Probleme logiciel de securite

Résolu
mimie17 Messages postés 228 Statut Membre -  
mimie17 Messages postés 228 Statut Membre -
Bonjour,
a nouveau de retour pour quelques soucis, je ne peux plus lancer antivir, ni le désinstaller, je ne peux pas redemarrer non plus en mode sans echec, lorsque je lance ccleaner, j'arrive à nettoyer et il se ferme tout seul
en regardant dans le forum j'ai fait quelques manipulations mais rien n'y fait
la je vais lancer jacfind et puis je vous posterai le rapport
merci de votre aide

161 réponses

Précédent
Réponse 41 / 161
mimie17 Messages postés 228 Statut Membre
 
peux tu me redonner un lien y a rien à faire j'arrive pas à réinstaller findykill
0
Réponse 42 / 161
mimie17 Messages postés 228 Statut Membre
 
J'ai réussit à le télécharger, j'ai tout recommencer à zéro, j'ai fait l'option 1 recherche puis l'option 2 et toujours pareil la fenêtre avec la croix rouge s'ouvre et tout se ferme

je te poste quand même le rapport que je viens de faire avec findykill et l'option 1


############################## | FindyKill V5.024 |

# User : MYRIAM (Administrateurs) # PCMIMI
# Update on 09/01/2010 by El Desaparecido
# Start at: 20:05:49 | 19/01/2010
# Website : http://pagesperso-orange.fr/NosTools/index.html
# Contact : FindyKill.Contact@gmail.com

# AMD Athlon(tm) 64 X2 Dual Core Processor 4400+
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 6.0.2900.5512
# Windows Firewall Status : Enabled

# C:\ # Disque fixe local # 48,83 Go (32,78 Go free) [SYSTEM] # NTFS
# D:\ # Disque CD-ROM
# E:\ # Disque fixe local # 184,06 Go (148,2 Go free) [DATA] # NTFS
# F:\ # Disque amovible

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\MYRIAM\Application Data\drivers\winupgro.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Documents and Settings\MYRIAM\Application Data\m\flec006.exe
C:\WINDOWS\wintems.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

############################## | Processus infectieux stoppés |

"C:\Documents and Settings\MYRIAM\Application Data\drivers\winupgro.exe" (312)
"C:\Documents and Settings\MYRIAM\Application Data\m\flec006.exe" (2608)
"C:\WINDOWS\wintems.exe" (2652)

################## | C: |


################## | C:\WINDOWS |

Présent ! C:\WINDOWS\ban_list.txt
Présent ! C:\WINDOWS\mdelk.exe
Présent ! C:\WINDOWS\wintems.exe

################## | C:\WINDOWS\Prefetch |

Présent ! C:\WINDOWS\Prefetch\108953.EXE-0BC57B82.pf
Présent ! C:\WINDOWS\Prefetch\111828.EXE-16D6F8CA.pf
Présent ! C:\WINDOWS\Prefetch\96343.EXE-1EA0F5EF.pf
Présent ! C:\WINDOWS\Prefetch\99906.EXE-074D1063.pf
Présent ! C:\WINDOWS\Prefetch\FLEC006.EXE-07147BC0.pf
Présent ! C:\WINDOWS\Prefetch\MDELK.EXE-087EF2B4.pf
Présent ! C:\WINDOWS\Prefetch\WINTEMS.EXE-127B61D4.pf

################## | C:\WINDOWS\system32 |

Présent ! C:\WINDOWS\system32\srosa2.sys
Présent ! C:\WINDOWS\system32\wfsintwq.sys

################## | C:\WINDOWS\system32\drivers |


################## | C:\Documents and Settings\MYRIAM\Application Data |

Présent ! C:\Documents and Settings\MYRIAM\Application Data\drivers
Présent ! C:\Documents and Settings\MYRIAM\Application Data\drivers\downld
Présent ! C:\Documents and Settings\MYRIAM\Application Data\drivers\winupgro.exe
Présent ! C:\Documents and Settings\MYRIAM\Application Data\m
Présent ! C:\Documents and Settings\MYRIAM\Application Data\m\data.oct
Présent ! C:\Documents and Settings\MYRIAM\Application Data\m\flec006.exe
Présent ! C:\Documents and Settings\MYRIAM\Application Data\m\list.oct
Présent ! C:\Documents and Settings\MYRIAM\Application Data\m\srvlist.oct
Présent ! C:\Documents and Settings\MYRIAM\Application Data\m\shared

################## | Temporary Internet Files |


################## | Registre |

Présent ! [HKLM\SYSTEM\CurrentControlSet\Services\srosa]
Présent ! [HKLM\SYSTEM\ControlSet001\Services\srosa]
Présent ! [HKLM\SYSTEM\ControlSet002\Services\srosa]
Présent ! [HKLM\SYSTEM\ControlSet003\Services\srosa]
Présent ! [HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA]
Présent ! [HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA]
Présent ! [HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA]
Présent ! [HKCU\Software\bisoft]
Présent ! [HKCU\Software\DateTime4]
Présent ! [HKCU\Software\MuleAppData]
Présent ! [HKCU\Software\WS35]
Présent ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "drvsyskit"
Présent ! [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run] "drvsyskit"
Présent ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "german.exe"
Présent ! [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run] "german.exe"
Présent ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "mule_st_key"
Présent ! [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run] "mule_st_key"
Présent ! [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\bisoft]
Présent ! [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\DateTime4]
Présent ! [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\MuleAppData]
Présent ! [HKCU\Software\Local AppWizard-Generated Applications\keygen]
Présent ! [HKCU\Software\Local AppWizard-Generated Applications\winupgro]
Présent ! [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Local AppWizard-Generated Applications\keygen]
Présent ! [HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Local AppWizard-Generated Applications\winupgro]

################## | Etat |

# Affichage des fichiers cachés : OK

Clé manquante : HKLM\...\SafeBoot | Mode sans echec non fonctionnel !

# (!) Ndisuio -> Start = 4 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 3 ( Good = 2 | Bad = 4 )
# (!) Ip6Fw -> Start = 4 ( Good = 2 | Bad = 4 )
# (!) SharedAccess -> Start = 4 ( Good = 2 | Bad = 4 )
# (!) wuauserv -> Start = 4 ( Good = 2 | Bad = 4 )
# (!) wscsvc -> Start = 4 ( Good = 2 | Bad = 4 )


