-4BCE-415F-92F0-99138D6FFFDF}
    2011-08-11 09:30:02 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{CA6E0596-896C-4019-89E7-4A747E3D2539}
    2011-08-11 09:29:07 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{CE8597B1-0932-4675-89A5-5CBBC035A59B}
    2011-08-11 09:28:43 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{1CF01249-9956-4CED-99F5-031396769C72}
    2011-08-11 09:07:53 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{A9E5EBFC-2E26-4FF4-BBF5-EF8CB727C63D}
    2011-08-11 09:07:38 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{66BE0D82-DE93-43BE-B5D7-2845AAE05735}
    2011-08-11 09:06:37 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{A92713AF-CD64-4DC4-A07D-FDB969644953}
    2011-08-11 09:06:21 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{097E6BFD-57CB-409C-AAFE-934D43794EA7}
    2011-08-10 22:05:31 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{5FB8D11A-F6F0-4889-A8FC-5A0C25819809}
    2011-08-10 22:05:20 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{6136CCC1-B9C0-4E7C-9D68-29D882AA0D13}
    2011-08-10 22:02:52 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{C54F1377-C514-4F9F-9BE4-83EAE975EC5B}
    2011-08-10 22:02:29 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{93AEF85B-DA32-4016-8F43-475FE2AF34B8}
    2011-08-10 12:14:23 5561216 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2011-08-10 12:14:23 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2011-08-10 12:14:22 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2011-08-10 12:12:17 421888 ----a-w- C:\Windows\System32\KernelBase.dll
    2011-08-10 09:06:30 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{7F84B45F-C809-4731-AEF8-04486463D2BD}
    2011-08-10 09:06:06 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{3A45DAB4-460F-40F4-AB47-0A6718A22C2F}
    2011-08-10 09:05:46 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{9FD812DF-43FD-4589-8017-26FC6BDA8C37}
    2011-08-10 09:05:27 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{95FF6608-F218-4926-9324-D2728D3EBFFA}
    2011-08-09 21:24:41 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{2802CF7D-681F-4468-9B20-2BCC590AF63F}
    2011-08-09 21:24:19 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{3AA88F9C-90BD-4D31-B12F-6ADE283F6F91}
    2011-08-09 16:45:45 -------- d-----w- C:\Program Files (x86)\Xpics
    2011-08-09 09:24:33 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{4C2129CB-2ECE-4F4A-A9ED-9EB89B80AA4D}
    2011-08-09 09:24:20 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{E45540E2-D6D6-428D-8719-0794CE064684}
    2011-08-09 09:23:59 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{C24D52CA-0A0E-4255-A6B9-7549C7CABE78}
    2011-08-09 09:23:28 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{3E04BC2A-23B3-4ECC-A25E-F4C7358B9741}
    2011-08-08 20:53:36 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{7D55F95A-4166-4232-A7AF-CEDE2AA32637}
    2011-08-08 20:53:15 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{31A9034F-C469-4891-B05D-908FB6AF7E7F}
    2011-08-08 19:41:16 -------- d-----w- C:\Windows\System32\SPReview
    2011-08-08 19:40:05 -------- d-----w- C:\Windows\System32\EventProviders
    2011-08-08 15:53:53 -------- d-----r- C:\Program Files (x86)\Skype
    2011-08-08 08:53:48 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{C3C37581-048A-42E6-98AF-89A67A12C2AF}
    2011-08-08 08:53:25 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{A70372B4-225B-471D-A7C7-29AE99F566B4}
    2011-08-08 08:53:13 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{EAAAFDB5-3836-4882-9351-F5106282A99B}
    2011-08-08 08:52:54 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{B48717BF-44DC-4928-9AC7-09633581770C}
    2011-08-08 00:46:28 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{16794258-D059-44D5-A3A0-05E97EC58A8D}
    2011-08-08 00:46:18 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{583ACC8B-2A86-4AF8-B084-6D344A4C51E0}
    2011-08-07 15:14:25 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{064FE72B-318A-4FF2-B087-0798DAC75E0A}
    2011-08-07 15:14:15 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{C9D4F586-B9E5-47E5-94C6-31942EB9A43B}
    2011-08-07 14:48:18 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{DB4E22CB-5430-447A-B466-BAF6527F86F5}
    2011-08-07 14:47:49 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{66902B9C-FDF6-4064-9B91-2416E416F4C7}
    2011-08-07 14:47:43 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\SOPRO-Imaging
    2011-08-07 14:44:44 41280 ----a-w- C:\Windows\System32\drivers\Pcasp50A64.sys
    2011-08-07 14:44:41 -------- d-----w- C:\ProgramData\SOREDEX
    2011-08-07 14:44:41 -------- d-----w- C:\ProgramData\Dxr120
    2011-08-07 14:44:41 -------- d-----w- C:\Program Files (x86)\PaloDEx Group
    2011-08-07 14:44:31 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\Downloaded Installations
    2011-08-07 14:36:07 57344 ----a-w- C:\Windows\SysWow64\emVFW.dll
    2011-08-07 14:36:07 32768 ----a-w- C:\Windows\SysWow64\emProp.ax
    2011-08-07 14:36:07 223832 ----a-w- C:\Windows\System32\drivers\emDevice64.sys
    2011-08-07 14:36:07 17808 ----a-w- C:\Windows\SysWow64\emYUV.dll
    2011-08-07 14:36:07 14424 ----a-w- C:\Windows\System32\drivers\emFilter64.sys
    2011-08-07 14:36:07 14168 ----a-w- C:\Windows\System32\drivers\emScan64.sys
    2011-08-07 14:36:07 13824 ----a-w- C:\Windows\System32\emUSD64.dll
    2011-08-07 14:35:17 74496 ----a-w- C:\Windows\System32\drivers\aksdf.sys
    2011-08-07 14:35:16 -------- d-----w- C:\Program Files (x86)\Common Files\Aladdin Shared
    2011-08-07 14:35:15 3750400 ----a-w- C:\Windows\System32\hasplms.exe
    2011-08-07 14:35:15 3750400 ----a-w- C:\Windows\System32\aksllmtp.exe
    2011-08-07 14:35:15 131072 ----a-w- C:\Windows\System32\drivers\aksfridge.sys
    2011-08-07 14:35:13 318464 ----a-w- C:\Windows\System32\drivers\hardlock.sys
    2011-08-07 14:33:09 -------- d-----w- C:\Program Files (x86)\Sire
    2011-08-07 14:33:06 819200 ----a-w- C:\Windows\SysWow64\xvidcore.dll
    2011-08-07 14:33:06 77824 ----a-w- C:\Windows\SysWow64\xvid.ax
    2011-08-07 14:33:05 180224 ----a-w- C:\Windows\SysWow64\xvidvfw.dll
    2011-08-07 14:33:05 -------- d-----w- C:\Program Files (x86)\Xvid
    2011-08-07 14:33:04 -------- d-----w- C:\Program Files (x86)\Sopro Imaging
    2011-08-07 14:31:32 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\Logs SI
    2011-08-07 13:50:49 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{3C2289C2-DB8D-4965-A856-D3A0BDF6E0A9}
    2011-08-07 13:50:39 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{EDD0C95E-4696-4767-96EF-5986871DE2B5}
    2011-08-07 13:50:19 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{7D7F2819-B440-4748-9FFC-006608BF2107}
    2011-08-07 13:50:05 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{7E3E13DE-7359-44FB-B547-B9F41753153E}
    2011-08-07 09:27:45 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{8C028BD3-B2B0-4B24-BACA-4EAA7B778C21}
    2011-08-07 09:27:23 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{99BF6EF3-BC5E-4A8A-A28C-CBAF5FE41DE5}
    2011-08-07 09:27:12 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{D725C735-0D1A-43CB-89F9-E7AF0E3A6366}
    2011-08-07 09:26:49 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{B3C2EE21-0F45-4383-8396-D90D42167B6D}
    2011-08-06 22:58:54 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{2EDA2BAB-2882-4B5F-9A28-B2FA6A117D12}
    2011-08-06 22:58:31 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{7F8929A0-D641-4271-AE18-553CC9143AFF}
    2011-08-06 16:27:27 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{A7EE5D8B-CE78-4A77-BF97-9364030B5749}
    2011-08-06 16:27:06 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{BA599CC3-4B5D-43E4-9157-B67E8FA14A4E}
    2011-08-06 10:09:05 80384 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS
    2011-08-06 10:09:05 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
    2011-08-06 10:09:05 229376 ----a-w- C:\Windows\System32\fsquirt.exe
    2011-08-06 10:09:02 3137536 ----a-w- C:\Windows\System32\win32k.sys
    2011-08-06 09:55:58 -------- d-----w- C:\Users\Yves ROBIN\AppData\Local\{F0671534-8B5F-45F8-BB5B-BB7074BADC9B}
    .
