Win32/Adware.Toolbar.Dealio

Résolu
artika Messages postés 105 Date d'inscription   Statut Membre Dernière intervention   -  
 gen-hackman -
Bonjour,

config>Windows XP sp3 / Firefox 3.6.13</config>

Pentium R (4) CPU 2.8
2.80, 1.43 GoRam

Nod 32 a trouver
C:\System Volume Information\_restore{CA776613-94CE-41D7-9DD3-3DEB152E1F13}\RP204\A0056481.exe Win32/Adware.Toolbar.Dealio application Aucune action

Comment faire de se débarrasser de cela

Merci de bien vouloir m'aider

25 réponses

  • 1
  • 2
  1. gen-hackman
     
    salut c'est dans la restauration systeme...

    on le virera après

    ▶ Télécharge ici : Ad-remover sur ton bureau :

    ▶ Déconnecte toi et ferme toutes applications en cours !

    si tu as XP => double clique
    si tu as Vista ou windows 7 => clic droit "executer en tant que...."


    ▶ sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut .

    ▶ clique le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .

    ▶ Au menu principal choisis "option Nettoyer" et tape sur [entrée] .

    ▶ Laisse travailler l'outil et ne touche à rien ...

    ▶ Poste le rapport qui apparait à la fin , sur le forum ...

    ( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
    ( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

    ▶ Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
    0
  2. artika Messages postés 105 Date d'inscription   Statut Membre Dernière intervention  
     
    Bonjour

    j ai fait ad-remover

    il ma demander de redémarrer mon pc pour terminer le nettoyage
    maintenant il y a l'écran bleu de windows
    ca fait 20 minutes es ce que je doit faire quelque chose pou
    le redémarrer ou attendre

    Merci encore
    0
  3. artika Messages postés 105 Date d'inscription   Statut Membre Dernière intervention  
     
    Bonjour

    finalement j'ai redémarrer mon pc
    Voici le Rapport de AD-Remover

    ======= RAPPORT D'AD-REMOVER 2.0.0.2,E | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 08/02/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 21:31:38 le 14/02/2011, Mode normal

    Microsoft Windows XP Professionnel Service Pack 3 (X86)
    andrefi@ANDREFI-130D344 ( )

    ============== ACTION(S) ==============

    (!) -- Fichiers temporaires supprimés.

    Clé supprimée: HKLM\Software\PopCap
    Clé supprimée: HKLM\Software\Trymedia Systems

    ============== SCAN ADDITIONNEL ==============

    -- C:\Documents and Settings\andrefi\Application Data\Mozilla\FireFox\Profiles\z4id2y6o.default --
    Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} (Garmin Communicator)
    Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2) (DownloadHelper)
    Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} (DownThemAll!)
    Searchplugins\downloadhelper-safe-videos.xml (?)
    Searchplugins\sideload-search.xml (?)
    Prefs.js - browser.download.dir, C:\\Documents and Settings\\andrefi\\Bureau
    Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\andrefi\\Bureau
    Prefs.js - browser.startup.homepage, hxxp://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1267117989&rver=6.0.5285.0&wp=MBI&wr...
    Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.13

    ========================================

    **** Internet Explorer Version [7.0.5730.13] ****

    HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
    HKCU_Main|Start Page - hxxp://fr.msn.com/
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
    HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Start Page - hxxp://fr.msn.com/
    HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
    BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 13 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 14/02/2011 (482 Octet(s))

    Fin à: 21:33:43, 14/02/2011

    ============== E.O.F ==============
    0
  4. gen-hackman
     
    ▶ Télécharge ici : USBFIX sur ton bureau

    branche tous tes periphériques sans les ouvrir

    /!\ Désactive provisoirement et seulement le temps de l'utilisation d'USBFIX, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.

    si tu as XP => double clique
    si tu as Vista ou windows 7 => clic droit "executer en tant que...."


    sur l'icône Usbfix située sur ton Bureau.
    Sur la page, clique sur le bouton :

    ▶ choisi l option Suppression

    ▶ UsbFix scannera ton pc , laisse travailler l outil.

    ▶ Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .

    ▶ Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

    ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. artika Messages postés 105 Date d'inscription   Statut Membre Dernière intervention  
     
    Bonjour
    mon pc plus rapide

    voici rapport USBFix

    ############################## | UsbFix 7.039 | [Suppression]

    Utilisateur: andrefi (Administrateur) # ANDREFI-130D344 [ ]
    Mis à jour le 09/02/2011 par El Desaparecido / C_XX
    Lancé à 12:15:38 | 15/02/2011
    Site Web: http://www.teamxscript.org
    Contact: eldesaparecido@teamxscript.org

    CPU: Intel(R) Pentium(R) 4 CPU 2.80GHz
    Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3
    Internet Explorer 7.0.5730.13

    Pare-feu Windows: Activé
    Antivirus: ESET NOD32 Antivirus 4.0 4.0 [(!) Disabled | Updated]
    Firewall: Pare-feu Online Armor 4.0.0.45 [(!) Disabled]
    RAM -> 1471 Mo
    C:\ (%systemdrive%) -> Disque fixe # 118 Go (90 Go libre(s) - 76%) [] # NTFS
    D:\ -> CD-ROM
    E:\ -> CD-ROM
    F:\ -> Disque amovible # 7 Go (187 Mo libre(s) - 2%) [] # FAT32
    H:\ -> Disque fixe # 16 Go (10 Go libre(s) - 61%) [Andrefi 2] # NTFS

    ################## | Éléments infectieux |

    Supprimé! C:\Recycler\S-1-5-21-1960408961-2139871995-1606980848-1003
    Supprimé! H:\Recycler\S-1-5-21-1960408961-2139871995-1606980848-1003
    Supprimé! C:\log.txt

    ################## | Registre |

    ################## | Mountpoints2 |

    Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{5fa028d6-3b3c-11df-8cca-00138f1bab9c}
    Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{c164ac5c-fbcb-11df-8e29-00138f1bab9c}