################## | Cracks > Keygens > Serials |


################## | ! Fin du rapport # FindyKill V5.024 ! |
0
Réponse 43 / 161
mimie17 Messages postés 228 Statut Membre
 
voilà le rapport ZHPDiag

O64 - Services: CS003 - Java Quick Starter (JavaQuickStarterService) - LEGACY_JAVAQUICKSTARTERSERVICE
O64 - Services: CS003 - ksecdd (ksecdd) - LEGACY_KSECDD
O64 - Services: CS003 - Serveur (lanmanserver) - LEGACY_LANMANSERVER
O64 - Services: CS003 - Station de travail (LanmanWorkstation) - LEGACY_LANMANWORKSTATION
O64 - Services: CS003 - Assistance TCP/IP NetBIOS (LmHosts) - LEGACY_LMHOSTS
O64 - Services: CS003 - MarxDev1 (MarxDev1) - LEGACY_MARXDEV1
O64 - Services: CS003 - MarxDev2 (MarxDev2) - LEGACY_MARXDEV2
O64 - Services: CS003 - MarxDev3 (MarxDev3) - LEGACY_MARXDEV3
O64 - Services: CS003 - mchInjDrv (mchInjDrv) - LEGACY_MCHINJDRV
O64 - Services: CS003 - Affichage des messages (Messenger) - LEGACY_MESSENGER
O64 - Services: CS003 - mnmdd (mnmdd) - LEGACY_MNMDD
O64 - Services: CS003 - mountmgr (mountmgr) - LEGACY_MOUNTMGR
O64 - Services: CS003 - Redirecteur client WebDav (MRxDAV) - LEGACY_MRXDAV
O64 - Services: CS003 - MRXSMB (MRxSmb) - LEGACY_MRXSMB
O64 - Services: CS003 - Distributed Transaction Coordinator (MSDTC) - LEGACY_MSDTC
O64 - Services: CS003 - Msfs (Msfs) - LEGACY_MSFS
O64 - Services: CS003 - Windows Installer (MSIServer) - LEGACY_MSISERVER
O64 - Services: CS003 - Mup (Mup) - LEGACY_MUP
O64 - Services: CS003 - Pilote système NDIS (NDIS) - LEGACY_NDIS
O64 - Services: CS003 - Pilote TAPI NDIS d'accès distant (NdisTapi) - LEGACY_NDISTAPI
O64 - Services: CS003 - NDIS mode utilisateur E/S Protocole (Ndisuio) - LEGACY_NDISUIO
O64 - Services: CS003 - NDProxy (NDProxy) - LEGACY_NDPROXY
O64 - Services: CS003 - Interface NetBIOS (NetBIOS) - LEGACY_NETBIOS
O64 - Services: CS003 - NetBIOS sur TCP/IP (NetBT) - LEGACY_NETBT
O64 - Services: CS003 - Connexions réseau (Netman) - LEGACY_NETMAN
O64 - Services: CS003 - NLA (Network Location Awareness) (Nla) - LEGACY_NLA
O64 - Services: CS003 - NMSAccessU (NMSAccessU) - LEGACY_NMSACCESSU
O64 - Services: CS003 - Npfs (Npfs) - LEGACY_NPFS
O64 - Services: CS003 - ntfs (ntfs) - LEGACY_NTFS
O64 - Services: CS003 - Stockage amovible (NtmsSvc) - LEGACY_NTMSSVC
O64 - Services: CS003 - Null (Null) - LEGACY_NULL
O64 - Services: CS003 - NVIDIA Display Driver Service (NVSvc) - LEGACY_NVSVC
O64 - Services: CS003 - Office Source Engine (ose) - LEGACY_OSE
O64 - Services: CS003 - PartMgr (PartMgr) - LEGACY_PARTMGR
O64 - Services: CS003 - ParVdm (ParVdm) - LEGACY_PARVDM
O64 - Services: CS003 - pavboot (pavboot) - LEGACY_PAVBOOT
O64 - Services: CS003 - Pml Driver HPZ12 (Pml Driver HPZ12) - LEGACY_PML_DRIVER_HPZ12
O64 - Services: CS003 - Services IPSEC (PolicyAgent) - LEGACY_POLICYAGENT
O64 - Services: CS003 - PROCEXP90 (PROCEXP90) - LEGACY_PROCEXP90
O64 - Services: CS003 - Profos (Profos) - LEGACY_PROFOS
O64 - Services: CS003 - Emplacement protégé (ProtectedStorage) - LEGACY_PROTECTEDSTORAGE
O64 - Services: CS003 - Pilote de connexion automatique d'accès distant (RasAcd) - LEGACY_RASACD
O64 - Services: CS003 - Gestionnaire de connexion automatique d'accès distant (RasAuto) - LEGACY_RASAUTO
O64 - Services: CS003 - Gestionnaire de connexions d'accès distant (RasMan) - LEGACY_RASMAN
O64 - Services: CS003 - Rdbss (Rdbss) - LEGACY_RDBSS
O64 - Services: CS003 - RDPCDD (RDPCDD) - LEGACY_RDPCDD
0
Réponse 44 / 161
crapoulou Messages postés 42844 Statut Modérateur, Contributeur sécurité 8 014
 
Edit.
Ton rapport de ZHP Diag n'est pas complet !
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 45 / 161
mimie17 Messages postés 228 Statut Membre
 
Rapport de ZHPDiag v1.24.25 par Nicolas Coolman
Run by MYRIAM at 19/01/2010 20:15:20
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v6.0.2900.5512
MFIE: Mozilla Firefox (3.0.17)

Boot mode: Normal (Normal boot)
Total RAM: 1023 MB (67% free)
System drive C: has 33 GB (67%) free of 49 GB

---\\ Processus lancés
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\services.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\spoolsv.exe

---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr

---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - %SystemRoot%\System32\shdocvw.dll

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SchedulingAgent] mstinit.exe /firstlogon
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data=1
O4 - HKLM\..\policies\Explorer: [NoDriveAutoRun] Data=67108863
O4 - HKLM\..\policies\Explorer: [NoDriveTypeAutoRun] Data=323
O4 - HKLM\..\policies\Explorer: [NoDrives] Data=0
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll,201
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: DirectAnimation Java Classes (DirectAnimation Java Classes) - file://C:\WINDOWS\Java\classes\dajava.cab
O16 - DPF: Microsoft XML Parser for Java (Microsoft XML Parser for Java) - file://C:\WINDOWS\Java\classes\xmldso.cab
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw/object/Dldrv.ocx
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {5392B545-31A5-4724-BEF3-4FED1D56FDAC} (CPlayFirstDinerDash2_frControl Object) - file://C:\Documents and Settings\MYRIAM\Local Settings\Application Data\Oberon Media\Oberon Games Host\DinerDash2_fr.1.0.0.70.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} () - http://charon777.free.fr/plugins/hardwaredetection_2_0_4_10.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\FICHIE~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\System32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\System32\wiascr.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\system32\SHELL32.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\System32\dimsntfy.dll

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - %SystemRoot%\System32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %systemroot%\system32\stobject.dll

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\System32\browseui.dll

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - C:\Program Files\Java\jre6\bin\jqs.exe -service -config C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf
O23 - Service: NMSAccessU (NMSAccessU) - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SeaPort (SeaPort) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe

---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Lecteur Windows Media - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\INF\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE
O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
O40 - ASIC: Microsoft VM - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: Internet Explorer Classes for Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608555} - (not file)
O40 - ASIC: Rendu VML (Vector Graphics Rendering) - {10072CEC-8CC1-11D1-986E-00A0C955B42F} - (not file)
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Lecteur Windows Media Microsoft 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\mplayer2.inf,PerUserStub.NT
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} - C:\WINDOWS\System32\danim.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Liaison de données Dynamic HTML pour Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Logiciel de navigation hors connexion - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file)
O40 - ASIC: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) - {411EDCF7-755D-414E-A74B-3DCD6583F589} - (not file)
O40 - ASIC: Création avancée - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: Microsoft DirectX - {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: DirectX - {4594FDD1-557F-FA9C-7C2F-D9F814DCB9BE} - (not file)
O40 - ASIC: Aide sur Internet Explorer - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: KB918899 - {4d64f3ba-f112-4efe-a02e-96680859937c} - (not file)
O40 - ASIC: Classes Java DirectAnimation - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.7 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
O40 - ASIC: KB918439 - {5b7bf89d-d196-4c32-a303-a57b8ab7f18d} - (not file)
O40 - ASIC: Outils d'installation Internet Explorer - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Améliorations pour la navigation - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player 8 - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
O40 - ASIC: Accès au site MSN - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: .NET Framework - {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - (not file)
O40 - ASIC: Dossiers Web - {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - (not file)
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer 6 - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
O40 - ASIC: Microsoft .NET Framework 1.1 Hotfix (KB928366) - {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - (not file)
O40 - ASIC: Liaison de données Dynamic HTML - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: .NET Framework - {9A394342-4A68-4EBA-85A6-55B559F4E700} - (not file)
O40 - ASIC: .NET Framework - {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - (not file)
O40 - ASIC: Polices de base Internet Explorer - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: .NET Framework - {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - (not file)
O40 - ASIC: Planificateur de tâches - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file)
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx
O40 - ASIC: KB925486 - {dd772a76-bef3-44d7-8b39-502c8504c1f1} - (not file)
O40 - ASIC: Aide HTML - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
O40 - ASIC: KB911567 - {f15ee071-deb7-4cbb-951f-431c98338d8e} - (not file)
O40 - ASIC: .NET Framework - {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - (not file)

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: Environnement de prise en charge de réseau AFD (AFD) - C:\WINDOWS\System32\drivers\afd.sys
O41 - Driver: Pilote de CD-ROM (Cdrom) - C:\WINDOWS\System32\DRIVERS\cdrom.sys
O41 - Driver: ElbyCDIO Driver (ElbyCDIO) - C:\WINDOWS\System32\Drivers\ElbyCDIO.sys
O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\System32\DRIVERS\i8042prt.sys
O41 - Driver: Pilote de filtre de gravure CD (Imapi) - C:\WINDOWS\System32\DRIVERS\imapi.sys
O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\System32\DRIVERS\ipsec.sys
O41 - Driver: Pilote de la classe Clavier (Kbdclass) - C:\WINDOWS\System32\DRIVERS\kbdclass.sys
O41 - Driver: Pilote de la classe Souris (Mouclass) - C:\WINDOWS\System32\DRIVERS\mouclass.sys
O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys
O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\System32\DRIVERS\netbios.sys
O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver: Pilote processeur (Processor) - C:\WINDOWS\System32\DRIVERS\processr.sys
O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) - C:\WINDOWS\System32\DRIVERS\rasacd.sys
O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\System32\DRIVERS\rdbss.sys
O41 - Driver: (no object) (RDPCDD) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\System32\DRIVERS\redbook.sys
O41 - Driver: SASKUTIL (SASKUTIL) - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
O41 - Driver: Pilote de port série (Serial) - C:\WINDOWS\System32\DRIVERS\serial.sys
O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\System32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de périphérique terminal (TermDD) - C:\WINDOWS\System32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) - C:\WINDOWS\System32\drivers\vga.sys

---\\ Logiciels installés (O42)
O42 - Logiciel: Ad-Aware
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Reader 9.3 - Français
O42 - Logiciel: Archiveur WinRAR
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: BPM-Studio 4 Profi
O42 - Logiciel: Bubble Town
O42 - Logiciel: Bubble Town 1.1.0.1
O42 - Logiciel: CCleaner
O42 - Logiciel: CDBurnerXP
O42 - Logiciel: Digital Photo Navigator 1.5
O42 - Logiciel: Galerie de photos Windows Live
O42 - Logiciel: Google Toolbar for Internet Explorer
O42 - Logiciel: HP Customer Participation Program 7.0
O42 - Logiciel: HP Document Viewer 7.0
O42 - Logiciel: HP Imaging Device Functions 7.0
O42 - Logiciel: HP Photosmart Premier Software 6.5
O42 - Logiciel: HP Photosmart, Officejet and Deskjet 7.0.A
O42 - Logiciel: HP Precisionscan Pro 3.1
O42 - Logiciel: HP Product Assistant
O42 - Logiciel: HP Solution Center 7.0
O42 - Logiciel: HP Update
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5)
O42 - Logiciel: Installation Windows Live
O42 - Logiciel: Java(TM) 6 Update 12
O42 - Logiciel: Junk Mail filter update
O42 - Logiciel: K-Lite Codec Pack 3.5.7 Full
O42 - Logiciel: Les Indispensables Éducation pour Microsoft Office
O42 - Logiciel: MP Manager
O42 - Logiciel: MSVCRT
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: MSXML 6 Service Pack 2 (KB954459)
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Messenger Plus! Live
O42 - Logiciel: Microsoft .NET Framework 1.1
O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack
O42 - Logiciel: Microsoft .NET Framework 1.1 Hotfix (KB928366)
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft Choice Guard
O42 - Logiciel: Microsoft Office Live Add-in 1.3
O42 - Logiciel: Microsoft Office Professional Edition 2003
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU]
O42 - Logiciel: Microsoft Search Enhancement Pack
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86)
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86)
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
O42 - Logiciel: Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
O42 - Logiciel: Mozilla Firefox (3.0.17)
O42 - Logiciel: NVIDIA Drivers
O42 - Logiciel: OCR Software by I.R.I.S 7.0
O42 - Logiciel: Outil de téléchargement Windows Live
O42 - Logiciel: Philips SPC220NC Webcam
O42 - Logiciel: Pochette Express 2
O42 - Logiciel: PowerDVD
O42 - Logiciel: PowerDirector Express
O42 - Logiciel: PowerProducer
O42 - Logiciel: Ranch Rush
O42 - Logiciel: Realtek High Definition Audio Driver
O42 - Logiciel: Segoe UI
O42 - Logiciel: Spybot - Search & Destroy
O42 - Logiciel: USB Flash Disk
O42 - Logiciel: VLC media player 1.0.3
O42 - Logiciel: Webcam Video Viewer
O42 - Logiciel: Windows Imaging Component
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Contrôle parental
O42 - Logiciel: Windows Live FolderShare
O42 - Logiciel: Windows Live Mail
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live Toolbar
O42 - Logiciel: Windows Live Writer
O42 - Logiciel: Windows XP Service Pack 3
O42 - Logiciel: eMule

---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\a-squared Free
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\Aimersoft
O43 - CFD:Common File Directory ----D- C:\Program Files\ALCATech
O43 - CFD:Common File Directory ----D- C:\Program Files\AMD
O43 - CFD:Common File Directory ----D- C:\Program Files\ArcSoft
O43 - CFD:Common File Directory ----D- C:\Program Files\AVS4YOU
O43 - CFD:Common File Directory ----D- C:\Program Files\Bubble Town
O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner
O43 - CFD:Common File Directory ----D- C:\Program Files\CDBurnerXP
O43 - CFD:Common File Directory ----D- C:\Program Files\CyberLink
O43 - CFD:Common File Directory ----D- C:\Program Files\Dactylo
O43 - CFD:Common File Directory ----D- C:\Program Files\DigiCam Manual
O43 - CFD:Common File Directory ----D- C:\Program Files\Digital Photo Navigator 1.5
O43 - CFD:Common File Directory ----D- C:\Program Files\DivX
O43 - CFD:Common File Directory ----D- C:\Program Files\Easy MPEG AVI DIVX WMV RM to DVD
O43 - CFD:Common File Directory ----D- C:\Program Files\Elaborate Bytes
O43 - CFD:Common File Directory ----D- C:\Program Files\eMule
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\Google
O43 - CFD:Common File Directory ----D- C:\Program Files\Hewlett-Packard
O43 - CFD:Common File Directory ----D- C:\Program Files\HP
O43 - CFD:Common File Directory ----D- C:\Program Files\Icone
O43 - CFD:Common File Directory ----D- C:\Program Files\Incomplete
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\Inventel
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\K-Lite Codec Pack
O43 - CFD:Common File Directory ----D- C:\Program Files\KC Softwares
O43 - CFD:Common File Directory ----D- C:\Program Files\Lavasoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Plus! Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files\MPMAN
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0
O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 6.0
O43 - CFD:Common File Directory ----D- C:\Program Files\NCH Software
O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting
O43 - CFD:Common File Directory ----D- C:\Program Files\Oberon Media
O43 - CFD:Common File Directory ----D- C:\Program Files\obj
O43 - CFD:Common File Directory ----D- C:\Program Files\orange
O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express
O43 - CFD:Common File Directory ----D- C:\Program Files\Philips
O43 - CFD:Common File Directory ----D- C:\Program Files\Pochette Express 2
O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Program Files\Samsung
O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne
O43 - CFD:Common File Directory ----D- C:\Program Files\SlySoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Spybot - Search & Destroy
O43 - CFD:Common File Directory ----D- C:\Program Files\Super logiciels
O43 - CFD:Common File Directory ----D- C:\Program Files\Trend Micro
O43 - CFD:Common File Directory ----D- C:\Program Files\Ubisoft
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\USBDisk
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\xerox
O43 - CFD:Common File Directory ----D- C:\Program Files\Xilisoft
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Zylom Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ArcSoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\AVSMedia
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\HP
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Oberon Media
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Softwin
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Sonic Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Windows Live

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:Last File Created 07/01/2010 - 16:07:04 ---A- C:\WINDOWS\System32\drivers\mbam.sys
O44 - LFC:Last File Created 07/01/2010 - 16:07:14 ---A- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
O44 - LFC:Last File Created 14/01/2010 - 08:47:41 ---A- C:\WINDOWS\System32\wpa.dbl
O44 - LFC:Last File Created 16/01/2010 - 12:34:30 ---A- C:\WINDOWS\System32\CONFIG.NT
O44 - LFC:Last File Created 19/01/2010 - 07:42:25 ---A- C:\WINDOWS\System32\pythondll.zip
O44 - LFC:Last File Created 19/01/2010 - 20:09:36 ---A- C:\WINDOWS\WindowsUpdate.log
O44 - LFC:Last File Created 19/01/2010 - 20:09:37 ---A- C:\WINDOWS\SchedLgU.Txt
O44 - LFC:Last File Created 19/01/2010 - 20:10:16 -S-A- C:\WINDOWS\bootstat.dat
O44 - LFC:Last File Created 19/01/2010 - 20:10:28 ---A- C:\WINDOWS\wiaservc.log
O44 - LFC:Last File Created 19/01/2010 - 20:10:29 ---A- C:\WINDOWS\wiadebug.log
O44 - LFC:Last File Created 19/01/2010 - 20:10:30 ---A- C:\WINDOWS\0.log
O44 - LFC:Last File Created 19/01/2010 - 20:10:59 ---A- C:\WINDOWS\System32\nvapps.xml
O44 - LFC:Last File Created 19/01/2010 - 20:11:12 ---A- C:\WINDOWS\System32\srosa2.sys
O44 - LFC:Last File Created 19/01/2010 - 20:11:47 ---A- C:\WINDOWS\ban_list.txt
O44 - LFC:Last File Created 21/12/2009 - 17:03:57 ---A- C:\WINDOWS\System32\bdss.log
O44 - LFC:Last File Created 21/12/2009 - 17:13:16 ---A- C:\WINDOWS\System32\bdod.bin
O44 - LFC:Last File Created 21/12/2009 - 17:13:32 ---A- C:\WINDOWS\win.ini
O44 - LFC:Last File Created 23/12/2009 - 21:47:37 ---A- C:\WINDOWS\System32\TZLog.log
O44 - LFC:Last File Created 25/12/2009 - 23:21:14 ---A- C:\WINDOWS\System32\PerfStringBackup.INI
O44 - LFC:Last File Created 25/12/2009 - 23:21:14 ---A- C:\WINDOWS\System32\perfc009.dat
O44 - LFC:Last File Created 25/12/2009 - 23:21:14 ---A- C:\WINDOWS\System32\perfc00C.dat
O44 - LFC:Last File Created 25/12/2009 - 23:21:14 ---A- C:\WINDOWS\System32\perfh009.dat
O44 - LFC:Last File Created 25/12/2009 - 23:21:14 ---A- C:\WINDOWS\System32\perfh00C.dat
O44 - LFC:Last File Created 26/12/2009 - 09:55:21 ---A- C:\WINDOWS\System32\FNTCACHE.DAT

---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll

---\\ Export de clé d'application autorisée (ECAA)(O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export SP - "C:\eMule0.48a\emule.exe"="C:\eMule0.48a\emule.exe:*:Enabled:eMule"
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
O47 - AAKE:Key Export SP - "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export DP - "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

---\\ Déni du service (Local Security Authority) (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS\System32\scecli.dll

---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

---\\ Trojan Driver Search Data (TDSD) (O52)
O52 - TDSD:HKLM\...\Drivers\"timer"="timer.drv"
O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.trspch"="tssoft32.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.I420"="msh263.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv31"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv32"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv41"="ir41_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.IYUV"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.UYVY"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YUY2"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YVU9"="tsbyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YVYU"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg723"="msg723.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M263"="msh263.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M261"="msh261.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msaudio1"="msaud32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.sl_anet"="sl_anet.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.iac2"="C:\WINDOWS\System32\iac25_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv50"="ir50_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\WINDOWS\System32\l3codeca.acm"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.XVID"="xvidvfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.ac3acm"="ac3acm.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.lameacm"="lameACM.acm"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.FFDS"="ff_vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"MSVideo8"="VfWWDM32.dll"
O52 - TDSD:HKLM\...\Drivers32\"wave"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.LEAD"="LCODCCMP.DLL"
O52 - TDSD:HKLM\...\Drivers32\"msacm.siren"="sirenacm.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msaud32.acm"="Windows Media Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS\System32\iac25_32.ax"="Indeo® audio software"
O52 - TDSD:HKLM\...\drivers.desc\"ir50_32.dll"="Indeo® video 5.10"
O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec v1.2.0-dev"
O52 - TDSD:HKLM\...\drivers.desc\"lameACM.acm"="Lame ACM MP3 CODEC v3.97b2"
O52 - TDSD:HKLM\...\drivers.desc\"ac3acm.acm"="AC-3 ACM Codec"
O52 - TDSD:HKLM\...\drivers.desc\"ff_vfw.dll"="ffdshow video encoder"
O52 - TDSD:HKLM\...\drivers.desc\"vfwwdm32.dll"="Vidéo WDM pour le pilote de capture Windows (Win32)"
O52 - TDSD:HKLM\...\drivers.desc\"wdmaud.drv"="Realtek High Definition Audio"
O52 - TDSD:HKLM\...\drivers.desc\"midimap.dll"="midimap.dll"
O52 - TDSD:HKLM\...\drivers.desc\"imaadp32.acm"="imaadp32.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msadp32.acm"="msadp32.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msg711.acm"="msg711.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msgsm32.acm"="msgsm32.acm"
O52 - TDSD:HKLM\...\drivers.desc\"tssoft32.acm"="tssoft32.acm"
O52 - TDSD:HKLM\...\drivers.desc\"iccvid.dll"="iccvid.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msh263.drv"="msh263"
O52 - TDSD:HKLM\...\drivers.desc\"ir32_32.dll"="ir32_32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"ir41_32.ax"="ir41_32.ax"
O52 - TDSD:HKLM\...\drivers.desc\"iyuv_32.dll"="iyuv_32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msrle32.dll"="msrle32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msvidc32.dll"="msvidc32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msyuv.dll"="msyuv.dll"
O52 - TDSD:HKLM\...\drivers.desc\"tsbyuv.dll"="tsbyuv.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msacm32.drv"="msacm32"
O52 - TDSD:HKLM\...\drivers.desc\"msg723.acm"="msg723.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msh261.drv"="msh261"
O52 - TDSD:HKLM\...\drivers.desc\"yv12vfw.dll"="yv12vfw.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mciavi32.dll"="mciavi32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mcicda.dll"="mcicda.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mciseq.dll"="mciseq.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mciwave.dll"="mciwave.dll"
O52 - TDSD:HKLM\...\drivers.desc\"mciqtz32.dll"="mciqtz32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"LCODCCMP.DLL"="LEAD MCMP/MJPEG Codec (VFW)"
O52 - TDSD:HKLM\...\drivers.desc\"sirenacm.dll"="Messenger Audio Codec"

---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=323
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveAutoRun"=67108863
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDrives"=0
O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=1
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveAutoRun"=67108863
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveTypeAutoRun"=323
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDrives"=0

---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\acpi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\acpiec.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\aec.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\afc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\afd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\amdk6.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\amdk7.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\AmdTools.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\AnyDVD.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\arp1394.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ASPI32.SYS
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\asyncmac.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atapi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmarpc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmepvc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmlane.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmuni.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\audstub.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\avgntflt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\bdasup.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\beep.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\bridge.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cbidf2k.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\CBUSB.SYS
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ccdecode.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cdaudio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cdfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cdr4_xp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cdralw2k.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cdrom.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\changer.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cinemst2.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\classpnp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cpqdap01.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\crusoe.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\disk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\diskdump.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dmboot.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dmio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dmload.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dmusic.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\drmk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\drmkaud.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dxapi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dxg.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dxgthk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ElbyCDFL.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ElbyCDIO.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fastfat.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fdc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fips.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\flpydisk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fssfltr_tdi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fsvga.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fs_rec.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ftdisk.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hidclass.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hidparse.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hidusb.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\HPZid412.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\HPZipr12.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\HPZius12.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\i2omgmt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\i8042prt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\imapi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipfltdrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipinip.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipnat.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipsec.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\irbus.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\irenum.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\isapnp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\kbdclass.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\kmixer.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ks.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ksecdd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\MARXDEV1.SYS
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\MARXDEV2.SYS
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\MARXDEV3.SYS
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mbam.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mbamswissarmy.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mcd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mf.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mmrtkrnl.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mnmdd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\modem.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mouclass.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mouhid.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mountmgr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mpe.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mqac.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mrxdav.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mrxsmb.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\msdv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\msfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\msgpc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mskssrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mspclock.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mspqm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mstee.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mup.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nabtsfec.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndis.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndisip.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndistapi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndisuio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndiswan.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndproxy.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\netbios.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\netbt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nic1394.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nikedrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nmnt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\npfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ntfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\null.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nv4_mini.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nvata.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\NVENETFD.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nvnetbus.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nvnrm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nvsnpu.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nvtcp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkflt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkfwd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkipx.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnknb.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkspx.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwrdr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\oprghdlr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\p3.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\parport.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\partmgr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\parvdm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pci.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pciide.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pciidex.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pcmcia.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\portcls.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\processr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\psched.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ptilink.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rasacd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rasl2tp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\raspppoe.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\raspptp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\raspti.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rawwan.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rdbss.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rdpcdd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rdpdr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rdpwd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\redbook.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\RegKill.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rio8drv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\riodrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rmcast.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rndismp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rootmdm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\RtkHDAud.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\RTKVHDA.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\scsiport.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\SE26bus.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\SE26cm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\SE26cmnt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\se26cr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\SE26mdfl.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\SE26mdm.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\SE26mgmt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\se26nd5.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\SE26obex.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\se26unic.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\SE26wh.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\SE26whnt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\secdrv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\serenum.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\serial.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sfloppy.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\slip.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\smbali.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\smclib.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sonydcam.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sonyhcb.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sonyhcc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sonyhcs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sonypvs1.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\SONYPVU1.SYS
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\SPC220NC.SYS
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\splitter.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sr.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\srv.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\StarOpen.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\stream.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\streamip.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\swenum.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\swmidi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sysaudio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tape.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\TCPIP.SYS
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\TCPIP.SYS.ORIGINAL
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tcpip6.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tdi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\TDLPT.SYS
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tdpipe.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tdtcp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\termdd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tosdvd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tsbvcap.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tunmp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\udfs.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\update.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usb8023.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbaudio.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbcamd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbcamd2.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbccgp.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbehci.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbhub.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbintel.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbohci.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbport.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbprint.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbscan.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbstor.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\vdmindvd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\vga.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\videoprt.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\volsnap.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wanarp.sys
O58
0
Réponse 46 / 161
mimie17 Messages postés 228 Statut Membre
 
j'arrive pas à t'envoyer le rapport ZHP Diag
je vais essayer avec un autre PC
0
Réponse 47 / 161
mimie17 Messages postés 228 Statut Membre
 
pour pouvoir t'envoyer le rapport j'ai du changer le pseudo j'ai pris mimie29 j'hallucine j'ai jamais été confronté à un truc aussi coriace, j'ai l'impression qu'il lit dans mes pensées ça craint
0
Réponse 48 / 161
crapoulou Messages postés 42844 Statut Modérateur, Contributeur sécurité 8 014
 
C'est bon, il est passé, il est là :
https://forums.commentcamarche.net/forum/affich-16170035-probleme-logiciel-de-securite?page=3#46
0
Réponse 49 / 161
mimie17 Messages postés 228 Statut Membre
 
ouffffff je dois faire quoi maintenant? S'il te plaît, merci. J'ai pensé formater mais je sais pas comment réinstaller tout les programmes xp ? Quand j'ai acheté l'ordi on ne m'a donné aucun CD.
0
Réponse 50 / 161
crapoulou Messages postés 42844 Statut Modérateur, Contributeur sécurité 8 014
 
Sans CD cela va être difficile.
On va s'en sortir sans formater ;-).
Tu me sembles motivée ;-).

*****

/!\ Procédure réservée à mimie17. Ne tentez pas de la reproduire si vous avez un problème similaire sous peine de planter votre machine /!\
Télécharge OTM (de Old_Timer) sur ton Bureau.
= = = = >>> En cliquant ici <<< = = = =
Une fois installé sur le bureau, clique droit sur OTM.exe puis ‘Exécuter en tant qu’administrateur‘pour le lancer.
Assure toi que la case Unregister Dll’s and Ocx’s soit bien cochée
Copie la liste qui se trouve en gras ci-dessous, et colle-la dans le cadre de gauche de OTMoveIt :
Paste Instructions for Items to be moved.

:Procédure:

:Files
C:\WINDOWS\ban_list.txt
C:\WINDOWS\System32\srosa2.sys
C:\Documents and Settings\MYRIAM\Application Data\drivers\winupgro.exe
C:\Documents and Settings\MYRIAM\Application Data\m\flec006.exe
C:\WINDOWS\wintems.exe
C:\WINDOWS\mdelk.exe
C:\WINDOWS\wintems.exe
C:\WINDOWS\Prefetch\108953.EXE-0BC57B82.pf
C:\WINDOWS\Prefetch\111828.EXE-16D6F8CA.pf
C:\WINDOWS\Prefetch\96343.EXE-1EA0F5EF.pf
C:\WINDOWS\Prefetch\99906.EXE-074D1063.pf
C:\WINDOWS\Prefetch\FLEC006.EXE-07147BC0.pf
C:\WINDOWS\Prefetch\MDELK.EXE-087EF2B4.pf
C:\WINDOWS\Prefetch\WINTEMS.EXE-127B61D4.pf
C:\WINDOWS\system32\srosa2.sys
C:\WINDOWS\system32\wfsintwq.sys
C:\Documents and Settings\MYRIAM\Application Data\drivers
C:\Documents and Settings\MYRIAM\Application Data\m


:reg
[-HKLM\SYSTEM\CurrentControlSet\Services\srosa]
[-HKLM\SYSTEM\ControlSet001\Services\srosa]
[-HKLM\SYSTEM\ControlSet002\Services\srosa]
[-HKLM\SYSTEM\ControlSet003\Services\srosa]
[-HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA]
[-HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA]
[-HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA]
[-HKCU\Software\bisoft]
[-HKCU\Software\DateTime4]
[-HKCU\Software\MuleAppData]
[-HKCU\Software\WS35]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Run]
"drvsyskit"=-
"german.exe"=-
"mule_st_key"=-
[HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"drvsyskit"=-
"german.exe"=-
"mule_st_key"=-
[-HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\bisoft]
[-HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\DateTime4]
[-HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\MuleAppData]
[-HKCU\Software\Local AppWizard-Generated Applications\keygen]
[-HKCU\Software\Local AppWizard-Generated Applications\winupgro]
[-HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Local AppWizard-Generated Applications\keygen]
[-HKU\S-1-5-21-57989841-630328440-725345543-1003\Software\Local AppWizard-Generated Applications\winupgro]

:Commands
[purity]
[emptytemp]
[Reboot]

Clique sur MoveIt! pour lancer la suppression.
Après avoir fait Moveit!, une fenêtre s’affiche :
"The system requires a reboot to finish removing files. Do you want to reboot now ?"
Réponds Yes.
Le résultat apparaîtra dans le cadre "Results".
Clique sur Exit pour fermer.
Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
0
Réponse 51 / 161
mimie17 Messages postés 228 Statut Membre
 
Je suis motivée même si ça doit me prendre des semaines, j'ai confiance
voilà le rapport

All processes killed
Error: Unable to interpret <C:\WINDOWS\ban_list.txt> in the current context!
Error: Unable to interpret <C:\WINDOWS\System32\srosa2.sys> in the current context!
Error: Unable to interpret <C:\Documents and Settings\MYRIAM\Application Data\drivers\winupgro.exe> in the current context!
Error: Unable to interpret <C:\Documents and Settings\MYRIAM\Application Data\m\flec006.exe> in the current context!
Error: Unable to interpret <C:\WINDOWS\wintems.exe> in the current context!
Error: Unable to interpret <C:\WINDOWS\mdelk.exe> in the current context!
Error: Unable to interpret <C:\WINDOWS\wintems.exe> in the current context!
Error: Unable to interpret <C:\WINDOWS\Prefetch\108953.EXE-0BC57B82.pf> in the current context!
Error: Unable to interpret <C:\WINDOWS\Prefetch\111828.EXE-16D6F8CA.pf> in the current context!
Error: Unable to interpret <C:\WINDOWS\Prefetch\96343.EXE-1EA0F5EF.pf> in the current context!
Error: Unable to interpret <C:\WINDOWS\Prefetch\99906.EXE-074D1063.pf> in the current context!
Error: Unable to interpret <C:\WINDOWS\Prefetch\FLEC006.EXE-07147BC0.pf> in the current context!
Error: Unable to interpret <C:\WINDOWS\Prefetch\MDELK.EXE-087EF2B4.pf> in the current context!
Error: Unable to interpret <C:\WINDOWS\Prefetch\WINTEMS.EXE-127B61D4.pf> in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\srosa2.sys> in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\wfsintwq.sys> in the current context!
Error: Unable to interpret <C:\Documents and Settings\MYRIAM\Application Data\drivers> in the current context!
Error: Unable to interpret <C:\Documents and Settings\MYRIAM\Application Data\m> in the current context!
========== REGISTRY ==========
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa\ scheduled to be deleted on reboot.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa\ deleted successfully.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA\ scheduled to be deleted on reboot.
Registry key HKEY_CURRENT_USER\Software\bisoft\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\DateTime4\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MuleAppData\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\WS35\ deleted successfully.
Registry delete failed. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\drvsyskit scheduled to be deleted on reboot.
Registry delete failed. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\german.exe scheduled to be deleted on reboot.
Registry delete failed. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\mule_st_key scheduled to be deleted on reboot.
Registry delete failed. HKEY_USERS\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\drvsyskit scheduled to be deleted on reboot.
Registry delete failed. HKEY_USERS\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\german.exe scheduled to be deleted on reboot.
Registry delete failed. HKEY_USERS\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\mule_st_key scheduled to be deleted on reboot.
Registry key HKEY_USERS\S-1-5-21-57989841-630328440-725345543-1003\Software\bisoft\ not found.
Registry key HKEY_USERS\S-1-5-21-57989841-630328440-725345543-1003\Software\DateTime4\ not found.
Registry key HKEY_USERS\S-1-5-21-57989841-630328440-725345543-1003\Software\MuleAppData\ not found.
Registry key HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\keygen\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-57989841-630328440-725345543-1003\Software\Local AppWizard-Generated Applications\keygen\ not found.
Registry key HKEY_USERS\S-1-5-21-57989841-630328440-725345543-1003\Software\Local AppWizard-Generated Applications\winupgro\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 1639009 bytes

User: Administrateur.PCMIMI
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 26439773 bytes

User: Administrateur.PCMIMI.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 2857134 bytes

User: ADMINI~1~PCM

User: All Users

User: connerie

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Java cache emptied: 25493658 bytes

User: MYRIAM
->Temp folder emptied: 13882424 bytes
->Temporary Internet Files folder emptied: 46994 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 121730528 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1096538 bytes
%systemroot%\System32 .tmp files removed: 70994240 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 42880 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 12994576 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 338959 bytes
RecycleBin emptied: 95888 bytes

Total Files Cleaned = 265,00 mb


OTM by OldTimer - Version 3.1.6.0 log created on 01192010_221516

Files moved on Reboot...

Registry entries deleted on Reboot...
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\drvsyskit scheduled to be deleted on reboot.
Registry delete failed. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\german.exe scheduled to be deleted on reboot.
Registry delete failed. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\mule_st_key scheduled to be deleted on reboot.
Registry delete failed. HKEY_USERS\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\drvsyskit scheduled to be deleted on reboot.
Registry delete failed. HKEY_USERS\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\drvsyskit scheduled to be deleted on reboot.
Registry delete failed. HKEY_USERS\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\drvsyskit scheduled to be deleted on reboot.
0
Réponse 52 / 161
crapoulou Messages postés 42844 Statut Modérateur, Contributeur sécurité 8 014
 
As-tu copié l'intégralité ?
(de :Files à la fin ???)
Les deux-points ont une importance !
0
Réponse 53 / 161
mimie17 Messages postés 228 Statut Membre
 
en fait j'ai fait tout sélectionner copier coller mais au cas où je recommence

All processes killed
Error: Unable to interpret <C:\WINDOWS\ban_list.txt> in the current context!
Error: Unable to interpret <C:\WINDOWS\System32\srosa2.sys> in the current context!
Error: Unable to interpret <C:\Documents and Settings\MYRIAM\Application Data\drivers\winupgro.exe> in the current context!
Error: Unable to interpret <C:\Documents and Settings\MYRIAM\Application Data\m\flec006.exe> in the current context!
Error: Unable to interpret <C:\WINDOWS\wintems.exe> in the current context!
Error: Unable to interpret <C:\WINDOWS\mdelk.exe> in the current context!
Error: Unable to interpret <C:\WINDOWS\wintems.exe> in the current context!
Error: Unable to interpret <C:\WINDOWS\Prefetch\108953.EXE-0BC57B82.pf> in the current context!
Error: Unable to interpret <C:\WINDOWS\Prefetch\111828.EXE-16D6F8CA.pf> in the current context!
Error: Unable to interpret <C:\WINDOWS\Prefetch\96343.EXE-1EA0F5EF.pf> in the current context!
Error: Unable to interpret <C:\WINDOWS\Prefetch\99906.EXE-074D1063.pf> in the current context!
Error: Unable to interpret <C:\WINDOWS\Prefetch\FLEC006.EXE-07147BC0.pf> in the current context!
Error: Unable to interpret <C:\WINDOWS\Prefetch\MDELK.EXE-087EF2B4.pf> in the current context!
Error: Unable to interpret <C:\WINDOWS\Prefetch\WINTEMS.EXE-127B61D4.pf> in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\srosa2.sys> in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\wfsintwq.sys> in the current context!
Error: Unable to interpret <C:\Documents and Settings\MYRIAM\Application Data\drivers> in the current context!
Error: Unable to interpret <C:\Documents and Settings\MYRIAM\Application Data\m> in the current context!
========== REGISTRY ==========
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa\ scheduled to be deleted on reboot.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa\ deleted successfully.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA\ scheduled to be deleted on reboot.
Registry key HKEY_CURRENT_USER\Software\bisoft\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\DateTime4\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MuleAppData\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\WS35\ deleted successfully.
Registry delete failed. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\drvsyskit scheduled to be deleted on reboot.
Registry delete failed. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\german.exe scheduled to be deleted on reboot.
Registry delete failed. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\mule_st_key scheduled to be deleted on reboot.
Registry delete failed. HKEY_USERS\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\drvsyskit scheduled to be deleted on reboot.
Registry delete failed. HKEY_USERS\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\german.exe scheduled to be deleted on reboot.
Registry delete failed. HKEY_USERS\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\mule_st_key scheduled to be deleted on reboot.
Registry key HKEY_USERS\S-1-5-21-57989841-630328440-725345543-1003\Software\bisoft\ not found.
Registry key HKEY_USERS\S-1-5-21-57989841-630328440-725345543-1003\Software\DateTime4\ not found.
Registry key HKEY_USERS\S-1-5-21-57989841-630328440-725345543-1003\Software\MuleAppData\ not found.
Registry key HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\keygen\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-57989841-630328440-725345543-1003\Software\Local AppWizard-Generated Applications\keygen\ not found.
Registry key HKEY_USERS\S-1-5-21-57989841-630328440-725345543-1003\Software\Local AppWizard-Generated Applications\winupgro\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 1639009 bytes

User: Administrateur.PCMIMI
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 26439773 bytes

User: Administrateur.PCMIMI.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 2857134 bytes

User: ADMINI~1~PCM

User: All Users

User: connerie

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Java cache emptied: 25493658 bytes

User: MYRIAM
->Temp folder emptied: 13882424 bytes
->Temporary Internet Files folder emptied: 46994 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 121730528 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1096538 bytes
%systemroot%\System32 .tmp files removed: 70994240 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 42880 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 12994576 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 338959 bytes
RecycleBin emptied: 95888 bytes

Total Files Cleaned = 265,00 mb


OTM by OldTimer - Version 3.1.6.0 log created on 01192010_221516

Files moved on Reboot...

Registry entries deleted on Reboot...
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\drvsyskit scheduled to be deleted on reboot.
Registry delete failed. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\german.exe scheduled to be deleted on reboot.
Registry delete failed. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\mule_st_key scheduled to be deleted on reboot.
Registry delete failed. HKEY_USERS\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\drvsyskit scheduled to be deleted on reboot.
Registry delete failed. HKEY_USERS\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\drvsyskit scheduled to be deleted on reboot.
Registry delete failed. HKEY_USERS\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\
0
Réponse 54 / 161
crapoulou Messages postés 42844 Statut Modérateur, Contributeur sécurité 8 014
 
Remet que

:files
C:\WINDOWS\ban_list.txt
C:\WINDOWS\System32\srosa2.sys
C:\Documents and Settings\MYRIAM\Application Data\drivers\winupgro.exe
C:\Documents and Settings\MYRIAM\Application Data\m\flec006.exe
C:\WINDOWS\wintems.exe
C:\WINDOWS\mdelk.exe
C:\WINDOWS\wintems.exe
C:\WINDOWS\Prefetch\108953.EXE-0BC57B82.pf
C:\WINDOWS\Prefetch\111828.EXE-16D6F8CA.pf
C:\WINDOWS\Prefetch\96343.EXE-1EA0F5EF.pf
C:\WINDOWS\Prefetch\99906.EXE-074D1063.pf
C:\WINDOWS\Prefetch\FLEC006.EXE-07147BC0.pf
C:\WINDOWS\Prefetch\MDELK.EXE-087EF2B4.pf
C:\WINDOWS\Prefetch\WINTEMS.EXE-127B61D4.pf
C:\WINDOWS\system32\srosa2.sys
C:\WINDOWS\system32\wfsintwq.sys
C:\Documents and Settings\MYRIAM\Application Data\drivers
C:\Documents and Settings\MYRIAM\Application Data\m


0
Réponse 55 / 161
mimie17 Messages postés 228 Statut Membre
 
j'ai pas files
le seul files qui est écrit dans le rapport est :

Files moved on Reboot...

Registry entries deleted on Reboot...
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA\ scheduled to be deleted on reboot.
Registry delete failed. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\drvsyskit scheduled to be deleted on reboot.
Registry delete failed. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\german.exe scheduled to be deleted on reboot.
Registry delete failed. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\mule_st_key scheduled to be deleted on reboot.
Registry delete failed. HKEY_USERS\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\drvsyskit scheduled to be deleted on reboot.
Registry delete failed. HKEY_USERS\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\drvsyskit scheduled to be deleted on reboot.
Registry delete failed. HKEY_USERS\S-1-5-21-57989841-630328440-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\drvsyskit scheduled to be deleted on reboot.
0
Réponse 56 / 161
crapoulou Messages postés 42844 Statut Modérateur, Contributeur sécurité 8 014
 
Une fois installé sur le bureau, clique droit sur OTM.exe puis ‘Exécuter en tant qu’administrateur‘pour le lancer.
Assure toi que la case Unregister Dll’s and Ocx’s soit bien cochée
Copie la liste qui se trouve en gras ci-dessous, et colle-la dans le cadre de gauche de OTMoveIt :
Paste Instructions for Items to be moved.

:files
C:\WINDOWS\ban_list.txt
C:\WINDOWS\System32\srosa2.sys
C:\Documents and Settings\MYRIAM\Application Data\drivers\winupgro.exe
C:\Documents and Settings\MYRIAM\Application Data\m\flec006.exe
C:\WINDOWS\wintems.exe
C:\WINDOWS\mdelk.exe
C:\WINDOWS\wintems.exe
C:\WINDOWS\Prefetch\108953.EXE-0BC57B82.pf
C:\WINDOWS\Prefetch\111828.EXE-16D6F8CA.pf
C:\WINDOWS\Prefetch\96343.EXE-1EA0F5EF.pf
C:\WINDOWS\Prefetch\99906.EXE-074D1063.pf
C:\WINDOWS\Prefetch\FLEC006.EXE-07147BC0.pf
C:\WINDOWS\Prefetch\MDELK.EXE-087EF2B4.pf
C:\WINDOWS\Prefetch\WINTEMS.EXE-127B61D4.pf
C:\WINDOWS\system32\srosa2.sys
C:\WINDOWS\system32\wfsintwq.sys
C:\Documents and Settings\MYRIAM\Application Data\drivers
C:\Documents and Settings\MYRIAM\Application Data\m
0
Réponse 57 / 161
mimie17 Messages postés 228 Statut Membre
 
alors désolé j'ai dû réinstaller OTM puisque mon PC s'est éteint et que j'avais plus OTM sur mon bureau.
Cela fait je ne trouve pas la case à cocher : Unregister Dll’s and Ocx’s soit bien cochée .
je n'ai que trois icônes qui sont : Movelt puis CleanUp et la dernière Exit
ensuite deux colonnes une jaune avec Paste instruction form items to be moved et l'autre colonne verte avec results
0
Réponse 58 / 161
crapoulou Messages postés 42844 Statut Modérateur, Contributeur sécurité 8 014
 
Ne te préoccupe pas de cette case cette fois-ci, on ne touchera pas au registre.
0
Réponse 59 / 161
mimie17 Messages postés 228 Statut Membre
 
voilà ce que j'ai obtenu en espérant que c'est le bon cette fois-ci

========== FILES ==========
C:\WINDOWS\ban_list.txt moved successfully.
C:\WINDOWS\System32\srosa2.sys moved successfully.
File move failed. C:\Documents and Settings\MYRIAM\Application Data\drivers\winupgro.exe scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\MYRIAM\Application Data\m\flec006.exe scheduled to be moved on reboot.
File move failed. C:\WINDOWS\wintems.exe scheduled to be moved on reboot.
File move failed. C:\WINDOWS\mdelk.exe scheduled to be moved on reboot.
File move failed. C:\WINDOWS\wintems.exe scheduled to be moved on reboot.
File/Folder C:\WINDOWS\Prefetch\108953.EXE-0BC57B82.pf not found.
File/Folder C:\WINDOWS\Prefetch\111828.EXE-16D6F8CA.pf not found.
File/Folder C:\WINDOWS\Prefetch\96343.EXE-1EA0F5EF.pf not found.
File/Folder C:\WINDOWS\Prefetch\99906.EXE-074D1063.pf not found.
C:\WINDOWS\Prefetch\FLEC006.EXE-07147BC0.pf moved successfully.
C:\WINDOWS\Prefetch\MDELK.EXE-087EF2B4.pf moved successfully.
C:\WINDOWS\Prefetch\WINTEMS.EXE-127B61D4.pf moved successfully.
File/Folder C:\WINDOWS\system32\srosa2.sys not found.
File move failed. C:\WINDOWS\system32\wfsintwq.sys scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\MYRIAM\Application Data\drivers scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\MYRIAM\Application Data\m scheduled to be moved on reboot.

OTM by OldTimer - Version 3.1.6.0 log created on 01192010_231039

Files moved on Reboot...
File move failed. C:\Documents and Settings\MYRIAM\Application Data\drivers\winupgro.exe scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\MYRIAM\Application Data\m\flec006.exe scheduled to be moved on reboot.
File move failed. C:\WINDOWS\wintems.exe scheduled to be moved on reboot.
File move failed. C:\WINDOWS\mdelk.exe scheduled to be moved on reboot.
File move failed. C:\WINDOWS\system32\wfsintwq.sys scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\MYRIAM\Application Data\drivers scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\MYRIAM\Application Data\m scheduled to be moved on reboot.

Registry entries deleted on Reboot...
0
Réponse 60 / 161
mimie17 Messages postés 228 Statut Membre
 
là je vais devoir y aller je me reconnecte demain et comme d'habitude tu me laisses les instructions à suivre, je te remercie pour ton aide à demain bye bye
0

Discussions similaires

Sécurité de l'URL
ghaouar -
fiddy -

2 réponses
comment lire un message masqué????
linx33 -
linx33 -

6 réponses
La nouvelle messagerie du Boncoin....
Utilisateur anonyme -
Madabatro -

69 réponses