    ==================== Find3M ====================
    .
    2011-08-08 19:48:50 175616 ----a-w- C:\Windows\System32\msclmd.dll
    2011-08-08 19:48:50 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
    2011-07-22 05:22:26 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
    2011-07-22 04:54:18 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2011-07-16 05:41:50 362496 ----a-w- C:\Windows\System32\wow64win.dll
    2011-07-16 05:41:49 243200 ----a-w- C:\Windows\System32\wow64.dll
    2011-07-16 05:41:49 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
    2011-07-16 05:39:10 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
    2011-07-16 04:29:19 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2011-07-16 04:26:00 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
    2011-07-16 04:25:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2011-07-16 04:24:23 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2011-07-16 04:24:22 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
    2011-07-16 02:21:44 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2011-07-16 02:21:41 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2011-07-16 02:17:19 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2011-07-16 02:17:19 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2011-07-16 02:17:19 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2011-07-16 02:17:19 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2011-07-09 02:46:28 288768 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
    2011-06-24 05:34:53 214528 ----a-w- C:\Windows\System32\winsrv.dll
    2011-06-24 05:25:49 338432 ----a-w- C:\Windows\System32\conhost.exe
    2011-06-21 06:34:00 1923968 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2011-06-21 06:20:53 1188864 ----a-w- C:\Windows\System32\wininet.dll
    2011-06-21 05:28:33 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
    2011-06-15 10:02:23 212992 ----a-w- C:\Windows\System32\odbctrac.dll
    2011-06-15 10:02:23 163840 ----a-w- C:\Windows\System32\odbccp32.dll
    2011-06-15 10:02:23 106496 ----a-w- C:\Windows\System32\odbccu32.dll
    2011-06-15 10:02:23 106496 ----a-w- C:\Windows\System32\odbccr32.dll
    2011-06-15 08:55:19 86016 ----a-w- C:\Windows\SysWow64\odbccu32.dll
    2011-06-15 08:55:19 81920 ----a-w- C:\Windows\SysWow64\odbccr32.dll
    2011-06-15 08:55:19 319488 ----a-w- C:\Windows\SysWow64\odbcjt32.dll
    2011-06-15 08:55:19 163840 ----a-w- C:\Windows\SysWow64\odbctrac.dll
    2011-06-15 08:55:19 122880 ----a-w- C:\Windows\SysWow64\odbccp32.dll
    .
    ============= FINISH: 12:37:20,56 ===============
    4 Septembre 2011 12:44:47

    D'autre part, je viens de télécharger GMER je le lance, mais je ne peux pas tout coucher, la plupart des options apparaissent en grisé, ne sont disponible que Services, Registry et Files...pouvez vous m'éclairer ?
    6 Novembre 2011 18:42:53

    change tn mot de passe, et vois si ça change quelqu choz...

    ==> france453@hotmail.com
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS