Votre question

Yoog moteur de recherche virus

Tags :
  • Moteur de recherche
  • Sécurité
Dernière réponse : dans Sécurité et virus
27 Mai 2009 00:42:05

bonjour j'ai un probleme avec un virus qui me mest yoog comme page d'accueil par defaut et je n'arrive pas a l'oter
(j'ai fait un malwarebyt anti-malware) il a trouver des virus mes il n'a pas pu reussir a régler mon probleme
pouver vous m'aider svp

Autres pages sur : yoog moteur recherche virus

a b 8 Sécurité
27 Mai 2009 19:31:52

Bonjour,

Télécharge ComboFix (de sUBs) sur ton Bureau.

  • Désactive temporairement toute protection résidente ! (Antivirus, antispywares..)
  • Double clique sur ComboFix.exe.
  • Accepte la licence en cliquant sur Oui.
  • Le programme va te demander si tu souhaites installer la Console de Récupération. C'est une précaution, au cas où l'ordinateur tomberait en panne. Je te conseille donc de l'installer, ça ne coûte rien, et ça pourrait potentiellement servir !
  • Lorsque l'opération sera terminée, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

    Le rapport se trouve ici : %SystemDrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ en général)

    Aide : Comment utiliser ComboFix.
    27 Mai 2009 23:31:50

    merci et voila le rapport

    ComboFix 09-05-26.05 - Propriétaire 2009-05-27 17:08.1 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.2.1036.18.3071.1970 [GMT -4:00]
    Lancé depuis: c:\users\Propriétaire\Downloads\ComboFix.exe
    SP: AVG Anti-Spyware *disabled* (Updated) {48F2E28D-ED66-4646-9C11-B3055B0AF604}
    SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\windows\AppPatch\Custom\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb
    c:\windows\GnuHashes.ini
    c:\windows\system32\GroupPolicy000.dat
    c:\windows\system32\SystemService32
    c:\windows\system32\SystemService32\149.crack.zip
    c:\windows\system32\SystemService32\149.crack.zip.kwd
    c:\windows\system32\SystemService32\150.keygen.zip
    c:\windows\system32\SystemService32\150.keygen.zip.kwd
    c:\windows\system32\SystemService32\151.serial.zip
    c:\windows\system32\SystemService32\151.serial.zip.kwd
    c:\windows\system32\SystemService32\152.setup.zip
    c:\windows\system32\SystemService32\152.setup.zip.kwd
    c:\windows\system32\SystemService32\153.music.au
    c:\windows\system32\SystemService32\153.music.au.kwd
    c:\windows\system32\SystemService32\154.music.mp3
    c:\windows\system32\SystemService32\154.music.mp3.kwd
    c:\windows\system32\SystemService32\155.music.wma
    c:\windows\system32\SystemService32\155.music.wma.kwd
    c:\windows\system32\SystemService32\156.music.snd
    c:\windows\system32\SystemService32\156.music.snd.kwd
    c:\windows\TEMP\logishrd\LVPrcInj01.dll
    D:\Desktop.ini

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2009-04-27 au 2009-05-27 ))))))))))))))))))))))))))))))))))))
    .

    2009-05-26 21:17 . 2009-05-26 17:20 40160 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
    2009-05-26 21:17 . 2009-05-26 21:17 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
    2009-05-26 21:17 . 2009-05-26 17:19 19096 ----a-w c:\windows\system32\drivers\mbam.sys
    2009-05-26 21:15 . 2009-05-26 23:47 -------- d-----w C:\ToolBar SD
    2009-05-26 00:18 . 2009-05-26 00:18 1372 ----a-w c:\windows\system32\N9ZUteSv640qK9c.vbs
    2009-05-26 00:17 . 2009-05-26 00:17 1372 ----a-w c:\windows\system32\H989lMTFJgwuW.vbs
    2009-05-26 00:00 . 2009-05-26 00:00 59526 ----a-w c:\windows\system32\qejfdbqxeudaftfk.dll-uninst.exe
    2009-05-26 00:00 . 2009-05-26 00:00 85660 ----a-w c:\windows\system32\458b129b-3179-a24d-6157-de1df97366f1.exe
    2009-05-25 21:22 . 2009-05-06 18:06 4784464 ----a-w c:\programdata\Microsoft\Windows Defender\Definition Updates\{0BB082F2-FA44-429E-8CE9-6290C059037E}\mpengine.dll
    2009-05-18 21:09 . 2009-05-18 21:09 -------- d-----w c:\program files\ASIO4ALL v2
    2009-05-18 21:09 . 2009-05-18 21:09 -------- d-----w c:\program files\VstPlugins
    2009-05-18 21:09 . 2006-06-20 08:56 225280 ----a-w c:\windows\system32\rewire.dll
    2009-05-18 21:09 . 2009-05-18 21:09 -------- d-----w c:\program files\Outsim
    2009-05-18 21:07 . 2009-05-18 21:10 -------- d-----w c:\program files\Image-Line
    2009-05-14 15:30 . 2009-05-14 15:30 574464 ----a-w c:\windows\system32\qejfdbqxeudaftfk.dll
    2009-05-12 01:12 . 2009-05-12 01:12 -------- d-----w c:\windows\vhid
    2009-05-12 01:12 . 2007-11-16 22:22 5504 ----a-w c:\windows\system32\drivers\walvhid.sys
    2009-05-06 21:43 . 2009-05-06 21:43 -------- d-----w c:\program files\QS
    2009-05-06 21:42 . 2009-05-06 21:42 -------- d-----w c:\program files\Windows Live Safety Center
    2009-05-02 15:23 . 2009-05-02 15:23 -------- d-----w C:\63a8f13bead36ad4f35e6bb4
    2009-04-29 14:29 . 2009-04-29 14:29 688128 ----a-w c:\windows\system32\nsa6241.dll

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-05-27 04:38 . 2008-12-19 02:48 -------- d-----w c:\program files\Steam
    2009-05-27 02:15 . 2008-12-24 05:25 138920 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
    2009-05-27 02:15 . 2008-12-24 05:25 189072 -c--a-w c:\windows\system32\PnkBstrB.exe
    2009-05-26 21:11 . 2006-11-02 15:48 705566 ----a-w c:\windows\system32\perfh00C.dat
    2009-05-26 21:11 . 2006-11-02 15:48 134782 ----a-w c:\windows\system32\perfc00C.dat
    2009-05-21 21:23 . 2009-01-12 20:44 -------- d-----w c:\programdata\lx_cats
    2009-05-14 02:38 . 2009-02-21 00:49 -------- d-----w c:\program files\FileZilla FTP Client
    2009-05-13 21:07 . 2008-12-16 17:03 -------- d-----w c:\programdata\Microsoft Help
    2009-05-13 21:05 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
    2009-05-12 01:32 . 2009-05-12 01:11 -------- d-----w c:\programdata\Tablet
    2009-05-12 01:11 . 2008-12-16 16:57 -------- d--h--w c:\program files\InstallShield Installation Information
    2009-05-02 15:22 . 2009-03-14 19:00 -------- d-----w c:\program files\illusion
    2009-04-29 21:33 . 2008-12-19 03:11 -------- d-----w c:\program files\Vuze
    2009-04-26 18:50 . 2009-04-26 18:50 -------- d-----w c:\programdata\Sandlot Games
    2009-04-26 18:50 . 2009-04-26 18:50 -------- d-----w c:\program files\Cake Mania 3
    2009-04-20 00:25 . 2009-04-20 00:25 230752 ----a-w c:\windows\patchw32.dll
    2009-04-19 17:59 . 2009-04-19 16:55 -------- d-----w c:\program files\DEVILMAYCRY4
    2009-04-19 15:06 . 2008-12-18 02:08 -------- d-----w c:\programdata\NVIDIA
    2009-04-19 15:04 . 2009-04-19 15:04 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_xusb21_01007.Wdf
    2009-04-17 03:03 . 2009-04-16 18:32 -------- d-----w c:\programdata\POPWWPROFILES
    2009-04-16 18:32 . 2009-01-02 19:12 -------- d-----w c:\program files\Ubisoft
    2009-04-13 15:24 . 2009-04-13 15:24 763208 ----a-w c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2009-04-09 14:49 . 2009-04-09 14:49 -------- d-----w c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
    2009-04-09 14:49 . 2009-04-09 14:49 -------- d-----w c:\program files\iTunes
    2009-04-09 14:49 . 2009-04-09 14:49 -------- d-----w c:\program files\iPod
    2009-04-09 14:49 . 2009-01-23 22:54 -------- d-----w c:\programdata\Apple Computer
    2009-04-09 14:49 . 2009-01-23 22:53 -------- d-----w c:\program files\Common Files\Apple
    2009-04-09 14:47 . 2009-04-09 14:47 75048 ----a-w c:\programdata\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe
    2009-04-08 18:29 . 2009-04-08 18:29 56448 ----a-w c:\windows\system32\drivers\xusb21.sys
    2009-04-06 22:49 . 2008-12-19 22:22 410984 ----a-w c:\windows\system32\deploytk.dll
    2009-04-06 22:47 . 2008-12-16 17:06 -------- d-----w c:\program files\Java
    2009-04-02 21:47 . 2009-01-02 00:30 -------- d-----w c:\program files\Common Files\PX Storage Engine
    2009-03-31 00:20 . 2008-12-24 05:24 75064 ----a-w c:\windows\system32\PnkBstrA.exe
    2009-03-30 14:43 . 2009-03-30 14:43 -------- d-----w c:\programdata\Tarma Installer
    2009-03-29 01:39 . 2008-12-31 23:35 -------- d-----w c:\programdata\TrackMania
    2009-03-28 22:26 . 2009-03-28 22:26 -------- d-----w c:\program files\Activision
    2009-03-27 12:14 . 2008-12-16 10:38 453152 ----a-w c:\windows\system32\nvuninst.exe
    2009-03-24 18:34 . 2009-03-30 14:43 383488 --s-a-r c:\programdata\Tarma Installer\{F99F1B4A-5CAF-4AC4-9522-CB54DE0D25A7}\_Setup.dll
    2009-03-19 20:32 . 2009-04-09 14:49 23400 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys
    2009-03-19 20:32 . 2009-03-19 20:32 23400 ----a-w c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
    2009-03-17 20:57 . 2009-03-30 14:43 4608 --s-a-r c:\programdata\Tarma Installer\{F99F1B4A-5CAF-4AC4-9522-CB54DE0D25A7}\_Setupx.dll
    2009-03-17 04:05 . 2009-03-30 14:41 221184 --s---r c:\programdata\Tarma Installer\{F99F1B4A-5CAF-4AC4-9522-CB54DE0D25A7}\Setup.exe
    2009-03-17 03:38 . 2009-04-16 18:17 13824 -c--a-w c:\windows\system32\apilogen.dll
    2009-03-17 03:38 . 2009-04-16 18:17 24064 -c--a-w c:\windows\system32\amxread.dll
    2009-03-16 18:18 . 2009-04-19 16:35 69448 ----a-w c:\windows\system32\XAPOFX1_3.dll
    2009-03-16 18:18 . 2009-04-19 16:35 517448 ----a-w c:\windows\system32\XAudio2_4.dll
    2009-03-16 18:18 . 2009-04-19 16:35 235352 ----a-w c:\windows\system32\xactengine3_4.dll
    2009-03-16 18:18 . 2009-04-19 16:35 22360 ----a-w c:\windows\system32\X3DAudio1_6.dll
    2009-03-14 18:55 . 2009-03-14 18:55 8192 ----a-w c:\windows\d3dx.dat
    2009-03-09 19:27 . 2009-04-19 16:35 453456 ----a-w c:\windows\system32\d3dx10_41.dll
    2009-03-09 19:27 . 2009-04-19 16:35 4178264 ----a-w c:\windows\system32\D3DX9_41.dll
    2009-03-09 19:27 . 2009-04-19 16:35 1846632 ----a-w c:\windows\system32\D3DCompiler_41.dll
    2009-03-03 04:46 . 2009-04-16 18:17 3599328 -c--a-w c:\windows\system32\ntkrnlpa.exe
    2009-03-03 04:46 . 2009-04-16 18:17 3547632 -c--a-w c:\windows\system32\ntoskrnl.exe
    2009-03-03 04:40 . 2009-04-16 18:17 827392 -c--a-w c:\windows\system32\wininet.dll
    2009-03-03 04:39 . 2009-04-16 18:17 183296 -c--a-w c:\windows\system32\sdohlp.dll
    2009-03-03 04:39 . 2009-04-16 18:17 551424 -c--a-w c:\windows\system32\rpcss.dll
    2009-03-03 04:39 . 2009-04-16 18:17 26112 -c--a-w c:\windows\system32\printfilterpipelineprxy.dll
    2009-03-03 04:37 . 2009-04-16 18:17 78336 -c--a-w c:\windows\system32\ieencode.dll
    2009-03-03 04:37 . 2009-04-16 18:17 98304 -c--a-w c:\windows\system32\iasrecst.dll
    2009-03-03 04:37 . 2009-04-16 18:17 54784 -c--a-w c:\windows\system32\iasads.dll
    2009-03-03 04:37 . 2009-04-16 18:17 44032 -c--a-w c:\windows\system32\iasdatastore.dll
    2009-03-03 03:04 . 2009-04-16 18:17 666624 -c--a-w c:\windows\system32\printfilterpipelinesvc.exe
    2009-03-03 02:38 . 2009-04-16 18:17 17408 -c--a-w c:\windows\system32\iashost.exe
    2009-03-03 02:28 . 2009-04-16 18:17 26624 -c--a-w c:\windows\system32\ieUnatt.exe
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{29ED419A-6943-2BF6-51A0-708D46DA4C48}]
    2009-05-14 15:30 574464 ----a-w c:\windows\System32\qejfdbqxeudaftfk.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3463b339-78df-bc47-5fae-15cd8aeff07e}]
    2009-04-29 14:29 688128 ----a-w c:\windows\System32\nsa6241.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-C39E-35F1D2A32EC8}]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
    @="{C5994560-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
    2008-01-16 22:52 80384 -c--a-w c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
    @="{C5994561-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
    2008-01-16 22:52 80384 -c--a-w c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
    @="{C5994562-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
    2008-01-16 22:52 80384 -c--a-w c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
    @="{C5994563-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
    2008-01-16 22:52 80384 -c--a-w c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
    @="{C5994564-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
    2008-01-16 22:52 80384 -c--a-w c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
    @="{C5994565-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
    2008-01-16 22:52 80384 -c--a-w c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
    @="{C5994566-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
    2008-01-16 22:52 80384 -c--a-w c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
    @="{C5994567-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
    2008-01-16 22:52 80384 -c--a-w c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
    @="{C5994568-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
    2008-01-16 22:52 80384 -c--a-w c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
    "LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-12-20 2656528]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-06 148888]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13687328]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 92704]
    "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-07-06 4669440]
    "MacrokeyManager"="WTMKM.exe" - c:\windows\System32\WTMKM.exe [2008-01-22 1969824]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "Launcher"="c:\windows\SMINST\launcher.exe" [2007-07-03 40072]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "FilterAdministratorToken"= 1 (0x1)
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"

    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
    path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
    backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup
    backupExtension=.CommonStartup

    [HKLM\~\startupfolder\C:^Users^Propriétaire^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
    path=c:\users\Propriétaire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
    backup=c:\windows\pss\MagicDisc.lnk.Startup
    backupExtension=.Startup

    [HKLM\~\startupfolder\C:^Users^Propriétaire^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 - Capture d'écran et lancement.lnk]
    path=c:\users\Propriétaire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 - Capture d'écran et lancement.lnk
    backup=c:\windows\pss\OneNote 2007 - Capture d'écran et lancement.lnk.Startup
    backupExtension=.Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "UacDisableNotify"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{D692D30D-8E82-4F53-AF09-6220CDF4A5CC}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{B7FC317D-3C8C-4902-B921-85F95892EA89}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "TCP Query User{F0D9950B-5164-44D4-B419-17AC90C5FE8C}c:\\program files\\steam\\steamapps\\mastodonde\\garrysmod\\hl2.exe"= UDP:c:\program files\steam\steamapps\mastodonde\garrysmod\hl2.exe:hl2
    "UDP Query User{526452E2-1B77-4CDB-B927-DE901E03BA33}c:\\program files\\steam\\steamapps\\mastodonde\\garrysmod\\hl2.exe"= TCP:c:\program files\steam\steamapps\mastodonde\garrysmod\hl2.exe:hl2
    "TCP Query User{D20E18C7-D397-4E9D-A9C2-0BCDE6C708EA}c:\\program files\\steam\\steamapps\\mastodonde\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\mastodonde\counter-strike source\hl2.exe:hl2
    "UDP Query User{9F2CBD02-5C86-4555-A891-91126806C62D}c:\\program files\\steam\\steamapps\\mastodonde\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\mastodonde\counter-strike source\hl2.exe:hl2
    "TCP Query User{8253AC18-B739-4244-A821-F70030C60865}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
    "UDP Query User{5ACF37BF-A39D-4F98-8BA2-A1D8E29CA571}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
    "{B532309D-92E4-4B25-90A3-FB85FD386975}"= UDP:c:\program files\Electronic Arts\Battlefield 2142 Deluxe Edition\BF2142.exe:Battlefield 2142
    "{CFE0661E-1242-42A8-A0D0-4D0FB7C655E3}"= TCP:c:\program files\Electronic Arts\Battlefield 2142 Deluxe Edition\BF2142.exe:Battlefield 2142
    "TCP Query User{F8A52457-F95B-47C1-983B-17CA84E98481}c:\\program files\\electronic arts\\eadm\\core.exe"= UDP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
    "UDP Query User{DC6C8C1F-3FC8-4136-A18A-13C9B5BA9D5E}c:\\program files\\electronic arts\\eadm\\core.exe"= TCP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
    "{0CCBE80B-902C-4133-AB34-0B950102077E}"= UDP:c:\program files\THQ\Gas Powered Games\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe:Supreme Commander - Forged Alliance
    "{57925093-33A9-44BA-8912-88F7CCDC0499}"= TCP:c:\program files\THQ\Gas Powered Games\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe:Supreme Commander - Forged Alliance
    "TCP Query User{DB3959BA-041C-42CE-A11D-FBE3B6FF9511}c:\\program files\\steam\\steamapps\\mastodonde\\source sdk base\\hl2.exe"= UDP:c:\program files\steam\steamapps\mastodonde\source sdk base\hl2.exe:hl2
    "UDP Query User{D17110A1-EC00-485B-90AA-C30D606A2BE2}c:\\program files\\steam\\steamapps\\mastodonde\\source sdk base\\hl2.exe"= TCP:c:\program files\steam\steamapps\mastodonde\source sdk base\hl2.exe:hl2
    "TCP Query User{D7CF1336-17A3-4069-B640-029875EE44EB}c:\\program files\\electronic arts\\eadm\\core.exe"= UDP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
    "UDP Query User{FC7D8009-7F8A-4182-8DAD-8D97296B2E32}c:\\program files\\electronic arts\\eadm\\core.exe"= TCP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
    "{5ADEBAFA-4071-4662-B6E2-20DD047BDF25}"= UDP:c:\windows\System32\PnkBstrA.exe:p nkBstrA
    "{9441CDCA-0465-46E6-A907-4BBE730AE2BD}"= TCP:c:\windows\System32\PnkBstrA.exe:p nkBstrA
    "{82FAC4B5-6FD0-4C84-8196-BB2305B56C50}"= UDP:c:\windows\System32\PnkBstrB.exe:p nkBstrB
    "{1B443661-8A3C-4127-8A71-F01A480B0E8B}"= TCP:c:\windows\System32\PnkBstrB.exe:p nkBstrB
    "TCP Query User{2818EC1B-4322-407E-B752-70D3B611CC3A}c:\\srcds\\orangebox\\srcds.exe"= UDP:c:\srcds\orangebox\srcds.exe:srcds
    "UDP Query User{8AA123E2-871E-4A22-AE01-FA3A6BFC4EA6}c:\\srcds\\orangebox\\srcds.exe"= TCP:c:\srcds\orangebox\srcds.exe:srcds
    "{28F33082-B873-4996-B6BA-B1A3014BAF6B}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
    "{5823EC30-3F52-4D3B-AE29-5B2542EC14DB}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
    "TCP Query User{A9F45215-7241-4509-B14F-E271AC8E2B6D}c:\\program files\\ubisoft\\far cry 2\\bin\\farcry2-devmode.exe"= UDP:c:\program files\ubisoft\far cry 2\bin\farcry2-devmode.exe:Far Cry® 2
    "UDP Query User{62756211-40AB-4451-9CFB-7FAC6C9C292B}c:\\program files\\ubisoft\\far cry 2\\bin\\farcry2-devmode.exe"= TCP:c:\program files\ubisoft\far cry 2\bin\farcry2-devmode.exe:Far Cry® 2
    "TCP Query User{F00FF250-7CEE-409E-9311-0241AC062273}c:\\program files\\ubisoft\\far cry 2\\bin\\farcry2 -devmode.exe"= UDP:c:\program files\ubisoft\far cry 2\bin\farcry2 -devmode.exe:Far Cry® 2
    "UDP Query User{66262118-2D48-45F1-8E0C-2B924349F349}c:\\program files\\ubisoft\\far cry 2\\bin\\farcry2 -devmode.exe"= TCP:c:\program files\ubisoft\far cry 2\bin\farcry2 -devmode.exe:Far Cry® 2
    "TCP Query User{42F57938-26B4-41F5-BC35-E2202ACE86D5}c:\\program files\\ubisoft\\far cry 2\\bin\\far cry 2.exe"= UDP:c:\program files\ubisoft\far cry 2\bin\far cry 2.exe:Far Cry® 2
    "UDP Query User{B4121E64-1D41-4447-B050-F1517963EB90}c:\\program files\\ubisoft\\far cry 2\\bin\\far cry 2.exe"= TCP:c:\program files\ubisoft\far cry 2\bin\far cry 2.exe:Far Cry® 2
    "TCP Query User{95321CDF-B30A-45EF-BDF8-BFCF6CF61F20}c:\\program files\\steam\\steamapps\\mastodonde\\team fortress 2\\hl2.exe"= UDP:c:\program files\steam\steamapps\mastodonde\team fortress 2\hl2.exe:hl2
    "UDP Query User{097D7A6F-C93A-4050-92CA-90CA82ECC4B3}c:\\program files\\steam\\steamapps\\mastodonde\\team fortress 2\\hl2.exe"= TCP:c:\program files\steam\steamapps\mastodonde\team fortress 2\hl2.exe:hl2
    "TCP Query User{6EA3FB27-FB48-4AE0-80E1-DEF8AC5AD31D}c:\\softimage\\xsi_6.01_mod_tool\\application\\bin\\xsi.exe"= UDP:c:\softimage\xsi_6.01_mod_tool\application\bin\xsi.exe:XSI
    "UDP Query User{3F1DBBD5-0CB9-4DFA-B5AB-1FDEBEF948D1}c:\\softimage\\xsi_6.01_mod_tool\\application\\bin\\xsi.exe"= TCP:c:\softimage\xsi_6.01_mod_tool\application\bin\xsi.exe:XSI
    "{D1DB23A2-DEFE-4433-96C3-043B4E104A79}"= UDP:c:\users\Propriétaire\AppData\Local\Temp\lxdi\wireless\FRENCH\lxdiwpss.exe:
    "{60359F42-5EE0-4EF8-859E-1F32F6A0FDA9}"= TCP:c:\users\Propriétaire\AppData\Local\Temp\lxdi\wireless\FRENCH\lxdiwpss.exe:
    "{131053E3-5B8E-4DCB-944B-2F261AB7C3FC}"= UDP:c:\program files\Pando Networks\Media Booster\PMB.exe:p ando Media Booster
    "{06215C3E-25A0-4DE7-9541-41C1A95CC2E5}"= TCP:c:\program files\Pando Networks\Media Booster\PMB.exe:p ando Media Booster
    "TCP Query User{ECD95399-A652-4167-B613-809C4FD45035}c:\\team17\\worms 3d\\bin\\worms3d.exe"= UDP:c:\team17\worms 3d\bin\worms3d.exe:Worms3D
    "UDP Query User{27394C88-A853-4FF9-BE77-B495207423C4}c:\\team17\\worms 3d\\bin\\worms3d.exe"= TCP:c:\team17\worms 3d\bin\worms3d.exe:Worms3D
    "TCP Query User{4F06DA05-B0DD-4E28-BF22-4F972E37C0B5}c:\\program files\\steam\\steamapps\\mastodonde\\synergy\\hl2.exe"= UDP:c:\program files\steam\steamapps\mastodonde\synergy\hl2.exe:hl2
    "UDP Query User{B9A006D4-2C7C-49F7-868E-6D313F2BF642}c:\\program files\\steam\\steamapps\\mastodonde\\synergy\\hl2.exe"= TCP:c:\program files\steam\steamapps\mastodonde\synergy\hl2.exe:hl2
    "TCP Query User{07D2CC20-FC7C-4057-A281-6C33B2F808A8}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
    "UDP Query User{C76C2FD9-5D74-4CB0-849B-1EE55DC3B393}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
    "{C469CF00-7EA7-48E9-8566-13EAFE188841}"= UDP:c:\users\Propriétaire\AppData\Local\Temp\lxdi\wireless\ENGLISH\lxdiwpss.exe:
    "{98C40055-5974-466E-B9D6-BD4AAC1AE60F}"= TCP:c:\users\Propriétaire\AppData\Local\Temp\lxdi\wireless\ENGLISH\lxdiwpss.exe:
    "{05D00B50-EDD0-4270-9745-C54785E2A787}"= UDP:c:\windows\System32\lxdicoms.exe:Lexmark Communications System
    "{38CF55B1-9A6E-4012-8B7C-3D9E6BECDDBB}"= TCP:c:\windows\System32\lxdicoms.exe:Lexmark Communications System
    "{37E5CC3F-F326-46F8-9A0A-81A99B515261}"= UDP:c:\program files\Lexmark 3500-4500 Series\lxdiamon.exe:Lexmark Device Monitor
    "{5A1B0152-DA8B-4A84-8755-6D71CE554C1A}"= TCP:c:\program files\Lexmark 3500-4500 Series\lxdiamon.exe:Lexmark Device Monitor
    "{6F36F2F7-D229-4CFD-A952-4D43580CC134}"= UDP:c:\program files\Lexmark 3500-4500 Series\App4R.exe:Lexmark Imaging Studio
    "{1EA8F590-662D-44B8-9104-D60FF1A62DC4}"= TCP:c:\program files\Lexmark 3500-4500 Series\App4R.exe:Lexmark Imaging Studio
    "{8466844A-060E-4B0C-BCC6-6E2FD0307970}"= UDP:c:\windows\System32\lxdicfg.exe:p rinter Communication System
    "{DD318022-9FD1-4C3A-9129-4805BDD4842A}"= TCP:c:\windows\System32\lxdicfg.exe:p rinter Communication System
    "{ECD92261-5CDF-43E0-A7B7-0888B77D7360}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdipswx.exe:p rinter Status Window Interface
    "{5C95AB9A-80A0-4DB7-8757-5B842B63E614}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdipswx.exe:p rinter Status Window Interface
    "{4AC5DEC9-8E45-4FC6-916C-A247CEAD21B9}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxditime.exe:Lexmark Connect Time Executable
    "{25CB0196-E8FB-4D4E-A988-C77D6A0A0934}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxditime.exe:Lexmark Connect Time Executable
    "{525CCF9C-6B9B-457D-AE3D-8F65DAFC0D14}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdijswx.exe:Job Status Window Interface
    "{3AF4B8BA-20CF-4B11-9F5B-BFDC26A24182}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdijswx.exe:Job Status Window Interface
    "{E756A079-C22B-4329-8224-6CFBE40EEE51}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
    "{FA523C4E-1B7B-4DD0-86EF-ABD3BB722C8B}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
    "{6E59EC20-29D5-4CD2-9F9C-EB43B60878B2}"= UDP:c:\windows\System32\lxdiih.exe:p rinter Communication System
    "{BCF62AF7-68F9-422C-8846-898540065C12}"= TCP:c:\windows\System32\lxdiih.exe:p rinter Communication System
    "TCP Query User{3D23392F-8DD1-4745-845F-DE02F8E1E7EC}c:\\program files\\steam\\steamapps\\mastodonde\\source dedicated server\\srcds.exe"= UDP:c:\program files\steam\steamapps\mastodonde\source dedicated server\srcds.exe:srcds
    "UDP Query User{4086CDC7-1276-49CA-A11B-7F6B9878248A}c:\\program files\\steam\\steamapps\\mastodonde\\source dedicated server\\srcds.exe"= TCP:c:\program files\steam\steamapps\mastodonde\source dedicated server\srcds.exe:srcds
    "{3BB088DA-9411-4357-88AD-948C2A2ADBBD}"= UDP:c:\program files\Steam\steamapps\common\trackmania united\TmForever.exe:TrackMania United Forever
    "{C3918E90-CC87-4A64-AF0C-4D9AED320B1B}"= TCP:c:\program files\Steam\steamapps\common\trackmania united\TmForever.exe:TrackMania United Forever
    "{72CB1C13-64C0-4723-8F6B-A18ACB061B7F}"= UDP:c:\program files\Steam\steamapps\common\trackmania united\TmForeverLauncher.exe:TrackMania United Forever
    "{EDCE4A03-E6B3-4239-A315-C8F4F3260322}"= TCP:c:\program files\Steam\steamapps\common\trackmania united\TmForeverLauncher.exe:TrackMania United Forever
    "{3D640CF3-7B5C-43A5-8ED0-C1DC59B70CB7}"= UDP:c:\program files\Steam\steamapps\common\flatout2\FlatOut2.exe:FlatOut2
    "{ECF46348-B7F8-4D9E-B09A-47A569CB0BA0}"= TCP:c:\program files\Steam\steamapps\common\flatout2\FlatOut2.exe:FlatOut2
    "{34F3D320-0490-49B5-A6BB-65C883ECF432}"= UDP:c:\program files\Lexmark 3500-4500 Series\lxdimon.exe:D evice Monitor
    "{C7CD04F4-3EBE-4B41-B65E-8A79BF1BB96F}"= TCP:c:\program files\Lexmark 3500-4500 Series\lxdimon.exe:D evice Monitor
    "{C8648C7C-EB0B-4C6D-9CB8-1E5A47E7697F}"= UDP:c:\program files\Ventrilo\Ventrilo.exe:Ventrilo.exe
    "{92F1D3C1-4EFC-45F0-A786-F3DD5180351D}"= TCP:c:\program files\Ventrilo\Ventrilo.exe:Ventrilo.exe
    "{419FFD78-A5CC-4A0D-8B0A-D7EE6FFEC230}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdiwbgw.exe:Lexmark Web Gateway
    "{5A8A7ABF-24E3-4752-9DD7-64F26E9A39DF}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdiwbgw.exe:Lexmark Web Gateway
    "TCP Query User{5417CF51-1E75-42D8-935B-C9D58D690C97}c:\\program files\\hlsw\\hlsw.exe"= UDP:c:\program files\hlsw\hlsw.exe:HLSW Application
    "UDP Query User{52CEEC96-63A9-47D1-A8E6-BE24D4156671}c:\\program files\\hlsw\\hlsw.exe"= TCP:c:\program files\hlsw\hlsw.exe:HLSW Application
    "{5FDC85F9-9298-4454-B017-B7BFA45793FD}"= UDP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
    "{C82F4363-F957-400C-9E11-CC246570AA50}"= TCP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
    "{0490411A-F407-4A61-AFC6-8EF4649E6908}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{B38C0524-E058-4B78-ABB5-78CC9174EA01}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "TCP Query User{3944C51C-D365-4DC9-BAE3-B37E9FBC62BF}c:\\program files\\steam\\steamapps\\mastodonde\\synergy dedicated server\\srcds.exe"= UDP:c:\program files\steam\steamapps\mastodonde\synergy dedicated server\srcds.exe:srcds
    "UDP Query User{71D15D9B-F86C-46A9-A04D-3BAC2C64FE3A}c:\\program files\\steam\\steamapps\\mastodonde\\synergy dedicated server\\srcds.exe"= TCP:c:\program files\steam\steamapps\mastodonde\synergy dedicated server\srcds.exe:srcds
    "{4538BBCA-EC39-44A6-9052-6E283BC26842}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
    "{EB526A86-DA92-4EAA-A5AE-4406407E07CD}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
    "TCP Query User{44BF396F-A3F5-4951-B95B-D41716C144F1}c:\\users\\propriétaire\\temp\\teamviewer\\version4\\teamviewer.exe"= UDP:c:\users\propriétaire\temp\teamviewer\version4\teamviewer.exe:teamviewer.exe
    "UDP Query User{590257D0-B915-4B42-8E10-7B66E50DB41D}c:\\users\\propriétaire\\temp\\teamviewer\\version4\\teamviewer.exe"= TCP:c:\users\propriétaire\temp\teamviewer\version4\teamviewer.exe:teamviewer.exe
    "{BBA36E3C-B7AB-4B7C-81FD-AFB59C7E74F4}"= UDP:c:\program files\Steam\steamapps\common\left 4 dead\left4dead.exe:Left 4 Dead
    "{6615E39F-0CCB-4C04-B05B-DCD9FFDAA257}"= TCP:c:\program files\Steam\steamapps\common\left 4 dead\left4dead.exe:Left 4 Dead
    "TCP Query User{0F4B97A7-F636-4639-A24A-284FD6E9E30E}c:\\program files\\filezilla ftp client\\filezilla.exe"= UDP:c:\program files\filezilla ftp client\filezilla.exe:FileZilla FTP Client
    "UDP Query User{0C5C1039-66EE-44DA-AD54-35EC55EE39F1}c:\\program files\\filezilla ftp client\\filezilla.exe"= TCP:c:\program files\filezilla ftp client\filezilla.exe:FileZilla FTP Client
    "TCP Query User{2C76C58D-7E89-47DF-8749-CEC1C596D914}c:\\program files\\steam\\steamapps\\phoenix_rebirth\\team fortress 2\\hl2.exe"= UDP:c:\program files\steam\steamapps\phoenix_rebirth\team fortress 2\hl2.exe:hl2
    "UDP Query User{989B8363-96B0-4723-BD76-63517C3704B5}c:\\program files\\steam\\steamapps\\phoenix_rebirth\\team fortress 2\\hl2.exe"= TCP:c:\program files\steam\steamapps\phoenix_rebirth\team fortress 2\hl2.exe:hl2
    "TCP Query User{E3682EEE-2CCD-4974-8D63-ECF5AD388A50}c:\\program files\\steam\\steamapps\\mastodonde\\source 2007 dedicated server\\srcds.exe"= UDP:c:\program files\steam\steamapps\mastodonde\source 2007 dedicated server\srcds.exe:srcds
    "UDP Query User{B0EBDD4E-51E9-4D88-9E76-79F4BCBA801A}c:\\program files\\steam\\steamapps\\mastodonde\\source 2007 dedicated server\\srcds.exe"= TCP:c:\program files\steam\steamapps\mastodonde\source 2007 dedicated server\srcds.exe:srcds

    R2 lxdi_device;lxdi_device;c:\windows\system32\lxdicoms.exe -service --> c:\windows\system32\lxdicoms.exe -service [?]
    R2 WTService;WTService;c:\windows\system32\atwtusb.exe -s --> c:\windows\system32\atwtusb.exe -s [?]
    S3 NETw2v32;Pilote de connexion réseau PRO/Sans fil 2200BG Intel(R) pour Windows Vista;c:\windows\System32\drivers\NETw2v32.sys [2006-11-02 2589184]

    --- Autres Services/Pilotes en mémoire ---

    *Deregistered* - sptd

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LPDService REG_MULTI_SZ LPDSVC
    .
    Contenu du dossier 'Tâches planifiées'
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    SafeBoot-procexp90.Sys


    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://www.newgrounds.com/
    mStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofoun...
    uInternet Settings,ProxyOverride = *.local
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    Handler: intu-ir2008 - {729D3592-92E7-4cbc-8E44-3C22B3F457B3} - c:\program files\ImpotRapide 2008\ic2008pp.dll
    FF - ProfilePath - c:\users\Propriétaire\AppData\Roaming\Mozilla\Firefox\Profiles\4m1bcosy.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://www27.yoog.com/search.php?q=
    FF - prefs.js: browser.search.selectedEngine - Recherche de Yoog
    FF - prefs.js: browser.startup.homepage - hxxp://www27.yoog.com/
    FF - prefs.js: keyword.URL - hxxp://www27.yoog.com/search.php?q=

    ---- PARAMETRES FIREFOX ----
    FF - user.js: browser.startup.homepage - hxxp://www27.yoog.com/
    FF - user.js: browser.search.selectedEngine - Recherche de Yoog
    FF - user.js: keyword.URL - hxxp://www27.yoog.com/search.php?q=
    FF - user.js: keyword.enabled - true
    FF - user.js: browser.search.defaultenginename - Recherche de Yoog
    FF - user.js: browser.search.defaulturl - hxxp://www27.yoog.com/search.php?q=
    FF - user.js: google.toolbar.linkdoctor.enabled - false
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-05-27 17:18
    Windows 6.0.6001 Service Pack 1 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'Explorer.exe'(8112)
    c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    c:\program files\TortoiseSVN\bin\TortoiseStub.dll
    c:\program files\TortoiseSVN\bin\TortoiseSVN.dll
    c:\program files\TortoiseSVN\bin\intl3_tsvn.dll
    c:\windows\TEMP\logishrd\LVPrcInj01.dll
    c:\windows\system32\authui.dll
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\windows\System32\nvvsvc.exe
    c:\windows\System32\audiodg.exe
    c:\windows\System32\rundll32.exe
    c:\windows\System32\wisptis.exe
    c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    c:\windows\System32\CISVC.EXE
    c:\program files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
    c:\windows\System32\lxdicoms.exe
    c:\program files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
    c:\windows\System32\PnkBstrA.exe
    c:\windows\System32\PnkBstrB.exe
    c:\windows\System32\TCPSVCS.EXE
    c:\windows\System32\atwtusb.exe
    c:\windows\System32\WUDFHost.exe
    c:\windows\System32\drivers\XAudio.exe
    c:\windows\System32\wisptis.exe
    c:\windows\System32\conime.exe
    c:\windows\System32\rundll32.exe
    c:\program files\TortoiseSVN\bin\TSVNCache.exe
    c:\windows\ehome\ehmsas.exe
    c:\program files\Windows Media Player\wmpnetwk.exe
    c:\windows\ehome\mcupdate.exe
    c:\program files\iPod\bin\iPodService.exe
    c:\program files\Common Files\logishrd\LQCVFX\COCIManager.exe
    c:\program files\Common Files\microsoft shared\ink\InputPersonalization.exe
    c:\windows\servicing\TrustedInstaller.exe
    .
    **************************************************************************
    .
    Heure de fin: 2009-05-27 17:25 - La machine a redémarré
    ComboFix-quarantined-files.txt 2009-05-27 21:24

    Avant-CF: 168 848 486 400 octets libres
    Après-CF: 169 052 045 312 octets libres

    402 --- E O F --- 2009-05-25 21:23
    Contenus similaires
    a b 8 Sécurité
    28 Mai 2009 17:38:07

    Re,

    Sélectionne l'intégralité du cadre ci-dessous :

    File::
    c:\windows\system32\N9ZUteSv640qK9c.vbs
    c:\windows\system32\H989lMTFJgwuW.vbs
    c:\windows\system32\qejfdbqxeudaftfk.dll-uninst.exe
    c:\windows\system32\458b129b-3179-a24d-6157-de1df97366f1.exe
    c:\windows\system32\qejfdbqxeudaftfk.dll
    c:\windows\system32\nsa6241.dll
    c:\users\Propriétaire\AppData\Roaming\Mozilla\Firefox\Profiles\4m1bcosy.default\user.js

    DirlLook::
    C:\63a8f13bead36ad4f35e6bb4

    Firefox::
    FF - ProfilePath - c:\users\Propriétaire\AppData\Roaming\Mozilla\Firefox\Profiles\4m1bcosy.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://www27.yoog.com/search.php?q=
    FF - prefs.js: browser.search.selectedEngine - Recherche de Yoog
    FF - prefs.js: browser.startup.homepage - hxxp://www27.yoog.com/
    FF - prefs.js: keyword.URL - hxxp://www27.yoog.com/search.php?q=
    FF - user.js: browser.startup.homepage - hxxp://www27.yoog.com/
    FF - user.js: browser.search.selectedEngine - Recherche de Yoog
    FF - user.js: keyword.URL - hxxp://www27.yoog.com/search.php?q=
    FF - user.js: browser.search.defaulturl - hxxp://www27.yoog.com/search.php?q=

    Registry::
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{29ED419A-6943-2BF6-51A0-708D46DA4C48}]
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3463b339-78df-bc47-5fae-15cd8aeff07e}]
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-C39E-35F1D2A32EC8}]


  • Copie/colle le dans le Bloc Notes (Démarrer\Tous les programmes\Accessoires\Bloc notes.)
  • Enregistre le sous sur ton bureau sous le nom de CFScript.txt
  • Glisse maintenant le fichier CFScript.txt dans ComboFix.exe comme ci-dessous :

  • Cela va relancer Combofix.
  • Tu devras accepter la licence.

    Poste le contenu du rapport ComboFix.txt après redémarrage s'il y en a un.

    Le rapport se trouve ici : %SystemDrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ en général)
    28 Mai 2009 23:27:03

    k merci et heu j'arrive de l'école a 5h00
    voici le rapport

    ComboFix 09-05-28.01 - Propriétaire 2009-05-28 17:10.2 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.2.1036.18.3071.1966 [GMT -4:00]
    Lancé depuis: c:\users\Propriétaire\Downloads\ComboFix.exe
    Commutateurs utilisés :: c:\users\Propriétaire\Desktop\david\CFScript.txt
    SP: AVG Anti-Spyware *disabled* (Updated) {48F2E28D-ED66-4646-9C11-B3055B0AF604}
    SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

    FILE ::
    "c:\users\Propriétaire\AppData\Roaming\Mozilla\Firefox\Profiles\4m1bcosy.default\user.js"
    "c:\windows\system32\458b129b-3179-a24d-6157-de1df97366f1.exe"
    "c:\windows\system32\H989lMTFJgwuW.vbs"
    "c:\windows\system32\N9ZUteSv640qK9c.vbs"
    "c:\windows\system32\nsa6241.dll"
    "c:\windows\system32\qejfdbqxeudaftfk.dll-uninst.exe"
    "c:\windows\system32\qejfdbqxeudaftfk.dll"
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\users\Propriétaire\AppData\Roaming\Mozilla\Firefox\Profiles\4m1bcosy.default\user.js
    c:\windows\system32\458b129b-3179-a24d-6157-de1df97366f1.exe
    c:\windows\system32\H989lMTFJgwuW.vbs
    c:\windows\system32\N9ZUteSv640qK9c.vbs
    c:\windows\system32\nsa6241.dll
    c:\windows\system32\qejfdbqxeudaftfk.dll-uninst.exe
    c:\windows\system32\qejfdbqxeudaftfk.dll
    c:\windows\TEMP\logishrd\LVPrcInj01.dll

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2009-04-28 au 2009-05-28 ))))))))))))))))))))))))))))))))))))
    .

    2009-05-26 21:17 . 2009-05-26 17:20 40160 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
    2009-05-26 21:17 . 2009-05-26 21:17 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
    2009-05-26 21:17 . 2009-05-26 17:19 19096 ----a-w c:\windows\system32\drivers\mbam.sys
    2009-05-26 21:15 . 2009-05-26 23:47 -------- d-----w C:\ToolBar SD
    2009-05-25 21:22 . 2009-05-06 18:06 4784464 ----a-w c:\programdata\Microsoft\Windows Defender\Definition Updates\{0BB082F2-FA44-429E-8CE9-6290C059037E}\mpengine.dll
    2009-05-18 21:09 . 2009-05-18 21:09 -------- d-----w c:\program files\ASIO4ALL v2
    2009-05-18 21:09 . 2009-05-18 21:09 -------- d-----w c:\program files\VstPlugins
    2009-05-18 21:09 . 2006-06-20 08:56 225280 ----a-w c:\windows\system32\rewire.dll
    2009-05-18 21:09 . 2009-05-18 21:09 -------- d-----w c:\program files\Outsim
    2009-05-18 21:07 . 2009-05-18 21:10 -------- d-----w c:\program files\Image-Line
    2009-05-12 01:12 . 2009-05-12 01:12 -------- d-----w c:\windows\vhid
    2009-05-12 01:12 . 2007-11-16 22:22 5504 ----a-w c:\windows\system32\drivers\walvhid.sys
    2009-05-06 21:43 . 2009-05-06 21:43 -------- d-----w c:\program files\QS
    2009-05-06 21:42 . 2009-05-06 21:42 -------- d-----w c:\program files\Windows Live Safety Center
    2009-05-02 15:23 . 2009-05-02 15:23 -------- d-----w C:\63a8f13bead36ad4f35e6bb4

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-05-28 04:00 . 2008-12-19 02:48 -------- d-----w c:\program files\Steam
    2009-05-28 03:57 . 2008-12-24 05:25 189072 -c--a-w c:\windows\system32\PnkBstrB.exe
    2009-05-28 03:36 . 2008-12-24 05:25 138920 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
    2009-05-26 21:11 . 2006-11-02 15:48 705566 ----a-w c:\windows\system32\perfh00C.dat
    2009-05-26 21:11 . 2006-11-02 15:48 134782 ----a-w c:\windows\system32\perfc00C.dat
    2009-05-21 21:23 . 2009-01-12 20:44 -------- d-----w c:\programdata\lx_cats
    2009-05-14 02:38 . 2009-02-21 00:49 -------- d-----w c:\program files\FileZilla FTP Client
    2009-05-13 21:07 . 2008-12-16 17:03 -------- d-----w c:\programdata\Microsoft Help
    2009-05-13 21:05 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
    2009-05-12 01:32 . 2009-05-12 01:11 -------- d-----w c:\programdata\Tablet
    2009-05-12 01:11 . 2008-12-16 16:57 -------- d--h--w c:\program files\InstallShield Installation Information
    2009-05-02 15:22 . 2009-03-14 19:00 -------- d-----w c:\program files\illusion
    2009-04-29 21:33 . 2008-12-19 03:11 -------- d-----w c:\program files\Vuze
    2009-04-26 18:50 . 2009-04-26 18:50 -------- d-----w c:\programdata\Sandlot Games
    2009-04-26 18:50 . 2009-04-26 18:50 -------- d-----w c:\program files\Cake Mania 3
    2009-04-20 00:25 . 2009-04-20 00:25 230752 ----a-w c:\windows\patchw32.dll
    2009-04-19 17:59 . 2009-04-19 16:55 -------- d-----w c:\program files\DEVILMAYCRY4
    2009-04-19 15:06 . 2008-12-18 02:08 -------- d-----w c:\programdata\NVIDIA
    2009-04-19 15:04 . 2009-04-19 15:04 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_xusb21_01007.Wdf
    2009-04-17 03:03 . 2009-04-16 18:32 -------- d-----w c:\programdata\POPWWPROFILES
    2009-04-16 18:32 . 2009-01-02 19:12 -------- d-----w c:\program files\Ubisoft
    2009-04-13 15:24 . 2009-04-13 15:24 763208 ----a-w c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2009-04-09 14:49 . 2009-04-09 14:49 -------- d-----w c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
    2009-04-09 14:49 . 2009-04-09 14:49 -------- d-----w c:\program files\iTunes
    2009-04-09 14:49 . 2009-04-09 14:49 -------- d-----w c:\program files\iPod
    2009-04-09 14:49 . 2009-01-23 22:54 -------- d-----w c:\programdata\Apple Computer
    2009-04-09 14:49 . 2009-01-23 22:53 -------- d-----w c:\program files\Common Files\Apple
    2009-04-09 14:47 . 2009-04-09 14:47 75048 ----a-w c:\programdata\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe
    2009-04-08 18:29 . 2009-04-08 18:29 56448 ----a-w c:\windows\system32\drivers\xusb21.sys
    2009-04-06 22:49 . 2008-12-19 22:22 410984 ----a-w c:\windows\system32\deploytk.dll
    2009-04-06 22:47 . 2008-12-16 17:06 -------- d-----w c:\program files\Java
    2009-04-02 21:47 . 2009-01-02 00:30 -------- d-----w c:\program files\Common Files\PX Storage Engine
    2009-03-31 00:20 . 2008-12-24 05:24 75064 ----a-w c:\windows\system32\PnkBstrA.exe
    2009-03-30 14:43 . 2009-03-30 14:43 -------- d-----w c:\programdata\Tarma Installer
    2009-03-27 12:14 . 2008-12-16 10:38 453152 ----a-w c:\windows\system32\nvuninst.exe
    2009-03-24 18:34 . 2009-03-30 14:43 383488 --s-a-r c:\programdata\Tarma Installer\{F99F1B4A-5CAF-4AC4-9522-CB54DE0D25A7}\_Setup.dll
    2009-03-19 20:32 . 2009-04-09 14:49 23400 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys
    2009-03-19 20:32 . 2009-03-19 20:32 23400 ----a-w c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
    2009-03-17 20:57 . 2009-03-30 14:43 4608 --s-a-r c:\programdata\Tarma Installer\{F99F1B4A-5CAF-4AC4-9522-CB54DE0D25A7}\_Setupx.dll
    2009-03-17 04:05 . 2009-03-30 14:41 221184 --s---r c:\programdata\Tarma Installer\{F99F1B4A-5CAF-4AC4-9522-CB54DE0D25A7}\Setup.exe
    2009-03-17 03:38 . 2009-04-16 18:17 13824 -c--a-w c:\windows\system32\apilogen.dll
    2009-03-17 03:38 . 2009-04-16 18:17 24064 -c--a-w c:\windows\system32\amxread.dll
    2009-03-16 18:18 . 2009-04-19 16:35 69448 ----a-w c:\windows\system32\XAPOFX1_3.dll
    2009-03-16 18:18 . 2009-04-19 16:35 517448 ----a-w c:\windows\system32\XAudio2_4.dll
    2009-03-16 18:18 . 2009-04-19 16:35 235352 ----a-w c:\windows\system32\xactengine3_4.dll
    2009-03-16 18:18 . 2009-04-19 16:35 22360 ----a-w c:\windows\system32\X3DAudio1_6.dll
    2009-03-14 18:55 . 2009-03-14 18:55 8192 ----a-w c:\windows\d3dx.dat
    2009-03-09 19:27 . 2009-04-19 16:35 453456 ----a-w c:\windows\system32\d3dx10_41.dll
    2009-03-09 19:27 . 2009-04-19 16:35 4178264 ----a-w c:\windows\system32\D3DX9_41.dll
    2009-03-09 19:27 . 2009-04-19 16:35 1846632 ----a-w c:\windows\system32\D3DCompiler_41.dll
    2009-03-03 04:46 . 2009-04-16 18:17 3599328 -c--a-w c:\windows\system32\ntkrnlpa.exe
    2009-03-03 04:46 . 2009-04-16 18:17 3547632 -c--a-w c:\windows\system32\ntoskrnl.exe
    2009-03-03 04:40 . 2009-04-16 18:17 827392 -c--a-w c:\windows\system32\wininet.dll
    2009-03-03 04:39 . 2009-04-16 18:17 183296 -c--a-w c:\windows\system32\sdohlp.dll
    2009-03-03 04:39 . 2009-04-16 18:17 551424 -c--a-w c:\windows\system32\rpcss.dll
    2009-03-03 04:39 . 2009-04-16 18:17 26112 -c--a-w c:\windows\system32\printfilterpipelineprxy.dll
    2009-03-03 04:37 . 2009-04-16 18:17 78336 -c--a-w c:\windows\system32\ieencode.dll
    2009-03-03 04:37 . 2009-04-16 18:17 98304 -c--a-w c:\windows\system32\iasrecst.dll
    2009-03-03 04:37 . 2009-04-16 18:17 54784 -c--a-w c:\windows\system32\iasads.dll
    2009-03-03 04:37 . 2009-04-16 18:17 44032 -c--a-w c:\windows\system32\iasdatastore.dll
    2009-03-03 03:04 . 2009-04-16 18:17 666624 -c--a-w c:\windows\system32\printfilterpipelinesvc.exe
    2009-03-03 02:38 . 2009-04-16 18:17 17408 -c--a-w c:\windows\system32\iashost.exe
    2009-03-03 02:28 . 2009-04-16 18:17 26624 -c--a-w c:\windows\system32\ieUnatt.exe
    .

    ((((((((((((((((((((((((((((( SnapShot@2009-05-27_21.18.56 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2006-11-11 19:09 . 2009-05-28 21:03 50796 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
    + 2006-11-02 13:05 . 2009-05-28 21:03 77164 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
    + 2008-12-18 02:01 . 2009-05-28 21:03 14124 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-766350294-606114207-2145607428-1000_UserData.bin
    + 2009-05-28 21:15 . 2009-05-28 21:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    - 2009-05-27 21:16 . 2009-05-27 21:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2009-05-28 21:15 . 2009-05-28 21:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    - 2009-05-27 21:16 . 2009-05-27 21:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
    @="{C5994560-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
    2008-01-16 22:52 80384 -c--a-w c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
    @="{C5994561-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
    2008-01-16 22:52 80384 -c--a-w c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
    @="{C5994562-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
    2008-01-16 22:52 80384 -c--a-w c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
    @="{C5994563-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
    2008-01-16 22:52 80384 -c--a-w c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
    @="{C5994564-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
    2008-01-16 22:52 80384 -c--a-w c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
    @="{C5994565-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
    2008-01-16 22:52 80384 -c--a-w c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
    @="{C5994566-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
    2008-01-16 22:52 80384 -c--a-w c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
    @="{C5994567-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
    2008-01-16 22:52 80384 -c--a-w c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
    @="{C5994568-53D9-4125-87C9-F193FC689CB2}"
    [HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
    2008-01-16 22:52 80384 -c--a-w c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
    "LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-12-20 2656528]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-06 148888]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13687328]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 92704]
    "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-07-06 4669440]
    "MacrokeyManager"="WTMKM.exe" - c:\windows\System32\WTMKM.exe [2008-01-22 1969824]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "Launcher"="c:\windows\SMINST\launcher.exe" [2007-07-03 40072]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "FilterAdministratorToken"= 1 (0x1)
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"

    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
    path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
    backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup
    backupExtension=.CommonStartup

    [HKLM\~\startupfolder\C:^Users^Propriétaire^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
    path=c:\users\Propriétaire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
    backup=c:\windows\pss\MagicDisc.lnk.Startup
    backupExtension=.Startup

    [HKLM\~\startupfolder\C:^Users^Propriétaire^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 - Capture d'écran et lancement.lnk]
    path=c:\users\Propriétaire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 - Capture d'écran et lancement.lnk
    backup=c:\windows\pss\OneNote 2007 - Capture d'écran et lancement.lnk.Startup
    backupExtension=.Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "UacDisableNotify"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{D692D30D-8E82-4F53-AF09-6220CDF4A5CC}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{B7FC317D-3C8C-4902-B921-85F95892EA89}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "TCP Query User{F0D9950B-5164-44D4-B419-17AC90C5FE8C}c:\\program files\\steam\\steamapps\\mastodonde\\garrysmod\\hl2.exe"= UDP:c:\program files\steam\steamapps\mastodonde\garrysmod\hl2.exe:hl2
    "UDP Query User{526452E2-1B77-4CDB-B927-DE901E03BA33}c:\\program files\\steam\\steamapps\\mastodonde\\garrysmod\\hl2.exe"= TCP:c:\program files\steam\steamapps\mastodonde\garrysmod\hl2.exe:hl2
    "TCP Query User{D20E18C7-D397-4E9D-A9C2-0BCDE6C708EA}c:\\program files\\steam\\steamapps\\mastodonde\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\mastodonde\counter-strike source\hl2.exe:hl2
    "UDP Query User{9F2CBD02-5C86-4555-A891-91126806C62D}c:\\program files\\steam\\steamapps\\mastodonde\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\mastodonde\counter-strike source\hl2.exe:hl2
    "TCP Query User{8253AC18-B739-4244-A821-F70030C60865}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
    "UDP Query User{5ACF37BF-A39D-4F98-8BA2-A1D8E29CA571}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
    "{B532309D-92E4-4B25-90A3-FB85FD386975}"= UDP:c:\program files\Electronic Arts\Battlefield 2142 Deluxe Edition\BF2142.exe:Battlefield 2142
    "{CFE0661E-1242-42A8-A0D0-4D0FB7C655E3}"= TCP:c:\program files\Electronic Arts\Battlefield 2142 Deluxe Edition\BF2142.exe:Battlefield 2142
    "TCP Query User{F8A52457-F95B-47C1-983B-17CA84E98481}c:\\program files\\electronic arts\\eadm\\core.exe"= UDP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
    "UDP Query User{DC6C8C1F-3FC8-4136-A18A-13C9B5BA9D5E}c:\\program files\\electronic arts\\eadm\\core.exe"= TCP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
    "{0CCBE80B-902C-4133-AB34-0B950102077E}"= UDP:c:\program files\THQ\Gas Powered Games\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe:Supreme Commander - Forged Alliance
    "{57925093-33A9-44BA-8912-88F7CCDC0499}"= TCP:c:\program files\THQ\Gas Powered Games\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe:Supreme Commander - Forged Alliance
    "TCP Query User{DB3959BA-041C-42CE-A11D-FBE3B6FF9511}c:\\program files\\steam\\steamapps\\mastodonde\\source sdk base\\hl2.exe"= UDP:c:\program files\steam\steamapps\mastodonde\source sdk base\hl2.exe:hl2
    "UDP Query User{D17110A1-EC00-485B-90AA-C30D606A2BE2}c:\\program files\\steam\\steamapps\\mastodonde\\source sdk base\\hl2.exe"= TCP:c:\program files\steam\steamapps\mastodonde\source sdk base\hl2.exe:hl2
    "TCP Query User{D7CF1336-17A3-4069-B640-029875EE44EB}c:\\program files\\electronic arts\\eadm\\core.exe"= UDP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
    "UDP Query User{FC7D8009-7F8A-4182-8DAD-8D97296B2E32}c:\\program files\\electronic arts\\eadm\\core.exe"= TCP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
    "{5ADEBAFA-4071-4662-B6E2-20DD047BDF25}"= UDP:c:\windows\System32\PnkBstrA.exe:p nkBstrA
    "{9441CDCA-0465-46E6-A907-4BBE730AE2BD}"= TCP:c:\windows\System32\PnkBstrA.exe:p nkBstrA
    "{82FAC4B5-6FD0-4C84-8196-BB2305B56C50}"= UDP:c:\windows\System32\PnkBstrB.exe:p nkBstrB
    "{1B443661-8A3C-4127-8A71-F01A480B0E8B}"= TCP:c:\windows\System32\PnkBstrB.exe:p nkBstrB
    "TCP Query User{2818EC1B-4322-407E-B752-70D3B611CC3A}c:\\srcds\\orangebox\\srcds.exe"= UDP:c:\srcds\orangebox\srcds.exe:srcds
    "UDP Query User{8AA123E2-871E-4A22-AE01-FA3A6BFC4EA6}c:\\srcds\\orangebox\\srcds.exe"= TCP:c:\srcds\orangebox\srcds.exe:srcds
    "{28F33082-B873-4996-B6BA-B1A3014BAF6B}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
    "{5823EC30-3F52-4D3B-AE29-5B2542EC14DB}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
    "TCP Query User{A9F45215-7241-4509-B14F-E271AC8E2B6D}c:\\program files\\ubisoft\\far cry 2\\bin\\farcry2-devmode.exe"= UDP:c:\program files\ubisoft\far cry 2\bin\farcry2-devmode.exe:Far Cry® 2
    "UDP Query User{62756211-40AB-4451-9CFB-7FAC6C9C292B}c:\\program files\\ubisoft\\far cry 2\\bin\\farcry2-devmode.exe"= TCP:c:\program files\ubisoft\far cry 2\bin\farcry2-devmode.exe:Far Cry® 2
    "TCP Query User{F00FF250-7CEE-409E-9311-0241AC062273}c:\\program files\\ubisoft\\far cry 2\\bin\\farcry2 -devmode.exe"= UDP:c:\program files\ubisoft\far cry 2\bin\farcry2 -devmode.exe:Far Cry® 2
    "UDP Query User{66262118-2D48-45F1-8E0C-2B924349F349}c:\\program files\\ubisoft\\far cry 2\\bin\\farcry2 -devmode.exe"= TCP:c:\program files\ubisoft\far cry 2\bin\farcry2 -devmode.exe:Far Cry® 2
    "TCP Query User{42F57938-26B4-41F5-BC35-E2202ACE86D5}c:\\program files\\ubisoft\\far cry 2\\bin\\far cry 2.exe"= UDP:c:\program files\ubisoft\far cry 2\bin\far cry 2.exe:Far Cry® 2
    "UDP Query User{B4121E64-1D41-4447-B050-F1517963EB90}c:\\program files\\ubisoft\\far cry 2\\bin\\far cry 2.exe"= TCP:c:\program files\ubisoft\far cry 2\bin\far cry 2.exe:Far Cry® 2
    "TCP Query User{95321CDF-B30A-45EF-BDF8-BFCF6CF61F20}c:\\program files\\steam\\steamapps\\mastodonde\\team fortress 2\\hl2.exe"= UDP:c:\program files\steam\steamapps\mastodonde\team fortress 2\hl2.exe:hl2
    "UDP Query User{097D7A6F-C93A-4050-92CA-90CA82ECC4B3}c:\\program files\\steam\\steamapps\\mastodonde\\team fortress 2\\hl2.exe"= TCP:c:\program files\steam\steamapps\mastodonde\team fortress 2\hl2.exe:hl2
    "TCP Query User{6EA3FB27-FB48-4AE0-80E1-DEF8AC5AD31D}c:\\softimage\\xsi_6.01_mod_tool\\application\\bin\\xsi.exe"= UDP:c:\softimage\xsi_6.01_mod_tool\application\bin\xsi.exe:XSI
    "UDP Query User{3F1DBBD5-0CB9-4DFA-B5AB-1FDEBEF948D1}c:\\softimage\\xsi_6.01_mod_tool\\application\\bin\\xsi.exe"= TCP:c:\softimage\xsi_6.01_mod_tool\application\bin\xsi.exe:XSI
    "{D1DB23A2-DEFE-4433-96C3-043B4E104A79}"= UDP:c:\users\Propriétaire\AppData\Local\Temp\lxdi\wireless\FRENCH\lxdiwpss.exe:
    "{60359F42-5EE0-4EF8-859E-1F32F6A0FDA9}"= TCP:c:\users\Propriétaire\AppData\Local\Temp\lxdi\wireless\FRENCH\lxdiwpss.exe:
    "{131053E3-5B8E-4DCB-944B-2F261AB7C3FC}"= UDP:c:\program files\Pando Networks\Media Booster\PMB.exe:p ando Media Booster
    "{06215C3E-25A0-4DE7-9541-41C1A95CC2E5}"= TCP:c:\program files\Pando Networks\Media Booster\PMB.exe:p ando Media Booster
    "TCP Query User{ECD95399-A652-4167-B613-809C4FD45035}c:\\team17\\worms 3d\\bin\\worms3d.exe"= UDP:c:\team17\worms 3d\bin\worms3d.exe:Worms3D
    "UDP Query User{27394C88-A853-4FF9-BE77-B495207423C4}c:\\team17\\worms 3d\\bin\\worms3d.exe"= TCP:c:\team17\worms 3d\bin\worms3d.exe:Worms3D
    "TCP Query User{4F06DA05-B0DD-4E28-BF22-4F972E37C0B5}c:\\program files\\steam\\steamapps\\mastodonde\\synergy\\hl2.exe"= UDP:c:\program files\steam\steamapps\mastodonde\synergy\hl2.exe:hl2
    "UDP Query User{B9A006D4-2C7C-49F7-868E-6D313F2BF642}c:\\program files\\steam\\steamapps\\mastodonde\\synergy\\hl2.exe"= TCP:c:\program files\steam\steamapps\mastodonde\synergy\hl2.exe:hl2
    "TCP Query User{07D2CC20-FC7C-4057-A281-6C33B2F808A8}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
    "UDP Query User{C76C2FD9-5D74-4CB0-849B-1EE55DC3B393}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
    "{C469CF00-7EA7-48E9-8566-13EAFE188841}"= UDP:c:\users\Propriétaire\AppData\Local\Temp\lxdi\wireless\ENGLISH\lxdiwpss.exe:
    "{98C40055-5974-466E-B9D6-BD4AAC1AE60F}"= TCP:c:\users\Propriétaire\AppData\Local\Temp\lxdi\wireless\ENGLISH\lxdiwpss.exe:
    "{05D00B50-EDD0-4270-9745-C54785E2A787}"= UDP:c:\windows\System32\lxdicoms.exe:Lexmark Communications System
    "{38CF55B1-9A6E-4012-8B7C-3D9E6BECDDBB}"= TCP:c:\windows\System32\lxdicoms.exe:Lexmark Communications System
    "{37E5CC3F-F326-46F8-9A0A-81A99B515261}"= UDP:c:\program files\Lexmark 3500-4500 Series\lxdiamon.exe:Lexmark Device Monitor
    "{5A1B0152-DA8B-4A84-8755-6D71CE554C1A}"= TCP:c:\program files\Lexmark 3500-4500 Series\lxdiamon.exe:Lexmark Device Monitor
    "{6F36F2F7-D229-4CFD-A952-4D43580CC134}"= UDP:c:\program files\Lexmark 3500-4500 Series\App4R.exe:Lexmark Imaging Studio
    "{1EA8F590-662D-44B8-9104-D60FF1A62DC4}"= TCP:c:\program files\Lexmark 3500-4500 Series\App4R.exe:Lexmark Imaging Studio
    "{8466844A-060E-4B0C-BCC6-6E2FD0307970}"= UDP:c:\windows\System32\lxdicfg.exe:p rinter Communication System
    "{DD318022-9FD1-4C3A-9129-4805BDD4842A}"= TCP:c:\windows\System32\lxdicfg.exe:p rinter Communication System
    "{ECD92261-5CDF-43E0-A7B7-0888B77D7360}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdipswx.exe:p rinter Status Window Interface
    "{5C95AB9A-80A0-4DB7-8757-5B842B63E614}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdipswx.exe:p rinter Status Window Interface
    "{4AC5DEC9-8E45-4FC6-916C-A247CEAD21B9}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxditime.exe:Lexmark Connect Time Executable
    "{25CB0196-E8FB-4D4E-A988-C77D6A0A0934}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxditime.exe:Lexmark Connect Time Executable
    "{525CCF9C-6B9B-457D-AE3D-8F65DAFC0D14}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdijswx.exe:Job Status Window Interface
    "{3AF4B8BA-20CF-4B11-9F5B-BFDC26A24182}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdijswx.exe:Job Status Window Interface
    "{E756A079-C22B-4329-8224-6CFBE40EEE51}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
    "{FA523C4E-1B7B-4DD0-86EF-ABD3BB722C8B}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
    "{6E59EC20-29D5-4CD2-9F9C-EB43B60878B2}"= UDP:c:\windows\System32\lxdiih.exe:p rinter Communication System
    "{BCF62AF7-68F9-422C-8846-898540065C12}"= TCP:c:\windows\System32\lxdiih.exe:p rinter Communication System
    "TCP Query User{3D23392F-8DD1-4745-845F-DE02F8E1E7EC}c:\\program files\\steam\\steamapps\\mastodonde\\source dedicated server\\srcds.exe"= UDP:c:\program files\steam\steamapps\mastodonde\source dedicated server\srcds.exe:srcds
    "UDP Query User{4086CDC7-1276-49CA-A11B-7F6B9878248A}c:\\program files\\steam\\steamapps\\mastodonde\\source dedicated server\\srcds.exe"= TCP:c:\program files\steam\steamapps\mastodonde\source dedicated server\srcds.exe:srcds
    "{3BB088DA-9411-4357-88AD-948C2A2ADBBD}"= UDP:c:\program files\Steam\steamapps\common\trackmania united\TmForever.exe:TrackMania United Forever
    "{C3918E90-CC87-4A64-AF0C-4D9AED320B1B}"= TCP:c:\program files\Steam\steamapps\common\trackmania united\TmForever.exe:TrackMania United Forever
    "{72CB1C13-64C0-4723-8F6B-A18ACB061B7F}"= UDP:c:\program files\Steam\steamapps\common\trackmania united\TmForeverLauncher.exe:TrackMania United Forever
    "{EDCE4A03-E6B3-4239-A315-C8F4F3260322}"= TCP:c:\program files\Steam\steamapps\common\trackmania united\TmForeverLauncher.exe:TrackMania United Forever
    "{3D640CF3-7B5C-43A5-8ED0-C1DC59B70CB7}"= UDP:c:\program files\Steam\steamapps\common\flatout2\FlatOut2.exe:FlatOut2
    "{ECF46348-B7F8-4D9E-B09A-47A569CB0BA0}"= TCP:c:\program files\Steam\steamapps\common\flatout2\FlatOut2.exe:FlatOut2
    "{34F3D320-0490-49B5-A6BB-65C883ECF432}"= UDP:c:\program files\Lexmark 3500-4500 Series\lxdimon.exe:D evice Monitor
    "{C7CD04F4-3EBE-4B41-B65E-8A79BF1BB96F}"= TCP:c:\program files\Lexmark 3500-4500 Series\lxdimon.exe:D evice Monitor
    "{C8648C7C-EB0B-4C6D-9CB8-1E5A47E7697F}"= UDP:c:\program files\Ventrilo\Ventrilo.exe:Ventrilo.exe
    "{92F1D3C1-4EFC-45F0-A786-F3DD5180351D}"= TCP:c:\program files\Ventrilo\Ventrilo.exe:Ventrilo.exe
    "{419FFD78-A5CC-4A0D-8B0A-D7EE6FFEC230}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdiwbgw.exe:Lexmark Web Gateway
    "{5A8A7ABF-24E3-4752-9DD7-64F26E9A39DF}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdiwbgw.exe:Lexmark Web Gateway
    "TCP Query User{5417CF51-1E75-42D8-935B-C9D58D690C97}c:\\program files\\hlsw\\hlsw.exe"= UDP:c:\program files\hlsw\hlsw.exe:HLSW Application
    "UDP Query User{52CEEC96-63A9-47D1-A8E6-BE24D4156671}c:\\program files\\hlsw\\hlsw.exe"= TCP:c:\program files\hlsw\hlsw.exe:HLSW Application
    "{5FDC85F9-9298-4454-B017-B7BFA45793FD}"= UDP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
    "{C82F4363-F957-400C-9E11-CC246570AA50}"= TCP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
    "{0490411A-F407-4A61-AFC6-8EF4649E6908}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{B38C0524-E058-4B78-ABB5-78CC9174EA01}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "TCP Query User{3944C51C-D365-4DC9-BAE3-B37E9FBC62BF}c:\\program files\\steam\\steamapps\\mastodonde\\synergy dedicated server\\srcds.exe"= UDP:c:\program files\steam\steamapps\mastodonde\synergy dedicated server\srcds.exe:srcds
    "UDP Query User{71D15D9B-F86C-46A9-A04D-3BAC2C64FE3A}c:\\program files\\steam\\steamapps\\mastodonde\\synergy dedicated server\\srcds.exe"= TCP:c:\program files\steam\steamapps\mastodonde\synergy dedicated server\srcds.exe:srcds
    "{4538BBCA-EC39-44A6-9052-6E283BC26842}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
    "{EB526A86-DA92-4EAA-A5AE-4406407E07CD}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
    "TCP Query User{44BF396F-A3F5-4951-B95B-D41716C144F1}c:\\users\\propriétaire\\temp\\teamviewer\\version4\\teamviewer.exe"= UDP:c:\users\propriétaire\temp\teamviewer\version4\teamviewer.exe:teamviewer.exe
    "UDP Query User{590257D0-B915-4B42-8E10-7B66E50DB41D}c:\\users\\propriétaire\\temp\\teamviewer\\version4\\teamviewer.exe"= TCP:c:\users\propriétaire\temp\teamviewer\version4\teamviewer.exe:teamviewer.exe
    "{BBA36E3C-B7AB-4B7C-81FD-AFB59C7E74F4}"= UDP:c:\program files\Steam\steamapps\common\left 4 dead\left4dead.exe:Left 4 Dead
    "{6615E39F-0CCB-4C04-B05B-DCD9FFDAA257}"= TCP:c:\program files\Steam\steamapps\common\left 4 dead\left4dead.exe:Left 4 Dead
    "TCP Query User{0F4B97A7-F636-4639-A24A-284FD6E9E30E}c:\\program files\\filezilla ftp client\\filezilla.exe"= UDP:c:\program files\filezilla ftp client\filezilla.exe:FileZilla FTP Client
    "UDP Query User{0C5C1039-66EE-44DA-AD54-35EC55EE39F1}c:\\program files\\filezilla ftp client\\filezilla.exe"= TCP:c:\program files\filezilla ftp client\filezilla.exe:FileZilla FTP Client
    "TCP Query User{2C76C58D-7E89-47DF-8749-CEC1C596D914}c:\\program files\\steam\\steamapps\\phoenix_rebirth\\team fortress 2\\hl2.exe"= UDP:c:\program files\steam\steamapps\phoenix_rebirth\team fortress 2\hl2.exe:hl2
    "UDP Query User{989B8363-96B0-4723-BD76-63517C3704B5}c:\\program files\\steam\\steamapps\\phoenix_rebirth\\team fortress 2\\hl2.exe"= TCP:c:\program files\steam\steamapps\phoenix_rebirth\team fortress 2\hl2.exe:hl2
    "TCP Query User{E3682EEE-2CCD-4974-8D63-ECF5AD388A50}c:\\program files\\steam\\steamapps\\mastodonde\\source 2007 dedicated server\\srcds.exe"= UDP:c:\program files\steam\steamapps\mastodonde\source 2007 dedicated server\srcds.exe:srcds
    "UDP Query User{B0EBDD4E-51E9-4D88-9E76-79F4BCBA801A}c:\\program files\\steam\\steamapps\\mastodonde\\source 2007 dedicated server\\srcds.exe"= TCP:c:\program files\steam\steamapps\mastodonde\source 2007 dedicated server\srcds.exe:srcds

