Un virus me bloque l'accées à tout.....
Fermé
toxic512008
Messages postés
140
Date d'inscription
samedi 25 juillet 2009
Statut
Membre
Dernière intervention
12 octobre 2011
-
9 oct. 2011 à 17:50
toxic512008 Messages postés 140 Date d'inscription samedi 25 juillet 2009 Statut Membre Dernière intervention 12 octobre 2011 - 12 oct. 2011 à 19:33
toxic512008 Messages postés 140 Date d'inscription samedi 25 juillet 2009 Statut Membre Dernière intervention 12 octobre 2011 - 12 oct. 2011 à 19:33
A voir également:
- {582876ec-a178-44d4-9823-c10d6c62eaff}
- Code puk bloqué - Guide
- Pourquoi google me bloque l'accès de certain sites ? - Guide
- Pavé tactile bloqué - Guide
- Compte gmail bloqué - Guide
- Ordinateur bloqué virus - Accueil - Arnaque
16 réponses
Utilisateur anonyme
Modifié par g3n-h@ckm@n le 9/10/2011 à 18:01
Modifié par g3n-h@ckm@n le 9/10/2011 à 18:01
salut
si ton antivirus possède un sandbox , desactive-la
desactive ton antivirus
desactive Windows defender si présent
desactive ton pare-feu
Ferme toutes tes appilications en cours
telecharge et enregistre ceci sur ton bureau :
Pre_Scan
si le lien ne fonctionne pas :
http://www.archive-host.com
s'il n'est pas sur ton bureau coupe-le de ton dossier telechargements et colle-le sur ton bureau
Avertissement: Il y aura une extinction du bureau pendant le scan --> pas de panique.
une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan.txt" sur le bureau.
si 'outil est bloqué par l'infection utilise cette version : Version .pif
si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"
si l'outil semble ne pas avoir fonctionné renomme-le winlogon , ou change son extension en .com ou .scr
Il se peut qu'une multitude de fenêtres noires clignotent , laisse-le travailler
Poste Pre_Scan_la_date_et_l'heure.txt qui apparaitra sur le bureau en fin de scan
▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)
clique sur ce lien : http://www.cijoint.fr/
▶ Clique sur Parcourir et cherche le fichier ci-dessus.
▶ Clique sur Ouvrir.
▶ Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt
est ajouté dans la page.
▶ Copie ce lien dans ta réponse.
si ton bureau ne reapparait pas => ctrl+alt+supp , gestionnaire des taches => onglet fichier => nouvelle tache puis tape explorer
¤¤¤¤¤¤¤¤¤¤_g3n-h@ckm@n_developpement_¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤_Pre_scan_¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
si ton antivirus possède un sandbox , desactive-la
desactive ton antivirus
desactive Windows defender si présent
desactive ton pare-feu
Ferme toutes tes appilications en cours
telecharge et enregistre ceci sur ton bureau :
Pre_Scan
si le lien ne fonctionne pas :
http://www.archive-host.com
s'il n'est pas sur ton bureau coupe-le de ton dossier telechargements et colle-le sur ton bureau
Avertissement: Il y aura une extinction du bureau pendant le scan --> pas de panique.
une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan.txt" sur le bureau.
si 'outil est bloqué par l'infection utilise cette version : Version .pif
si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"
si l'outil semble ne pas avoir fonctionné renomme-le winlogon , ou change son extension en .com ou .scr
Il se peut qu'une multitude de fenêtres noires clignotent , laisse-le travailler
Poste Pre_Scan_la_date_et_l'heure.txt qui apparaitra sur le bureau en fin de scan
▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)
clique sur ce lien : http://www.cijoint.fr/
▶ Clique sur Parcourir et cherche le fichier ci-dessus.
▶ Clique sur Ouvrir.
▶ Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt
est ajouté dans la page.
▶ Copie ce lien dans ta réponse.
si ton bureau ne reapparait pas => ctrl+alt+supp , gestionnaire des taches => onglet fichier => nouvelle tache puis tape explorer
¤¤¤¤¤¤¤¤¤¤_g3n-h@ckm@n_developpement_¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤_Pre_scan_¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Utilisateur anonyme
9 oct. 2011 à 18:22
9 oct. 2011 à 18:22
ok ben joints-le comme demandé
toxic512008
Messages postés
140
Date d'inscription
samedi 25 juillet 2009
Statut
Membre
Dernière intervention
12 octobre 2011
23
9 oct. 2011 à 18:24
9 oct. 2011 à 18:24
Je vien de dire que il m'est impossible de le joindre, à cause du virus lui même ....
Utilisateur anonyme
9 oct. 2011 à 18:32
9 oct. 2011 à 18:32
▶ Télécharge Reload_TDSSKiller
▶ Lance le
choisis : lancer le nettoyage
l'outil va automatiquement télécharger la derniere version puis
TDSSKiller va s'ouvrir , clique sur "Start Scan"
Si TDSS.tdl2 est détecté l''option delete sera cochée par défaut.
Si TDSS.tdl3 est détecté assure toi que Cure est bien cochée.
Si TDSS.tdl4(\HardDisk0\MBR) est détecté assure toi que Cure est bien cochée.
Si Suspicious file est indiqué, laisse l''option cochée sur Skip
Si Rootkit.Win32.ZAccess.* est détecté règle sur "cure" en haut , et "delete" en bas
une fois qu'il a terminé , redemarre s'il te le demande pour finir de nettoyer
sinon , ferme tdssKiller et le rapport s'affichera sur le bureau
▶ Copie/Colle son contenu dans ta prochaine réponse.
▶ Lance le
choisis : lancer le nettoyage
l'outil va automatiquement télécharger la derniere version puis
TDSSKiller va s'ouvrir , clique sur "Start Scan"
Si TDSS.tdl2 est détecté l''option delete sera cochée par défaut.
Si TDSS.tdl3 est détecté assure toi que Cure est bien cochée.
Si TDSS.tdl4(\HardDisk0\MBR) est détecté assure toi que Cure est bien cochée.
Si Suspicious file est indiqué, laisse l''option cochée sur Skip
Si Rootkit.Win32.ZAccess.* est détecté règle sur "cure" en haut , et "delete" en bas
une fois qu'il a terminé , redemarre s'il te le demande pour finir de nettoyer
sinon , ferme tdssKiller et le rapport s'affichera sur le bureau
▶ Copie/Colle son contenu dans ta prochaine réponse.
toxic512008
Messages postés
140
Date d'inscription
samedi 25 juillet 2009
Statut
Membre
Dernière intervention
12 octobre 2011
23
9 oct. 2011 à 18:38
9 oct. 2011 à 18:38
18:36:39.0203 6020 TDSS rootkit removing tool 2.6.6.0 Oct 7 2011 12:45:24
18:36:39.0383 6020 ============================================================
18:36:39.0383 6020 Current date / time: 2011/10/09 18:36:39.0383
18:36:39.0383 6020 SystemInfo:
18:36:39.0383 6020
18:36:39.0383 6020 OS Version: 6.1.7601 ServicePack: 1.0
18:36:39.0383 6020 Product type: Workstation
18:36:39.0383 6020 ComputerName: RORO-PC
18:36:39.0383 6020 UserName: roro
18:36:39.0383 6020 Windows directory: C:\Windows
18:36:39.0383 6020 System windows directory: C:\Windows
18:36:39.0383 6020 Processor architecture: Intel x86
18:36:39.0383 6020 Number of processors: 2
18:36:39.0383 6020 Page size: 0x1000
18:36:39.0383 6020 Boot type: Normal boot
18:36:39.0383 6020 ============================================================
18:36:40.0815 6020 Initialize success
18:36:45.0977 0196 ============================================================
18:36:45.0977 0196 Scan started
18:36:45.0977 0196 Mode: Manual;
18:36:45.0977 0196 ============================================================
18:36:46.0307 0196 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
18:36:46.0307 0196 1394ohci - ok
18:36:46.0337 0196 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
18:36:46.0347 0196 ACPI - ok
18:36:46.0377 0196 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
18:36:46.0377 0196 AcpiPmi - ok
18:36:46.0457 0196 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
18:36:46.0457 0196 adp94xx - ok
18:36:46.0487 0196 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
18:36:46.0487 0196 adpahci - ok
18:36:46.0507 0196 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
18:36:46.0507 0196 adpu320 - ok
18:36:46.0567 0196 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
18:36:46.0577 0196 AFD - ok
18:36:46.0597 0196 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
18:36:46.0607 0196 agp440 - ok
18:36:46.0627 0196 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
18:36:46.0627 0196 aic78xx - ok
18:36:46.0687 0196 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
18:36:46.0687 0196 aliide - ok
18:36:46.0717 0196 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
18:36:46.0727 0196 amdagp - ok
18:36:46.0747 0196 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
18:36:46.0757 0196 amdide - ok
18:36:46.0797 0196 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
18:36:46.0797 0196 AmdK8 - ok
18:36:46.0807 0196 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
18:36:46.0817 0196 AmdPPM - ok
18:36:46.0847 0196 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
18:36:46.0847 0196 amdsata - ok
18:36:46.0857 0196 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
18:36:46.0867 0196 amdsbs - ok
18:36:46.0877 0196 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
18:36:46.0887 0196 amdxata - ok
18:36:46.0937 0196 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
18:36:46.0937 0196 AppID - ok
18:36:46.0977 0196 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
18:36:46.0977 0196 arc - ok
18:36:46.0987 0196 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
18:36:46.0987 0196 arcsas - ok
18:36:47.0077 0196 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
18:36:47.0087 0196 AsyncMac - ok
18:36:47.0097 0196 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
18:36:47.0097 0196 atapi - ok
18:36:47.0137 0196 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
18:36:47.0147 0196 b06bdrv - ok
18:36:47.0187 0196 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
18:36:47.0197 0196 b57nd60x - ok
18:36:47.0217 0196 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
18:36:47.0217 0196 Beep - ok
18:36:47.0247 0196 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
18:36:47.0247 0196 blbdrive - ok
18:36:47.0307 0196 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
18:36:47.0307 0196 bowser - ok
18:36:47.0317 0196 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:36:47.0317 0196 BrFiltLo - ok
18:36:47.0327 0196 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:36:47.0327 0196 BrFiltUp - ok
18:36:47.0367 0196 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
18:36:47.0367 0196 Brserid - ok
18:36:47.0377 0196 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
18:36:47.0377 0196 BrSerWdm - ok
18:36:47.0387 0196 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:36:47.0387 0196 BrUsbMdm - ok
18:36:47.0397 0196 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
18:36:47.0407 0196 BrUsbSer - ok
18:36:47.0447 0196 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
18:36:47.0447 0196 BthEnum - ok
18:36:47.0457 0196 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
18:36:47.0457 0196 BTHMODEM - ok
18:36:47.0487 0196 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
18:36:47.0487 0196 BthPan - ok
18:36:47.0507 0196 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
18:36:47.0517 0196 BTHPORT - ok
18:36:47.0557 0196 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
18:36:47.0567 0196 BTHUSB - ok
18:36:47.0587 0196 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
18:36:47.0587 0196 cdfs - ok
18:36:47.0617 0196 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
18:36:47.0617 0196 cdrom - ok
18:36:47.0647 0196 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
18:36:47.0647 0196 circlass - ok
18:36:47.0697 0196 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
18:36:47.0707 0196 CLFS - ok
18:36:47.0737 0196 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
18:36:47.0737 0196 CmBatt - ok
18:36:47.0757 0196 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
18:36:47.0757 0196 cmdide - ok
18:36:47.0807 0196 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
18:36:47.0807 0196 CNG - ok
18:36:47.0827 0196 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
18:36:47.0827 0196 Compbatt - ok
18:36:47.0857 0196 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
18:36:47.0857 0196 CompositeBus - ok
18:36:47.0917 0196 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
18:36:47.0917 0196 crcdisk - ok
18:36:47.0977 0196 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
18:36:47.0977 0196 DfsC - ok
18:36:48.0007 0196 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
18:36:48.0007 0196 discache - ok
18:36:48.0037 0196 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
18:36:48.0047 0196 Disk - ok
18:36:48.0087 0196 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
18:36:48.0087 0196 drmkaud - ok
18:36:48.0127 0196 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
18:36:48.0137 0196 DXGKrnl - ok
18:36:48.0197 0196 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
18:36:48.0237 0196 ebdrv - ok
18:36:48.0277 0196 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
18:36:48.0287 0196 elxstor - ok
18:36:48.0317 0196 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
18:36:48.0317 0196 ErrDev - ok
18:36:48.0347 0196 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
18:36:48.0347 0196 exfat - ok
18:36:48.0367 0196 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
18:36:48.0367 0196 fastfat - ok
18:36:48.0397 0196 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
18:36:48.0397 0196 fdc - ok
18:36:48.0427 0196 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
18:36:48.0427 0196 FileInfo - ok
18:36:48.0447 0196 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
18:36:48.0447 0196 Filetrace - ok
18:36:48.0457 0196 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
18:36:48.0467 0196 flpydisk - ok
18:36:48.0487 0196 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
18:36:48.0497 0196 FltMgr - ok
18:36:48.0527 0196 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
18:36:48.0527 0196 FsDepends - ok
18:36:48.0537 0196 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
18:36:48.0537 0196 Fs_Rec - ok
18:36:48.0577 0196 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
18:36:48.0577 0196 fvevol - ok
18:36:48.0607 0196 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:36:48.0607 0196 gagp30kx - ok
18:36:48.0707 0196 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
18:36:48.0707 0196 hamachi - ok
18:36:48.0727 0196 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
18:36:48.0727 0196 hcw85cir - ok
18:36:48.0797 0196 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
18:36:48.0807 0196 HdAudAddService - ok
18:36:48.0837 0196 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
18:36:48.0837 0196 HDAudBus - ok
18:36:48.0847 0196 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
18:36:48.0857 0196 HidBatt - ok
18:36:48.0877 0196 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
18:36:48.0877 0196 HidBth - ok
18:36:48.0887 0196 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
18:36:48.0897 0196 HidIr - ok
18:36:48.0927 0196 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys
18:36:48.0927 0196 HidUsb - ok
18:36:49.0167 0196 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
18:36:49.0177 0196 HpSAMD - ok
18:36:49.0207 0196 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
18:36:49.0217 0196 HTTP - ok
18:36:49.0247 0196 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
18:36:49.0247 0196 hwpolicy - ok
18:36:49.0277 0196 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
18:36:49.0277 0196 i8042prt - ok
18:36:49.0307 0196 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
18:36:49.0307 0196 iaStorV - ok
18:36:49.0357 0196 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
18:36:49.0357 0196 iirsp - ok
18:36:49.0457 0196 IntcAzAudAddService (354ba9b040908f5ae680087da76d730e) C:\Windows\system32\drivers\RTKVHDA.sys
18:36:49.0507 0196 IntcAzAudAddService - ok
18:36:49.0527 0196 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
18:36:49.0527 0196 intelide - ok
18:36:49.0557 0196 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
18:36:49.0557 0196 intelppm - ok
18:36:49.0577 0196 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:36:49.0577 0196 IpFilterDriver - ok
18:36:49.0607 0196 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
18:36:49.0607 0196 IPMIDRV - ok
18:36:49.0617 0196 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
18:36:49.0627 0196 IPNAT - ok
18:36:49.0647 0196 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
18:36:49.0647 0196 IRENUM - ok
18:36:49.0667 0196 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
18:36:49.0667 0196 isapnp - ok
18:36:49.0717 0196 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
18:36:49.0717 0196 iScsiPrt - ok
18:36:49.0747 0196 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
18:36:49.0747 0196 kbdclass - ok
18:36:49.0777 0196 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
18:36:49.0777 0196 kbdhid - ok
18:36:49.0807 0196 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
18:36:49.0817 0196 KSecDD - ok
18:36:49.0837 0196 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
18:36:49.0847 0196 KSecPkg - ok
18:36:49.0887 0196 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
18:36:49.0887 0196 lltdio - ok
18:36:49.0937 0196 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:36:49.0937 0196 LSI_FC - ok
18:36:49.0967 0196 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:36:49.0967 0196 LSI_SAS - ok
18:36:50.0007 0196 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:36:50.0007 0196 LSI_SAS2 - ok
18:36:50.0047 0196 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:36:50.0057 0196 LSI_SCSI - ok
18:36:50.0077 0196 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
18:36:50.0077 0196 luafv - ok
18:36:50.0087 0196 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
18:36:50.0097 0196 megasas - ok
18:36:50.0117 0196 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
18:36:50.0127 0196 MegaSR - ok
18:36:50.0167 0196 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
18:36:50.0167 0196 Modem - ok
18:36:50.0197 0196 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
18:36:50.0197 0196 monitor - ok
18:36:50.0227 0196 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
18:36:50.0237 0196 mouclass - ok
18:36:50.0257 0196 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
18:36:50.0277 0196 mouhid - ok
18:36:50.0297 0196 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
18:36:50.0307 0196 mountmgr - ok
18:36:50.0337 0196 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
18:36:50.0337 0196 MpFilter - ok
18:36:50.0387 0196 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
18:36:50.0387 0196 mpio - ok
18:36:50.0477 0196 MpKsl02f0b933 - ok
18:36:50.0497 0196 MpKsl115ae623 - ok
18:36:50.0497 0196 MpKsl22381659 - ok
18:36:50.0557 0196 MpKsl2f9ad92b (5f53edfead46fa7adb78eee9ecce8fdf) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0F2C2487-9D6C-4271-8883-A467C85EA9E1}\MpKsl2f9ad92b.sys
18:36:50.0557 0196 MpKsl2f9ad92b - ok
18:36:50.0577 0196 MpKsl3c5a92fd - ok
18:36:50.0587 0196 MpKsl47eed964 - ok
18:36:50.0607 0196 MpKsl4f0a44f1 - ok
18:36:50.0637 0196 MpKsl663bc230 - ok
18:36:50.0647 0196 MpKsl6e906669 - ok
18:36:50.0657 0196 MpKsl741cffd2 - ok
18:36:50.0677 0196 MpKsl9109de62 - ok
18:36:50.0687 0196 MpKsl9cc68799 - ok
18:36:50.0697 0196 MpKsla2539cdc - ok
18:36:50.0717 0196 MpKslc0780576 - ok
18:36:50.0717 0196 MpKslc7c87ccb - ok
18:36:50.0727 0196 MpKslc8db9c9f - ok
18:36:50.0737 0196 MpKslcd1a7f4e - ok
18:36:50.0757 0196 MpKsld5f77580 - ok
18:36:50.0757 0196 MpKslede6597c - ok
18:36:50.0767 0196 MpKsledff8fe5 - ok
18:36:50.0787 0196 MpKslefb4a477 - ok
18:36:50.0807 0196 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
18:36:50.0807 0196 MpNWMon - ok
18:36:50.0857 0196 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
18:36:50.0857 0196 mpsdrv - ok
18:36:50.0897 0196 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
18:36:50.0897 0196 MRxDAV - ok
18:36:50.0927 0196 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:36:50.0937 0196 mrxsmb - ok
18:36:50.0967 0196 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:36:50.0977 0196 mrxsmb10 - ok
18:36:50.0987 0196 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:36:50.0997 0196 mrxsmb20 - ok
18:36:51.0027 0196 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
18:36:51.0027 0196 msahci - ok
18:36:51.0087 0196 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
18:36:51.0087 0196 msdsm - ok
18:36:51.0117 0196 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
18:36:51.0117 0196 Msfs - ok
18:36:51.0137 0196 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
18:36:51.0137 0196 mshidkmdf - ok
18:36:51.0147 0196 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
18:36:51.0147 0196 msisadrv - ok
18:36:51.0207 0196 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
18:36:51.0207 0196 MSKSSRV - ok
18:36:51.0267 0196 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
18:36:51.0267 0196 MSPCLOCK - ok
18:36:51.0277 0196 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
18:36:51.0277 0196 MSPQM - ok
18:36:51.0297 0196 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
18:36:51.0297 0196 MsRPC - ok
18:36:51.0317 0196 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
18:36:51.0317 0196 mssmbios - ok
18:36:51.0327 0196 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
18:36:51.0337 0196 MSTEE - ok
18:36:51.0367 0196 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
18:36:51.0367 0196 MTConfig - ok
18:36:51.0397 0196 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
18:36:51.0397 0196 Mup - ok
18:36:51.0467 0196 musbehco (22fabdc07b4de09773a92d49201c9f94) C:\Users\roro\AppData\Local\Temp\musbehco.sys
18:36:51.0507 0196 musbehco - ok
18:36:51.0557 0196 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
18:36:51.0567 0196 NativeWifiP - ok
18:36:51.0607 0196 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
18:36:51.0617 0196 NDIS - ok
18:36:51.0647 0196 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
18:36:51.0647 0196 NdisCap - ok
18:36:51.0687 0196 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
18:36:51.0697 0196 NdisTapi - ok
18:36:51.0727 0196 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
18:36:51.0727 0196 Ndisuio - ok
18:36:51.0757 0196 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
18:36:51.0767 0196 NdisWan - ok
18:36:51.0827 0196 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
18:36:51.0827 0196 NDProxy - ok
18:36:51.0847 0196 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
18:36:51.0847 0196 NetBIOS - ok
18:36:51.0877 0196 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
18:36:51.0877 0196 NetBT - ok
18:36:51.0977 0196 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
18:36:51.0977 0196 nfrd960 - ok
18:36:52.0017 0196 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:36:52.0017 0196 NisDrv - ok
18:36:52.0057 0196 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
18:36:52.0057 0196 Npfs - ok
18:36:52.0077 0196 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
18:36:52.0077 0196 nsiproxy - ok
18:36:52.0137 0196 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
18:36:52.0147 0196 Ntfs - ok
18:36:52.0167 0196 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
18:36:52.0167 0196 Null - ok
18:36:52.0227 0196 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys
18:36:52.0227 0196 NVENETFD - ok
18:36:52.0267 0196 NVHDA (92cfe8964b3a6da0692331fa66630db3) C:\Windows\system32\drivers\nvhda32v.sys
18:36:52.0267 0196 NVHDA - ok
18:36:52.0457 0196 nvlddmkm (6f73ce2eff026c00d409e1e76592728c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:36:52.0567 0196 nvlddmkm - ok
18:36:52.0697 0196 NVNET (1de923088878b495cd4219e47ba34eb8) C:\Windows\system32\DRIVERS\nvmf6232.sys
18:36:52.0707 0196 NVNET - ok
18:36:52.0747 0196 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
18:36:52.0757 0196 nvraid - ok
18:36:52.0787 0196 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
18:36:52.0787 0196 nvstor - ok
18:36:52.0827 0196 nvstor32 (97778c3cb3af6b2243648d0dcd4d8916) C:\Windows\system32\DRIVERS\nvstor32.sys
18:36:52.0827 0196 nvstor32 - ok
18:36:52.0877 0196 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
18:36:52.0877 0196 nv_agp - ok
18:36:52.0907 0196 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
18:36:52.0907 0196 ohci1394 - ok
18:36:52.0937 0196 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
18:36:52.0937 0196 Parport - ok
18:36:52.0967 0196 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
18:36:52.0967 0196 partmgr - ok
18:36:53.0007 0196 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
18:36:53.0007 0196 Parvdm - ok
18:36:53.0027 0196 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
18:36:53.0037 0196 pci - ok
18:36:53.0047 0196 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
18:36:53.0047 0196 pciide - ok
18:36:53.0067 0196 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
18:36:53.0077 0196 pcmcia - ok
18:36:53.0087 0196 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
18:36:53.0097 0196 pcw - ok
18:36:53.0137 0196 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
18:36:53.0147 0196 PEAUTH - ok
18:36:53.0227 0196 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
18:36:53.0227 0196 PptpMiniport - ok
18:36:53.0257 0196 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
18:36:53.0257 0196 Processor - ok
18:36:53.0307 0196 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
18:36:53.0307 0196 Psched - ok
18:36:53.0347 0196 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
18:36:53.0367 0196 ql2300 - ok
18:36:53.0387 0196 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
18:36:53.0387 0196 ql40xx - ok
18:36:53.0407 0196 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
18:36:53.0417 0196 QWAVEdrv - ok
18:36:53.0427 0196 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
18:36:53.0427 0196 RasAcd - ok
18:36:53.0457 0196 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:36:53.0457 0196 RasAgileVpn - ok
18:36:53.0477 0196 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:36:53.0487 0196 Rasl2tp - ok
18:36:53.0527 0196 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
18:36:53.0527 0196 RasPppoe - ok
18:36:53.0547 0196 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
18:36:53.0547 0196 RasSstp - ok
18:36:53.0597 0196 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
18:36:53.0607 0196 rdbss - ok
18:36:53.0627 0196 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
18:36:53.0627 0196 rdpbus - ok
18:36:53.0657 0196 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:36:53.0657 0196 RDPCDD - ok
18:36:53.0677 0196 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
18:36:53.0677 0196 RDPENCDD - ok
18:36:53.0697 0196 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
18:36:53.0697 0196 RDPREFMP - ok
18:36:53.0727 0196 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
18:36:53.0727 0196 RDPWD - ok
18:36:53.0777 0196 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
18:36:53.0777 0196 rdyboost - ok
18:36:53.0827 0196 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
18:36:53.0837 0196 RFCOMM - ok
18:36:53.0867 0196 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
18:36:53.0867 0196 rspndr - ok
18:36:53.0937 0196 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
18:36:53.0937 0196 sbp2port - ok
18:36:53.0967 0196 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
18:36:53.0967 0196 scfilter - ok
18:36:53.0997 0196 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:36:53.0997 0196 secdrv - ok
18:36:54.0057 0196 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
18:36:54.0057 0196 Serenum - ok
18:36:54.0097 0196 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
18:36:54.0097 0196 Serial - ok
18:36:54.0117 0196 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
18:36:54.0117 0196 sermouse - ok
18:36:54.0157 0196 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
18:36:54.0167 0196 sffdisk - ok
18:36:54.0327 0196 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
18:36:54.0347 0196 sffp_mmc - ok
18:36:54.0367 0196 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
18:36:54.0367 0196 sffp_sd - ok
18:36:54.0387 0196 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
18:36:54.0387 0196 sfloppy - ok
18:36:54.0407 0196 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
18:36:54.0407 0196 sisagp - ok
18:36:54.0427 0196 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:36:54.0427 0196 SiSRaid2 - ok
18:36:54.0447 0196 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
18:36:54.0447 0196 SiSRaid4 - ok
18:36:54.0467 0196 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
18:36:54.0477 0196 Smb - ok
18:36:54.0497 0196 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
18:36:54.0507 0196 spldr - ok
18:36:54.0547 0196 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
18:36:54.0547 0196 srv - ok
18:36:54.0577 0196 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
18:36:54.0587 0196 srv2 - ok
18:36:54.0597 0196 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
18:36:54.0597 0196 srvnet - ok
18:36:54.0647 0196 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
18:36:54.0647 0196 stexstor - ok
18:36:54.0677 0196 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
18:36:54.0677 0196 swenum - ok
18:36:54.0747 0196 Tcpip (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\drivers\tcpip.sys
18:36:54.0757 0196 Tcpip - ok
18:36:54.0787 0196 TCPIP6 (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\DRIVERS\tcpip.sys
18:36:54.0797 0196 TCPIP6 - ok
18:36:54.0827 0196 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
18:36:54.0827 0196 tcpipreg - ok
18:36:54.0877 0196 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
18:36:54.0877 0196 TDPIPE - ok
18:36:54.0887 0196 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
18:36:54.0887 0196 TDTCP - ok
18:36:54.0937 0196 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
18:36:54.0937 0196 tdx - ok
18:36:54.0957 0196 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
18:36:54.0957 0196 TermDD - ok
18:36:55.0007 0196 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:36:55.0007 0196 tssecsrv - ok
18:36:55.0087 0196 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
18:36:55.0087 0196 TsUsbFlt - ok
18:36:55.0177 0196 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
18:36:55.0177 0196 tunnel - ok
18:36:55.0217 0196 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
18:36:55.0217 0196 uagp35 - ok
18:36:55.0247 0196 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
18:36:55.0257 0196 udfs - ok
18:36:55.0297 0196 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
18:36:55.0297 0196 uliagpkx - ok
18:36:55.0357 0196 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
18:36:55.0357 0196 umbus - ok
18:36:55.0377 0196 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
18:36:55.0377 0196 UmPass - ok
18:36:55.0397 0196 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\drivers\usbccgp.sys
18:36:55.0397 0196 usbccgp - ok
18:36:55.0427 0196 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
18:36:55.0427 0196 usbcir - ok
18:36:55.0457 0196 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
18:36:55.0457 0196 usbehci - ok
18:36:55.0487 0196 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
18:36:55.0497 0196 usbhub - ok
18:36:55.0517 0196 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
18:36:55.0517 0196 usbohci - ok
18:36:55.0527 0196 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
18:36:55.0527 0196 usbprint - ok
18:36:55.0547 0196 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\drivers\USBSTOR.SYS
18:36:55.0547 0196 USBSTOR - ok
18:36:55.0567 0196 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
18:36:55.0567 0196 usbuhci - ok
18:36:55.0597 0196 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
18:36:55.0607 0196 vdrvroot - ok
18:36:55.0627 0196 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
18:36:55.0627 0196 vga - ok
18:36:55.0647 0196 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
18:36:55.0647 0196 VgaSave - ok
18:36:55.0667 0196 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
18:36:55.0667 0196 vhdmp - ok
18:36:55.0687 0196 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
18:36:55.0687 0196 viaagp - ok
18:36:55.0707 0196 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
18:36:55.0707 0196 ViaC7 - ok
18:36:55.0737 0196 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
18:36:55.0737 0196 viaide - ok
18:36:55.0747 0196 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
18:36:55.0747 0196 volmgr - ok
18:36:55.0797 0196 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
18:36:55.0797 0196 volmgrx - ok
18:36:55.0817 0196 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
18:36:55.0827 0196 volsnap - ok
18:36:55.0857 0196 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
18:36:55.0867 0196 vsmraid - ok
18:36:55.0887 0196 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
18:36:55.0887 0196 vwifibus - ok
18:36:55.0917 0196 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
18:36:55.0917 0196 WacomPen - ok
18:36:55.0957 0196 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
18:36:55.0957 0196 WANARP - ok
18:36:55.0957 0196 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
18:36:55.0957 0196 Wanarpv6 - ok
18:36:55.0997 0196 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
18:36:56.0007 0196 Wd - ok
18:36:56.0037 0196 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
18:36:56.0047 0196 Wdf01000 - ok
18:36:56.0097 0196 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
18:36:56.0097 0196 WfpLwf - ok
18:36:56.0117 0196 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
18:36:56.0117 0196 WIMMount - ok
18:36:56.0197 0196 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
18:36:56.0197 0196 WmiAcpi - ok
18:36:56.0237 0196 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
18:36:56.0237 0196 ws2ifsl - ok
18:36:56.0267 0196 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
18:36:56.0267 0196 WudfPf - ok
18:36:56.0287 0196 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:36:56.0297 0196 WUDFRd - ok
18:36:56.0327 0196 XDva388 - ok
18:36:56.0367 0196 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:36:56.0377 0196 \Device\Harddisk0\DR0 - ok
18:36:56.0377 0196 Boot (0x1200) (d12542715b97402b91837c558668178a) \Device\Harddisk0\DR0\Partition0
18:36:56.0377 0196 \Device\Harddisk0\DR0\Partition0 - ok
18:36:56.0397 0196 Boot (0x1200) (7f71e831f528d74514c6c9dfcc2f922c) \Device\Harddisk0\DR0\Partition1
18:36:56.0397 0196 \Device\Harddisk0\DR0\Partition1 - ok
18:36:56.0397 0196 ============================================================
18:36:56.0397 0196 Scan finished
18:36:56.0397 0196 ============================================================
18:36:56.0407 5420 Detected object count: 0
18:36:56.0407 5420 Actual detected object count: 0
18:37:34.0907 0568 Deinitialize success
Rien de suspect trouver, Toujour ce virus à la noix -__-
18:36:39.0383 6020 ============================================================
18:36:39.0383 6020 Current date / time: 2011/10/09 18:36:39.0383
18:36:39.0383 6020 SystemInfo:
18:36:39.0383 6020
18:36:39.0383 6020 OS Version: 6.1.7601 ServicePack: 1.0
18:36:39.0383 6020 Product type: Workstation
18:36:39.0383 6020 ComputerName: RORO-PC
18:36:39.0383 6020 UserName: roro
18:36:39.0383 6020 Windows directory: C:\Windows
18:36:39.0383 6020 System windows directory: C:\Windows
18:36:39.0383 6020 Processor architecture: Intel x86
18:36:39.0383 6020 Number of processors: 2
18:36:39.0383 6020 Page size: 0x1000
18:36:39.0383 6020 Boot type: Normal boot
18:36:39.0383 6020 ============================================================
18:36:40.0815 6020 Initialize success
18:36:45.0977 0196 ============================================================
18:36:45.0977 0196 Scan started
18:36:45.0977 0196 Mode: Manual;
18:36:45.0977 0196 ============================================================
18:36:46.0307 0196 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
18:36:46.0307 0196 1394ohci - ok
18:36:46.0337 0196 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
18:36:46.0347 0196 ACPI - ok
18:36:46.0377 0196 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
18:36:46.0377 0196 AcpiPmi - ok
18:36:46.0457 0196 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
18:36:46.0457 0196 adp94xx - ok
18:36:46.0487 0196 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
18:36:46.0487 0196 adpahci - ok
18:36:46.0507 0196 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
18:36:46.0507 0196 adpu320 - ok
18:36:46.0567 0196 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
18:36:46.0577 0196 AFD - ok
18:36:46.0597 0196 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
18:36:46.0607 0196 agp440 - ok
18:36:46.0627 0196 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
18:36:46.0627 0196 aic78xx - ok
18:36:46.0687 0196 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
18:36:46.0687 0196 aliide - ok
18:36:46.0717 0196 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
18:36:46.0727 0196 amdagp - ok
18:36:46.0747 0196 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
18:36:46.0757 0196 amdide - ok
18:36:46.0797 0196 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
18:36:46.0797 0196 AmdK8 - ok
18:36:46.0807 0196 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
18:36:46.0817 0196 AmdPPM - ok
18:36:46.0847 0196 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
18:36:46.0847 0196 amdsata - ok
18:36:46.0857 0196 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
18:36:46.0867 0196 amdsbs - ok
18:36:46.0877 0196 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
18:36:46.0887 0196 amdxata - ok
18:36:46.0937 0196 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
18:36:46.0937 0196 AppID - ok
18:36:46.0977 0196 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
18:36:46.0977 0196 arc - ok
18:36:46.0987 0196 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
18:36:46.0987 0196 arcsas - ok
18:36:47.0077 0196 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
18:36:47.0087 0196 AsyncMac - ok
18:36:47.0097 0196 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
18:36:47.0097 0196 atapi - ok
18:36:47.0137 0196 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
18:36:47.0147 0196 b06bdrv - ok
18:36:47.0187 0196 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
18:36:47.0197 0196 b57nd60x - ok
18:36:47.0217 0196 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
18:36:47.0217 0196 Beep - ok
18:36:47.0247 0196 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
18:36:47.0247 0196 blbdrive - ok
18:36:47.0307 0196 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
18:36:47.0307 0196 bowser - ok
18:36:47.0317 0196 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:36:47.0317 0196 BrFiltLo - ok
18:36:47.0327 0196 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:36:47.0327 0196 BrFiltUp - ok
18:36:47.0367 0196 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
18:36:47.0367 0196 Brserid - ok
18:36:47.0377 0196 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
18:36:47.0377 0196 BrSerWdm - ok
18:36:47.0387 0196 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:36:47.0387 0196 BrUsbMdm - ok
18:36:47.0397 0196 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
18:36:47.0407 0196 BrUsbSer - ok
18:36:47.0447 0196 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
18:36:47.0447 0196 BthEnum - ok
18:36:47.0457 0196 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
18:36:47.0457 0196 BTHMODEM - ok
18:36:47.0487 0196 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
18:36:47.0487 0196 BthPan - ok
18:36:47.0507 0196 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
18:36:47.0517 0196 BTHPORT - ok
18:36:47.0557 0196 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
18:36:47.0567 0196 BTHUSB - ok
18:36:47.0587 0196 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
18:36:47.0587 0196 cdfs - ok
18:36:47.0617 0196 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
18:36:47.0617 0196 cdrom - ok
18:36:47.0647 0196 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
18:36:47.0647 0196 circlass - ok
18:36:47.0697 0196 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
18:36:47.0707 0196 CLFS - ok
18:36:47.0737 0196 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
18:36:47.0737 0196 CmBatt - ok
18:36:47.0757 0196 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
18:36:47.0757 0196 cmdide - ok
18:36:47.0807 0196 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
18:36:47.0807 0196 CNG - ok
18:36:47.0827 0196 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
18:36:47.0827 0196 Compbatt - ok
18:36:47.0857 0196 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
18:36:47.0857 0196 CompositeBus - ok
18:36:47.0917 0196 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
18:36:47.0917 0196 crcdisk - ok
18:36:47.0977 0196 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
18:36:47.0977 0196 DfsC - ok
18:36:48.0007 0196 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
18:36:48.0007 0196 discache - ok
18:36:48.0037 0196 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
18:36:48.0047 0196 Disk - ok
18:36:48.0087 0196 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
18:36:48.0087 0196 drmkaud - ok
18:36:48.0127 0196 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
18:36:48.0137 0196 DXGKrnl - ok
18:36:48.0197 0196 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
18:36:48.0237 0196 ebdrv - ok
18:36:48.0277 0196 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
18:36:48.0287 0196 elxstor - ok
18:36:48.0317 0196 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
18:36:48.0317 0196 ErrDev - ok
18:36:48.0347 0196 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
18:36:48.0347 0196 exfat - ok
18:36:48.0367 0196 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
18:36:48.0367 0196 fastfat - ok
18:36:48.0397 0196 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
18:36:48.0397 0196 fdc - ok
18:36:48.0427 0196 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
18:36:48.0427 0196 FileInfo - ok
18:36:48.0447 0196 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
18:36:48.0447 0196 Filetrace - ok
18:36:48.0457 0196 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
18:36:48.0467 0196 flpydisk - ok
18:36:48.0487 0196 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
18:36:48.0497 0196 FltMgr - ok
18:36:48.0527 0196 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
18:36:48.0527 0196 FsDepends - ok
18:36:48.0537 0196 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
18:36:48.0537 0196 Fs_Rec - ok
18:36:48.0577 0196 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
18:36:48.0577 0196 fvevol - ok
18:36:48.0607 0196 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:36:48.0607 0196 gagp30kx - ok
18:36:48.0707 0196 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
18:36:48.0707 0196 hamachi - ok
18:36:48.0727 0196 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
18:36:48.0727 0196 hcw85cir - ok
18:36:48.0797 0196 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
18:36:48.0807 0196 HdAudAddService - ok
18:36:48.0837 0196 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
18:36:48.0837 0196 HDAudBus - ok
18:36:48.0847 0196 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
18:36:48.0857 0196 HidBatt - ok
18:36:48.0877 0196 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
18:36:48.0877 0196 HidBth - ok
18:36:48.0887 0196 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
18:36:48.0897 0196 HidIr - ok
18:36:48.0927 0196 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys
18:36:48.0927 0196 HidUsb - ok
18:36:49.0167 0196 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
18:36:49.0177 0196 HpSAMD - ok
18:36:49.0207 0196 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
18:36:49.0217 0196 HTTP - ok
18:36:49.0247 0196 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
18:36:49.0247 0196 hwpolicy - ok
18:36:49.0277 0196 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
18:36:49.0277 0196 i8042prt - ok
18:36:49.0307 0196 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
18:36:49.0307 0196 iaStorV - ok
18:36:49.0357 0196 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
18:36:49.0357 0196 iirsp - ok
18:36:49.0457 0196 IntcAzAudAddService (354ba9b040908f5ae680087da76d730e) C:\Windows\system32\drivers\RTKVHDA.sys
18:36:49.0507 0196 IntcAzAudAddService - ok
18:36:49.0527 0196 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
18:36:49.0527 0196 intelide - ok
18:36:49.0557 0196 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
18:36:49.0557 0196 intelppm - ok
18:36:49.0577 0196 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:36:49.0577 0196 IpFilterDriver - ok
18:36:49.0607 0196 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
18:36:49.0607 0196 IPMIDRV - ok
18:36:49.0617 0196 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
18:36:49.0627 0196 IPNAT - ok
18:36:49.0647 0196 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
18:36:49.0647 0196 IRENUM - ok
18:36:49.0667 0196 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
18:36:49.0667 0196 isapnp - ok
18:36:49.0717 0196 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
18:36:49.0717 0196 iScsiPrt - ok
18:36:49.0747 0196 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
18:36:49.0747 0196 kbdclass - ok
18:36:49.0777 0196 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
18:36:49.0777 0196 kbdhid - ok
18:36:49.0807 0196 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
18:36:49.0817 0196 KSecDD - ok
18:36:49.0837 0196 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
18:36:49.0847 0196 KSecPkg - ok
18:36:49.0887 0196 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
18:36:49.0887 0196 lltdio - ok
18:36:49.0937 0196 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:36:49.0937 0196 LSI_FC - ok
18:36:49.0967 0196 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:36:49.0967 0196 LSI_SAS - ok
18:36:50.0007 0196 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:36:50.0007 0196 LSI_SAS2 - ok
18:36:50.0047 0196 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:36:50.0057 0196 LSI_SCSI - ok
18:36:50.0077 0196 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
18:36:50.0077 0196 luafv - ok
18:36:50.0087 0196 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
18:36:50.0097 0196 megasas - ok
18:36:50.0117 0196 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
18:36:50.0127 0196 MegaSR - ok
18:36:50.0167 0196 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
18:36:50.0167 0196 Modem - ok
18:36:50.0197 0196 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
18:36:50.0197 0196 monitor - ok
18:36:50.0227 0196 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
18:36:50.0237 0196 mouclass - ok
18:36:50.0257 0196 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
18:36:50.0277 0196 mouhid - ok
18:36:50.0297 0196 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
18:36:50.0307 0196 mountmgr - ok
18:36:50.0337 0196 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
18:36:50.0337 0196 MpFilter - ok
18:36:50.0387 0196 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
18:36:50.0387 0196 mpio - ok
18:36:50.0477 0196 MpKsl02f0b933 - ok
18:36:50.0497 0196 MpKsl115ae623 - ok
18:36:50.0497 0196 MpKsl22381659 - ok
18:36:50.0557 0196 MpKsl2f9ad92b (5f53edfead46fa7adb78eee9ecce8fdf) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0F2C2487-9D6C-4271-8883-A467C85EA9E1}\MpKsl2f9ad92b.sys
18:36:50.0557 0196 MpKsl2f9ad92b - ok
18:36:50.0577 0196 MpKsl3c5a92fd - ok
18:36:50.0587 0196 MpKsl47eed964 - ok
18:36:50.0607 0196 MpKsl4f0a44f1 - ok
18:36:50.0637 0196 MpKsl663bc230 - ok
18:36:50.0647 0196 MpKsl6e906669 - ok
18:36:50.0657 0196 MpKsl741cffd2 - ok
18:36:50.0677 0196 MpKsl9109de62 - ok
18:36:50.0687 0196 MpKsl9cc68799 - ok
18:36:50.0697 0196 MpKsla2539cdc - ok
18:36:50.0717 0196 MpKslc0780576 - ok
18:36:50.0717 0196 MpKslc7c87ccb - ok
18:36:50.0727 0196 MpKslc8db9c9f - ok
18:36:50.0737 0196 MpKslcd1a7f4e - ok
18:36:50.0757 0196 MpKsld5f77580 - ok
18:36:50.0757 0196 MpKslede6597c - ok
18:36:50.0767 0196 MpKsledff8fe5 - ok
18:36:50.0787 0196 MpKslefb4a477 - ok
18:36:50.0807 0196 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
18:36:50.0807 0196 MpNWMon - ok
18:36:50.0857 0196 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
18:36:50.0857 0196 mpsdrv - ok
18:36:50.0897 0196 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
18:36:50.0897 0196 MRxDAV - ok
18:36:50.0927 0196 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:36:50.0937 0196 mrxsmb - ok
18:36:50.0967 0196 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:36:50.0977 0196 mrxsmb10 - ok
18:36:50.0987 0196 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:36:50.0997 0196 mrxsmb20 - ok
18:36:51.0027 0196 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
18:36:51.0027 0196 msahci - ok
18:36:51.0087 0196 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
18:36:51.0087 0196 msdsm - ok
18:36:51.0117 0196 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
18:36:51.0117 0196 Msfs - ok
18:36:51.0137 0196 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
18:36:51.0137 0196 mshidkmdf - ok
18:36:51.0147 0196 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
18:36:51.0147 0196 msisadrv - ok
18:36:51.0207 0196 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
18:36:51.0207 0196 MSKSSRV - ok
18:36:51.0267 0196 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
18:36:51.0267 0196 MSPCLOCK - ok
18:36:51.0277 0196 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
18:36:51.0277 0196 MSPQM - ok
18:36:51.0297 0196 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
18:36:51.0297 0196 MsRPC - ok
18:36:51.0317 0196 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
18:36:51.0317 0196 mssmbios - ok
18:36:51.0327 0196 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
18:36:51.0337 0196 MSTEE - ok
18:36:51.0367 0196 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
18:36:51.0367 0196 MTConfig - ok
18:36:51.0397 0196 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
18:36:51.0397 0196 Mup - ok
18:36:51.0467 0196 musbehco (22fabdc07b4de09773a92d49201c9f94) C:\Users\roro\AppData\Local\Temp\musbehco.sys
18:36:51.0507 0196 musbehco - ok
18:36:51.0557 0196 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
18:36:51.0567 0196 NativeWifiP - ok
18:36:51.0607 0196 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
18:36:51.0617 0196 NDIS - ok
18:36:51.0647 0196 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
18:36:51.0647 0196 NdisCap - ok
18:36:51.0687 0196 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
18:36:51.0697 0196 NdisTapi - ok
18:36:51.0727 0196 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
18:36:51.0727 0196 Ndisuio - ok
18:36:51.0757 0196 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
18:36:51.0767 0196 NdisWan - ok
18:36:51.0827 0196 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
18:36:51.0827 0196 NDProxy - ok
18:36:51.0847 0196 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
18:36:51.0847 0196 NetBIOS - ok
18:36:51.0877 0196 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
18:36:51.0877 0196 NetBT - ok
18:36:51.0977 0196 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
18:36:51.0977 0196 nfrd960 - ok
18:36:52.0017 0196 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:36:52.0017 0196 NisDrv - ok
18:36:52.0057 0196 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
18:36:52.0057 0196 Npfs - ok
18:36:52.0077 0196 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
18:36:52.0077 0196 nsiproxy - ok
18:36:52.0137 0196 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
18:36:52.0147 0196 Ntfs - ok
18:36:52.0167 0196 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
18:36:52.0167 0196 Null - ok
18:36:52.0227 0196 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys
18:36:52.0227 0196 NVENETFD - ok
18:36:52.0267 0196 NVHDA (92cfe8964b3a6da0692331fa66630db3) C:\Windows\system32\drivers\nvhda32v.sys
18:36:52.0267 0196 NVHDA - ok
18:36:52.0457 0196 nvlddmkm (6f73ce2eff026c00d409e1e76592728c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:36:52.0567 0196 nvlddmkm - ok
18:36:52.0697 0196 NVNET (1de923088878b495cd4219e47ba34eb8) C:\Windows\system32\DRIVERS\nvmf6232.sys
18:36:52.0707 0196 NVNET - ok
18:36:52.0747 0196 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
18:36:52.0757 0196 nvraid - ok
18:36:52.0787 0196 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
18:36:52.0787 0196 nvstor - ok
18:36:52.0827 0196 nvstor32 (97778c3cb3af6b2243648d0dcd4d8916) C:\Windows\system32\DRIVERS\nvstor32.sys
18:36:52.0827 0196 nvstor32 - ok
18:36:52.0877 0196 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
18:36:52.0877 0196 nv_agp - ok
18:36:52.0907 0196 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
18:36:52.0907 0196 ohci1394 - ok
18:36:52.0937 0196 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
18:36:52.0937 0196 Parport - ok
18:36:52.0967 0196 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
18:36:52.0967 0196 partmgr - ok
18:36:53.0007 0196 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
18:36:53.0007 0196 Parvdm - ok
18:36:53.0027 0196 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
18:36:53.0037 0196 pci - ok
18:36:53.0047 0196 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
18:36:53.0047 0196 pciide - ok
18:36:53.0067 0196 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
18:36:53.0077 0196 pcmcia - ok
18:36:53.0087 0196 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
18:36:53.0097 0196 pcw - ok
18:36:53.0137 0196 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
18:36:53.0147 0196 PEAUTH - ok
18:36:53.0227 0196 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
18:36:53.0227 0196 PptpMiniport - ok
18:36:53.0257 0196 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
18:36:53.0257 0196 Processor - ok
18:36:53.0307 0196 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
18:36:53.0307 0196 Psched - ok
18:36:53.0347 0196 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
18:36:53.0367 0196 ql2300 - ok
18:36:53.0387 0196 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
18:36:53.0387 0196 ql40xx - ok
18:36:53.0407 0196 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
18:36:53.0417 0196 QWAVEdrv - ok
18:36:53.0427 0196 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
18:36:53.0427 0196 RasAcd - ok
18:36:53.0457 0196 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:36:53.0457 0196 RasAgileVpn - ok
18:36:53.0477 0196 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:36:53.0487 0196 Rasl2tp - ok
18:36:53.0527 0196 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
18:36:53.0527 0196 RasPppoe - ok
18:36:53.0547 0196 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
18:36:53.0547 0196 RasSstp - ok
18:36:53.0597 0196 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
18:36:53.0607 0196 rdbss - ok
18:36:53.0627 0196 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
18:36:53.0627 0196 rdpbus - ok
18:36:53.0657 0196 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:36:53.0657 0196 RDPCDD - ok
18:36:53.0677 0196 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
18:36:53.0677 0196 RDPENCDD - ok
18:36:53.0697 0196 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
18:36:53.0697 0196 RDPREFMP - ok
18:36:53.0727 0196 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
18:36:53.0727 0196 RDPWD - ok
18:36:53.0777 0196 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
18:36:53.0777 0196 rdyboost - ok
18:36:53.0827 0196 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
18:36:53.0837 0196 RFCOMM - ok
18:36:53.0867 0196 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
18:36:53.0867 0196 rspndr - ok
18:36:53.0937 0196 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
18:36:53.0937 0196 sbp2port - ok
18:36:53.0967 0196 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
18:36:53.0967 0196 scfilter - ok
18:36:53.0997 0196 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:36:53.0997 0196 secdrv - ok
18:36:54.0057 0196 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
18:36:54.0057 0196 Serenum - ok
18:36:54.0097 0196 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
18:36:54.0097 0196 Serial - ok
18:36:54.0117 0196 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
18:36:54.0117 0196 sermouse - ok
18:36:54.0157 0196 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
18:36:54.0167 0196 sffdisk - ok
18:36:54.0327 0196 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
18:36:54.0347 0196 sffp_mmc - ok
18:36:54.0367 0196 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
18:36:54.0367 0196 sffp_sd - ok
18:36:54.0387 0196 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
18:36:54.0387 0196 sfloppy - ok
18:36:54.0407 0196 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
18:36:54.0407 0196 sisagp - ok
18:36:54.0427 0196 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:36:54.0427 0196 SiSRaid2 - ok
18:36:54.0447 0196 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
18:36:54.0447 0196 SiSRaid4 - ok
18:36:54.0467 0196 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
18:36:54.0477 0196 Smb - ok
18:36:54.0497 0196 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
18:36:54.0507 0196 spldr - ok
18:36:54.0547 0196 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
18:36:54.0547 0196 srv - ok
18:36:54.0577 0196 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
18:36:54.0587 0196 srv2 - ok
18:36:54.0597 0196 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
18:36:54.0597 0196 srvnet - ok
18:36:54.0647 0196 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
18:36:54.0647 0196 stexstor - ok
18:36:54.0677 0196 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
18:36:54.0677 0196 swenum - ok
18:36:54.0747 0196 Tcpip (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\drivers\tcpip.sys
18:36:54.0757 0196 Tcpip - ok
18:36:54.0787 0196 TCPIP6 (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\DRIVERS\tcpip.sys
18:36:54.0797 0196 TCPIP6 - ok
18:36:54.0827 0196 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
18:36:54.0827 0196 tcpipreg - ok
18:36:54.0877 0196 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
18:36:54.0877 0196 TDPIPE - ok
18:36:54.0887 0196 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
18:36:54.0887 0196 TDTCP - ok
18:36:54.0937 0196 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
18:36:54.0937 0196 tdx - ok
18:36:54.0957 0196 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
18:36:54.0957 0196 TermDD - ok
18:36:55.0007 0196 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:36:55.0007 0196 tssecsrv - ok
18:36:55.0087 0196 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
18:36:55.0087 0196 TsUsbFlt - ok
18:36:55.0177 0196 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
18:36:55.0177 0196 tunnel - ok
18:36:55.0217 0196 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
18:36:55.0217 0196 uagp35 - ok
18:36:55.0247 0196 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
18:36:55.0257 0196 udfs - ok
18:36:55.0297 0196 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
18:36:55.0297 0196 uliagpkx - ok
18:36:55.0357 0196 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
18:36:55.0357 0196 umbus - ok
18:36:55.0377 0196 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
18:36:55.0377 0196 UmPass - ok
18:36:55.0397 0196 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\drivers\usbccgp.sys
18:36:55.0397 0196 usbccgp - ok
18:36:55.0427 0196 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
18:36:55.0427 0196 usbcir - ok
18:36:55.0457 0196 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
18:36:55.0457 0196 usbehci - ok
18:36:55.0487 0196 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
18:36:55.0497 0196 usbhub - ok
18:36:55.0517 0196 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
18:36:55.0517 0196 usbohci - ok
18:36:55.0527 0196 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
18:36:55.0527 0196 usbprint - ok
18:36:55.0547 0196 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\drivers\USBSTOR.SYS
18:36:55.0547 0196 USBSTOR - ok
18:36:55.0567 0196 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
18:36:55.0567 0196 usbuhci - ok
18:36:55.0597 0196 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
18:36:55.0607 0196 vdrvroot - ok
18:36:55.0627 0196 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
18:36:55.0627 0196 vga - ok
18:36:55.0647 0196 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
18:36:55.0647 0196 VgaSave - ok
18:36:55.0667 0196 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
18:36:55.0667 0196 vhdmp - ok
18:36:55.0687 0196 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
18:36:55.0687 0196 viaagp - ok
18:36:55.0707 0196 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
18:36:55.0707 0196 ViaC7 - ok
18:36:55.0737 0196 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
18:36:55.0737 0196 viaide - ok
18:36:55.0747 0196 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
18:36:55.0747 0196 volmgr - ok
18:36:55.0797 0196 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
18:36:55.0797 0196 volmgrx - ok
18:36:55.0817 0196 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
18:36:55.0827 0196 volsnap - ok
18:36:55.0857 0196 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
18:36:55.0867 0196 vsmraid - ok
18:36:55.0887 0196 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
18:36:55.0887 0196 vwifibus - ok
18:36:55.0917 0196 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
18:36:55.0917 0196 WacomPen - ok
18:36:55.0957 0196 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
18:36:55.0957 0196 WANARP - ok
18:36:55.0957 0196 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
18:36:55.0957 0196 Wanarpv6 - ok
18:36:55.0997 0196 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
18:36:56.0007 0196 Wd - ok
18:36:56.0037 0196 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
18:36:56.0047 0196 Wdf01000 - ok
18:36:56.0097 0196 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
18:36:56.0097 0196 WfpLwf - ok
18:36:56.0117 0196 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
18:36:56.0117 0196 WIMMount - ok
18:36:56.0197 0196 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
18:36:56.0197 0196 WmiAcpi - ok
18:36:56.0237 0196 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
18:36:56.0237 0196 ws2ifsl - ok
18:36:56.0267 0196 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
18:36:56.0267 0196 WudfPf - ok
18:36:56.0287 0196 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:36:56.0297 0196 WUDFRd - ok
18:36:56.0327 0196 XDva388 - ok
18:36:56.0367 0196 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:36:56.0377 0196 \Device\Harddisk0\DR0 - ok
18:36:56.0377 0196 Boot (0x1200) (d12542715b97402b91837c558668178a) \Device\Harddisk0\DR0\Partition0
18:36:56.0377 0196 \Device\Harddisk0\DR0\Partition0 - ok
18:36:56.0397 0196 Boot (0x1200) (7f71e831f528d74514c6c9dfcc2f922c) \Device\Harddisk0\DR0\Partition1
18:36:56.0397 0196 \Device\Harddisk0\DR0\Partition1 - ok
18:36:56.0397 0196 ============================================================
18:36:56.0397 0196 Scan finished
18:36:56.0397 0196 ============================================================
18:36:56.0407 5420 Detected object count: 0
18:36:56.0407 5420 Actual detected object count: 0
18:37:34.0907 0568 Deinitialize success
Rien de suspect trouver, Toujour ce virus à la noix -__-
Utilisateur anonyme
9 oct. 2011 à 18:45
9 oct. 2011 à 18:45
colle le resultat de pre_scan dans ta reponse (en deux fois il est trop long sinon)
toxic512008
Messages postés
140
Date d'inscription
samedi 25 juillet 2009
Statut
Membre
Dernière intervention
12 octobre 2011
23
9 oct. 2011 à 18:46
9 oct. 2011 à 18:46
[30/05/2011|17:33:17] | C:\Users\roro\AppData
[30/05/2011|17:33:17] | C:\Users\roro\Application Data
[30/05/2011|17:33:22] | C:\Users\roro\Contacts
[30/05/2011|17:33:17] | C:\Users\roro\Cookies
[30/05/2011|17:33:17] | C:\Users\roro\Desktop
[30/05/2011|17:33:17] | C:\Users\roro\Documents
[30/05/2011|17:33:17] | C:\Users\roro\Downloads
[30/05/2011|17:33:17] | C:\Users\roro\Favorites
[30/05/2011|17:33:17] | C:\Users\roro\Links
[30/05/2011|17:33:17] | C:\Users\roro\Local Settings
[30/05/2011|17:33:17] | C:\Users\roro\Menu Démarrer
[30/05/2011|17:33:17] | C:\Users\roro\Mes documents
[30/05/2011|17:33:17] | C:\Users\roro\Modèles
[30/05/2011|17:33:17] | C:\Users\roro\Music
[30/05/2011|17:33:17] | C:\Users\roro\ntuser.dat
[30/05/2011|17:33:17] | C:\Users\roro\ntuser.dat.LOG1
[30/05/2011|17:33:17] | C:\Users\roro\ntuser.dat.LOG2
[09/09/2011|09:17:58] | C:\Users\roro\ntuser.dat{1f226844-daae-11e0-af85-001d92292217}.TM.blf
[09/09/2011|09:17:58] | C:\Users\roro\ntuser.dat{1f226844-daae-11e0-af85-001d92292217}.TMContainer00000000000000000001.regtrans-ms
[09/09/2011|09:17:58] | C:\Users\roro\ntuser.dat{1f226844-daae-11e0-af85-001d92292217}.TMContainer00000000000000000002.regtrans-ms
[11/08/2011|13:33:47] | C:\Users\roro\ntuser.dat{3a74544e-c40d-11e0-a23a-b3bd523ef58b}.TM.blf
[11/08/2011|13:33:47] | C:\Users\roro\ntuser.dat{3a74544e-c40d-11e0-a23a-b3bd523ef58b}.TMContainer00000000000000000001.regtrans-ms
[11/08/2011|13:33:47] | C:\Users\roro\ntuser.dat{3a74544e-c40d-11e0-a23a-b3bd523ef58b}.TMContainer00000000000000000002.regtrans-ms
[30/05/2011|17:33:17] | C:\Users\roro\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[30/05/2011|17:33:17] | C:\Users\roro\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[30/05/2011|17:33:17] | C:\Users\roro\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[30/08/2011|12:57:20] | C:\Users\roro\ntuser.dat{7626e3a3-d2e3-11e0-90f0-001d92292217}.TM.blf
[30/08/2011|12:57:20] | C:\Users\roro\ntuser.dat{7626e3a3-d2e3-11e0-90f0-001d92292217}.TMContainer00000000000000000001.regtrans-ms
[30/08/2011|12:57:20] | C:\Users\roro\ntuser.dat{7626e3a3-d2e3-11e0-90f0-001d92292217}.TMContainer00000000000000000002.regtrans-ms
[05/10/2011|14:10:41] | C:\Users\roro\ntuser.dat{ddbc5b47-ef47-11e0-b7e6-001d92292217}.TM.blf
[05/10/2011|14:10:42] | C:\Users\roro\ntuser.dat{ddbc5b47-ef47-11e0-b7e6-001d92292217}.TMContainer00000000000000000001.regtrans-ms
[05/10/2011|14:10:42] | C:\Users\roro\ntuser.dat{ddbc5b47-ef47-11e0-b7e6-001d92292217}.TMContainer00000000000000000002.regtrans-ms
[25/08/2011|13:01:18] | C:\Users\roro\ntuser.dat{e8ee82df-cf08-11e0-8ab5-f3355ddd880d}.TM.blf
[25/08/2011|13:01:18] | C:\Users\roro\ntuser.dat{e8ee82df-cf08-11e0-8ab5-f3355ddd880d}.TMContainer00000000000000000001.regtrans-ms
[25/08/2011|13:01:18] | C:\Users\roro\ntuser.dat{e8ee82df-cf08-11e0-8ab5-f3355ddd880d}.TMContainer00000000000000000002.regtrans-ms
[30/05/2011|17:33:17] | C:\Users\roro\ntuser.ini
[30/05/2011|17:33:17] | C:\Users\roro\Pictures
[30/05/2011|17:33:17] | C:\Users\roro\Recent
[30/05/2011|17:33:17] | C:\Users\roro\Saved Games
[30/05/2011|17:33:31] | C:\Users\roro\Searches
[30/05/2011|17:33:17] | C:\Users\roro\SendTo
[07/09/2011|13:50:46] | C:\Users\roro\Tracing
[30/05/2011|17:33:17] | C:\Users\roro\Videos
[30/05/2011|17:33:17] | C:\Users\roro\Voisinage d'impression
[30/05/2011|17:33:17] | C:\Users\roro\Voisinage réseau
¤¤¤¤¤¤¤¤¤¤ %StartMenu%
[14/07/2009|06:46:35] | C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
[14/07/2009|06:37:43] | C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini
[30/05/2011|17:33:04] | C:\ProgramData\Microsoft\Windows\Start Menu\Programmes
[14/07/2009|04:37:05] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs
[14/07/2009|06:37:43] | C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
¤¤¤¤¤¤¤¤¤¤ %StartMenu%\Programs
[14/07/2009|04:37:05] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
[14/07/2009|06:52:30] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[06/08/2011|15:39:55] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[31/07/2011|18:02:26] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\alaplaya
[06/08/2011|13:57:13] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[28/07/2011|19:38:03] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Game of the Year Edition
[25/08/2011|12:46:29] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[22/07/2011|21:07:38] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CreeperTools
[14/07/2009|06:41:57] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
[22/06/2011|18:18:36] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
[14/07/2009|06:52:30] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[22/06/2011|18:17:59] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
[02/10/2011|14:46:24] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gamigo
[20/06/2011|19:20:48] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail
[20/06/2011|19:20:49] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail.lnk
[14/07/2009|04:37:05] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
[30/05/2011|17:26:03] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[30/05/2011|17:46:20] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[20/06/2011|18:43:56] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[25/06/2011|19:16:07] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
[30/05/2011|18:05:53] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[06/08/2011|15:23:47] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[03/08/2011|14:58:57] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Second Life Viewer 2
[14/07/2009|06:42:29] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[14/07/2009|04:37:05] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[20/06/2011|19:09:24] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[14/07/2009|11:00:22] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[24/07/2011|11:52:41] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Game Creators
[05/08/2011|12:11:16] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve
[24/06/2011|15:15:31] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[14/07/2009|06:42:30] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
[30/05/2011|17:25:57] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[14/07/2009|06:42:24] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[14/07/2009|06:46:36] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[20/06/2011|21:03:07] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[14/07/2009|06:42:30] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
¤¤¤¤¤¤¤¤¤¤ %StartMenu%\Programs\Startup
[14/07/2009|06:41:57] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
¤¤¤¤¤¤¤¤¤¤ %AppData%
[23/07/2011|16:30:20] | C:\Users\roro\AppData\Roaming\.minecraft
[20/06/2011|19:21:59] | C:\Users\roro\AppData\Roaming\Adobe
[02/08/2011|16:45:11] | C:\Users\roro\AppData\Roaming\chrtmp
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\em.class
[30/05/2011|17:44:21] | C:\Users\roro\AppData\Roaming\Google
[30/05/2011|17:33:23] | C:\Users\roro\AppData\Roaming\Identities
[20/06/2011|19:21:59] | C:\Users\roro\AppData\Roaming\Macromedia
[30/05/2011|17:33:17] | C:\Users\roro\AppData\Roaming\Media Center Programs
[30/05/2011|17:33:17] | C:\Users\roro\AppData\Roaming\Microsoft
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\mod_TooManyItems.class
[02/10/2011|16:00:30] | C:\Users\roro\AppData\Roaming\Mozilla
[25/06/2011|19:21:48] | C:\Users\roro\AppData\Roaming\Mumble
[07/09/2011|15:27:11] | C:\Users\roro\AppData\Roaming\OpenOffice.org
[03/08/2011|14:59:22] | C:\Users\roro\AppData\Roaming\SecondLife
[07/09/2011|13:17:51] | C:\Users\roro\AppData\Roaming\SoftGrid Client
[22/06/2011|18:35:34] | C:\Users\roro\AppData\Roaming\teamspeak2
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\TMICompatibility.class
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\TMIConfig.class
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\TMIController.class
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\TMIStateButtonData.class
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\TMIUtils.class
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\TMIView.class
[11/08/2011|13:05:32] | C:\Users\roro\AppData\Roaming\Todae
[07/09/2011|13:15:53] | C:\Users\roro\AppData\Roaming\TP
[22/06/2011|18:39:07] | C:\Users\roro\AppData\Roaming\TS3Client
[24/06/2011|15:39:19] | C:\Users\roro\AppData\Roaming\vlc
[11/08/2011|13:05:16] | C:\Users\roro\AppData\Roaming\Winamp
[20/06/2011|21:03:07] | C:\Users\roro\AppData\Roaming\WinRAR
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\_tmi_MgButton.class
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\_tmi_MgButtonHandler.class
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\_tmi_MgCanvas.class
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\_tmi_MgItemHandler.class
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\_tmi_MgItemPanel.class
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\_tmi_MgWidget.class
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\_tmi_MgZOrder.class
¤¤¤¤¤¤¤¤¤¤ %CommonAppData%
[06/08/2011|15:38:08] | C:\ProgramData\Adobe
[06/08/2011|13:57:11] | C:\ProgramData\Apple
[06/08/2011|15:23:24] | C:\ProgramData\Apple Computer
[14/07/2009|06:53:55] | C:\ProgramData\Application Data
[30/05/2011|17:33:04] | C:\ProgramData\Bureau
[14/07/2009|06:53:55] | C:\ProgramData\Desktop
[14/07/2009|06:53:55] | C:\ProgramData\Documents
[30/05/2011|17:33:04] | C:\ProgramData\Favoris
[14/07/2009|06:53:55] | C:\ProgramData\Favorites
[30/05/2011|17:43:39] | C:\ProgramData\Google
[20/06/2011|19:20:40] | C:\ProgramData\IM
[20/06/2011|19:20:40] | C:\ProgramData\IncrediMail
[30/05/2011|17:33:04] | C:\ProgramData\Menu Démarrer
[14/07/2009|04:37:05] | C:\ProgramData\Microsoft
[30/05/2011|17:33:04] | C:\ProgramData\Modèles
[30/05/2011|18:04:55] | C:\ProgramData\NVIDIA
[20/06/2011|17:45:13] | C:\ProgramData\NVIDIA Corporation
[29/09/2011|14:32:37] | C:\ProgramData\Photo Notifier and Animation Creator
[29/08/2011|22:00:37] | C:\ProgramData\Spybot - Search & Destroy
[14/07/2009|06:53:55] | C:\ProgramData\Start Menu
[20/06/2011|20:22:50] | C:\ProgramData\Sun
[14/07/2009|06:53:55] | C:\ProgramData\Templates
¤¤¤¤¤¤¤¤¤¤ %LocalAppData%
[06/08/2011|15:37:58] | C:\Users\roro\AppData\Local\Adobe
[06/08/2011|13:57:15] | C:\Users\roro\AppData\Local\Apple
[06/08/2011|14:03:27] | C:\Users\roro\AppData\Local\Apple Computer
[30/05/2011|17:33:17] | C:\Users\roro\AppData\Local\Application Data
[30/05/2011|17:43:18] | C:\Users\roro\AppData\Local\Apps
[29/09/2011|14:32:32] | C:\Users\roro\AppData\Local\Conduit
[03/08/2011|15:11:40] | C:\Users\roro\AppData\Local\Databases.db
[30/05/2011|17:43:17] | C:\Users\roro\AppData\Local\Deployment
[19/07/2011|13:01:48] | C:\Users\roro\AppData\Local\Diagnostics
[05/07/2011|11:55:04] | C:\Users\roro\AppData\Local\ElevatedDiagnostics
[30/05/2011|17:43:18] | C:\Users\roro\AppData\Local\GDIPFONTCACHEV1.DAT
[30/05/2011|17:43:27] | C:\Users\roro\AppData\Local\Google
[30/05/2011|17:33:17] | C:\Users\roro\AppData\Local\Historique
[03/08/2011|15:11:41] | C:\Users\roro\AppData\Local\http_www.flickr.com_0
[07/09/2011|13:02:09] | C:\Users\roro\AppData\Local\IconCache.db
[20/06/2011|19:20:54] | C:\Users\roro\AppData\Local\IM
[30/05/2011|17:33:17] | C:\Users\roro\AppData\Local\Microsoft
[07/08/2011|12:36:12] | C:\Users\roro\AppData\Local\Microsoft Games
[02/10/2011|14:16:41] | C:\Users\roro\AppData\Local\reakktor
[03/08/2011|14:59:21] | C:\Users\roro\AppData\Local\SecondLife
[07/09/2011|13:17:51] | C:\Users\roro\AppData\Local\SoftGrid Client
[22/06/2011|18:37:14] | C:\Users\roro\AppData\Local\TeamSpeak 3 Client
[30/05/2011|17:33:17] | C:\Users\roro\AppData\Local\Temp
[30/05/2011|17:33:17] | C:\Users\roro\AppData\Local\Temporary Internet Files
[30/05/2011|17:33:18] | C:\Users\roro\AppData\Local\VirtualStore
[05/07/2011|13:59:38] | C:\Users\roro\AppData\Local\Vivid_Abstractions
[20/06/2011|18:37:39] | C:\Users\roro\AppData\Local\Windows Live
[07/09/2011|13:51:26] | C:\Users\roro\AppData\Local\{12A554B5-2027-4D73-9854-91BEEF938B2F}
[08/09/2011|18:46:21] | C:\Users\roro\AppData\Local\{7823184B-670A-486C-98EF-B886B9B9D419}
[09/09/2011|08:38:10] | C:\Users\roro\AppData\Local\{88AB8425-C6A7-4407-9974-E7E81142FE42}
[08/09/2011|18:46:37] | C:\Users\roro\AppData\Local\{8BD2B0F0-3143-43B0-9843-20C5A284707C}
[07/09/2011|13:51:01] | C:\Users\roro\AppData\Local\{F2D7CE7F-6D1A-466D-A3FE-F59BF1516E80}
¤¤¤¤¤¤¤¤¤¤ %ProgramFiles%
[06/08/2011|15:38:05] | C:\Program Files\Adobe
[06/08/2011|13:57:11] | C:\Program Files\Apple Software Update
[28/07/2011|19:29:30] | C:\Program Files\Call of Duty Game of the Year Edition
[28/08/2011|10:27:34] | C:\Program Files\CCleaner
[14/07/2009|04:37:05] | C:\Program Files\Common Files
[29/09/2011|14:32:34] | C:\Program Files\Conduit
[14/07/2009|06:41:57] | C:\Program Files\desktop.ini
[14/07/2009|06:52:30] | C:\Program Files\DVD Maker
[22/06/2011|18:17:27] | C:\Program Files\EA GAMES
[07/09/2011|14:19:01] | C:\Program Files\ElcomSoft
[30/05/2011|17:33:04] | C:\Program Files\Fichiers communs
[22/06/2011|18:17:54] | C:\Program Files\GameSpy Arcade
[02/10/2011|13:56:58] | C:\Program Files\Gamigo
[30/05/2011|17:43:29] | C:\Program Files\Google
[20/06/2011|19:20:40] | C:\Program Files\IncrediMail
[29/09/2011|14:32:31] | C:\Program Files\IncrediMail_MediaBar_Francais_2
[30/05/2011|18:05:35] | C:\Program Files\InstallShield Installation Information
[14/07/2009|04:37:05] | C:\Program Files\Internet Explorer
[20/06/2011|20:22:22] | C:\Program Files\Java
[07/09/2011|13:16:23] | C:\Program Files\Microsoft Application Virtualization Client
[14/07/2009|06:52:30] | C:\Program Files\Microsoft Games
[07/09/2011|13:16:23] | C:\Program Files\Microsoft Office
[30/05/2011|17:46:17] | C:\Program Files\Microsoft Security Client
[20/06/2011|18:43:32] | C:\Program Files\Microsoft Silverlight
[07/09/2011|13:41:21] | C:\Program Files\Microsoft SQL Server Compact Edition
[20/06/2011|18:32:59] | C:\Program Files\Microsoft.NET
[03/10/2011|08:17:21] | C:\Program Files\mirware with FreeAngel
[22/06/2011|19:57:15] | C:\Program Files\MOHAATools
[14/07/2009|06:52:30] | C:\Program Files\MSBuild
[25/06/2011|19:16:01] | C:\Program Files\Mumble
[30/05/2011|18:03:39] | C:\Program Files\NVIDIA Corporation
[07/09/2011|15:18:44] | C:\Program Files\OpenOffice.org 3
[29/09/2011|14:32:37] | C:\Program Files\Photo Notifier and Animation Creator
[06/08/2011|15:23:24] | C:\Program Files\QuickTime
[30/05/2011|18:09:40] | C:\Program Files\Realtek
[14/07/2009|06:52:30] | C:\Program Files\Reference Assemblies
[03/08/2011|14:58:40] | C:\Program Files\SecondLifeViewer2
[29/08/2011|22:00:37] | C:\Program Files\Spybot - Search & Destroy
[20/06/2011|19:09:23] | C:\Program Files\Steam
[30/05/2011|18:09:36] | C:\Program Files\Temp
[24/07/2011|11:49:01] | C:\Program Files\The Game Creators
[14/07/2009|06:53:23] | C:\Program Files\Uninstall Information
[24/06/2011|15:15:13] | C:\Program Files\VideoLAN
[11/08/2011|14:01:35] | C:\Program Files\VirtualDJ
[11/08/2011|13:05:16] | C:\Program Files\Winamp
[11/08/2011|13:06:16] | C:\Program Files\Winamp Detect
[14/07/2009|06:52:30] | C:\Program Files\Windows Defender
[14/07/2009|11:01:06] | C:\Program Files\Windows Journal
[07/09/2011|13:38:03] | C:\Program Files\Windows Live
[14/07/2009|04:37:05] | C:\Program Files\Windows Mail
[14/07/2009|06:52:30] | C:\Program Files\Windows Media Player
[14/07/2009|04:37:05] | C:\Program Files\Windows NT
[14/07/2009|06:52:30] | C:\Program Files\Windows Photo Viewer
[14/07/2009|06:52:30] | C:\Program Files\Windows Portable Devices
[18/08/2011|15:30:15] | C:\Program Files\Windows Searchqu Toolbar
[14/07/2009|06:52:30] | C:\Program Files\Windows Sidebar
[20/06/2011|21:02:58] | C:\Program Files\WinRAR
¤¤¤¤¤¤¤¤¤¤ %CommonFiles%
[06/08/2011|15:39:45] | C:\Program Files\Common Files\Adobe
[06/08/2011|15:38:04] | C:\Program Files\Common Files\Adobe AIR
[31/07/2011|17:51:55] | C:\Program Files\Common Files\Akamai
[06/08/2011|13:57:28] | C:\Program Files\Common Files\Apple
[24/07/2011|13:34:02] | C:\Program Files\Common Files\Bcgsoft
[30/05/2011|18:09:32] | C:\Program Files\Common Files\InstallShield
[20/06/2011|20:22:49] | C:\Program Files\Common Files\Java
[14/07/2009|04:37:05] | C:\Program Files\Common Files\microsoft shared
[11/08/2011|13:05:24] | C:\Program Files\Common Files\PX Storage Engine
[14/07/2009|04:37:05] | C:\Program Files\Common Files\Services
[14/07/2009|04:37:05] | C:\Program Files\Common Files\SpeechEngines
[20/06/2011|19:09:24] | C:\Program Files\Common Files\Steam
[22/06/2011|18:31:29] | C:\Program Files\Common Files\SWF Studio
[14/07/2009|04:37:05] | C:\Program Files\Common Files\System
[20/06/2011|18:37:37] | C:\Program Files\Common Files\Windows Live
¤¤¤¤¤¤¤¤¤¤ %Temp%\Low
[29/09/2011|14:32:49] | C:\Users\roro\AppData\Local\Temp\Low\Google Toolbar
[02/10/2011|11:51:48] | C:\Users\roro\AppData\Local\Temp\Low\hsperfdata_roro
[21/09/2011|14:33:11] | C:\Users\roro\AppData\Local\Temp\Low\IM
¤¤¤¤¤¤¤¤¤¤ Tasks
[30/05/2011 | 17:43:32] | C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[30/05/2011 | 17:43:32] | C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
¤¤¤¤¤¤¤¤¤¤ Firewall
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
¤
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
¤¤¤¤¤¤¤¤¤¤ CURRENT_USER | UNINSTALL
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\<Key>]
"TeamSpeak 3 Client"=TeamSpeak Systems GmbH ->
"Winamp Detect"=Nullsoft, Inc -> 1.0.0.1
¤¤¤¤¤¤¤¤¤¤ LOCAL_MACHINE | UNINSTALL
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\<Key>]
"AddressBook"= ->
"Adobe AIR"=Adobe Systems Incorporated -> 2.7.0.19530
"Adobe Flash Player ActiveX"=Adobe Systems Incorporated -> 10.3.183.10
"Adobe Shockwave Player"=Adobe Systems, Inc. -> 11.6.1.629
"Akamai"= ->
"Black Prophecy_is1"= ->
"Call of Duty"= ->
"Call of Duty Game of the Year Edition"= ->
"Connection Manager"= ->
"Counter-Strike: Condition Zero"= ->
"DirectDrawEx"= ->
"DXM_Runtime"= ->
"Fontcore"= ->
"GameSpy Arcade"= ->
"IE40"= ->
"IE4Data"= ->
"IE5BAKEX"= ->
"IEData"= ->
"IncrediMail"=IncrediMail Ltd. -> 6.2.9.5079
"IncrediMail MediaBar Francais 2 Toolbar"= -> 6.5.2.8
"IncrediMail_MediaBar_Francais_2 Toolbar"=IncrediMail MediaBar Francais 2 -> 6.5.2.8
"Microsoft .NET Framework 4 Client Profile"=Microsoft Corporation -> 4.0.30319
"Microsoft .NET Framework 4 Client Profile FRA Language Pack"=Microsoft Corporation -> 4.0.30319
"Microsoft .NET Framework 4 Extended"=Microsoft Corporation -> 4.0.30319
"Microsoft Security Client"=Microsoft Corporation -> 2.1.1116.0
"MobileOptionPack"= ->
"MPlayer2"= ->
"NVIDIA Drivers"=NVIDIA Corporation -> 1.10.62.40
"Photo Notifier and Animation Creator"=IncrediMail Ltd. -> 1.0.0.1009
"SchedulingAgent"= ->
"SecondLifeViewer2"= ->
"Steam App 1200"=Tripwire Interactive ->
"Steam App 1220"=Tripwire Interactive ->
"Steam App 1230"=Sandstorm Productions ->
"Steam App 1280"=Darkest Hour Team ->
"Steam App 1290"= ->
"Steam App 220"=Valve ->
"Steam App 380"=Valve ->
"Steam App 4000"=Team Garry ->
"Steam App 420"=Valve ->
"Steam App 440"=Valve ->
"VLC media player"=VideoLAN -> 1.1.10
"WIC"= ->
"Winamp"= ->
"WinRAR archiver"=win.rar GmbH -> 4.01.0
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}"=Valve -> 1.0.0.0
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}"=Microsoft Corporation -> 3.0.8402.2
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}"=Microsoft Corporation -> 4.0.30319
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2162169"= ->
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2416472"= ->
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2468871"=Microsoft Corporation -> 1
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2478063"= ->
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2487367"=Microsoft Corporation -> 1
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2533523"=Microsoft Corporation -> 1
"{0DEA94ED-915A-4834-A87E-388D012C8E02}"= ->
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}"=Microsoft Corporation -> 4.0.30319
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663"=Microsoft Corporation -> 1
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870"=Microsoft Corporation -> 1
"{18455581-E099-4BA8-BC6B-F34B2F06600C}"=Google Inc. -> 1.0.0
"{18EF2DEE-DCB0-466A-ABA5-4C73E508530A}"= ->
"{19192A84-6172-4312-A661-D8F9A34585AB}"=Atomix Productions -> 7.0.4.1
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}"=Microsoft Corporation -> 10.0.30319
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=Google Inc. -> 7.1.2003.1856
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}"=Oracle -> 6.0.260
"{32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}"=Microsoft Corporation -> 3.0.8402.2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}"=Microsoft Corporation -> 4.0.30319
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2160841"= ->
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2162169"= ->
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708"=Microsoft Corporation -> 1
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708v2"= ->
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871"=Microsoft Corporation -> 1
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2473228"= ->
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478063"= ->
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663"=Microsoft Corporation -> 1
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2514805"= ->
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870"=Microsoft Corporation -> 1
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523"=Microsoft Corporation -> 1
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636"=Microsoft Corporation -> 1
"{4A03706F-666A-4037-7777-5F2748764D10}"=Sun Microsystems, Inc. -> 2.0.5.1
"{50779A29-834E-4E36-BBEB-B7CABC67A825}"=Microsoft Corporation -> 2.1.1116.0
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}"=Microsoft Corporation -> 2.1.1116.0
"{582876EC-A178-44D4-9823-C10D6C62EAFF}"= ->
"{5E97F3BD-CDDC-4188-9D98-532E14FABB5D}"=IncrediMail -> 6.2.9.5079
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}"=Adobe Systems, Inc -> 12.0.0.1
"{61AD15B2-50DB-4686-A739-14FE180D4429}"=Microsoft Corporation -> 7.250.4225.0
"{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}"= ->
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}"=Apple Inc. -> 2.0.1
"{6B7F28D4-160E-40C6-B7C8-5EC6B9734DA7}"=Nom de votre société -> 1.0.0.1009
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}"=Microsoft Corporation -> 8.0.61001
"{72604C30-CBD2-4917-9AB5-4274747F3269}_is1"=KevinsL -> 0.2
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}"=Apple Inc. -> 2.1.3.127
"{7914BE1E-F186-4790-B8F4-9F63C52A41C1}"= ->
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}"=NVIDIA Corporation -> 1.00.7325.0
"{823A68CC-3049-4A6B-8F63-7DC85E4BB1C9}"= ->
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}"=Microsoft Corporation -> 4.0.60531.0
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}"=Microsoft Corporation -> 9.0.30729
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}"=Microsoft Corporation -> 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}"=Google Inc. -> 1.3.21.69
"{AC76BA86-7AD7-1036-7B44-AA1000000001}"=Adobe Systems Incorporated -> 10.1.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision"=NVIDIA Corporation -> 266.71
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel"=NVIDIA Corporation -> 266.71
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver"=NVIDIA Corporation -> 266.71
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX"=NVIDIA Corporation -> 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver"=NVIDIA Corporation -> 1.1.13.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer"=NVIDIA Corporation -> 2.265.39.0
"{B91E4360-298A-4306-9E95-9AD91A0952A1}"= ->
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}"=NVIDIA Corporation -> 9.10.0514
"{BE699EDC-9E58-4671-A23E-9CDF7F6F42F2}"= ->
"{C9E14402-3631-4182-B377-6B0DFB1C0339}"=Apple Inc. -> 7.70.80.34
"{DF9046D6-5F1F-40B6-9782-3DC2D902D391}"= ->
"{E1019541-10A2-464F-A23E-A4F23DA65160}"=Thorvald Natvig -> 1.2.3
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}"=Realtek Semiconductor Corp. -> 6.0.1.6353
"{FDB3B167-F4FA-461D-976F-286304A57B2A}"=Adobe Systems Incorporated -> 2.7.0.19530
¤¤¤¤¤¤¤¤¤¤ Drivers | Services | R0 : Boot | R1 : System | R2 : Auto
R0 - ACPI (Pilote ACPI Microsoft) -> system32\drivers\ACPI.sys
R2 - AdobeARMservice (Adobe Acrobat Update Service) -> "C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe"
R1 - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys
R2 - Akamai (Akamai NetSession Interface) -> %SystemRoot%\System32\svchost.exe -k Akamai
R0 - amdxata () -> system32\drivers\amdxata.sys
R0 - atapi (Canal IDE) -> system32\drivers\atapi.sys
R2 - AudioEndpointBuilder (@%SystemRoot%\system32\audiosrv.dll,-204) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
R2 - Audiosrv (@%SystemRoot%\system32\audiosrv.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
R1 - Beep (Beep) -> (?)
R2 - BFE (@%SystemRoot%\system32\bfe.dll,-1001) -> %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
R2 - BITS (@%SystemRoot%\system32\qmgr.dll,-1000) -> %SystemRoot%\System32\svchost.exe -k netsvcs
R1 - blbdrive () -> system32\DRIVERS\blbdrive.sys
R1 - cdrom (Pilote de CD-ROM) -> \SystemRoot\system32\drivers\cdrom.sys
R0 - CLFS (@%SystemRoot%\system32\clfs.sys,-100) -> System32\CLFS.sys
R0 - CNG () -> System32\Drivers\cng.sys
R2 - CryptSvc (@%SystemRoot%\system32\cryptsvc.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k NetworkService
R2 - DcomLaunch (@oleres.dll,-5012) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch
R1 - DfsC (@%systemroot%\system32\drivers\dfsc.sys,-101) -> System32\Drivers\dfsc.sys
R2 - Dhcp (@%SystemRoot%\system32\dhcpcore.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted
R1 - discache (@%systemroot%\system32\drivers\discache.sys,-102) -> System32\drivers\discache.sys
R0 - Disk (Pilote de disque) -> system32\DRIVERS\disk.sys
R2 - Dnscache (@%SystemRoot%\System32\dnsapi.dll,-101) -> %SystemRoot%\system32\svchost.exe -k NetworkService
R2 - DPS (@%systemroot%\system32\dps.dll,-500) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork
R2 - eventlog (@%SystemRoot%\system32\wevtsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
R2 - EventSystem (@comres.dll,-2450) -> %SystemRoot%\system32\svchost.exe -k LocalService
R2 - FDResPub (@%systemroot%\system32\fdrespub.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation
R0 - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> system32\drivers\fileinfo.sys
R0 - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys
R2 - FontCache (@%systemroot%\system32\FntCache.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation
R2 - ForceWare Intelligent Application Manager (IAM) (ForceWare Intelligent Application Manager (IAM)) -> C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
R0 - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys
R2 - gpsvc (@gpapi.dll,-112) -> %systemroot%\system32\svchost.exe -k netsvcs
R0 - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys
R2 - iphlpsvc (@%SystemRoot%\system32\iphlpsvc.dll,-500) -> %SystemRoot%\System32\svchost.exe -k NetSvcs
R0 - KSecDD () -> System32\Drivers\ksecdd.sys
R0 - KSecPkg () -> System32\Drivers\ksecpkg.sys
R2 - LanmanServer (@%systemroot%\system32\srvsvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs
R2 - LanmanWorkstation (@%systemroot%\system32\wkssvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k NetworkService
R2 - lltdio (Link-Layer Topology Discovery Mapper I/O Driver) -> system32\DRIVERS\lltdio.sys
R2 - lmhosts (@%SystemRoot%\system32\lmhsvc.dll,-101) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted
R2 - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys
R2 - MMCSS (@%systemroot%\system32\mmcss.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs
R0 - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys
R1 - MpFilter (Microsoft Malware Protection Driver) -> system32\DRIVERS\MpFilter.sys
R1 - MpKsl4036eeef () -> \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{081FB6A2-E759-4F9D-AD70-1C0AF6F7D70F}\MpKsl4036eeef.sys
R2 - MpsSvc (@%SystemRoot%\system32\FirewallAPI.dll,-23090) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork
R1 - Msfs () -> (?)
R0 - msisadrv () -> system32\drivers\msisadrv.sys
R2 - MsMpSvc (Microsoft Antimalware Service) -> "c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
R1 - mssmbios (Pilote BIOS de gestion de systèmes Microsoft) -> \SystemRoot\system32\drivers\mssmbios.sys
R0 - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys
R0 - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys
R1 - NetBIOS (NetBIOS Interface) -> system32\DRIVERS\netbios.sys
R1 - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys
R2 - NlaSvc (@%SystemRoot%\System32\nlasvc.dll,-1) -> %SystemRoot%\System32\svchost.exe -k NetworkService
R1 - Npfs () -> (?)
R2 - nsi (@%SystemRoot%\system32\nsisvc.dll,-200) -> %systemroot%\system32\svchost.exe -k LocalService
R1 - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys
R2 - nSvcIp (ForceWare IP service) -> C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
R1 - Null () -> (?)
R0 - nvstor () -> system32\drivers\nvstor.sys
R0 - nvstor32 () -> system32\DRIVERS\nvstor32.sys
R2 - nvsvc (NVIDIA Display Driver Service) -> C:\Windows\system32\nvvsvc.exe
R0 - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys
R2 - Parvdm () -> system32\DRIVERS\parvdm.sys
R0 - pci (Pilote de bus PCI) -> system32\drivers\pci.sys
R0 - pciide () -> system32\drivers\pciide.sys
R0 - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys
R2 - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys
R2 - PlugPlay (@%SystemRoot%\system32\umpnpmgr.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch
R2 - Power (@%SystemRoot%\system32\umpo.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch
R2 - ProfSvc (@%systemroot%\system32\profsvc.dll,-300) -> %systemroot%\system32\svchost.exe -k netsvcs
R1 - Psched (@%SystemRoot%\System32\drivers\pacer.sys,-101) -> system32\DRIVERS\pacer.sys
R1 - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys
R1 - RDPCDD (@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100) -> System32\DRIVERS\RDPCDD.sys
R1 - RDPENCDD (@%systemroot%\system32\drivers\RDPENCDD.sys,-101) -> system32\drivers\rdpencdd.sys
R1 - RDPREFMP (@%systemroot%\system32\drivers\RdpRefMp.sys,-101) -> system32\drivers\rdprefmp.sys
R0 - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys
R2 - RpcEptMapper (@%windir%\system32\RpcEpMap.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k RPCSS
R2 - RpcSs (@oleres.dll,-5010) -> %SystemRoot%\system32\svchost.exe -k rpcss
R2 - rspndr (Link-Layer Topology Discovery Responder) -> system32\DRIVERS\rspndr.sys
R2 - SamSs (@%SystemRoot%\system32\samsrv.dll,-1) -> %SystemRoot%\system32\lsass.exe
R2 - Schedule (@%SystemRoot%\system32\schedsvc.dll,-100) -> %systemroot%\system32\svchost.exe -k netsvcs
R2 - secdrv (Security Driver) -> (?)
R2 - SENS (@%SystemRoot%\system32\Sens.dll,-200) -> %SystemRoot%\system32\svchost.exe -k netsvcs
R1 - Serial (Pilote de port série) -> system32\DRIVERS\serial.sys
R2 - ShellHWDetection (@%SystemRoot%\System32\shsvcs.dll,-12288) -> %SystemRoot%\System32\svchost.exe -k netsvcs
R0 - spldr (Security Processor Loader Driver) -> (?)
R2 - Spooler (@%systemroot%\system32\spoolsv.exe,-1) -> %SystemRoot%\System32\spoolsv.exe
R2 - SysMain (@%SystemRoot%\system32\sysmain.dll,-1000) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted
R0 - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys
R2 - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys
R1 - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> system32\DRIVERS\tdx.sys
R1 - TermDD (Pilote de périphérique terminal) -> \SystemRoot\system32\drivers\termdd.sys
R2 - Themes (@%SystemRoot%\System32\themeservice.dll,-8192) -> %SystemRoot%\System32\svchost.exe -k netsvcs
R2 - TrkWks (@%SystemRoot%\system32\trkwks.dll,-1) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
R2 - UxSms (@%SystemRoot%\system32\dwm.exe,-2000) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
R0 - vdrvroot (Pilote d'énumérateur de lecteur virtuel Microsoft) -> system32\drivers\vdrvroot.sys
R1 - VgaSave () -> \SystemRoot\System32\drivers\vga.sys
R0 - volmgr (Pilote du Gestionnaire de volume) -> system32\drivers\volmgr.sys
R0 - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys
R0 - volsnap (Volumes de stockage) -> system32\drivers\volsnap.sys
R1 - Wanarpv6 (@%systemroot%\system32\rascfg.dll,-32012) -> system32\DRIVERS\wanarp.sys
R0 - Wdf01000 (Kernel Mode Driver Frameworks service) -> system32\drivers\Wdf01000.sys
R1 - WfpLwf (WFP Lightweight Filter) -> system32\DRIVERS\wfplwf.sys
R2 - Winmgmt (@%Systemroot%\system32\wbem\wmisvc.dll,-205) -> %systemroot%\system32\svchost.exe -k netsvcs
R2 - wlidsvc (Windows Live ID Sign-in Assistant) -> "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
R2 - WMPNetworkSvc (@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101) -> "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe"
R2 - wscsvc (@%SystemRoot%\System32\wscsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
R2 - WSearch (@%systemroot%\system32\SearchIndexer.exe,-103) -> %systemroot%\system32\SearchIndexer.exe /Embedding
R2 - wuauserv (@%systemroot%\system32\wuaueng.dll,-105) -> %systemroot%\system32\svchost.exe -k netsvcs
R2 - wudfsvc (@%SystemRoot%\system32\wudfsvc.dll,-1000) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted
¤¤¤¤¤¤¤¤¤¤ MBR
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7601 Disk: SAMSUNG_ rev.1AJ1 -> Harddisk0\DR0 -> \Device\00000070
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll storport.sys nvstor32.sys nvlddmkm.sys dxgkrnl.sys dxgmms1.sys HDAudBus.sys USBPORT.SYS usbehci.sys ataport.SYS Wdf01000.sys watchdog.sys partmgr.sys volmgr.sys fvevol.sys rdyboost.sys volsnap.sys Ntfs.sys USBSTOR.SYS usbhub.sys ndis.sys nvmf6232.sys srv.sys fltmgr.sys fileinfo.sys MpFilter.sys usbohci.sys hidusb.sys HIDCLASS.SYS HIDPARSE.SYS mouhid.sys mouclass.sys
C:\Windows\system32\DRIVERS\nvstor32.sys NVIDIA Corporation NVIDIA nForce(TM) SATA Driver
C:\Windows\system32\DRIVERS\nvlddmkm.sys NVIDIA Corporation NVIDIA Windows Kernel Mode Driver, Version 266.71
C:\Windows\system32\DRIVERS\nvmf6232.sys NVIDIA Corporation NVIDIA Networking Driver
1 ntkrnlpa!IofCallDriver[0x8305652A] -> \Device\Harddisk0\DR0[0x85F3F1E0]
3 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A] -> [0x859C3348]
5 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A] -> \Device\00000070[0x859C3628]
7 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A] -> \Device\USBPDO-2[0x86F4D6A8]
9 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A] -> \Device\USBPDO-1[0x864F6028]
11 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A] -> \Device\USBPDO-2[0x86F4D6A8]
13 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A] -> \Device\USBPDO-1[0x864F6028]
15 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A] -> \Device\USBPDO-2[0x86F4D6A8]
17 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A] -> \Device\USBPDO-1[0x864F6028]
19 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A] -> \Device\USBPDO-2[0x86F4D6A8]
21 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
23 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
25 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
27 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
29 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
31 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
33 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
35 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
37 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
39 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
41 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
43 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
45 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
47 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
49 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
51 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
53 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
55 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
57 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
59 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
61 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
63 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
65 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
67 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
69 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
71 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
73 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
75 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
77 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
79 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
81 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
83 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
85 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
87 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
89 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
91 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
93 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
95 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
97 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
99 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
101 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
103 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
105 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
107 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
109 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
111 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
113 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
115 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
117 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
119 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
121 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
123 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
125 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
127 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
129 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
131 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
133 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
135 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
137 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
139 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
141 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
143 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
145 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
147 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
149 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
151 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
153 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
155 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
157 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
159 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
161 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
163 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
165 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
167 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
169 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
171 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
173 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
175 volsnap[0x893B9C85] -> ntkrnlpa!IofCallDriver[0x8305652A]
177 rdyboost[0x8920C774] -> ntkrnlpa!IofCallDriver[0x8305652A]
179 fvevol[0x891B746F] -> ntkrnlpa!IofCallDriver[0x8305652A]
181 volmgr[0x88C499A8] -> ntkrnlpa!IofCallDriver[0x8305652A]
183 partmgr[0x88C38111] -> ntkrnlpa!IofCallDriver[0x8305652A]
185 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A]
187 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A]
189 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
191 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
193 volsnap[0x893B9C85] -> ntkrnlpa!IofCallDriver[0x8305652A]
195 rdyboost[0x8920C774] -> ntkrnlpa!IofCallDriver[0x8305652A]
197 fvevol[0x891B746F] -> ntkrnlpa!IofCallDriver[0x8305652A]
199 volmgr[0x88C499A8] -> ntkrnlpa!IofCallDriver[0x8305652A]
201 partmgr[0x88C38111] -> ntkrnlpa!IofCallDriver[0x8305652A]
203 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A]
205 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A]
207 volsnap[0x893B9C85] -> ntkrnlpa!IofCallDriver[0x8305652A]
209 rdyboost[0x8920C774] -> ntkrnlpa!IofCallDriver[0x8305652A]
211 fvevol[0x891B746F] -> ntkrnlpa!IofCallDriver[0x8305652A]
213 volmgr[0x88C499A8] -> ntkrnlpa!IofCallDriver[0x8305652A]
215 partmgr[0x88C38111] -> ntkrnlpa!IofCallDriver[0x8305652A]
217 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A]
219 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A]
221 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
223 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
225 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
227 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
229 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
231 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
233 volsnap[0x893B9C85] -> ntkrnlpa!IofCallDriver[0x8305652A]
235 rdyboost[0x8920C774] -> ntkrnlpa!IofCallDriver[0x8305652A]
237 fvevol[0x891B746F] -> ntkrnlpa!IofCallDriver[0x8305652A]
239 volmgr[0x88C499A8] -> ntkrnlpa!IofCallDriver[0x8305652A]
241 partmgr[0x88C38111] -> ntkrnlpa!IofCallDriver[0x8305652A]
243 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A]
245 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A]
247 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
249 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
251 volsnap[0x893B9C85] -> ntkrnlpa!IofCallDriver[0x8305652A]
253 rdyboost[0x8920C774] -> ntkrnlpa!IofCallDriver[0x8305652A]
255 fvevol[0x891B746F] -> ntkrnlpa!IofCallDriver[0x8305652A]
257 volmgr[0x88C499A8] -> ntkrnlpa!IofCallDriver[0x8305652A]
259 partmgr[0x88C38111] -> ntkrnlpa!IofCallDriver[0x8305652A]
261 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A]
263 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A]
265 volsnap[0x893B9C85] -> ntkrnlpa!IofCallDriver[0x8305652A]
267 rdyboost[0x8920C774] -> ntkrnlpa!IofCallDriver[0x8305652A]
269 fvevol[0x891B746F] -> ntkrnlpa!IofCallDriver[0x8305652A]
271 volmgr[0x88C499A8] -> ntkrnlpa!IofCallDriver[0x8305652A]
273 partmgr[0x88C38111] -> ntkrnlpa!IofCallDriver[0x8305652A]
275 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A]
277 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A]
279 volsnap[0x893B9C85] -> ntkrnlpa!IofCallDriver[0x8305652A]
281 rdyboost[0x8920C774] -> ntkrnlpa!IofCallDriver[0x8305652A]
283 fvevol[0x891B746F] -> ntkrnlpa!IofCallDriver[0x8305652A]
285 volmgr[0x88C499A8] -> ntkrnlpa!IofCallDriver[0x8305652A]
287 partmgr[0x88C38111] -> ntkrnlpa!IofCallDriver[0x8305652A]
289 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A]
291 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A]
293 volsnap[0x893B9C85] -> ntkrnlpa!IofCallDriver[0x8305652A]
295 rdyboost[0x8920C774] -> ntkrnlpa!IofCallDriver[0x8305652A]
297 fvevol[0x891B746F] -> ntkrnlpa!IofCallDriver[0x8305652A]
299 volmgr[0x88C499A8] -> ntkrnlpa!IofCallDriver[0x8305652A]
301 partmgr[0x88C38111] -> ntkrnlpa!IofCallDriver[0x8305652A]
303 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A]
305 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A]
307 volsnap[0x893B9C85] -> ntkrnlpa!IofCallDriver[0x8305652A]
309 rdyboost[0x8920C774] -> ntkrnlpa!IofCallDriver[0x8305652A]
311 fvevol[0x891B746F] -> ntkrnlpa!IofCallDriver[0x8305652A]
313 volmgr[0x88C499A8] -> ntkrnlpa!IofCallDriver[0x8305652A]
315 partmgr[0x88C38111] -> ntkrnlpa!IofCallDriver[0x8305652A]
317 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A]
319 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A]
321 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
323 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
325 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
327 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
329 volsnap[0x893B9C85] -> ntkrnlpa!IofCallDriver[0x8305652A]
331 rdyboost[0x8920C774] -> ntkrnlpa!IofCallDriver[0x8305652A]
333 fvevol[0x891B746F] -> ntkrnlpa!IofCallDriver[0x8305652A]
335 volmgr[0x88C499A8] -> ntkrnlpa!IofCallDriver[0x8305652A]
337 partmgr[0x88C38111] -> ntkrnlpa!IofCallDriver[0x8305652A]
339 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A]
341 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A]
343 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
345 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
347 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
349 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
351 volsnap[0x893B9C85] -> ntkrnlpa!IofCallDriver[0x8305652A]
353 rdyboost[0x8920C774] -> ntkrnlpa!IofCallDriver[0x8305652A]
355 fvevol[0x891B746F] -> ntkrnlpa!IofCallDriver[0x8305652A]
357 volmgr[0x88C499A8] -> ntkrnlpa!IofCallDriver[0x8305652A]
359 partmgr[0x88C38111] -> ntkrnlpa!IofCallDriver[0x8305652A]
361 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A]
363 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A]
365 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
367 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
369 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
371 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
373 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
375 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
377 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
379 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
381 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
383 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
385 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
387 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
389 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
391 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
393 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
395 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
397 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
399 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
401 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
403 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
405 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
407 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
409 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
411 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
413 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
415 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
417 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
419 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
421 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
423 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
425 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
427 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
429 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
431 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
433 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
435 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
437 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
439 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
441 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
443 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
445 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
447 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
449 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
451 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
453 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
455 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
457 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
459 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
461 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
463 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
465 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
467 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
469 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
471 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
473 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
475 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
477 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
479 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
481 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
483 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
485 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
487 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
489 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
491 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
493 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
495 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
497 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
499 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
501 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
503 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
505 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
507 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
509 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
511 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
513 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
515 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
517 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
519 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
521 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
523 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
525 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
527 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
529 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
531 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
533 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
535 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
537 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
539 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
541 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
543 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
545 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
547 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
549 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
551 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
553 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
555 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
557 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
559 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
561 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
563 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
565 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
567 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
569 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
571 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
573 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
575 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
577 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
579 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
581 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
583 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
585 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
587 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
589 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
591 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
593 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
595 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