    ################## | Listing |

    [12/02/2010 - 00:55:35 | D ] C:\1aaabdfcc7f38b2897d358
    [11/02/2010 - 23:08:12 | D ] C:\8009b68f714d8b8024
    [14/02/2011 - 21:33:43 | N | 2531] C:\Ad-Report-CLEAN[1].txt
    [29/11/2010 - 10:34:46 | N | 54] C:\AUTOEXEC.BAT
    [12/03/2010 - 01:23:52 | RASHD ] C:\autorun.inf
    [28/01/2010 - 11:55:06 | N | 335] C:\boot.ini
    [28/08/2001 - 06:00:00 | N | 4952] C:\Bootfont.bin
    [08/01/2011 - 22:07:47 | D ] C:\Config.Msi
    [28/01/2010 - 01:56:51 | N | 0] C:\CONFIG.SYS
    [12/06/2010 - 18:19:58 | D ] C:\Documents and Settings
    [11/02/2010 - 20:12:23 | D ] C:\fb3fc6de0809f8e4e3a9128e
    [14/01/2011 - 22:12:10 | D ] C:\Graveur et dvd
    [25/09/2010 - 10:00:01 | D ] C:\hegames
    [13/08/2010 - 23:37:50 | D ] C:\INTERNET
    [28/01/2010 - 01:56:51 | N | 0] C:\IO.SYS
    [18/08/2010 - 00:03:55 | D ] C:\JEU
    [14/02/2011 - 23:46:36 | D ] C:\LOG ENLEVER
    [01/02/2010 - 19:06:31 | D ] C:\Mise a jour Internet
    [28/01/2010 - 01:56:51 | N | 0] C:\MSDOS.SYS
    [08/02/2010 - 23:06:02 | RHD ] C:\MSOCache
    [09/02/2010 - 01:21:22 | D ] C:\MUSIC
    [10/02/2011 - 15:21:42 | D ] C:\MyWorks
    [31/03/2010 - 19:04:25 | D ] C:\Nouveau dossier
    [13/04/2008 - 08:43:04 | N | 47564] C:\NTDETECT.COM
    [13/04/2008 - 10:31:52 | N | 252240] C:\ntldr
    [15/02/2011 - 12:11:53 | ASH | 2145386496] C:\pagefile.sys
    [14/02/2011 - 21:31:37 | D ] C:\Program Files
    [15/02/2011 - 12:17:14 | SHD ] C:\RECYCLER
    [31/03/2010 - 18:57:59 | D ] C:\Rogers cles internet
    [01/02/2010 - 18:46:07 | SHD ] C:\System Volume Information
    [14/02/2011 - 19:27:23 | D ] C:\Telecharge
    [04/03/2010 - 23:42:18 | D ] C:\TELECHARGEMENT
    [08/02/2010 - 23:09:14 | D ] C:\TEXTE
    [15/02/2011 - 12:17:14 | D ] C:\UsbFix
    [15/02/2011 - 12:17:14 | A | 1094] C:\UsbFix.txt
    [08/01/2011 - 23:18:06 | D ] C:\UTILITAIRE
    [14/02/2011 - 12:12:55 | D ] C:\WINDOWS
    [15/02/2011 - 11:49:18 | D ] F:\Carte mere cuisine
    [15/02/2011 - 11:49:20 | D ] F:\Carte mere xcel2000
    [11/02/2010 - 19:48:28 | D ] F:\Sauve de cuisine telechargement
    [15/02/2011 - 11:52:44 | D ] F:\lotus
    [18/12/2009 - 22:03:20 | N | 3223912] F:\drivermax.exe
    [30/12/2009 - 23:42:14 | D ] F:\My Drivers
    [03/01/2010 - 16:36:08 | D ] F:\Pension 2010
    [03/01/2010 - 16:36:26 | D ] F:\Penssion 2009 Bon
    [28/12/2009 - 20:27:28 | N | 13747304] F:\OnlineArmor_Setup_Free_FRA.exe
    [14/02/2011 - 17:53:16 | D ] F:\Pilotte ordi andré 2011
    [15/02/2011 - 11:49:20 | D ] F:\Floride dec 2009
    [07/01/2010 - 17:15:50 | N | 5115824] F:\mbam-setup.exe
    [28/12/2009 - 18:52:10 | N | 32256] F:\Suduku 1.doc
    [18/12/2009 - 22:25:14 | N | 1777926] F:\rcsetup133.zip
    [17/12/2009 - 20:33:28 | N | 58735016] F:\videoMetro.flv
    [24/03/2008 - 15:30:10 | N | 24064] F:\Ordinateur.doc
    [17/03/2008 - 00:58:44 | N | 313344] F:\Partitionner Knoppic Tuto.doc
    [05/01/2010 - 17:22:00 | D ] F:\Temp DVDSHRINK
    [06/01/2010 - 11:26:04 | N | 524] F:\pilotte possible.jpg.lnk
    [06/01/2010 - 11:27:18 | N | 529] F:\Cartes graphiques.doc.lnk
    [06/01/2010 - 16:58:32 | N | 8092773] F:\02 Piste 2.mp3
    [15/02/2011 - 11:50:48 | D ] F:\Halo
    [15/02/2011 - 11:52:28 | D ] F:\Job 2010
    [06/01/2010 - 16:57:30 | N | 2936568] F:\01 Piste 1.mp3
    [08/01/2010 - 11:52:54 | D ] F:\Pilote mon ordi
    [08/01/2010 - 12:11:26 | N | 2022680] F:\MyDefrag-v4.2.7.exe
    [15/02/2011 - 11:52:28 | D ] F:\logi musicAudacyetjeu
    [08/01/2010 - 00:36:20 | N | 33004] F:\Pit_rosea_small.jpg
    [08/01/2010 - 01:49:08 | N | 14336] F:\Monbre de jour.xls
    [04/01/2010 - 21:07:14 | N | 141135] F:\liste_de_canaux_bell_f.pdf
    [15/12/2009 - 02:44:26 | N | 116436] F:\dc_200_322_4.pdf
    [28/12/2009 - 18:59:34 | N | 32256] F:\Suduku 1 A.doc
    [25/12/2009 - 02:53:46 | N | 98816] F:\Restaurer les pilotes.doc
    [19/12/2009 - 09:29:42 | N | 100864] F:\ulcere Aphtes.doc
    [15/12/2009 - 09:52:04 | N | 872547] F:\ListeprixWeb.pdf
    [22/02/2010 - 23:01:48 | N | 1942816] F:\Horaire27.pdf
    [15/02/2011 - 11:52:38 | D ] F:\LOGICIEL NOKIA BON
    [25/12/2009 - 02:53:58 | N | 87040] F:\Sauvegarder ses pilotes.doc
    [25/12/2009 - 03:03:54 | N | 62976] F:\Télécharger et installer DriverMax.doc
    [25/12/2009 - 03:00:50 | N | 61952] F:\Enregistrer DriverMax.doc
    [11/01/2010 - 12:25:38 | N | 8391824] F:\Firefox Setup 3.6 RC 1(2).exe
    [11/01/2010 - 15:36:28 | N | 525824] F:\Microsoft cles pz.doc
    [11/01/2010 - 14:06:56 | N | 65795] F:\Cles_Belarc_Profile.pdf
    [12/01/2010 - 22:28:16 | N | 3357024] F:\ccsetup227.exe
    [12/01/2010 - 21:22:42 | N | 5359048] F:\FoxitReader31_enu_Setup_091125.exe
    [12/01/2010 - 19:52:00 | N | 629821] F:\bpsetup_1_03_1.exe
    [15/02/2011 - 11:53:02 | D ] F:\Marine Malice
    [15/03/2008 - 15:55:18 | N | 693] F:\Échantillons d'images.lnk
    [13/01/2010 - 02:10:26 | N | 676878] F:\RadioaacPlus_plugin.exe
    [13/01/2010 - 08:40:46 | N | 94720] F:\Confi bios.doc
    [15/02/2011 - 11:54:08 | D ] F:\Mes driver 2010 telecharger
    [10/11/2009 - 17:08:32 | N | 3533478] F:\aida32ee_393.exe
    [15/02/2011 - 11:54:08 | D ] F:\miseajourExtra office2003
    [27/01/2010 - 12:24:16 | D ] F:\Nouveau dossier123
    [01/02/2010 - 17:04:56 | D ] F:\SP3ntlite iso windows
    [11/02/2010 - 17:49:30 | D ] F:\Paatch pour halo
    [22/02/2010 - 12:21:48 | N | 254403] F:\Depliant_SHilaire.pdf
    [22/02/2010 - 12:22:56 | N | 254403] F:\Depliant_SHilaireretour.pdf
    [22/02/2010 - 12:30:02 | N | 243090] F:\Depliant_DMontagnehoraire.pdf
    [23/07/2010 - 22:37:34 | N | 25600] F:\Recettes du Québec.doc
    [01/08/2010 - 22:32:48 | N | 34981] F:\taux_index.aspx.htm
    [31/08/2010 - 22:03:06 | D ] F:\Pochette etienne 2010
    [05/01/2010 - 18:18:36 | D ] F:\Recu pour pension Alimentaire dossier
    [31/03/2010 - 19:19:26 | N | 132415913] F:\MD400_PC_Final_Software.zip
    [09/11/2008 - 14:34:52 | N | 17920] F:\Numéro de Téllépnone .xls
    [28/08/2001 - 07:00:00 | N | 43008] F:\wab2002.exe
    [05/01/2010 - 18:39:46 | D ] F:\ODS POUR SOPHIE
    [19/12/2009 - 15:35:50 | N | 20480] F:\Recette bonhomme.doc
    [05/01/2008 - 22:20:26 | N | 20480] F:\Cheats halo 1 2.doc
    [05/01/2008 - 22:15:12 | N | 65024] F:\Cheats Halo 1 .doc
    [05/01/2008 - 22:25:54 | N | 455] F:\Patch pour Halo Combat Evolved.url
    [05/01/2008 - 23:08:14 | N | 228] F:\patch du jeu Halo Combat Evolved telechargement.url
    [24/05/2008 - 08:55:10 | N | 1700] F:\Lisez-moi de Halo.lnk
    [05/11/2010 - 21:19:08 | D ] H:\2010 Photo ecole
    [25/10/2010 - 08:20:13 | N | 1345588] H:\2_basement_crawlspace.pdf
    [22/04/2010 - 20:07:15 | D ] H:\A sylvie
    [25/10/2010 - 20:38:26 | N | 543102] H:\ass guide Desjardins.pdf
    [12/03/2010 - 01:23:53 | RASHD ] H:\autorun.inf
    [19/10/2010 - 23:36:50 | N | 17881] H:\Beaudry-Laurence-225x300.jpg
    [20/10/2010 - 16:30:11 | N | 96436] H:\Bougie equivalent.pdf
    [14/02/2011 - 19:27:45 | D ] H:\Cles usb 8 gig 1 fevr 2011
    [22/11/2010 - 22:07:07 | D ] H:\Cles wind xp cuisine
    [07/10/2010 - 23:07:32 | N | 25088] H:\Comment pouvez.doc
    [25/10/2010 - 08:12:44 | N | 20693] H:\couches-isolation.gif
    [31/12/2010 - 12:44:23 | D ] H:\Etienne cossin
    [15/10/2010 - 12:07:47 | N | 724640] H:\Floride route maman Saint-An...tif
    [25/10/2010 - 19:04:27 | N | 603297] H:\imagehandler.ashx.png
    [25/10/2010 - 19:17:24 | N | 80384] H:\Las vegas.doc
    [27/01/2011 - 23:14:35 | D ] H:\Logiciel install
    [16/01/2011 - 17:53:48 | N | 14021] H:\loraine_n.jpg
    [25/10/2010 - 20:44:34 | N | 40448] H:\Maladie 1234.doc
    [05/11/2010 - 13:18:06 | N | 47616] H:\Mon drôle de pâté chinois.doc
    [24/02/2010 - 15:51:37 | D ] H:\Musique 2
    [05/11/2010 - 13:10:16 | D ] H:\Pension Table
    [16/11/2010 - 17:08:39 | N | 252928] H:\Perspective historique sur les compositeurs dans les traditions écossaise.doc
    [17/11/2010 - 20:54:18 | D ] H:\Petit part
    [19/10/2010 - 23:44:20 | D ] H:\Photo
    [31/01/2011 - 15:25:06 | D ] H:\Prog Intall
    [25/10/2010 - 19:58:43 | N | 628305] H:\RAMQ Services de santé assurés hors Québec.pdf
    [15/02/2011 - 12:17:14 | SHD ] H:\RECYCLER
    [18/02/2010 - 20:44:26 | SHD ] H:\System Volume Information
    [27/10/2010 - 22:07:04 | N | 69968] H:\tico.jpg
    [27/10/2010 - 22:05:52 | N | 85067] H:\toci petit.jpg
    [25/10/2010 - 19:40:44 | N | 425056] H:\Un bon départ- guide santé voyage.pdf
    [25/10/2010 - 19:42:30 | N | 34816] H:\Voyager avec une maladie chronique.doc
    [18/02/2010 - 01:42:38 | N | 9872] H:\WLMContacts.csv
    [07/02/2001 - 08:22:50 | N | 32415] H:\zmneuve12.jpg

    ################## | Vaccin |

    C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
    F:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
    H:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)

    ################## | Upload |

    Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_ANDREFI-130D344.zip
    http://www.teamxscript.org/Upload.php
    Merci de votre contribution.

    ################## | E.O.F |
    0
  7. gen-hackman
     
    Télécharge ici :OTL

    enregistre le sur ton Bureau.

    si tu as XP => double clique
    si tu as Vista ou windows 7 => clic droit "executer en tant que...."


    sur OTL.exe pour le lancer.

    ▶ Coche les 2 cases Lop et Purity

    ▶ Coche la case devant tous les utilisateurs

    ▶ règle age du fichier sur "60 jours"

    ▶ dans les 6 onglets de la moitié gauche , mets tout sur "tous"

    ne modifie pas ceci :

    "fichiers créés" et "fichiers Modifiés"


    ▶Clic sur Analyse.

    A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

    Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)

    ▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)

    Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/

    ▶ Clique sur Parcourir et cherche le fichier ci-dessus.

    ▶ Clique sur Ouvrir.

    ▶ Clique sur "Cliquez ici pour déposer le fichier".

    juste au niveau du bouton , en fin de chargement du fichier , Un lien de cette forme apparaitra :

    http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt

    ▶ Copie ce lien dans ta réponse.

    ▶▶ Tu feras la meme chose avec le "Extra.txt" qui logiquement sera aussi sur ton bureau.
    0
  8. artika Messages postés 105 Date d'inscription   Statut Membre Dernière intervention  
     
    Bonjour

    Voici lles deu lien pour les rapport

    http://www.cijoint.fr/cjlink.php?file=cj201102/cijQr4CA4A.txt

    http://www.cijoint.fr/cjlink.php?file=cj201102/cijQr4CA4A.txt
    0
  9. gen-hackman
     
    ATTENTION !!! : Script personnalisé pour cette machine uniquement , ne pas reproduire !!

    si tu as XP => double clique
    si tu as Vista ou windows 7 => clic droit "executer en tant que...."


    sur OTL.exe pour le lancer.

    ▶Copie la liste qui se trouve en gras ci-dessous,

    ▶ colle-la dans la zone sous "Personnalisation" :

    :processes
    explorer.exe
    iexplore.exe
    firefox.exe
    msnmsgr.exe
    Teatimer.exe

    :OTL
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
    O4 - HKLM\..\Run: [Cmaudio] File not found
    O4 - HKU\S-1-5-21-1960408961-2139871995-1606980848-1003\..\Run: [] File not found
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

    :Reg
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "TrueImageMonitor.exe"=-
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
    "HonorAutoRunSetting"=1

    :Files
    @Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B9A77133

    :commands
    [emptytemp]
    [start explorer]
    [reboot]


    ▶ Clique sur "Correction" pour lancer la suppression.

    ▶ Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail appres le redemarrage.
    0
  10. artika Messages postés 105 Date d'inscription   Statut Membre Dernière intervention  
     
    Bonjour

    Je crois que ca n'a pas fonctionner OLT.exe
    ma demander de redémarrer pour terminer la suspression
    il a figer il a fallu que
    je redémarre manuellement il n'y avait pas de rapport

    Merci
    0
  11. gen-hackman
     
    C:\_OTL\Moved Files\la_date_et_l'heure.txt
    0
  12. artika Messages postés 105 Date d'inscription   Statut Membre Dernière intervention  
     
    Bonjour

    je crois que ça fonctionne pas
    peut-être du a mon pare feu online Amor
    ou antivirus
    je ne trouve pas le Rapport
    même avec Rechercher avec windows
    0
  13. gen-hackman
     
    recommence l'operation en mode sans echec

    il faut desactiver les protections pour utiliser les outils
    0
  14. artika Messages postés 105 Date d'inscription   Statut Membre Dernière intervention  
     
    bonjour

    Voici le rapport

    OTL logfile created on: 2011-02-15 14:03:23 - Run 1
    OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\andrefi\Bureau
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.13)
    Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

    1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 71,00% Memory free
    3,00 Gb Paging File | 3,00 Gb Available in Paging File | 92,00% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 118,26 Gb Total Space | 89,80 Gb Free Space | 75,93% Space Free | Partition Type: NTFS
    Drive F: | 7,45 Gb Total Space | 0,18 Gb Free Space | 2,46% Space Free | Partition Type: FAT32
    Drive G: | 169,90 Mb Total Space | 12,53 Mb Free Space | 7,38% Space Free | Partition Type: FAT
    Drive H: | 15,65 Gb Total Space | 9,59 Gb Free Space | 61,27% Space Free | Partition Type: NTFS

    Computer Name: ANDREFI-130D344 | User Name: andrefi | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

    [color=#E56717]========== Processes (All) ==========[/color]

    PRC - [2011-02-15 13:27:54 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\andrefi\Bureau\OTL.exe
    PRC - [2010-11-12 18:53:22 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
    PRC - [2010-08-17 08:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
    PRC - [2010-07-07 11:53:42 | 003,065,160 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft\Online Armor\oahlp.exe
    PRC - [2010-07-07 11:53:40 | 006,854,984 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft\Online Armor\oaui.exe
    PRC - [2010-07-07 11:53:38 | 003,364,680 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft\Online Armor\oasrv.exe
    PRC - [2010-07-07 11:53:38 | 001,283,400 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft\Online Armor\oacat.exe
    PRC - [2010-05-14 10:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
    PRC - [2009-09-25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- C:\UTILITAIRE\Seagate Disque dur Free Agent\Sync\FreeAgentService.exe
    PRC - [2009-09-11 06:24:32 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    PRC - [2009-09-11 06:23:46 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
    PRC - [2009-02-09 06:23:48 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
    PRC - [2008-10-14 14:47:36 | 000,106,496 | R--- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson MD400 Wireless Modem\wwanSvc.exe
    PRC - [2008-04-13 18:34:30 | 000,512,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
    PRC - [2008-04-13 18:34:30 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
    PRC - [2008-04-13 18:34:24 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
    PRC - [2008-04-13 18:34:24 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
    PRC - [2008-04-13 18:34:24 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
    PRC - [2008-04-13 18:34:24 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
    PRC - [2008-04-13 18:34:24 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
    PRC - [2008-04-13 18:34:24 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
    PRC - [2008-04-13 18:34:24 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
    PRC - [2008-04-13 18:34:24 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [EAPSVCS]
    PRC - [2008-04-13 18:34:24 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
    PRC - [2008-04-13 18:34:22 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scardsvr.exe
    PRC - [2008-04-13 18:34:10 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
    PRC - [2008-04-13 18:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2008-04-13 18:34:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
    PRC - [2008-04-13 18:34:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
    PRC - [2008-04-13 18:33:54 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
    PRC - [2007-12-06 06:16:00 | 000,493,216 | ---- | M] () -- C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
    PRC - [2007-12-06 05:09:38 | 000,905,000 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
    PRC - [2007-12-06 05:03:32 | 000,140,568 | ---- | M] (Acronis) -- C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
    PRC - [2007-12-06 05:03:26 | 000,427,288 | ---- | M] (Acronis) -- C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
    PRC - [2007-12-06 05:00:32 | 002,616,288 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
    PRC - [2007-05-15 15:55:46 | 001,550,896 | ---- | M] (Nero AG) -- C:\Graveur et dvd\Nero 7\InCD\InCDsrv.exe
    PRC - [2005-08-07 23:54:00 | 000,167,936 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    PRC - [2005-03-11 04:33:28 | 000,147,456 | R--- | M] (S3 Graphics Co., Ltd.) -- C:\WINDOWS\system32\VTTrayp.exe
    PRC - [2005-03-07 14:33:28 | 000,053,248 | R--- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe
    PRC - [2005-01-28 13:44:28 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe
    PRC - [2004-05-03 07:18:56 | 000,045,056 | ---- | M] ( ) -- C:\WINDOWS\system32\slserv.exe
    PRC - [2001-10-11 12:11:16 | 000,022,560 | ---- | M] () -- C:\Program Files\Le Robert\Le Petit Robert\PRHYPER.EXE

    [color=#E56717]========== Modules (All) ==========[/color]

    MOD - [2011-02-15 13:27:54 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\andrefi\Bureau\OTL.exe
    MOD - [2010-08-23 11:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
    MOD - [2010-08-16 03:44:32 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
    MOD - [2010-07-27 01:30:01 | 008,518,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
    MOD - [2010-07-16 07:06:19 | 001,287,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
    MOD - [2010-07-07 11:53:40 | 000,947,016 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft\Online Armor\oawatch.dll
    MOD - [2009-12-08 04:24:28 | 000,474,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
    MOD - [2009-06-25 03:26:32 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
    MOD - [2009-03-21 09:07:58 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
    MOD - [2009-02-26 23:57:11 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime
    MOD - [2009-02-09 05:53:55 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
    MOD - [2009-02-09 05:53:55 | 000,685,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
    MOD - [2008-10-23 07:36:51 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
    MOD - [2008-10-15 11:35:43 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
    MOD - [2008-04-13 18:34:36 | 000,146,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
    MOD - [2008-04-13 18:33:52 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
    MOD - [2008-04-13 18:33:52 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
    MOD - [2008-04-13 18:33:50 | 000,734,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
    MOD - [2008-04-13 18:33:50 | 000,579,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
    MOD - [2008-04-13 18:33:50 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
    MOD - [2008-04-13 18:33:50 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
    MOD - [2008-04-13 18:33:50 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
    MOD - [2008-04-13 18:33:50 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
    MOD - [2008-04-13 18:33:50 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
    MOD - [2008-04-13 18:33:50 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
    MOD - [2008-04-13 18:33:48 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
    MOD - [2008-04-13 18:33:42 | 001,005,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
    MOD - [2008-04-13 18:33:40 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
    MOD - [2008-04-13 18:33:40 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
    MOD - [2008-04-13 18:33:40 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
    MOD - [2008-04-13 18:33:40 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
    MOD - [2008-04-13 18:33:38 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
    MOD - [2008-04-13 18:33:34 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
    MOD - [2008-04-13 18:33:32 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
    MOD - [2008-04-13 18:33:28 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
    MOD - [2008-04-13 18:33:28 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
    MOD - [2008-04-13 18:33:26 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
    MOD - [2008-04-13 18:33:22 | 000,851,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
    MOD - [2008-04-13 18:33:22 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
    MOD - [2008-04-13 18:33:22 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
    MOD - [2008-04-13 18:32:04 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

    [color=#E56717]========== Win32 Services (All) ==========[/color]

    SRV - File not found [Disabled | Stopped] -- -- (HidServ)
    SRV - [2010-11-12 18:53:22 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
    SRV - [2010-08-27 00:58:58 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (LanmanServer)
    SRV - [2010-08-17 08:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
    SRV - [2010-07-07 11:53:38 | 003,364,680 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Emsisoft\Online Armor\oasrv.exe -- (SvcOnlineArmor)
    SRV - [2010-07-07 11:53:38 | 001,283,400 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Emsisoft\Online Armor\OAcat.exe -- (OAcat)
    SRV - [2009-09-25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\UTILITAIRE\Seagate Disque dur Free Agent\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
    SRV - [2009-09-11 06:33:18 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
    SRV - [2009-09-11 06:24:32 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
    SRV - [2009-06-10 01:15:17 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
    SRV - [2009-02-09 06:23:48 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
    SRV - [2009-02-09 06:23:48 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
    SRV - [2009-02-09 05:53:55 | 000,685,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
    SRV - [2009-02-09 05:53:55 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs) Appel de procédure distante (RPC)
    SRV - [2009-02-09 05:53:55 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (DcomLaunch)
    SRV - [2008-10-14 14:47:36 | 000,106,496 | R--- | M] () [Auto | Running] -- C:\Program Files\Sony Ericsson\Sony Ericsson MD400 Wireless Modem\wwanSvc.exe -- (wwanSvc)
    SRV - [2008-07-29 21:10:04 | 000,046,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
    SRV - [2008-07-29 19:24:50 | 000,881,664 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
    SRV - [2008-07-29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
    SRV - [2008-07-25 11:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2008-07-25 11:16:40 | 000,034,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
    SRV - [2008-07-07 15:28:20 | 000,253,952 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\es.dll -- (EventSystem)
    SRV - [2008-06-20 12:47:22 | 000,247,808 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla) NLA (Network Location Awareness)
    SRV - [2008-04-13 18:47:24 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
    SRV - [2008-04-13 18:34:30 | 000,126,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv)
    SRV - [2008-04-13 18:34:28 | 000,295,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
    SRV - [2008-04-13 18:34:28 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ups.exe -- (UPS)
    SRV - [2008-04-13 18:34:26 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr)
    SRV - [2008-04-13 18:34:24 | 000,093,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog)
    SRV - [2008-04-13 18:34:22 | 000,142,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr)
    SRV - [2008-04-13 18:34:22 | 000,100,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr)
    SRV - [2008-04-13 18:34:16 | 000,114,176 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
    SRV - [2008-04-13 18:34:16 | 000,114,176 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
    SRV - [2008-04-13 18:34:14 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
    SRV - [2008-04-13 18:34:14 | 000,006,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC)
    SRV - [2008-04-13 18:34:12 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc)
    SRV - [2008-04-13 18:34:10 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\locator.exe -- (RpcLocator) Localisateur d'appels de procédure distante (RPC)
    SRV - [2008-04-13 18:34:10 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
    SRV - [2008-04-13 18:34:10 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
    SRV - [2008-04-13 18:34:10 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
    SRV - [2008-04-13 18:34:10 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp)
    SRV - [2008-04-13 18:34:10 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
    SRV - [2008-04-13 18:34:08 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
    SRV - [2008-04-13 18:34:02 | 000,225,280 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
    SRV - [2008-04-13 18:34:02 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
    SRV - [2008-04-13 18:34:02 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (COMSysApp)
    SRV - [2008-04-13 18:33:58 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)
    SRV - [2008-04-13 18:33:58 | 000,005,632 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc)
    SRV - [2008-04-13 18:33:54 | 000,129,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov)
    SRV - [2008-04-13 18:33:54 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
    SRV - [2008-04-13 18:33:52 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
    SRV - [2008-04-13 18:33:52 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
    SRV - [2008-04-13 18:33:50 | 000,334,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Acquisition d'image Windows (WIA)
    SRV - [2008-04-13 18:33:50 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\upnphost.dll -- (upnphost)
    SRV - [2008-04-13 18:33:50 | 000,178,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\w32time.dll -- (W32Time)
    SRV - [2008-04-13 18:33:50 | 000,145,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
    SRV - [2008-04-13 18:33:50 | 000,068,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\webclnt.dll -- (WebClient)
    SRV - [2008-04-13 18:33:50 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
    SRV - [2008-04-13 18:33:48 | 000,297,984 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
    SRV - [2008-04-13 18:33:48 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
    SRV - [2008-04-13 18:33:48 | 000,171,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
    SRV - [2008-04-13 18:33:48 | 000,090,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks)
    SRV - [2008-04-13 18:33:48 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\ssdpsrv.dll -- (SSDPSRV)
    SRV - [2008-04-13 18:33:42 | 000,194,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
    SRV - [2008-04-13 18:33:42 | 000,135,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
    SRV - [2008-04-13 18:33:42 | 000,135,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
    SRV - [2008-04-13 18:33:42 | 000,135,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
    SRV - [2008-04-13 18:33:42 | 000,039,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\sens.dll -- (SENS)
    SRV - [2008-04-13 18:33:42 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
    SRV - [2008-04-13 18:33:40 | 000,409,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
    SRV - [2008-04-13 18:33:40 | 000,293,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\qagentrt.dll -- (napagent)
    SRV - [2008-04-13 18:33:40 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
    SRV - [2008-04-13 18:33:40 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
    SRV - [2008-04-13 18:33:40 | 000,059,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\regsvc.dll -- (RemoteRegistry)
    SRV - [2008-04-13 18:33:40 | 000,038,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
    SRV - [2008-04-13 18:33:38 | 000,438,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
    SRV - [2008-04-13 18:33:36 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
    SRV - [2008-04-13 18:33:32 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
    SRV - [2008-04-13 18:33:32 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
    SRV - [2008-04-13 18:33:30 | 000,061,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\kmsvc.dll -- (hkmsvc)
    SRV - [2008-04-13 18:33:30 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
    SRV - [2008-04-13 18:33:28 | 000,332,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
    SRV - [2008-04-13 18:33:26 | 000,023,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)
    SRV - [2008-04-13 18:33:24 | 000,133,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
    SRV - [2008-04-13 18:33:24 | 000,127,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
    SRV - [2008-04-13 18:33:24 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
    SRV - [2008-04-13 18:33:24 | 000,033,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost) Service Protocole EAP (Extensible Authentication Protocol)
    SRV - [2008-04-13 18:33:24 | 000,024,576 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
    SRV - [2008-04-13 18:33:22 | 000,077,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\browser.dll -- (Browser)
    SRV - [2008-04-13 18:33:22 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
    SRV - [2008-04-13 18:33:20 | 000,176,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\appmgmts.dll -- (AppMgmt)
    SRV - [2008-04-13 18:33:20 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
    SRV - [2008-04-13 18:33:20 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
    SRV - [2007-12-06 06:16:00 | 000,493,216 | ---- | M] () [Auto | Running] -- C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe -- (TryAndDecideService)
    SRV - [2007-12-06 05:03:26 | 000,427,288 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
    SRV - [2007-05-15 15:55:46 | 001,550,896 | ---- | M] (Nero AG) [Auto | Running] -- C:\Graveur et dvd\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)
    SRV - [2007-05-08 19:47:22 | 000,271,920 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
    SRV - [2007-04-13 21:09:56 | 000,792,112 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Graveur et dvd\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
    SRV - [2005-08-07 23:54:00 | 000,167,936 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo) Cyberlink RichVideo Service(CRVS)
    SRV - [2005-01-28 13:44:28 | 000,038,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf)
    SRV - [2005-01-28 13:44:28 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\MsPMSNSv.dll -- (WmdmPmSN)
    SRV - [2004-11-24 09:12:36 | 000,425,984 | ---- | M] (ATI Technologies Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
    SRV - [2004-05-03 07:18:56 | 000,045,056 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\slserv.exe -- (SLService)
    SRV - [2003-07-28 20:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
    SRV - [2001-08-28 06:00:00 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rsvp.exe -- (RSVP)

    [color=#E56717]========== Driver Services (All) ==========[/color]

    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (ultra)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (TosIde)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc8xx)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc810)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_u3)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_hi)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (Sparrow)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (Simbad)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1280)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1240)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql12160)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (Ql10wnt)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1080)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2hib)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (PCIIde)
    DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (mraid35x)
    DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (IntelIde)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (ini910u)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (i2omp)
    DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (hpn)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (dpti2o)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (dac960nt)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (Cpqarray)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (CmdIde)
    DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (cd20xrnt)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (catchme)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (Atdisk)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3550)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3350p)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (amsint)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (AliIde)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78xx)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78u2)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (Aha154x)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (adpu160m)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (abp480n5)
    DRV - File not found [Kernel | Disabled | Stopped] -- -- (Abiosdsk)
    DRV - [2010-11-02 10:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)
    DRV - [2010-08-26 08:39:50 | 000,357,248 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
    DRV - [2010-08-15 23:42:57 | 000,047,360 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pcouffin.sys -- (pcouffin)
    DRV - [2010-07-07 11:25:58 | 000,022,600 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAmon.sys -- (OAmon)
    DRV - [2010-07-07 11:25:42 | 000,028,232 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAnet.sys -- (OAnet)
    DRV - [2010-07-07 11:25:38 | 000,236,104 | ---- | M] (Emsisoft) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\OADriver.sys -- (OADevice)
    DRV - [2010-02-24 08:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
    DRV - [2010-02-04 12:38:06 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
    DRV - [2010-02-04 12:38:06 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
    DRV - [2010-02-04 12:37:42 | 000,129,248 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
    DRV - [2010-02-04 12:37:39 | 000,368,736 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpman.sys -- (tdrpman)
    DRV - [2009-10-20 11:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
    DRV - [2009-09-11 06:26:26 | 000,096,408 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
    DRV - [2009-09-11 06:23:50 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
    DRV - [2009-09-11 06:17:16 | 000,116,008 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
    DRV - [2009-06-24 06:18:41 | 000,092,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
    DRV - [2008-10-09 15:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
    DRV - [2008-08-14 05:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
    DRV - [2008-08-13 10:52:34 | 000,434,176 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seu3mdm2.sys -- (seu3mdm2)
    DRV - [2008-08-13 10:52:34 | 000,405,504 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seu3unic.sys -- (seu3unic) Sony Ericsson MD400g Mobile Broadband Network Adapter (WDM)
    DRV - [2008-08-13 10:52:34 | 000,389,376 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seu3mdm.sys -- (seu3mdm)
    DRV - [2008-08-13 10:52:34 | 000,025,984 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seu3nd5.sys -- (seu3nd5) Sony Ericsson MD400g Mobile Broadband Network Adapter (NDIS)
    DRV - [2008-08-13 10:52:34 | 000,014,976 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seu3mdfl2.sys -- (seu3mdfl2)
    DRV - [2008-08-13 10:52:32 | 000,380,800 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seu3card.sys -- (seu3card)
    DRV - [2008-08-13 10:52:32 | 000,307,200 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seu3bus.sys -- (seu3bus) Sony Ericsson MD400g Mobile Broadband Composite Device driver (WDM)
    DRV - [2008-08-13 10:52:32 | 000,014,976 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seu3mdfl.sys -- (seu3mdfl)
    DRV - [2008-08-08 12:47:04 | 000,076,200 | R--- | M] (Sony Ericsson) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seu3gps.sys -- (seu4gps)
    DRV - [2008-08-08 12:45:18 | 000,024,232 | R--- | M] (Sony Ericsson) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seu3scard.sys -- (Sony_EricssonWWSC)
    DRV - [2008-06-20 06:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
    DRV - [2008-04-13 19:34:54 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
    DRV - [2008-04-13 18:47:24 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\parport.sys -- (Parport)
    DRV - [2008-04-13 18:47:24 | 000,030,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
    DRV - [2008-04-13 18:47:24 | 000,023,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
    DRV - [2008-04-13 18:47:24 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
    DRV - [2008-04-13 18:47:24 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
    DRV - [2008-04-13 18:47:24 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
    DRV - [2008-04-13 18:34:56 | 000,139,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)
    DRV - [2008-04-13 18:34:54 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
    DRV - [2008-04-13 18:34:54 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
    DRV - [2008-04-13 18:10:04 | 000,073,600 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sr.sys -- (sr)
    DRV - [2008-04-13 18:09:54 | 000,120,576 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
    DRV - [2008-04-13 18:09:48 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\pci.sys -- (PCI)
    DRV - [2008-04-13 18:05:16 | 000,025,216 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
    DRV - [2008-04-13 18:05:14 | 000,154,496 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\dmio.sys -- (dmio)
    DRV - [2008-04-13 18:05:08 | 000,800,256 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
    DRV - [2008-04-13 18:04:36 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\isapnp.sys -- (isapnp)
    DRV - [2008-04-13 18:03:28 | 000,040,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm)
    DRV - [2008-04-13 18:00:54 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt)
    DRV - [2008-04-13 18:00:10 | 000,066,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\serial.sys -- (Serial)
    DRV - [2008-04-13 17:57:40 | 000,044,672 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)
    DRV - [2008-04-13 17:56:06 | 000,053,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
    DRV - [2008-04-13 17:52:44 | 000,188,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ACPI.sys -- (ACPI)
    DRV - [2008-04-13 13:57:36 | 000,058,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
    DRV - [2008-04-13 12:17:20 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
    DRV - [2008-04-13 12:15:56 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
    DRV - [2008-04-13 11:45:40 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBSTOR.SYS -- (USBSTOR)
    DRV - [2008-04-13 11:45:36 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan)
    DRV - [2008-04-13 11:45:28 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (hidusb)
    DRV - [2008-04-13 11:45:14 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud) Filtre de décodeur DRM (Noyau Microsoft)
    DRV - [2008-04-13 11:45:10 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
    DRV - [2008-04-13 11:45:10 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
    DRV - [2008-04-13 11:45:08 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
    DRV - [2008-04-13 11:45:02 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DMusic.sys -- (DMusic)
    DRV - [2008-04-13 11:39:54 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSKSSRV.sys -- (MSKSSRV)
    DRV - [2008-04-13 11:39:52 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSPCLOCK.sys -- (MSPCLOCK)
    DRV - [2008-04-13 11:39:52 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSPQM.sys -- (MSPQM)
    DRV - [2008-04-13 11:32:52 | 000,196,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)
    DRV - [2008-04-13 11:28:40 | 000,175,744 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
    DRV - [2008-04-13 11:21:02 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
    DRV - [2008-04-13 11:20:44 | 000,091,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
    DRV - [2008-04-13 11:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
    DRV - [2008-04-13 11:19:50 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) Miniport réseau étendu (PPTP)
    DRV - [2008-04-13 11:19:44 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
    DRV - [2008-04-13 11:19:44 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) Miniport réseau étendu (L2TP)
    DRV - [2008-04-13 11:17:06 | 000,105,344 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
    DRV - [2008-04-13 11:15:54 | 000,574,976 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
    DRV - [2008-04-13 11:14:30 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
    DRV - [2008-04-13 11:14:22 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
    DRV - [2008-04-13 10:57:34 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
    DRV - [2008-04-13 10:57:28 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
    DRV - [2008-04-13 10:57:28 | 000,010,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
    DRV - [2008-04-13 10:57:22 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
    DRV - [2008-04-13 10:57:16 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
    DRV - [2008-04-13 10:57:08 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
    DRV - [2008-04-13 10:56:34 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
    DRV - [2008-04-13 10:56:04 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
    DRV - [2008-04-13 10:54:30 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
    DRV - [2008-04-13 10:53:36 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw)
    DRV - [2008-04-13 10:51:26 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
    DRV - [2008-04-13 10:45:38 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
    DRV - [2008-04-13 10:45:36 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
    DRV - [2008-04-13 10:45:36 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbuhci.sys -- (usbuhci)
    DRV - [2008-04-13 10:44:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)
    DRV - [2008-04-13 10:41:00 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
    DRV - [2008-04-13 10:40:50 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr)
    DRV - [2008-04-13 10:40:50 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy)
    DRV - [2008-04-13 10:40:48 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
    DRV - [2008-04-13 10:40:48 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\disk.sys -- (Disk)
    DRV - [2008-04-13 10:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atapi.sys -- (atapi)
    DRV - [2008-04-13 10:40:32 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaide.sys -- (ViaIde)
    DRV - [2008-04-13 10:40:26 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fdc.sys -- (Fdc)
    DRV - [2008-04-13 10:40:26 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\flpydisk.sys -- (Flpydisk)
    DRV - [2008-04-13 10:40:14 | 000,015,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\serenum.sys -- (serenum)
    DRV - [2008-04-13 10:39:48 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
    DRV - [2008-04-13 10:39:48 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
    DRV - [2008-04-13 10:33:00 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\fltMgr.sys -- (FltMgr)
    DRV - [2008-04-13 10:32:46 | 000,180,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
    DRV - [2008-04-13 10:32:40 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)
    DRV - [2008-04-13 10:32:40 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)
    DRV - [2008-04-13 10:32:38 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
    DRV - [2008-04-13 09:39:24 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec) Suppresseur d'écho acoustique (Noyau Microsoft)
    DRV - [2008-04-13 08:39:16 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
    DRV - [2008-04-13 06:36:42 | 000,044,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\uagp35.sys -- (uagp35)
    DRV - [2007-05-15 15:55:36 | 000,118,576 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)
    DRV - [2007-05-15 15:55:36 | 000,038,576 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm)
    DRV - [2007-05-15 15:55:36 | 000,037,040 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass)
    DRV - [2005-12-15 13:57:46 | 001,368,000 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmuda.sys -- (cmuda)
    DRV - [2005-11-03 09:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
    DRV - [2005-08-10 07:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
    DRV - [2005-05-16 08:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
    DRV - [2005-04-25 22:22:40 | 000,060,928 | R--- | M] (VIA Technologies inc,.ltd) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viamraid.sys -- (viamraid)
    DRV - [2005-04-22 21:20:28 | 000,226,048 | R--- | M] (Copyright (C) VIA/S3 Graphics Co, Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vtmini.sys -- (viagfx)
    DRV - [2004-11-24 09:19:54 | 000,872,960 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
    DRV - [2004-05-03 07:10:58 | 000,013,920 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\RecAgent.sys -- (RecAgent)
    DRV - [2004-05-03 07:10:50 | 000,632,960 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)
    DRV - [2004-05-03 07:06:08 | 000,095,768 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)
    DRV - [2004-05-03 07:03:04 | 000,230,664 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)
    DRV - [2004-05-03 06:59:14 | 001,302,680 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)
    DRV - [2004-05-03 06:55:38 | 000,180,640 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)
    DRV - [2004-05-03 06:44:54 | 000,013,288 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)
    DRV - [2001-08-28 06:00:00 | 000,126,080 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ftdisk.sys -- (Ftdisk)
    DRV - [2001-08-28 06:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
    DRV - [2001-08-28 06:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
    DRV - [2001-08-28 06:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio)
    DRV - [2001-08-28 06:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
    DRV - [2001-08-28 06:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti)
    DRV - [2001-08-28 06:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
    DRV - [2001-08-28 06:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
    DRV - [2001-08-28 06:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)
    DRV - [2001-08-28 06:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
    DRV - [2001-08-28 06:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
    DRV - [2001-08-28 06:00:00 | 000,006,912 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
    DRV - [2001-08-28 06:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\dmload.sys -- (dmload)
    DRV - [2001-08-28 06:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
    DRV - [2001-08-28 06:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd)
    DRV - [2001-08-28 06:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)
    DRV - [2001-08-28 06:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)
    DRV - [2001-08-17 21:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
    DRV - [2001-08-17 16:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
    DRV - [2001-08-17 15:13:08 | 000,027,165 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fetnd5.sys -- (FETNDIS)

    [color=#E56717]========== Standard Registry (All) ==========[/color]

    [color=#E56717]========== Internet Explorer ==========[/color]

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr

    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-21-1960408961-2139871995-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    IE - HKU\S-1-5-21-1960408961-2139871995-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_search_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    IE - HKU\S-1-5-21-1960408961-2139871995-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
    IE - HKU\S-1-5-21-1960408961-2139871995-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    IE - HKU\S-1-5-21-1960408961-2139871995-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    IE - HKU\S-1-5-21-1960408961-2139871995-1606980848-1003\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
    IE - HKU\S-1-5-21-1960408961-2139871995-1606980848-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    [color=#E56717]========== FireFox ==========[/color]

    FF - prefs.js..browser.search.update: false
    FF - prefs.js..browser.startup.homepage: "https://forums.commentcamarche.net/forum/affich-20866575-win32-adware-toolbar-dealio"
    FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
    FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.1
    FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
    FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
    FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.2
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
    FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13

    FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010-02-18 03:29:38 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010-04-13 21:21:25 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\INTERNET\Mozilla Firefox\components [2011-01-07 18:41:18 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\INTERNET\Mozilla Firefox\plugins [2010-12-16 20:59:27 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-07-20 10:11:39 | 000,000,000 | ---D | M]

    [2010-02-01 19:14:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\andrefi\Application Data\Mozilla\Extensions
    [2010-02-01 19:14:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\andrefi\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
    [2011-02-14 20:26:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\andrefi\Application Data\Mozilla\Firefox\Profiles\z4id2y6o.default\extensions
    [2010-11-04 14:25:10 | 000,000,000 | ---D | M] ("Garmin Communicator") -- C:\Documents and Settings\andrefi\Application Data\Mozilla\Firefox\Profiles\z4id2y6o.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
    [2010-04-26 21:27:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\andrefi\Application Data\Mozilla\Firefox\Profiles\z4id2y6o.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2010-09-20 00:21:25 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\andrefi\Application Data\Mozilla\Firefox\Profiles\z4id2y6o.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
    [2010-03-02 15:34:46 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\andrefi\Application Data\Mozilla\Firefox\Profiles\z4id2y6o.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2)
    [2011-02-09 10:08:01 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\andrefi\Application Data\Mozilla\Firefox\Profiles\z4id2y6o.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
    [2010-02-26 02:19:08 | 000,002,313 | ---- | M] () -- C:\Documents and Settings\andrefi\Application Data\Mozilla\Firefox\Profiles\z4id2y6o.default\searchplugins\downloadhelper-safe-videos.xml
    [2010-02-26 02:16:23 | 000,001,011 | ---- | M] () -- C:\Documents and Settings\andrefi\Application Data\Mozilla\Firefox\Profiles\z4id2y6o.default\searchplugins\sideload-search.xml
    [2010-04-13 21:22:14 | 000,000,000 | ---D | M] (Jav
    0
  15. gen-hackman
     
    ok ben quand ce qu'il faut sera fait , je continuerai
    0
  16. artika Messages postés 105 Date d'inscription   Statut Membre Dernière intervention  
     
    Bonjour

    Excuse moi je viens de comprendre que je viens de faire une bêtise
    car j 'ai vu OTL sur mon bureau et je croyait que c'était celui la
    Excuse moi encore
    Je viens de trouver le Rapport je croie
    voici le dernier car il y en a trois

    All processes killed
    ========== PROCESSES ==========
    Process explorer.exe killed successfully!
    No active process named iexplore.exe was found!
    No active process named firefox.exe was found!
    No active process named msnmsgr.exe was found!
    No active process named Teatimer.exe was found!
    ========== OTL ==========
    Prefs.js: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 removed from extensions.enabledItems
    Prefs.js: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 removed from extensions.enabledItems
    Prefs.js: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 removed from extensions.enabledItems
    Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
    Registry key HKEY_USERS\S-1-5-21-1960408961-2139871995-1606980848-1003\\Software\Microsoft\Windows\CurrentVersion\Run\ not found.
    Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
    ========== REGISTRY ==========
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TrueImageMonitor.exe not found.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\"HonorAutoRunSetting"|1 /E : value set successfully!
    ========== FILES ==========
    Unable to delete ADS C:\Documents and Settings\All Users\Application Data\TEMP:B9A77133 .
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrateur
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: All Users

    User: andrefi
    ->Temp folder emptied: 513 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 31260285 bytes
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: LocalService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 30,00 mb

    OTL by OldTimer - Version 3.2.20.6 log created on 02152011_181042

    Files\Folders moved on Reboot...

    Registry entries deleted on Reboot...

    Merci encore
    0
  17. gen-hackman
     
    salut recommence en mode sans echec car apparement il n'a fonctionné qu'à 20%
    0
  18. artika Messages postés 105 Date d'inscription   Statut Membre Dernière intervention  
     
    Bonjour

    Rapport

    All processes killed
    ========== PROCESSES ==========
    Process explorer.exe killed successfully!
    No active process named iexplore.exe was found!
    No active process named firefox.exe was found!
    No active process named msnmsgr.exe was found!
    No active process named Teatimer.exe was found!
    ========== OTL ==========
    Prefs.js: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 removed from extensions.enabledItems
    Prefs.js: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 removed from extensions.enabledItems
    Prefs.js: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 removed from extensions.enabledItems
    Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
    Registry key HKEY_USERS\S-1-5-21-1960408961-2139871995-1606980848-1003\\Software\Microsoft\Windows\CurrentVersion\Run\ deleted successfully.
    Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
    ========== REGISTRY ==========
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TrueImageMonitor.exe not found.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\"HonorAutoRunSetting"|1 /E : value set successfully!
    ========== FILES ==========
    Unable to delete ADS C:\Documents and Settings\All Users\Application Data\TEMP:B9A77133 .
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrateur
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Administrateur.ANDREFI-130D344
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: All Users

    User: andrefi
    ->Temp folder emptied: 2046 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 46442211 bytes
    ->Flash cache emptied: 769 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: LocalService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    Merci pour ton aide

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 44,00 mb

    OTL by OldTimer - Version 3.2.20.6 log created on 02162011_095234
    0
  19. gen-hackman
     
    fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.

    ▶ Télécharge ici :

    Malwarebytes

    ▶ Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

    (NB : Si tu as un message d'erreur t'indiquant qu'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : COMCTL32.OCX

    ▶ Potasses le Tuto pour te familiariser avec le prg :

    ( cela dit, il est très simple d'utilisation ).

    relance malwarebytes en suivant scrupuleusement ces consignes :

    ! Déconnecte toi et ferme toutes applications en cours !

    ▶ Lance Malwarebyte's .

    Fais un examen dit "Complet" .

    ▶ Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
    ▶ à la fin tu cliques sur "résultat" .
    Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .

    Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !

    Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)

    0
  20. artika Messages postés 105 Date d'inscription   Statut Membre Dernière intervention  
     
    bonjour

    J'avais déja Malwarebytes installer
    j'ai fait la mise a jour
    ensuite fait un examen complet mais il bloque après 5 minutes 14
    il a analyser 48524 fichier
    il bloque a C\8009b68f714b8024\i386\xpssvcs.dll
    je ne sais pas si ca peut t'aider
    je me demande si il était mieux de désinstaller Malwarebytes
    et de télécharger celui que tu me propose
    si ça pourrait changer quelque chose
    j'ai deux essais il bloque toujours a la même place
    j'ai attendu 20 minutes et rien ne change il reste toujours bloquer
    48524 fichier

    Merci
    0
  • 1
  • 2