    R2 lxdi_device;lxdi_device;c:\windows\system32\lxdicoms.exe -service --> c:\windows\system32\lxdicoms.exe -service [?]
    R2 WTService;WTService;c:\windows\system32\atwtusb.exe -s --> c:\windows\system32\atwtusb.exe -s [?]
    S3 NETw2v32;Pilote de connexion réseau PRO/Sans fil 2200BG Intel(R) pour Windows Vista;c:\windows\System32\drivers\NETw2v32.sys [2006-11-02 2589184]

    --- Autres Services/Pilotes en mémoire ---

    *Deregistered* - sptd

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LPDService REG_MULTI_SZ LPDSVC
    .
    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://www.newgrounds.com/
    mStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofoun...
    uInternet Settings,ProxyOverride = *.local
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    Handler: intu-ir2008 - {729D3592-92E7-4cbc-8E44-3C22B3F457B3} - c:\program files\ImpotRapide 2008\ic2008pp.dll
    FF - ProfilePath - c:\users\Propriétaire\AppData\Roaming\Mozilla\Firefox\Profiles\4m1bcosy.default\
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-05-28 17:16
    Windows 6.0.6001 Service Pack 1 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...


    c:\users\PROPRI~1\AppData\Local\Temp\catchme.dll 53248 bytes executable
    c:\windows\TEMP\TMP00000003334A317CDEAFCC37

    Scan terminé avec succès
    Fichiers cachés: 2

    **************************************************************************
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'Explorer.exe'(6320)
    c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
    c:\program files\TortoiseSVN\bin\TortoiseStub.dll
    c:\program files\TortoiseSVN\bin\TortoiseSVN.dll
    c:\program files\TortoiseSVN\bin\intl3_tsvn.dll
    c:\windows\TEMP\logishrd\LVPrcInj01.dll
    c:\program files\Megaupload\Mega Manager\MegaIEMn.dll
    c:\progra~1\CYBERL~1\Power2Go\CLMP3Enc.ACM
    c:\windows\system32\vorbis.acm
    c:\windows\System32\NLSData000c.dll
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\windows\System32\nvvsvc.exe
    c:\windows\System32\audiodg.exe
    c:\windows\System32\rundll32.exe
    c:\windows\System32\wisptis.exe
    c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    c:\windows\System32\CISVC.EXE
    c:\program files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
    c:\windows\System32\lxdicoms.exe
    c:\program files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
    c:\windows\System32\PnkBstrA.exe
    c:\windows\System32\TCPSVCS.EXE
    c:\windows\System32\atwtusb.exe
    c:\windows\System32\WUDFHost.exe
    c:\windows\System32\drivers\XAudio.exe
    c:\windows\System32\wisptis.exe
    c:\windows\System32\conime.exe
    c:\program files\TortoiseSVN\bin\TSVNCache.exe
    c:\windows\System32\rundll32.exe
    c:\program files\Windows Media Player\wmpnetwk.exe
    c:\windows\ehome\ehmsas.exe
    c:\program files\Common Files\logishrd\LQCVFX\COCIManager.exe
    c:\program files\iPod\bin\iPodService.exe
    c:\program files\Common Files\microsoft shared\ink\InputPersonalization.exe
    c:\windows\servicing\TrustedInstaller.exe
    c:\windows\System32\dllhost.exe
    .
    **************************************************************************
    .
    Heure de fin: 2009-05-28 17:24 - La machine a redémarré
    ComboFix-quarantined-files.txt 2009-05-28 21:24
    ComboFix2.txt 2009-05-27 21:26

    Avant-CF: 172 671 070 208 octets libres
    Après-CF: 172 668 043 264 octets libres

    383 --- E O F --- 2009-05-25 21:23
    a b 8 Sécurité
    29 Mai 2009 17:49:40

    Ton pc se comporte mieux ?
    29 Mai 2009 23:06:45

    oui merci la page yoog est parti et heu je voudrais savoir si tu connaitrait des firewall gratuit car avant javais spyware doctor
    a b 8 Sécurité
    30 Mai 2009 12:42:37

    Kerio ou Zone Alarm :) 
    a b 8 Sécurité
    1 Juin 2009 14:16:47

    D'autres questions ?
    2 Juin 2009 05:16:05

    oui j'ai remarquer la quil avait juste la en haut de ma barre d'adresse a coter le mode recherche avec les page de yoog
    a b 8 Sécurité
    2 Juin 2009 16:38:50

    Hein ?
    2 Juin 2009 23:22:57

    desoler pour mes mauvaise explication se que je voulais dire ce que avant il y avait la barre de recherche de google (où se que c'est une loup avec le mot recherche) mais la lorsque je marque quelque chose la dedans sa me mene au moteur de recherche yoog avec ce que jai marquer
    a b 8 Sécurité
    3 Juin 2009 17:20:57

    Avec quel navigateur ?
    a b 8 Sécurité
    4 Juin 2009 11:31:10

    Tu as essayé de désinstaller puis réinstaller Firefox ?
    4 Juin 2009 17:07:48

    non je l'avais pas fait mais la je l'ai fait et le moteur recherche yoog n'est plus la merci

    heu mais j'ai un petit probleme avec un plugin pour firefox que meme quand il me demande d'aller le telecharger il n'est meme pas capable de le trouver (et le site que j'ai envoyer ya 2 post avant c'est celui la)
    a b 8 Sécurité
    4 Juin 2009 18:36:08

    Aucune idée. Tu devrais quand même essayer la désinstall/réinstall.
    4 Juin 2009 18:37:56

    je lai fait le desinstalle et sa la marcher et merci
    a b 8 Sécurité
    5 Juin 2009 19:29:06

    Bonne continuation.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS