Utilisation de l'UC toujours à 100%!!
jeremss
Messages postés
125
Statut
Membre
-
jeremss Messages postés 125 Statut Membre -
jeremss Messages postés 125 Statut Membre -
Bonjour,
mon ordi faisait un bruit énorme et j'ai donc decidé de l'ouvrir afin de voir si la ventilation en etait la cause. Je l'ai néttoyé et refermeé. La il faisait moins de bruit mais en faisait quand meme un peu. J'ai donc reouvert et essayé de retirer l'hélice principale pour la nettoyer (elle etait pleine de poussiere) mais je n'ai pas reussi a l'enlever donc je lai laissée et nettoye comme je pouvais. j'ai refermé et rallumer l'ordi, la PANIQUE, il s'allumait et se reteignait aussitot!! Apres de longs moment d'attentes, il s'allume enfin mais la c'est le desastre!!! Il est revenu plus lent et plus bruyant que jamais!!! L'UC est presque tout le temps à 100% en fait elle oscille elle passe de 20 a 70 % tout le temps puis des que j'ouvre quelque chose elle passe a 100%!
Par exemple, juste pour ouvrir l'onglet "applications" de iTunes ca ma pris au moins 5 min!!
Aidez moi SVP!!
Merci d'avance!
mon ordi faisait un bruit énorme et j'ai donc decidé de l'ouvrir afin de voir si la ventilation en etait la cause. Je l'ai néttoyé et refermeé. La il faisait moins de bruit mais en faisait quand meme un peu. J'ai donc reouvert et essayé de retirer l'hélice principale pour la nettoyer (elle etait pleine de poussiere) mais je n'ai pas reussi a l'enlever donc je lai laissée et nettoye comme je pouvais. j'ai refermé et rallumer l'ordi, la PANIQUE, il s'allumait et se reteignait aussitot!! Apres de longs moment d'attentes, il s'allume enfin mais la c'est le desastre!!! Il est revenu plus lent et plus bruyant que jamais!!! L'UC est presque tout le temps à 100% en fait elle oscille elle passe de 20 a 70 % tout le temps puis des que j'ouvre quelque chose elle passe a 100%!
Par exemple, juste pour ouvrir l'onglet "applications" de iTunes ca ma pris au moins 5 min!!
Aidez moi SVP!!
Merci d'avance!
Configuration: Windows XP / Firefox 3.5.8
17 réponses
-
Salut :en espérant que tu n'a pas abimer ton ventillo
Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent(car il est detecté a tort comme infection)
Télécharge et installe List&Kill'em et enregistre le sur ton bureau
http://sd-1.archive-host.com/membres/up/829108531491024/List_Killem_Install.exe
Branche clés usb , disques durs externes , mp3 , mp4 , etc..
double clique ( clic droit "exécuter en tant qu'administrateur" pour Vista/7 ) sur le raccourci sur ton bureau pour lancer l'installation
coche la case "créer une icône sur le bureau"
une fois terminée , clic sur "terminer" et le programme se lancera seul
choisis la langue puis choisis l'option 1 = Mode Recherche
laisse travailler l'outil
à l'apparition de la fenêtre blanche , c'est un peu long , c'est normal , le programme n'est pas bloqué.
un rapport du nom de catchme apparait sur ton bureau , ignore-le,ne le poste pas , mais ne le supprime pas pour l instant, le scan n'est pas fini.
Poste le contenu du rapport qui s'ouvre aux 100 % du scan à l'écran "COMPLETED"
-
Voila ce que j'ai obtenu. Merci beaucoup de ta réponse!
List'em by g3n-h@ckm@n 1.2.5.3
User : Jeremie (Administrateurs)
Update on 19/02/2010 by g3n-h@ckm@n ::::: 13.15
Start at: 00:03:51 | 24/02/2010
Contact : https://forums.commentcamarche.net/forum/virus-securite-7
Intel(R) Pentium(R) 4 CPU 2.93GHz
Microsoft Windows XP Edition familiale (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 7.0.5730.11
Windows Firewall Status : Enabled
AV : avast! antivirus 4.8.1356 [VPS 100223-2] 4.8.1356 [ Enabled | Updated ]
C:\ -> Disque fixe local | 186,31 Go (37,32 Go free) [Disque C] | NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
F:\ -> Disque CD-ROM
G:\ -> Disque CD-ROM
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque amovible
K:\ -> Disque amovible
L:\ -> Disque amovible
M:\ -> Disque fixe local | 149,01 Go (69,07 Go free) [DISQUE 2] | FAT32
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\FreezeScreenSaver.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Styler\Styler.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\DAP\DAP.EXE
C:\Program Files\List_Kill'em\List_Kill'em.scr
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\Jeremie\Local Settings\Temp\99.tmp\pv.exe
======================
Keys "Run"
======================
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
CTFMON.EXE REG_SZ C:\WINDOWS\system32\ctfmon.exe
WOOKIT REG_SZ C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
MessengerPlus3 REG_SZ "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
RocketDock REG_SZ "C:\Program Files\RocketDock\RocketDock.exe"
AdobeUpdater REG_SZ C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
swg REG_SZ "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\AdobeUpdater
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
NeroFilterCheck REG_SZ C:\WINDOWS\system32\NeroCheck.exe
HP Software Update REG_SZ "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
Google Desktop Search REG_SZ "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
Cmaudio REG_SZ RunDll32 cmicnfg.cpl,CMICtrlWnd
SoundMan REG_SZ SOUNDMAN.EXE
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
TrayServer REG_SZ C:\Program Files\MAGIX\Movie_Edit_Pro_15_Plus_Download_version\TrayServer.exe
HP Component Manager REG_SZ "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
QuickTime Task REG_SZ "C:\Program Files\QuickTime\QTTask.exe" -atboottime
ORAHSSSessionManager REG_SZ "C:\Program Files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe"
iTunesHelper REG_SZ "C:\Program Files\iTunes\iTunesHelper.exe"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
=====================
Other Keys
=====================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
dontdisplaylastusername REG_DWORD 0 (0x0)
legalnoticecaption REG_SZ
legalnoticetext REG_SZ
shutdownwithoutlogon REG_DWORD 1 (0x1)
undockwithoutlogon REG_DWORD 1 (0x1)
===============
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
NoDriveTypeAutoRun REG_DWORD 145 (0x91)
NoDriveAutorun REG_DWORD 0 (0x0)
===============
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
HonorAutoRunSetting REG_DWORD 1 (0x1)
===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLS REG_SZ C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL,wbsys.dll
===============
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
AutoRestartShell REG_DWORD 1 (0x1)
DefaultDomainName REG_SZ NOM-E158B5DDB2C
DefaultUserName REG_SZ Jeremie
LegalNoticeCaption REG_SZ
LegalNoticeText REG_SZ
PowerdownAfterShutdown REG_SZ 0
ReportBootOk REG_SZ 1
Shell REG_SZ Explorer.exe
ShutdownWithoutLogon REG_SZ 0
System REG_SZ
Userinit REG_SZ C:\WINDOWS\system32\userinit.exe,userinit.exe
VmApplet REG_SZ rundll32 shell32,Control_RunDLL "sysdm.cpl"
SfcQuota REG_DWORD -1 (0xffffffff)
allocatecdroms REG_SZ 0
allocatedasd REG_SZ 0
allocatefloppies REG_SZ 0
cachedlogonscount REG_SZ 10
forceunlocklogon REG_DWORD 0 (0x0)
passwordexpirywarning REG_DWORD 14 (0xe)
scremoveoption REG_SZ 0
AllowMultipleTSSessions REG_DWORD 1 (0x1)
UIHost REG_EXPAND_SZ %SystemRoot%\system32\logonui.exe
LogonType REG_DWORD 1 (0x1)
Background REG_SZ 0 0 0
DebugServerCommand REG_SZ no
SFCDisable REG_DWORD 0 (0x0)
WinStationsDisabled REG_SZ 0
HibernationPreviouslyEnabled REG_DWORD 1 (0x1)
ShowLogonOptions REG_DWORD 1 (0x1)
AltDefaultUserName REG_SZ Jeremie
AltDefaultDomainName REG_SZ NOM-E158B5DDB2C
SfcScan REG_DWORD 0 (0x0)
===============
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AtiExtEvent]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\crypt32chain]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cryptnet]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cscdll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ScCertProp]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Schedule]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sclgntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SensLogn]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\termsrv]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WgaLogon]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wlballoon]
===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
{AEB6717E-7E19-11d0-97EE-00C04FD91972} REG_SZ
{097F10A7-487F-4457-AB1F-827C59479A72} REG_SZ NSIS Media Extension
{637E1684-78EE-42D4-9609-B4ED50F3BA63} REG_SZ Downlevel ShellHook Module
{56F9679E-7826-4C84-81F3-532071A8BCC5} REG_SZ
===============
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
C:\Program Files\eMule\emule.exe REG_SZ C:\Program Files\eMule\emule.exe:*:Enabled:eMule
C:\WINDOWS\system32\rtcshare.exe REG_SZ C:\WINDOWS\system32\rtcshare.exe:*:Disabled:Partage de l'application RTC
C:\Program Files\Internet Explorer\IEXPLORE.EXE REG_SZ C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Disabled:Internet Explorer
C:\WINDOWS\system32\dpvsetup.exe REG_SZ C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test
C:\WINDOWS\system32\rundll32.exe REG_SZ C:\WINDOWS\system32\rundll32.exe:*:Disabled:Executer une DLL en tant qu'application
C:\WINDOWS\system32\svchost.exe REG_SZ C:\WINDOWS\system32\svchost.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Matthieu\LOCALS~1\Temp\43exmodul32.exe REG_SZ C:\DOCUME~1\Matthieu\LOCALS~1\Temp\43exmodul32.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Matthieu\LOCALS~1\Temp\91exmodul32.exe REG_SZ C:\DOCUME~1\Matthieu\LOCALS~1\Temp\91exmodul32.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Matthieu\LOCALS~1\Temp\11exmodul32.exe REG_SZ C:\DOCUME~1\Matthieu\LOCALS~1\Temp\11exmodul32.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Matthieu\LOCALS~1\Temp\27exmodul32.exe REG_SZ C:\DOCUME~1\Matthieu\LOCALS~1\Temp\27exmodul32.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Matthieu\LOCALS~1\Temp\73exmodul32.exe REG_SZ C:\DOCUME~1\Matthieu\LOCALS~1\Temp\73exmodul32.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Matthieu\LOCALS~1\Temp\16exmodul32.exe REG_SZ C:\DOCUME~1\Matthieu\LOCALS~1\Temp\16exmodul32.exe:*:Enabled:Microsoft Update
C:\Program Files\Mozilla Firefox\firefox.exe REG_SZ C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox
C:\DOCUME~1\Matthieu\LOCALS~1\Temp\52exmodul32.exe REG_SZ C:\DOCUME~1\Matthieu\LOCALS~1\Temp\52exmodul32.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Matthieu\LOCALS~1\Temp\66exmodul32.exe REG_SZ C:\DOCUME~1\Matthieu\LOCALS~1\Temp\66exmodul32.exe:*:Enabled:Microsoft Update
C:\DOCUME~1\Matthieu\LOCALS~1\Temp\38exmodul32.exe REG_SZ C:\DOCUME~1\Matthieu\LOCALS~1\Temp\38exmodul32.exe:*:Enabled:Microsoft Update
C:\StubInstaller.exe REG_SZ C:\StubInstaller.exe:*:Disabled:LimeWire swarmed installer
C:\Program Files\LimeWire\LimeWire.exe REG_SZ C:\Program Files\LimeWire\LimeWire.exe:*:Disabled:LimeWire
C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe REG_SZ C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe:LocalSubNet:Disabled:PMCService
%windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
C:\Program Files\Azureus\Azureus.exe REG_SZ C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus
C:\Program Files\Microsoft Games\Age of Empires III\age3.exe REG_SZ C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:*:Enabled:Age of Empires 3
%windir%\explorer.exe REG_SZ %windir%\explorer.exe:*:Enabled:Windows Explorer
C:\Program Files\Messenger\msmsgs.exe REG_SZ C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
C:\Program Files\TightVNC\WinVNC.exe REG_SZ C:\Program Files\TightVNC\WinVNC.exe:*:Enabled:TightVNC Win32 Server
C:\Program Files\Vuze\Azureus.exe REG_SZ C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus
C:\Program Files\iPhone Tunnel Suite\iTunnel\iTunnel.exe REG_SZ C:\Program Files\iPhone Tunnel Suite\iTunnel\iTunnel.exe:*:Disabled:iTunnel
C:\Program Files\Electronic Arts\EADM\Core.exe REG_SZ C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager
C:\Program Files\Bonjour\mDNSResponder.exe REG_SZ C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
C:\Program Files\VideoLAN\VLC\vlc.exe REG_SZ C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player
C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe REG_SZ C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare
C:\Temp\janinblr\iTunnel\iTunnel.exe REG_SZ C:\Temp\janinblr\iTunnel\iTunnel.exe:*:Enabled:iTunnel
C:\Program Files\Orange\Connexion Internet Orange\Connectivity\ConnectivityManager.exe REG_SZ C:\Program Files\Orange\Connexion Internet Orange\Connectivity\ConnectivityManager.exe:*:enabled:CSS
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE REG_SZ C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook
C:\Program Files\iTunes\iTunes.exe REG_SZ C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
%windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe REG_SZ C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare
===============
ActivX controls
===============
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{00B71CFB-6864-4346-A978-C0A14556272C}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{14B87622-7E19-4EA8-93B3-97215F77A6BC}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{166B1BCA-3F9C-11CF-8075-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{20A60F0D-9AFA-4515-A0FD-83BD84642501}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{238F6F83-B8B4-11CF-8771-00A024541EE3}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{2917297F-F02B-4B9D-81DF-494B6333150B}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{5D6F45B3-9043-443D-A792-115447494D24}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8AD9C840-044E-11D1-B3E9-00805F499D93}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8E0D4DE5-3180-4024-A327-4DFAD1796A8D}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{B8BE5E93-A60C-4D26-A2DC-220313175592}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{D27CDB6E-AE6D-11CF-96B8-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{D8089245-3211-40F6-819B-9E5E92CD61A2}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{F6BF0D00-0B2A-4A75-BF7B-F385591623AF}
===============
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{26923b43-4d38-484f-9b9e-de460746276c}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\Microsoft Base Smart Card Crypto Provider Package
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{0291E591-EA41-4c82-8106-3DC6CE7F7664}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{166B1BCA-3F9C-11CF-8075-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{233C1507-6A77-46A4-9443-F871F945D258}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{283807B5-2C60-11D0-A31D-00AA00B92C03}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2A202491-F00D-11cf-87CC-0020AFEECF20}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{30528230-99F7-4BB4-88D8-FA1D4F56A2AB}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{347B0667-C7ED-429B-BDE3-CC8D3BACAA31}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{36f8ec70-c29a-11d1-b5c7-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3af36230-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3bf42070-b3b1-11d1-b5c5-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3F7924B9-D148-3141-87B1-68F36043A940}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{411EDCF7-755D-414E-A74B-3DCD6583F589}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4278c270-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{45ea75a0-a269-11d1-b5bf-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f216970-c90c-11d1-b5c7-0000f8051515}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f645220-306d-11d2-995d-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5945c046-1e7d-11d1-bc44-00c04fd912be}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5A8D6EE0-3E18-11D0-821E-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{630b1da0-b465-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6D86A1DB-7879-0AB6-03A4-5F56E579A55D}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{74F8E27A-1C16-8FDB-69DA-652E186007DE}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4340}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8b15971b-5355-4c82-8c07-7e181ea07608}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9381D8F2-0288-11D0-9501-00AA00B911A5}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{94de52c8-2d59-4f1b-883e-79663d2d9a8c}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9A394342-4A68-4EBA-85A6-55B559F4E700}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9C450606-ED24-4958-92BA-B8940C99D441}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{ACC563BC-4266-43f0-B6ED-9D38C4202C7E}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B508B3F1-A24A-32C0-B310-85786919EF28}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C9E9A340-D1F1-11D0-821E-444553540600}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CC2A9BA0-3BDD-11D0-821E-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D27CDB6E-AE6D-11cf-96B8-444553540000}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{ECD292A0-0347-4244-8C24-5DBCE990FB40}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{EF289A85-8E57-408d-BE47-73B55609861A}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{FB6D6065-F37A-3F59-84EC-5C5D766EC2B8}
==============
BHO :
======
[<NO NAME> REG_SZ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{206E52E0-D52E-11D4-AD54-0000E86C26F6}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{2bae58c2-79f9-45d1-a286-81f911301c3a}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
================
Internet Explorer :
================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.msn.com/fr-fr/?ocid=iehp
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ http://home.speedbit.com/?aff=101
========
Services
========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]
Ndisuio : 0x3 ( OK = 3 )
SharedAccess : 0x2 ( OK = 2 )
wuauserv : 0x2 ( OK = 2 )
=========
Atapi.sys
=========
%%%% HASHDEEP-1.0
%%%% size,md5,sha256,filename
## Invoked from: C:\Documents and Settings\Jeremie\Local Settings\Temp\99.tmp
## C:\> hashdeep C:\WINDOWS\System32\Drivers\atapi.sys
##
95360,cdfe4411a69c224bd1d11b2da92dac51,0e6b23a80f171550575bebc56f7500cd87a5cf03b2b9fdc49bc3de96282cd69d,C:\WINDOWS\System32\Drivers\atapi.sys
Sources
=======
C:\WINDOWS\SoftwareDistribution\Download\23ec66f2314a80d718b5483ab6e865af\atapi.sys
C:\WINDOWS\system32\drivers\atapi.sys
Rιfιrence :
==========
Win XP_32b : a64013e98426e1877cb653685c5c0009
Win XP_SP2_32b : CDFE4411A69C224BD1D11B2DA92DAC51
Win XP_SP3_32b : 9F3A2F5AA6875C72BF062C712CFA2674
Vista_32b : e03e8c99d15d0381e02743c36afc7c6f
Vista_SP1_32b : 2d9c903dc76a66813d350a562de40ed9
Vista_SP2_32b : 1F05B78AB91C9075565A9D8A4B880BC4
Vista_SP2_64b : 1898FAE8E07D97F2F6C2D5326C633FAC
Windows 7_32b : 80C40F7FDFC376E4C5FEEC28B41C119E
Windows 7_64b : 02062C0B390B7729EDC9E69C680A6F3C
=======
Drive :
=======
D?fragmenteur de disque Windows
Copyright (c) 2001 Microsoft Corp. et Executive Software International Inc.
Rapport d'analyse
186 Go total, 37,33 Go libre (20%), 22% fragment? (fragmentation du fichier 44%)
Vous devriez d?fragmenter ce volume.
¤¤¤¤¤¤¤¤¤¤ Files/folders :
Present !! : C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
Present !! : C:\blackra1n.exe
Present !! : C:\install.exe
Present !! : C:\Program Files\DAEMON Tools Toolbar
Present !! : C:\Program Files\Mozilla FireFox\Components\AskSearch.js
Present !! : C:\Program Files\P2P_Energy
Present !! : C:\WINDOWS\_delis32.ini
Present !! : C:\WINDOWS\iun6002.exe
Present !! : C:\WINDOWS\System32\SET*.tmp
Present !! : C:\WINDOWS\winstart.bat
Present !! : C:\Documents and Settings\Jeremie\Application Data\GDIPFONTCACHEV1.DAT
Present !! : C:\Documents and Settings\Jeremie\Application Data\wklnhst.dat
Present !! : C:\Documents and Settings\Jeremie\Application Data\pcouffin.inf
Present !! : C:\Documents and Settings\Jeremie\Application Data\GDIPFONTCACHEV1.DAT
Present !! : C:\Documents and Settings\Jeremie\Application Data\wklnhst.dat
Present !! : C:\Documents and Settings\Jeremie\Application Data\inst.exe
Present !! : C:\Documents and Settings\Jeremie\Local Settings\Temp\dw.log
Present !! : C:\Documents and Settings\Jeremie\Local Settings\Temp\Hsi.doc
Present !! : C:\Documents and Settings\Jeremie\LOCAL Settings\Temp\_is23.exe
Present !! : C:\Documents and Settings\Jeremie\LOCAL Settings\Temp\_is2D.exe
Present !! : C:\Documents and Settings\Jeremie\LOCAL Settings\Temp\_is2E.exe
Present !! : C:\Documents and Settings\Jeremie\LOCAL Settings\Temp\cabex.dll
Present !! : C:\Documents and Settings\Jeremie\LOCAL Settings\Temp\catchme.dll
Present !! : C:\Documents and Settings\Jeremie\LOCAL Settings\Temp\tmp1E.tmp
Present !! : C:\Documents and Settings\Jeremie\LOCAL Settings\Temp\tmp2B9.tmp
Present !! : C:\Documents and Settings\Jeremie\LOCAL Settings\Temp\tmp9E.tmp
Present !! : C:\Documents and Settings\Jeremie\LOCAL Settings\Temp\tmpB.tmp
Present !! : C:\Documents and Settings\Jeremie\LOCAL Settings\Temp\tmpC.tmp
¤¤¤¤¤¤¤¤¤¤ Keys :
Present !! : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{32099AAC-C132-4136-9E9A-4E364A424E17}
Present !! : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383}
Present !! : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440}
Present !! : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\{00A6FAF6-072E-44cf-8957-5838F569A31D}
Present !! : "HKCU\software\Fun Web Products"
Present !! : "HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}"
Present !! : "HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}"
Present !! : "HKLM\software\Fun Web Products"
Present !! : "HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe"
Present !! : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\taskmgr.exe"
Present !! : HKCR\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239}
Present !! : HKCR\CLSID\{248dd896-bb45-11cf-9abc-0080c7e7b78d}
Present !! : HKCR\CLSID\{248dd897-bb45-11cf-9abc-0080c7e7b78d}
Present !! : HKCR\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179}
Present !! : HKCR\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3}
Present !! : HKCR\Interface\{248dd892-bb45-11cf-9abc-0080c7e7b78d}
Present !! : HKCR\Interface\{248dd893-bb45-11cf-9abc-0080c7e7b78d}
Present !! : HKCR\interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc}
Present !! : HKCR\interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff}
Present !! : HKCR\MyWebSearch.HTMLPanel
Present !! : HKCR\MyWebSearch.HTMLPanel.1
Present !! : HKCR\MyWebSearch.PseudoTransparentPlugin
Present !! : HKCR\MyWebSearch.PseudoTransparentPlugin.1
Present !! : HKCR\TypeLib\{248dd890-bb45-11cf-9abc-0080c7e7b78d}
Present !! : HKCU\SOFTWARE\FunWebProducts
Present !! : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d}
Present !! : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca}
Present !! : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca}
Present !! : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465}
Present !! : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2}
Present !! : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3}
Present !! : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f919fbd3-a96b-4679-af26-f551439bb5fd}
Present !! : HKCU\software\MyWebSearch
Present !! : HKLM\Software\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Present !! : HKLM\Software\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Present !! : HKLM\Software\Classes\Interface\{DB885111-F39F-4D88-9EE5-C88460B6DF7B}
Present !! : HKLM\SOFTWARE\FocusInteractive
Present !! : HKLM\SOFTWARE\FunWebProducts
Present !! : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Present !! : HKLM\SOFTWARE\MyWebSearch
============
catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-24 00:41:41
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\MediaProperties\PrivateProperties\Midi\Ports\Mappeur MIDI Microsoft [™mulΉ]]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\MediaProperties\PrivateProperties\Midi\Ports\Mappeur MIDI Microsoft [™mulΉ]\Out]
"DMPortGUID"=hex:51,34,04,d3,29,e5,62,42,b0,29,22,32,5c,62,6d,01
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\MediaProperties\PrivateProperties\Midi\Ports\Synth. SW table de sons GS Mic [™mulΉ]]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\MediaProperties\PrivateProperties\Midi\Ports\Synth. SW table de sons GS Mic [™mulΉ]\Out]
"DMPortGUID"=hex:42,43,4c,ee,0f,0f,e0,44,97,82,30,72,02,a5,34,e5
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions]
"Miniport rΉseau Ήtendu (L2TP)"=str(7):"1\0"
"Miniport rΉseau Ήtendu (PPTP)"=str(7):"1\0"
"ParallΈle direct"=str(7):"1\0"
"Miniport rΉseau Ήtendu (IP)"=str(7):"1\0"
"Carte rΉseau 1394"=str(7):"1\0002\0"
"Connexion TV/vidΉo Microsoft"=str(7):"1\0"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000001
"hdf12"=hex:1d,49,00,3b,77,81,58,cb,e0,d8,7e,41,34,3a,56,b7,5c,7b,f5,bf,29,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001]
"a0"=hex:20,01,00,00,29,29,be,7d,60,6b,1d,7f,81,f5,1d,ef,97,81,b3,0b,1f,..
"hdf12"=hex:e4,e0,b3,4f,40,b1,f9,05,d7,95,5e,d4,77,38,ad,94,46,7f,93,c7,41,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0]
"hdf12"=hex:b2,15,62,d3,56,fb,82,be,db,d6,57,3f,a8,93,a7,2e,bd,0f,ba,b0,26,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1]
"hdf12"=hex:1d,06,35,5b,c1,74,81,60,87,c0,8d,46,32,e5,9f,5a,ad,50,d5,10,55,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:87,8f,a0,5c,56,76,4a,25,8d,db,3e,df,ab,b8,f8,c4,3f,2f,50,f4,a7,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,76,9c,db,f4,9f,b8,4b,23,a2,63,f2,84,26,9f,08,e1,78,..
"khjeh"=hex:1e,01,47,58,f8,f7,de,3d,56,76,4b,e5,02,cd,a7,be,1f,df,50,2a,30,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:ad,25,28,b7,c8,2d,e5,ca,58,49,0f,5a,97,e6,95,6c,56,aa,d2,d1,b4,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SysmonLog\Log Queries\{3f9e6818-8458-48bd-9135-d88f38a1bbeb}]
"Attributs du magasin de donnΉes"=dword:00000021
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\MediaProperties\PrivateProperties\Midi\Ports\Mappeur MIDI Microsoft [™mulΉ]]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\MediaProperties\PrivateProperties\Midi\Ports\Mappeur MIDI Microsoft [™mulΉ]\Out]
"DMPortGUID"=hex:51,34,04,d3,29,e5,62,42,b0,29,22,32,5c,62,6d,01
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\MediaProperties\PrivateProperties\Midi\Ports\Synth. SW table de sons GS Mic [™mulΉ]]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\MediaProperties\PrivateProperties\Midi\Ports\Synth. SW table de sons GS Mic [™mulΉ]\Out]
"DMPortGUID"=hex:42,43,4c,ee,0f,0f,e0,44,97,82,30,72,02,a5,34,e5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions]
"Miniport rΉseau Ήtendu (L2TP)"=str(7):"1\0"
"Miniport rΉseau Ήtendu (PPTP)"=str(7):"1\0"
"ParallΈle direct"=str(7):"1\0"
"Miniport rΉseau Ήtendu (IP)"=str(7):"1\0"
"Carte rΉseau 1394"=str(7):"1\0002\0"
"Connexion TV/vidΉo Microsoft"=str(7):"1\0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000001
"hdf12"=hex:1d,49,00,3b,77,81,58,cb,e0,d8,7e,41,34,3a,56,b7,5c,7b,f5,bf,29,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001]
"a0"=hex:20,01,00,00,29,29,be,7d,60,6b,1d,7f,81,f5,1d,ef,97,81,b3,0b,1f,..
"hdf12"=hex:e4,e0,b3,4f,40,b1,f9,05,d7,95,5e,d4,77,38,ad,94,46,7f,93,c7,41,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0]
"hdf12"=hex:b2,15,62,d3,56,fb,82,be,db,d6,57,3f,a8,93,a7,2e,bd,0f,ba,b0,26,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1]
"hdf12"=hex:1d,06,35,5b,c1,74,81,60,87,c0,8d,46,32,e5,9f,5a,ad,50,d5,10,55,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:87,8f,a0,5c,56,76,4a,25,8d,db,3e,df,ab,b8,f8,c4,3f,2f,50,f4,a7,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,76,9c,db,f4,9f,b8,4b,23,a2,63,f2,84,26,9f,08,e1,78,..
"khjeh"=hex:1e,01,47,58,f8,f7,de,3d,56,76,4b,e5,02,cd,a7,be,1f,df,50,2a,30,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:ad,25,28,b7,c8,2d,e5,ca,58,49,0f,5a,97,e6,95,6c,56,aa,d2,d1,b4,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SysmonLog\Log Queries\{3f9e6818-8458-48bd-9135-d88f38a1bbeb}]
"Attributs du magasin de donnΉes"=dword:00000021
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Tap'Touche 3.0 DΉmo]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,00,00,..
"Changed"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cursors\Schemes]
"Windows par dΉfaut"="",,,,,,,,,,,,,""
"Windows animΉ"=""C:\WINDOWS\Cursors\rainbow.ani,,C:\WINDOWS\Cursors\appstart.ani,C:\WINDOWS\Cursors\hourglas.ani,C:\WINDOWS\Cursors\cross.cur,,,,C:\WINDOWS\Cursors\sizens.ani,C:\WINDOWS\Cursors\sizewe.ani,C:\WINDOWS\Cursors\sizenwse.ani,C:\WINDOWS\Cursors\sizenesw.ani,,""
"Windows Noir (trΈs grande police)"="C:\WINDOWS\cursors\arrow_rl.cur,C:\WINDOWS\cursors\help_rl.cur,C:\WINDOWS\cursors\wait_rl.cur,C:\WINDOWS\cursors\busy_rl.cur,C:\WINDOWS\cursors\cross_rl.cur,C:\WINDOWS\cursors\beam_rl.cur,C:\WINDOWS\cursors\pen_rl.cur,C:\WINDOWS\cursors\no_rl.cur,C:\WINDOWS\cursors\size4_rl.cur,C:\WINDOWS\cursors\size3_rl.cur,C:\WINDOWS\cursors\size2_rl.cur,C:\WINDOWS\cursors\size1_rl.cur,C:\WINDOWS\cursors\move_rl.cur,C:\WINDOWS\cursors\up_rl.cur"
"Windows InversΉ"="C:\WINDOWS\cursors\arrow_i.cur,C:\WINDOWS\cursors\help_i.cur,C:\WINDOWS\cursors\wait_i.cur,C:\WINDOWS\cursors\busy_i.cur,C:\WINDOWS\cursors\cross_i.cur,C:\WINDOWS\cursors\beam_i.cur,C:\WINDOWS\cursors\pen_i.cur,C:\WINDOWS\cursors\no_i.cur,C:\WINDOWS\cursors\size4_i.cur,C:\WINDOWS\cursors\size3_i.cur,C:\WINDOWS\cursors\size2_i.cur,C:\WINDOWS\cursors\size1_i.cur,C:\WINDOWS\cursors\move_i.cur,C:\WINDOWS\cursors\up_i.cur"
"Windows InversΉ (grande police)"="C:\WINDOWS\cursors\arrow_im.cur,C:\WINDOWS\cursors\help_im.cur,C:\WINDOWS\cursors\wait_im.cur,C:\WINDOWS\cursors\busy_im.cur,C:\WINDOWS\cursors\cross_im.cur,C:\WINDOWS\cursors\beam_im.cur,C:\WINDOWS\cursors\pen_im.cur,C:\WINDOWS\cursors\no_im.cur,C:\WINDOWS\cursors\size4_im.cur,C:\WINDOWS\cursors\size3_im.cur,C:\WINDOWS\cursors\size2_im.cur,C:\WINDOWS\cursors\size1_im.cur,C:\WINDOWS\cursors\move_im.cur,C:\WINDOWS\cursors\up_im.cur"
"Windows InversΉ (trΈs grande police)"="C:\WINDOWS\cursors\arrow_il.cur,C:\WINDOWS\cursors\help_il.cur,C:\WINDOWS\cursors\wait_il.cur,C:\WINDOWS\cursors\busy_il.cur,C:\WINDOWS\cursors\cross_il.cur,C:\WINDOWS\cursors\beam_il.cur,C:\WINDOWS\cursors\pen_il.cur,C:\WINDOWS\cursors\no_il.cur,C:\WINDOWS\cursors\size4_il.cur,C:\WINDOWS\cursors\size3_il.cur,C:\WINDOWS\cursors\size2_il.cur,C:\WINDOWS\cursors\size1_il.cur,C:\WINDOWS\cursors\move_il.cur,C:\WINDOWS\cursors\up_il.cur"
"Windows Standard (trΈs grande police)"="C:\WINDOWS\cursors\arrow_l.cur,C:\WINDOWS\cursors\help_l.cur,C:\WINDOWS\cursors\wait_l.cur,C:\WINDOWS\cursors\busy_l.cur,C:\WINDOWS\cursors\cross_l.cur,C:\WINDOWS\cursors\beam_l.cur,C:\WINDOWS\cursors\pen_l.cur,C:\WINDOWS\cursors\no_l.cur,C:\WINDOWS\cursors\size4_l.cur,C:\WINDOWS\cursors\size3_l.cur,C:\WINDOWS\cursors\size2_l.cur,C:\WINDOWS\cursors\size1_l.cur,C:\WINDOWS\cursors\move_l.cur,C:\WINDOWS\cursors\up_l.cur"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\DocFolderPaths]
"PropriΉtaire"="C:\Documents and Settings\Propriιtaire\Mes documents"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"c:\Documents and Settings\All Users\Menu DΉmarrer\Programmes\Microsoft Works\"=""
"C:\Documents and Settings\All Users\Menu DΉmarrer\Programmes\HP\Memories Disc\"=""
"C:\Documents and Settings\All Users\Menu DΉmarrer\Programmes\HP\"=""
"C:\Program Files\ACD Systems\FotoSlate\3.0\Page Library\ACD Inventaire\Album photo\Format lΉgal US (8.5x14in)\"="1"
"C:\Program Files\ACD Systems\FotoSlate\3.0\Page Library\ACD Inventaire\feuilles d'impression\Format lΉgal US (8.5x14in)\"="1"
"C:\Program Files\ACD Systems\FotoSlate\3.0\Page Library\CrΉatif\"="1"
"C:\Program Files\ACD Systems\FotoSlate\3.0\Page Library\CrΉatif\Album photo\"="1"
"C:\Program Files\ACD Systems\FotoSlate\3.0\Page Library\CrΉatif\feuilles d'impression\"="1"
"C:\Program Files\ACD Systems\FotoSlate\3.0\Page Library\Tailles Standard\AmΉrique du Nord\"="1"
"C:\Program Files\ACD Systems\FotoSlate\3.0\Page Library\ACD Inventaire\Album photo\Format lΉgal US (8.5x14in)\Paysage\"=""
"C:\Program Files\ACD Systems\FotoSlate\3.0\Page Library\ACD Inventaire\Album photo\Format lΉgal US (8.5x14in)\Portrait\"=""
"C:\Program Files\ACD Systems\FotoSlate\3.0\Page Library\ACD Inventaire\feuilles d'impression\Format lΉgal US (8.5x14in)\Paysage\"=""
"C:\Program Files\ACD Systems\FotoSlate\3.0\Page Library\ACD Inventaire\feuilles d'impression\Format lΉgal US (8.5x14in)\Portrait\"=""
"C:\Program Files\ACD Systems\FotoSlate\3.0\Page Library\CrΉatif\Album photo\Paysage\"=""
"C:\Program Files\ACD Systems\FotoSlate\3.0\Page Library\CrΉatif\Album photo\Portrait\"=""
"C:\Program Files\ACD Systems\FotoSlate\3.0\Page Library\CrΉatif\bandes-tΉmoins\"=""
"C:\Program Files\ACD Systems\FotoSlate\3.0\Page Library\CrΉatif\Calendrier\"=""
"C:\Program Files\ACD Systems\FotoSlate\3.0\Page Library\CrΉatif\cartes de voeux\"=""
"C:\Program Files\ACD Systems\FotoSlate\3.0\Page Library\CrΉatif\CD et DVD\"=""
"C:\Program Files\ACD Systems\FotoSlate\3.0\Page Library\CrΉatif\feuilles d'impression\Paysage\"=""
"C:\Program Files\ACD Systems\FotoSlate\3.0\Page Library\CrΉatif\feuilles d'impression\Portrait\"=""
"C:\Program Files\ACD Systems\FotoSlate\3.0\Page Library\CrΉatif\Transferts de T-Shirt\"=""
"C:\Program Files\ACD Systems\FotoSlate\3.0\Page Library\Tailles Standard\AmΉrique du Nord\Paysage\"=""
"C:\Program Files\ACD Systems\FotoSlate\3.0\Page Library\Tailles Standard\AmΉrique du Nord\Portrait\"=""
"C:\Documents and Settings\All Users\Menu DΉmarrer\Programmes\ACD Systems\"=""
"C:\Documents and Settings\Matthieu\Menu DΉmarrer\Programmes\TuneUp Utilities 2007\Utilities\"="1"
"C:\Documents and Settings\Matthieu\Menu DΉmarrer\Programmes\TuneUp Utilities 2007\"="1"
"C:\Documents and Settings\All Users\Menu DΉmarrer\Programmes\TuneUp Utilities 2007\Utilities\"="1"
"C:\Documents and Settings\All Users\Menu DΉmarrer\Programmes\TuneUp Utilities 2007\"="1"
"C:\Documents and Settings\Matthieu\Menu DΉmarrer\Programmes\Google Earth\"=""
"C:\Documents and Settings\All Users\Menu DΉmarrer\Programmes\Powertoys for Windows XP\"=""
"C:\Documents and Settings\All Users\Menu DΉmarrer\Programmes\Windows Live\"=""
"C:\Documents and Settings\All Users\Menu DΉmarrer\Programmes\AGEIA\"=""
"C:\Documents and Settings\Nicolas\Menu DΉmarrer\Programmes\OpenOffice.org 3.0\"=""
"C:\Documents and Settings\Jeremie\Menu DΉmarrer\Programmes\Regressi\"=""
"C:\Documents and Settings\Matthieu\Menu DΉmarrer\Programmes\Regressi\"=""
"C:\Documents and Settings\Jeremie\Menu DΉmarrer\Programmes\OpenOffice.org 3.0\"=""
"C:\Documents and Settings\All Users\Menu DΉmarrer\Programmes\Microsoft Office Live Add-in\"=""
"C:\Documents and Settings\All Users\Menu DΉmarrer\Programmes\Nikon Transfer\"=""
"C:\Documents and Settings\All Users\Menu DΉmarrer\Programmes\ViewNX\"=""
"C:\Documents and Settings\All Users\Menu DΉmarrer\Programmes\Safari\"=""
"C:\Documents and Settings\All Users\Menu DΉmarrer\Programmes\HP\PSC All-In-One 1300 series\"=""
"C:\Documents and Settings\All Users\Menu DΉmarrer\Programmes\Tunebite 7\"="1"
"C:\Documents and Settings\All Users\Menu DΉmarrer\Programmes\Tunebite 7\Help and support\"="1"
"C:\Documents and Settings\All Users\Menu DΉmarrer\Programmes\QuickTime\"=""
"C:\Documents and Settings\Jeremie\Menu DΉmarrer\Programmes\Styler\"=""
"C:\Documents and Settings\All Users\Menu DΉmarrer\Programmes\TortoiseSVN\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\Modules externes\Filtres\Styles d'Ήclairage\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\Modules externes\Images de rΉfΉrence\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Bichromie\3 encres\Gris\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Bichromie\3 encres\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Bichromie\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Bichromie\3 encres\PANTONE(R)\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Bichromie\3 encres\Primaires\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Bichromie\4 encres\Gris\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Bichromie\4 encres\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Bichromie\4 encres\PANTONE(R)\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Bichromie\4 encres\Primaires\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Bichromie\Bichromie\Gris-Noir\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Bichromie\Bichromie\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Bichromie\Bichromie\PANTONE(R)\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Bichromie\Bichromie\Primaires\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Catalogues de couleurs\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Contours\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Couleurs optimisΉes\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Courbes\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Dispositions\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\DΉgradΉs\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Espaces de travail\1-Espaces de travail standard\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Espaces de travail\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Espaces de travail\2-Espaces de travail basΉs sur les t²ches\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Formes\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Formes personnalisΉes\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Bordure pointillΉe - Blanc-noir\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Bordure pointillΉe - Blanc-noir\images\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Bordure pointillΉe - Noir-blanc\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Bordure pointillΉe - Noir-blanc\images\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Cadre centrΉ 1 - Base\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Cadre centrΉ 1 - Base\images\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Cadre centrΉ 1 - Infos seules\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Cadre centrΉ 1 - Infos seules\images\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Cadre centrΉ 1 - Retour\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Cadre centrΉ 1 - Retour\images\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Cadre centrΉ 2 - Retour\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Cadre centrΉ 2 - Retour\images\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Flash - Galerie 1\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Flash - Galerie 2\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Horizontale - Retour\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Horizontale - Retour\images\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Horizontale grise\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Horizontale grise\images\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Horizontale neutre\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Horizontale neutre\images\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Horizontale ° diaporama\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Horizontale ° diaporama\images\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Simple\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Simple - Tableau de vignettes\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Simple - Tableau de vignettes\images\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Simple - Vignettes horizontales\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Simple - Vignettes horizontales\images\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Simple - Vignettes verticales\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Simple - Vignettes verticales\images\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Tableau - Minimal\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Tableau - Minimal\images\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Tableau 1\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Tableau 1\images\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Tableau 2\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Tableau 2\images\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Vignettes grises\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Galerie Web Photo\Vignettes grises\images\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Motifs\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Motifs\Motifs PostScript\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\MΉlangeur de couches\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Noir et blanc\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Nuanciers\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Outils\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\ParamΈtres de sortie optimisΉs\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\ParamΈtres optimisΉs\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Personnalisation de menus\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Raccourcis clavier\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Scripts\"=""
"M:\Program Files\Adobe\Adobe Photoshop CS3\ParamΈtres prΉdΉfinis\Scripts\Adapter l'image\"=""
"M:\Program Files\Adobe\Adobe Photoshop C -
-
salut
rapport pas complet mais fait quand meme l'option 2
▶ Relance List&Kill'em(soit en clic droit pour vista),avec le raccourci sur ton bureau.
mais cette fois-ci :
▶ choisis l'option 2 = Mode Suppression
laisse travailler l'outil.
en fin de scan un rapport s'ouvre
▶ colle le contenu dans ta réponse
-
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question -
-
-
D'accord merci. Je ne comprends pas pourquoi tu dis que le rapport est incomplet... Il y avait bien marqué "complet"...
-
il manque la fin la partie relatif au rootkit mbr
peut-être un problème dans le copier coller ou le message trop long -
Ah d'accord. Je peux peut etre essayer de retrouver le ficher? Il a été enregistré?
-
L'ordinateur est cependant beaucoup plus rapide qu'hier(je suppose que ca n'a rien a voir)! Il oscille maintenant entre 10 et 30% quand j'ai au moins une fenetre d'ouverte et entre 0 et 10% quand il est au "repos". Par contre pour le bruit... on dirait un aspirateur^^...
-
il est dans C:killm.txt tu prend que la fin
-
"C:\Documents and Settings\All Users\Menu DΉmarrer\Programmes\Microsoft Office\"=""
"C:\Documents and Settings\All Users\Menu DΉmarrer\Programmes\Microsoft Office\Microsoft Office Tools\"=""
"C:\Documents and Settings\All Users\Menu DΉmarrer\Programmes\iTunes\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\Documents and Settings\All Users\Documents\Mes vidΉos\Photoshoot.mpg.scn"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Tap'Touche 3.0 DΉmo]
"UninstallString"="C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Tap'Touche 3 Dιmo\Uninst.isu""
"DisplayName"="Tap'Touche 3.0 Dιmo"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts]
"WST_Czec (toutes rΉsolutions)"="wst_czec.FON"
"WST_Engl (toutes rΉsolutions)"="wst_engl.FON"
"WST_Fren (toutes rΉsolutions)"="wst_fren.FON"
"WST_Germ (toutes rΉsolutions)"="wst_germ.FON"
"WST_Ital (toutes rΉsolutions)"="wst_ital.FON"
"WST_Span (toutes rΉsolutions)"="wst_span.FON"
"WST_Swed (toutes rΉsolutions)"="wst_swed.FON"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Volume Control\Realtek AC97 Audio\ContrΔle d'enre]
"LineStates"=hex:04,00,00,00,43,00,6f,00,6e,00,74,00,72,00,f4,00,6c,00,65,00,20,..
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Volume Control\Realtek AC97 Audio\ContrΔle du vol]
"LineStates"=hex:00,00,00,00,43,00,6f,00,6e,00,74,00,72,00,f4,00,6c,00,65,00,20,..
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Accessoires\AccessibilitΉ]
"Order"=hex:08,00,00,00,02,00,00,00,88,02,00,00,01,00,00,00,04,00,00,00,ac,..
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Accessoires\Outils systΈme]
"Order"=hex:08,00,00,00,02,00,00,00,ae,05,00,00,01,00,00,00,09,00,00,00,ca,..
[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Documents and Settings\Jeremie\Mes documents\TΉlΉchargements\iTunesSetup.exe"="iTunes Installer"
"C:\Documents and Settings\Jeremie\Mes documents\TΉlΉchargements\Install_CopyTrans_Suite.exe"="Install_CopyTrans_Suite"
"C:\Documents and Settings\Jeremie\Mes documents\TΉlΉchargements\WinAVI_Video_Converter.exe"="www.winavi.fr "
"C:\Documents and Settings\Jeremie\Mes documents\TΉlΉchargements\FreeYouTubeToMp3Converter.exe"="Free YouTube to MP3 Converter 3.2 Setup "
"C:\Documents and Settings\Jeremie\Bureau\iPod Touch 2g de JΉrΉmie\xvideos_d_setup.exe"="xVideos Video Downloader Setup "
"C:\Documents and Settings\Jeremie\Bureau\iPod Touch 2g de JΉrΉmie\VLCSetup.exe"="VLC Connection Utility Setup "
"C:\Documents and Settings\Jeremie\Bureau\iPod Touch 2g de JΉrΉmie\Nouveau dossier\TotoneTheme\TotoneTheme.exe"="TotoneThθme"
"M:\Dossiers de la famille\JΉrΉmie\DSLtest2101.exe"="DSLtest"
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Network\Observateur d'ΉvΉnements]
"SaveSettings"="1"
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x86FDA1F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\atapi -> 0x86fda1f8
Warning: possible MBR rootkit infection !
user & kernel MBR OK
Use "Recovery Console" command "fixmbr" to clear infection !
==========
Programs
==========
ACD Systems
ActivIcons
Adobe
Advanced Messenger Plus
AGEIA Technologies
Ahead
AirPort
Alwil Software
Apple Software Update
ATI Technologies
Auslogics
Avidemux 2.4
AviSynth 2.5
AVS4YOU
Axialis
Azureus
Belkin
Bodom-Child - RaBBi
Bonjour
Boonty
BoontyGames
BoostYourPC.com
C-Media
CCleaner
CDBurnerXP
Citrix
Conduit
CubicExplorer
CubicExplorer_dev
DAEMON Tools
DAEMON Tools Lite
DAEMON Tools Toolbar
DAP
directx
DivX
DVDVideoSoft
EA GAMES
Electronic Arts
eMule
eMule Super Booster
Evariste
Executive Software
Fichiers communs
Free iPod Video Converter
Free Offers from Freeze.com
Freeze.com
GIMP-2.0
Google
GSC Game World
GUILD WARS
Guitar Pro 5
Hobbyist Software
HP
iArt
Icone
Illustrate
ImgBurn
InstallShield Installation Information
Intermec
Internet Explorer
InterVideo
Inventel
iPod
IrfanView
iTunes
IVCsoft
Java
JRE
Kodak
LETMIN
LibUSB-Win32
LimeWire
List_Kill'em
MagicDVDRipper
MAGIX
MeCanto
Messenger
Messenger Plus! Live
MessengerPlus! 3
Microsoft
Microsoft CAPICOM 2.1.0.2
microsoft frontpage
Microsoft Games
Microsoft Office
Microsoft Silverlight
Microsoft SQL Server
Microsoft SQL Server Compact Edition
Microsoft Sync Framework
Microsoft Visual Studio
Microsoft Works
Microsoft WSE
Microsoft.NET
MIKSOFT
Mio Technology
Movie Maker
Mozilla Firefox
MSBuild
MSECache
MSN
MSN Gaming Zone
MSXML 4.0
MSXML 6.0
MyWebSearch
Need4 Software Launcher
Need4 Video Converter 6
Nero
NetMeeting
Nikon
Notepad++
OLYMPUS
Online Services
OpenOffice.org 3
Orange
Outlook Express
P2P_Energy
Paint.NET
PcPrivacySoftware.com
Photo Service Edition
Picasa2
Pinnacle
PixiePack Codec Pack
PIXresizer
QuickTime
RapidSolution
Real
Realtek AC97
Reference Assemblies
RegClean
Ripp-it_AM
RocketDock
RomStation
Safari
Securitoo
SereneScreen
Services en ligne
Sierra
Sierra On-Line
Smart Data Recovery
SoundTaxi
SoundTaxi Media Suite
SpeedBit Video Accelerator
SpeedOptimizer
Stardock
Styler
SystemRequirementsLab
The Adventure Company
The KMPlayer FR
TicTacPhoto
TightVNC
TortoiseSVN
touchFree
TuneUp Utilities 2007
Ubi Soft
Ubisoft
Uninstall Information
VideoLAN
Virtools Web Player 3.0
ViStart
Vuze
Wanadoo
Western Digital
WinAVI Video Converter
Windows Desktop Search
Windows Installer Clean Up
Windows Live
Windows Live SkyDrive
Windows Media Connect 2
Windows Media Player
Windows NT
WindowsUpdate
WindSolutions
WinRAR
WinSCP
Wisdom-soft ScreenHunter 5 Free
xerox
Yahoo!
Yamb
Zumie
============
Drive C:
============
65d75e769bda2ba8792b7f1c7729
6c50efe17d7ccf51ab04677f4c
868000430717.dat
9546486a4f11ac86c2d554961e11
APIHook.log
ati.log
AUTOEXEC.BAT
blackra1n.exe
blackra1n.log
blackrain.exe
boot.ini
Bootfont.bin
checkrun.txt
Config.Msi
CONFIG.SYS
Converted
Default.Bmp
Dev-Cpp
Documents and Settings
Downloads
DVDVideoSoft
error.log
eula.1028.txt
eula.1031.txt
eula.1033.txt
eula.1036.txt
eula.1040.txt
eula.1041.txt
eula.1042.txt
eula.2052.txt
eula.3082.txt
expand.txt
files
FirstSteps
gdiplus.dll
globdata.ini
hiberfil.sys
install
install.exe
install.ini
install.res.1028.dll
install.res.1031.dll
install.res.1033.dll
install.res.1036.dll
install.res.1040.dll
install.res.1041.dll
install.res.1042.dll
install.res.2052.dll
install.res.3082.dll
IO.SYS
ISP
Kill'em
LANG.TXT
Language.txt
List'em.txt
log.html
log.txt
LogiSetup.log
Logs
Mes t?l?chargements
MicroGaming
MOPYFISH
MSDOS.SYS
MSIInstall.log
MSOCache
MSWorks
NIS2005
nsq14F.tmp
NTDETECT.COM
ntldr
oem.tag
orange.bmp
os466477.bin
pagefile.sys
pebuilder3110a
pluginmanager.txt
PMC.COMInterop.txt
Prodlog.txt
Program Files
ProgramData
RECYCLER
SBSI
SIERRA
sqmdata00.sqm
sqmdata01.sqm
sqmdata02.sqm
sqmdata03.sqm
sqmdata04.sqm
sqmdata05.sqm
sqmdata06.sqm
sqmdata07.sqm
sqmdata08.sqm
sqmdata09.sqm
sqmdata10.sqm
sqmdata11.sqm
sqmdata12.sqm
sqmdata13.sqm
sqmdata14.sqm
sqmdata15.sqm
sqmdata16.sqm
sqmdata17.sqm
sqmdata18.sqm
sqmdata19.sqm
sqmnoopt00.sqm
sqmnoopt01.sqm
sqmnoopt02.sqm
sqmnoopt03.sqm
sqmnoopt04.sqm
sqmnoopt05.sqm
sqmnoopt06.sqm
sqmnoopt07.sqm
sqmnoopt08.sqm
sqmnoopt09.sqm
sqmnoopt10.sqm
sqmnoopt11.sqm
sqmnoopt12.sqm
sqmnoopt13.sqm
sqmnoopt14.sqm
sqmnoopt15.sqm
sqmnoopt16.sqm
sqmnoopt17.sqm
sqmnoopt18.sqm
sqmnoopt19.sqm
StubInstaller.exe
System Volume Information
Temp
vcredist.bmp
VC_RED.cab
VC_RED.MSI
Vid o 1.scn
WINDOWS
www.dailymotion_.flv.html
¤¤¤¤¤¤¤¤¤¤ Cracks | Keygens | Serials
C:\Documents and Settings\All Users\Documents\Nouveau dossier (6)\Keygen + No-CD\Keygen.exe
C:\MSWorks\Install.exe
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
End of scan : 4:27:41,09 -
possible MBR rootkit infection
tu fera sa plutôt si sa marche pas en fera un fixmbr
▶ Relance List&Kill'em(soit en clic droit pour vista),avec le raccourci sur ton bureau.
mais cette fois-ci :
▶ choisis l'option 2 = Mode Suppression
laisse travailler l'outil.
en fin de scan un rapport s'ouvre
▶ colle le contenu dans ta réponse
ensuite :
▶ Relance List&Kill'em(soit en clic droit pour vista),avec le raccourci sur ton bureau.
mais cette fois-ci :
▶ choisis l'option 6 = Restore MBR
laisse travailler l'outil.
en fin de scan un rapport s'ouvre
▶ colle le contenu dans ta réponse -
Ok je ferais ca en fin d'apres midi car ca doit etre long et j'ai du travail a faire. En tout cas merci beaucoup de m'aider ca fait vraiment plaisir!
-
voila!
AKill'em by g3n-h@ckm@n 1.2.5.3
User : Jeremie (Administrateurs)
Update on 19/02/2010 by g3n-h@ckm@n ::::: 13.15
Start at: 00:12:44 | 25/02/2010
Contact : https://forums.commentcamarche.net/forum/virus-securite-7
Intel(R) Pentium(R) 4 CPU 2.93GHz
Microsoft Windows XP Edition familiale (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 7.0.5730.11
Windows Firewall Status : Enabled
AV : avast! antivirus 4.8.1356 [VPS 100223-2] 4.8.1356 [ (!) Disabled | Updated ]
C:\ -> Disque fixe local | 186,31 Go (41,14 Go free) [Disque C] | NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM | 683,56 Mo (0 Mo free) [DISK1] | CDFS
F:\ -> Disque CD-ROM
G:\ -> Disque CD-ROM
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque amovible
K:\ -> Disque amovible
L:\ -> Disque amovible
M:\ -> Disque fixe local | 149,01 Go (68,48 Go free) [DISQUE 2] | FAT32
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\FreezeScreenSaver.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\List_Kill'em\List_Kill'em.scr
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\Jeremie\Local Settings\Temp\1A7.tmp\ERUNT.EXE
C:\Documents and Settings\Jeremie\Local Settings\Temp\1A7.tmp\pv.exe
Detections :
==========
¤¤¤¤¤¤¤¤¤¤ Files/folders :
Quarantined & Deleted !! : C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
Quarantined & Deleted !! : C:\blackra1n.exe
Quarantined & Deleted !! : C:\install.exe
Quarantined & Deleted !! : C:\Program Files\DAEMON Tools Toolbar
Quarantined & Deleted !! : C:\Program Files\Mozilla FireFox\Components\AskSearch.js
Quarantined & Deleted !! : C:\Program Files\P2P_Energy
Quarantined & Deleted !! : C:\WINDOWS\_delis32.ini
Quarantined & Deleted !! : C:\WINDOWS\iun6002.exe
Quarantined & Deleted !! : C:\WINDOWS\System32\SET563.tmp
Quarantined & Deleted !! : C:\WINDOWS\System32\SET564.tmp
Quarantined & Deleted !! : C:\WINDOWS\System32\SET571.tmp
Quarantined & Deleted !! : C:\WINDOWS\System32\SET91.tmp
Quarantined & Deleted !! : C:\WINDOWS\System32\SET93.tmp
Quarantined & Deleted !! : C:\WINDOWS\System32\SETA2.tmp
Quarantined & Deleted !! : C:\WINDOWS\winstart.bat
Quarantined & Deleted !! : C:\Documents and Settings\Jeremie\Application Data\GDIPFONTCACHEV1.DAT
Quarantined & Deleted !! : C:\Documents and Settings\Jeremie\Application Data\wklnhst.dat
Quarantined & Deleted !! : C:\Documents and Settings\Jeremie\Application Data\pcouffin.inf
Quarantined & Deleted !! : C:\Documents and Settings\Jeremie\Application Data\inst.exe
Quarantined & Deleted !! : C:\Documents and Settings\Jeremie\Local Settings\Temp\dw.log
Quarantined & Deleted !! : C:\Documents and Settings\Jeremie\Local Settings\Temp\Hsi.doc
Quarantined & Deleted !! : C:\Documents and Settings\Jeremie\LOCAL Settings\Temp\i4jdel0.exe
Quarantined & Deleted !! : C:\Documents and Settings\Jeremie\LOCAL Settings\Temp\_is23.exe
Quarantined & Deleted !! : C:\Documents and Settings\Jeremie\LOCAL Settings\Temp\_is2D.exe
Quarantined & Deleted !! : C:\Documents and Settings\Jeremie\LOCAL Settings\Temp\_is2E.exe
Quarantined & Deleted !! : C:\Documents and Settings\Jeremie\LOCAL Settings\Temp\cabex.dll
Quarantined & Deleted !! : C:\Documents and Settings\Jeremie\LOCAL Settings\Temp\swt-gdip-win32-3448.dll
Quarantined & Deleted !! : C:\Documents and Settings\Jeremie\LOCAL Settings\Temp\swt-win32-3448.dll
Quarantined & Deleted !! : C:\Documents and Settings\Jeremie\LOCAL Settings\Temp\tmp1E.tmp
Quarantined & Deleted !! : C:\Documents and Settings\Jeremie\LOCAL Settings\Temp\tmp2B9.tmp
Quarantined & Deleted !! : C:\Documents and Settings\Jeremie\LOCAL Settings\Temp\tmp9E.tmp
Quarantined & Deleted !! : C:\Documents and Settings\Jeremie\LOCAL Settings\Temp\tmpB.tmp
Quarantined & Deleted !! : C:\Documents and Settings\Jeremie\LOCAL Settings\Temp\tmpC.tmp
==============
host file OK !
==============
========
Registry
========
Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{32099AAC-C132-4136-9E9A-4E364A424E17}
Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383}
Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440}
Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\{00A6FAF6-072E-44cf-8957-5838F569A31D}
Deleted : "HKCU\software\Fun Web Products"
Deleted : "HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}"
Deleted : "HKCU\software\microsoft\internet explorer\searchscopes\{CF739809-1C6C-47C0-85B9-569DBB141420}"
Deleted : "HKLM\software\Fun Web Products"
Deleted : "HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe"
Deleted : "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File execution Options\taskmgr.exe"
Deleted : HKCR\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239}
Deleted : HKCR\CLSID\{248dd896-bb45-11cf-9abc-0080c7e7b78d}
Deleted : HKCR\CLSID\{248dd897-bb45-11cf-9abc-0080c7e7b78d}
Deleted : HKCR\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179}
Deleted : HKCR\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3}
Deleted : HKCR\Interface\{248dd892-bb45-11cf-9abc-0080c7e7b78d}
Deleted : HKCR\Interface\{248dd893-bb45-11cf-9abc-0080c7e7b78d}
Deleted : HKCR\interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc}
Deleted : HKCR\interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff}
Deleted : HKCR\MyWebSearch.HTMLPanel
Deleted : HKCR\MyWebSearch.HTMLPanel.1
Deleted : HKCR\MyWebSearch.PseudoTransparentPlugin
Deleted : HKCR\MyWebSearch.PseudoTransparentPlugin.1
Deleted : HKCR\TypeLib\{248dd890-bb45-11cf-9abc-0080c7e7b78d}
Deleted : HKCU\SOFTWARE\FunWebProducts
Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d}
Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca}
Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca}
Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465}
Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2}
Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3}
Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f919fbd3-a96b-4679-af26-f551439bb5fd}
Deleted : HKCU\software\MyWebSearch
Deleted : HKLM\Software\Classes\Interface\{DB885111-F39F-4D88-9EE5-C88460B6DF7B}
Deleted : HKLM\SOFTWARE\FocusInteractive
Deleted : HKLM\SOFTWARE\FunWebProducts
Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Deleted : HKLM\SOFTWARE\MyWebSearch
========
Services
=========
Ndisuio : Start = 3
Ip6Fw : Start = 2
SharedAccess : Start = 2
wuauserv : Start = 2
wscsvc : Start = 2
============
Disk Cleaned
============
=================
anti-ver blaster : OK !!
=================
================
Prefetch cleaned
================
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
-
▶ Relance List&Kill'em(soit en clic droit pour vista),avec le raccourci sur ton bureau.
mais cette fois-ci :
▶ choisis l'option 6 = Restore MBR
laisse travailler l'outil.
en fin de scan un rapport s'ouvre
▶ colle le contenu dans ta réponse -
Me revoila après plus d'un an avec le même ordinateur et le même problème. J'espere que tu es toujours la benurrr^^. Bon je vais faire la manip que j'aurais du faire il y a un an :D