597 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
599 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
601 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
603 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
605 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
607 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
609 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
611 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
613 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
615 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
617 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
619 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
621 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
623 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
625 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
627 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
629 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
631 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
633 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
635 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
637 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
639 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
641 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
643 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
645 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
647 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
649 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
651 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
653 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
655 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
657 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
659 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
661 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305
[30/05/2011|17:33:17] | C:\Users\roro\Application Data
[30/05/2011|17:33:22] | C:\Users\roro\Contacts
[30/05/2011|17:33:17] | C:\Users\roro\Cookies
[30/05/2011|17:33:17] | C:\Users\roro\Desktop
[30/05/2011|17:33:17] | C:\Users\roro\Documents
[30/05/2011|17:33:17] | C:\Users\roro\Downloads
[30/05/2011|17:33:17] | C:\Users\roro\Favorites
[30/05/2011|17:33:17] | C:\Users\roro\Links
[30/05/2011|17:33:17] | C:\Users\roro\Local Settings
[30/05/2011|17:33:17] | C:\Users\roro\Menu Démarrer
[30/05/2011|17:33:17] | C:\Users\roro\Mes documents
[30/05/2011|17:33:17] | C:\Users\roro\Modèles
[30/05/2011|17:33:17] | C:\Users\roro\Music
[30/05/2011|17:33:17] | C:\Users\roro\ntuser.dat
[30/05/2011|17:33:17] | C:\Users\roro\ntuser.dat.LOG1
[30/05/2011|17:33:17] | C:\Users\roro\ntuser.dat.LOG2
[09/09/2011|09:17:58] | C:\Users\roro\ntuser.dat{1f226844-daae-11e0-af85-001d92292217}.TM.blf
[09/09/2011|09:17:58] | C:\Users\roro\ntuser.dat{1f226844-daae-11e0-af85-001d92292217}.TMContainer00000000000000000001.regtrans-ms
[09/09/2011|09:17:58] | C:\Users\roro\ntuser.dat{1f226844-daae-11e0-af85-001d92292217}.TMContainer00000000000000000002.regtrans-ms
[11/08/2011|13:33:47] | C:\Users\roro\ntuser.dat{3a74544e-c40d-11e0-a23a-b3bd523ef58b}.TM.blf
[11/08/2011|13:33:47] | C:\Users\roro\ntuser.dat{3a74544e-c40d-11e0-a23a-b3bd523ef58b}.TMContainer00000000000000000001.regtrans-ms
[11/08/2011|13:33:47] | C:\Users\roro\ntuser.dat{3a74544e-c40d-11e0-a23a-b3bd523ef58b}.TMContainer00000000000000000002.regtrans-ms
[30/05/2011|17:33:17] | C:\Users\roro\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[30/05/2011|17:33:17] | C:\Users\roro\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[30/05/2011|17:33:17] | C:\Users\roro\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[30/08/2011|12:57:20] | C:\Users\roro\ntuser.dat{7626e3a3-d2e3-11e0-90f0-001d92292217}.TM.blf
[30/08/2011|12:57:20] | C:\Users\roro\ntuser.dat{7626e3a3-d2e3-11e0-90f0-001d92292217}.TMContainer00000000000000000001.regtrans-ms
[30/08/2011|12:57:20] | C:\Users\roro\ntuser.dat{7626e3a3-d2e3-11e0-90f0-001d92292217}.TMContainer00000000000000000002.regtrans-ms
[05/10/2011|14:10:41] | C:\Users\roro\ntuser.dat{ddbc5b47-ef47-11e0-b7e6-001d92292217}.TM.blf
[05/10/2011|14:10:42] | C:\Users\roro\ntuser.dat{ddbc5b47-ef47-11e0-b7e6-001d92292217}.TMContainer00000000000000000001.regtrans-ms
[05/10/2011|14:10:42] | C:\Users\roro\ntuser.dat{ddbc5b47-ef47-11e0-b7e6-001d92292217}.TMContainer00000000000000000002.regtrans-ms
[25/08/2011|13:01:18] | C:\Users\roro\ntuser.dat{e8ee82df-cf08-11e0-8ab5-f3355ddd880d}.TM.blf
[25/08/2011|13:01:18] | C:\Users\roro\ntuser.dat{e8ee82df-cf08-11e0-8ab5-f3355ddd880d}.TMContainer00000000000000000001.regtrans-ms
[25/08/2011|13:01:18] | C:\Users\roro\ntuser.dat{e8ee82df-cf08-11e0-8ab5-f3355ddd880d}.TMContainer00000000000000000002.regtrans-ms
[30/05/2011|17:33:17] | C:\Users\roro\ntuser.ini
[30/05/2011|17:33:17] | C:\Users\roro\Pictures
[30/05/2011|17:33:17] | C:\Users\roro\Recent
[30/05/2011|17:33:17] | C:\Users\roro\Saved Games
[30/05/2011|17:33:31] | C:\Users\roro\Searches
[30/05/2011|17:33:17] | C:\Users\roro\SendTo
[07/09/2011|13:50:46] | C:\Users\roro\Tracing
[30/05/2011|17:33:17] | C:\Users\roro\Videos
[30/05/2011|17:33:17] | C:\Users\roro\Voisinage d'impression
[30/05/2011|17:33:17] | C:\Users\roro\Voisinage réseau
¤¤¤¤¤¤¤¤¤¤ %StartMenu%
[14/07/2009|06:46:35] | C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
[14/07/2009|06:37:43] | C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini
[30/05/2011|17:33:04] | C:\ProgramData\Microsoft\Windows\Start Menu\Programmes
[14/07/2009|04:37:05] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs
[14/07/2009|06:37:43] | C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
¤¤¤¤¤¤¤¤¤¤ %StartMenu%\Programs
[14/07/2009|04:37:05] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
[14/07/2009|06:52:30] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[06/08/2011|15:39:55] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[31/07/2011|18:02:26] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\alaplaya
[06/08/2011|13:57:13] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[28/07/2011|19:38:03] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Game of the Year Edition
[25/08/2011|12:46:29] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[22/07/2011|21:07:38] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CreeperTools
[14/07/2009|06:41:57] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
[22/06/2011|18:18:36] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
[14/07/2009|06:52:30] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[22/06/2011|18:17:59] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
[02/10/2011|14:46:24] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gamigo
[20/06/2011|19:20:48] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail
[20/06/2011|19:20:49] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail.lnk
[14/07/2009|04:37:05] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
[30/05/2011|17:26:03] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[30/05/2011|17:46:20] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[20/06/2011|18:43:56] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[25/06/2011|19:16:07] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
[30/05/2011|18:05:53] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[06/08/2011|15:23:47] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[03/08/2011|14:58:57] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Second Life Viewer 2
[14/07/2009|06:42:29] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[14/07/2009|04:37:05] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[20/06/2011|19:09:24] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[14/07/2009|11:00:22] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[24/07/2011|11:52:41] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Game Creators
[05/08/2011|12:11:16] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve
[24/06/2011|15:15:31] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[14/07/2009|06:42:30] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
[30/05/2011|17:25:57] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[14/07/2009|06:42:24] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[14/07/2009|06:46:36] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[20/06/2011|21:03:07] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[14/07/2009|06:42:30] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
¤¤¤¤¤¤¤¤¤¤ %StartMenu%\Programs\Startup
[14/07/2009|06:41:57] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
¤¤¤¤¤¤¤¤¤¤ %AppData%
[23/07/2011|16:30:20] | C:\Users\roro\AppData\Roaming\.minecraft
[20/06/2011|19:21:59] | C:\Users\roro\AppData\Roaming\Adobe
[02/08/2011|16:45:11] | C:\Users\roro\AppData\Roaming\chrtmp
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\em.class
[30/05/2011|17:44:21] | C:\Users\roro\AppData\Roaming\Google
[30/05/2011|17:33:23] | C:\Users\roro\AppData\Roaming\Identities
[20/06/2011|19:21:59] | C:\Users\roro\AppData\Roaming\Macromedia
[30/05/2011|17:33:17] | C:\Users\roro\AppData\Roaming\Media Center Programs
[30/05/2011|17:33:17] | C:\Users\roro\AppData\Roaming\Microsoft
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\mod_TooManyItems.class
[02/10/2011|16:00:30] | C:\Users\roro\AppData\Roaming\Mozilla
[25/06/2011|19:21:48] | C:\Users\roro\AppData\Roaming\Mumble
[07/09/2011|15:27:11] | C:\Users\roro\AppData\Roaming\OpenOffice.org
[03/08/2011|14:59:22] | C:\Users\roro\AppData\Roaming\SecondLife
[07/09/2011|13:17:51] | C:\Users\roro\AppData\Roaming\SoftGrid Client
[22/06/2011|18:35:34] | C:\Users\roro\AppData\Roaming\teamspeak2
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\TMICompatibility.class
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\TMIConfig.class
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\TMIController.class
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\TMIStateButtonData.class
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\TMIUtils.class
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\TMIView.class
[11/08/2011|13:05:32] | C:\Users\roro\AppData\Roaming\Todae
[07/09/2011|13:15:53] | C:\Users\roro\AppData\Roaming\TP
[22/06/2011|18:39:07] | C:\Users\roro\AppData\Roaming\TS3Client
[24/06/2011|15:39:19] | C:\Users\roro\AppData\Roaming\vlc
[11/08/2011|13:05:16] | C:\Users\roro\AppData\Roaming\Winamp
[20/06/2011|21:03:07] | C:\Users\roro\AppData\Roaming\WinRAR
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\_tmi_MgButton.class
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\_tmi_MgButtonHandler.class
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\_tmi_MgCanvas.class
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\_tmi_MgItemHandler.class
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\_tmi_MgItemPanel.class
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\_tmi_MgWidget.class
[17/09/2011|14:30:18] | C:\Users\roro\AppData\Roaming\_tmi_MgZOrder.class
¤¤¤¤¤¤¤¤¤¤ %CommonAppData%
[06/08/2011|15:38:08] | C:\ProgramData\Adobe
[06/08/2011|13:57:11] | C:\ProgramData\Apple
[06/08/2011|15:23:24] | C:\ProgramData\Apple Computer
[14/07/2009|06:53:55] | C:\ProgramData\Application Data
[30/05/2011|17:33:04] | C:\ProgramData\Bureau
[14/07/2009|06:53:55] | C:\ProgramData\Desktop
[14/07/2009|06:53:55] | C:\ProgramData\Documents
[30/05/2011|17:33:04] | C:\ProgramData\Favoris
[14/07/2009|06:53:55] | C:\ProgramData\Favorites
[30/05/2011|17:43:39] | C:\ProgramData\Google
[20/06/2011|19:20:40] | C:\ProgramData\IM
[20/06/2011|19:20:40] | C:\ProgramData\IncrediMail
[30/05/2011|17:33:04] | C:\ProgramData\Menu Démarrer
[14/07/2009|04:37:05] | C:\ProgramData\Microsoft
[30/05/2011|17:33:04] | C:\ProgramData\Modèles
[30/05/2011|18:04:55] | C:\ProgramData\NVIDIA
[20/06/2011|17:45:13] | C:\ProgramData\NVIDIA Corporation
[29/09/2011|14:32:37] | C:\ProgramData\Photo Notifier and Animation Creator
[29/08/2011|22:00:37] | C:\ProgramData\Spybot - Search & Destroy
[14/07/2009|06:53:55] | C:\ProgramData\Start Menu
[20/06/2011|20:22:50] | C:\ProgramData\Sun
[14/07/2009|06:53:55] | C:\ProgramData\Templates
¤¤¤¤¤¤¤¤¤¤ %LocalAppData%
[06/08/2011|15:37:58] | C:\Users\roro\AppData\Local\Adobe
[06/08/2011|13:57:15] | C:\Users\roro\AppData\Local\Apple
[06/08/2011|14:03:27] | C:\Users\roro\AppData\Local\Apple Computer
[30/05/2011|17:33:17] | C:\Users\roro\AppData\Local\Application Data
[30/05/2011|17:43:18] | C:\Users\roro\AppData\Local\Apps
[29/09/2011|14:32:32] | C:\Users\roro\AppData\Local\Conduit
[03/08/2011|15:11:40] | C:\Users\roro\AppData\Local\Databases.db
[30/05/2011|17:43:17] | C:\Users\roro\AppData\Local\Deployment
[19/07/2011|13:01:48] | C:\Users\roro\AppData\Local\Diagnostics
[05/07/2011|11:55:04] | C:\Users\roro\AppData\Local\ElevatedDiagnostics
[30/05/2011|17:43:18] | C:\Users\roro\AppData\Local\GDIPFONTCACHEV1.DAT
[30/05/2011|17:43:27] | C:\Users\roro\AppData\Local\Google
[30/05/2011|17:33:17] | C:\Users\roro\AppData\Local\Historique
[03/08/2011|15:11:41] | C:\Users\roro\AppData\Local\http_www.flickr.com_0
[07/09/2011|13:02:09] | C:\Users\roro\AppData\Local\IconCache.db
[20/06/2011|19:20:54] | C:\Users\roro\AppData\Local\IM
[30/05/2011|17:33:17] | C:\Users\roro\AppData\Local\Microsoft
[07/08/2011|12:36:12] | C:\Users\roro\AppData\Local\Microsoft Games
[02/10/2011|14:16:41] | C:\Users\roro\AppData\Local\reakktor
[03/08/2011|14:59:21] | C:\Users\roro\AppData\Local\SecondLife
[07/09/2011|13:17:51] | C:\Users\roro\AppData\Local\SoftGrid Client
[22/06/2011|18:37:14] | C:\Users\roro\AppData\Local\TeamSpeak 3 Client
[30/05/2011|17:33:17] | C:\Users\roro\AppData\Local\Temp
[30/05/2011|17:33:17] | C:\Users\roro\AppData\Local\Temporary Internet Files
[30/05/2011|17:33:18] | C:\Users\roro\AppData\Local\VirtualStore
[05/07/2011|13:59:38] | C:\Users\roro\AppData\Local\Vivid_Abstractions
[20/06/2011|18:37:39] | C:\Users\roro\AppData\Local\Windows Live
[07/09/2011|13:51:26] | C:\Users\roro\AppData\Local\{12A554B5-2027-4D73-9854-91BEEF938B2F}
[08/09/2011|18:46:21] | C:\Users\roro\AppData\Local\{7823184B-670A-486C-98EF-B886B9B9D419}
[09/09/2011|08:38:10] | C:\Users\roro\AppData\Local\{88AB8425-C6A7-4407-9974-E7E81142FE42}
[08/09/2011|18:46:37] | C:\Users\roro\AppData\Local\{8BD2B0F0-3143-43B0-9843-20C5A284707C}
[07/09/2011|13:51:01] | C:\Users\roro\AppData\Local\{F2D7CE7F-6D1A-466D-A3FE-F59BF1516E80}
¤¤¤¤¤¤¤¤¤¤ %ProgramFiles%
[06/08/2011|15:38:05] | C:\Program Files\Adobe
[06/08/2011|13:57:11] | C:\Program Files\Apple Software Update
[28/07/2011|19:29:30] | C:\Program Files\Call of Duty Game of the Year Edition
[28/08/2011|10:27:34] | C:\Program Files\CCleaner
[14/07/2009|04:37:05] | C:\Program Files\Common Files
[29/09/2011|14:32:34] | C:\Program Files\Conduit
[14/07/2009|06:41:57] | C:\Program Files\desktop.ini
[14/07/2009|06:52:30] | C:\Program Files\DVD Maker
[22/06/2011|18:17:27] | C:\Program Files\EA GAMES
[07/09/2011|14:19:01] | C:\Program Files\ElcomSoft
[30/05/2011|17:33:04] | C:\Program Files\Fichiers communs
[22/06/2011|18:17:54] | C:\Program Files\GameSpy Arcade
[02/10/2011|13:56:58] | C:\Program Files\Gamigo
[30/05/2011|17:43:29] | C:\Program Files\Google
[20/06/2011|19:20:40] | C:\Program Files\IncrediMail
[29/09/2011|14:32:31] | C:\Program Files\IncrediMail_MediaBar_Francais_2
[30/05/2011|18:05:35] | C:\Program Files\InstallShield Installation Information
[14/07/2009|04:37:05] | C:\Program Files\Internet Explorer
[20/06/2011|20:22:22] | C:\Program Files\Java
[07/09/2011|13:16:23] | C:\Program Files\Microsoft Application Virtualization Client
[14/07/2009|06:52:30] | C:\Program Files\Microsoft Games
[07/09/2011|13:16:23] | C:\Program Files\Microsoft Office
[30/05/2011|17:46:17] | C:\Program Files\Microsoft Security Client
[20/06/2011|18:43:32] | C:\Program Files\Microsoft Silverlight
[07/09/2011|13:41:21] | C:\Program Files\Microsoft SQL Server Compact Edition
[20/06/2011|18:32:59] | C:\Program Files\Microsoft.NET
[03/10/2011|08:17:21] | C:\Program Files\mirware with FreeAngel
[22/06/2011|19:57:15] | C:\Program Files\MOHAATools
[14/07/2009|06:52:30] | C:\Program Files\MSBuild
[25/06/2011|19:16:01] | C:\Program Files\Mumble
[30/05/2011|18:03:39] | C:\Program Files\NVIDIA Corporation
[07/09/2011|15:18:44] | C:\Program Files\OpenOffice.org 3
[29/09/2011|14:32:37] | C:\Program Files\Photo Notifier and Animation Creator
[06/08/2011|15:23:24] | C:\Program Files\QuickTime
[30/05/2011|18:09:40] | C:\Program Files\Realtek
[14/07/2009|06:52:30] | C:\Program Files\Reference Assemblies
[03/08/2011|14:58:40] | C:\Program Files\SecondLifeViewer2
[29/08/2011|22:00:37] | C:\Program Files\Spybot - Search & Destroy
[20/06/2011|19:09:23] | C:\Program Files\Steam
[30/05/2011|18:09:36] | C:\Program Files\Temp
[24/07/2011|11:49:01] | C:\Program Files\The Game Creators
[14/07/2009|06:53:23] | C:\Program Files\Uninstall Information
[24/06/2011|15:15:13] | C:\Program Files\VideoLAN
[11/08/2011|14:01:35] | C:\Program Files\VirtualDJ
[11/08/2011|13:05:16] | C:\Program Files\Winamp
[11/08/2011|13:06:16] | C:\Program Files\Winamp Detect
[14/07/2009|06:52:30] | C:\Program Files\Windows Defender
[14/07/2009|11:01:06] | C:\Program Files\Windows Journal
[07/09/2011|13:38:03] | C:\Program Files\Windows Live
[14/07/2009|04:37:05] | C:\Program Files\Windows Mail
[14/07/2009|06:52:30] | C:\Program Files\Windows Media Player
[14/07/2009|04:37:05] | C:\Program Files\Windows NT
[14/07/2009|06:52:30] | C:\Program Files\Windows Photo Viewer
[14/07/2009|06:52:30] | C:\Program Files\Windows Portable Devices
[18/08/2011|15:30:15] | C:\Program Files\Windows Searchqu Toolbar
[14/07/2009|06:52:30] | C:\Program Files\Windows Sidebar
[20/06/2011|21:02:58] | C:\Program Files\WinRAR
¤¤¤¤¤¤¤¤¤¤ %CommonFiles%
[06/08/2011|15:39:45] | C:\Program Files\Common Files\Adobe
[06/08/2011|15:38:04] | C:\Program Files\Common Files\Adobe AIR
[31/07/2011|17:51:55] | C:\Program Files\Common Files\Akamai
[06/08/2011|13:57:28] | C:\Program Files\Common Files\Apple
[24/07/2011|13:34:02] | C:\Program Files\Common Files\Bcgsoft
[30/05/2011|18:09:32] | C:\Program Files\Common Files\InstallShield
[20/06/2011|20:22:49] | C:\Program Files\Common Files\Java
[14/07/2009|04:37:05] | C:\Program Files\Common Files\microsoft shared
[11/08/2011|13:05:24] | C:\Program Files\Common Files\PX Storage Engine
[14/07/2009|04:37:05] | C:\Program Files\Common Files\Services
[14/07/2009|04:37:05] | C:\Program Files\Common Files\SpeechEngines
[20/06/2011|19:09:24] | C:\Program Files\Common Files\Steam
[22/06/2011|18:31:29] | C:\Program Files\Common Files\SWF Studio
[14/07/2009|04:37:05] | C:\Program Files\Common Files\System
[20/06/2011|18:37:37] | C:\Program Files\Common Files\Windows Live
¤¤¤¤¤¤¤¤¤¤ %Temp%\Low
[29/09/2011|14:32:49] | C:\Users\roro\AppData\Local\Temp\Low\Google Toolbar
[02/10/2011|11:51:48] | C:\Users\roro\AppData\Local\Temp\Low\hsperfdata_roro
[21/09/2011|14:33:11] | C:\Users\roro\AppData\Local\Temp\Low\IM
¤¤¤¤¤¤¤¤¤¤ Tasks
[30/05/2011 | 17:43:32] | C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[30/05/2011 | 17:43:32] | C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
¤¤¤¤¤¤¤¤¤¤ Firewall
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
¤
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
¤¤¤¤¤¤¤¤¤¤ CURRENT_USER | UNINSTALL
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\<Key>]
"TeamSpeak 3 Client"=TeamSpeak Systems GmbH ->
"Winamp Detect"=Nullsoft, Inc -> 1.0.0.1
¤¤¤¤¤¤¤¤¤¤ LOCAL_MACHINE | UNINSTALL
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\<Key>]
"AddressBook"= ->
"Adobe AIR"=Adobe Systems Incorporated -> 2.7.0.19530
"Adobe Flash Player ActiveX"=Adobe Systems Incorporated -> 10.3.183.10
"Adobe Shockwave Player"=Adobe Systems, Inc. -> 11.6.1.629
"Akamai"= ->
"Black Prophecy_is1"= ->
"Call of Duty"= ->
"Call of Duty Game of the Year Edition"= ->
"Connection Manager"= ->
"Counter-Strike: Condition Zero"= ->
"DirectDrawEx"= ->
"DXM_Runtime"= ->
"Fontcore"= ->
"GameSpy Arcade"= ->
"IE40"= ->
"IE4Data"= ->
"IE5BAKEX"= ->
"IEData"= ->
"IncrediMail"=IncrediMail Ltd. -> 6.2.9.5079
"IncrediMail MediaBar Francais 2 Toolbar"= -> 6.5.2.8
"IncrediMail_MediaBar_Francais_2 Toolbar"=IncrediMail MediaBar Francais 2 -> 6.5.2.8
"Microsoft .NET Framework 4 Client Profile"=Microsoft Corporation -> 4.0.30319
"Microsoft .NET Framework 4 Client Profile FRA Language Pack"=Microsoft Corporation -> 4.0.30319
"Microsoft .NET Framework 4 Extended"=Microsoft Corporation -> 4.0.30319
"Microsoft Security Client"=Microsoft Corporation -> 2.1.1116.0
"MobileOptionPack"= ->
"MPlayer2"= ->
"NVIDIA Drivers"=NVIDIA Corporation -> 1.10.62.40
"Photo Notifier and Animation Creator"=IncrediMail Ltd. -> 1.0.0.1009
"SchedulingAgent"= ->
"SecondLifeViewer2"= ->
"Steam App 1200"=Tripwire Interactive ->
"Steam App 1220"=Tripwire Interactive ->
"Steam App 1230"=Sandstorm Productions ->
"Steam App 1280"=Darkest Hour Team ->
"Steam App 1290"= ->
"Steam App 220"=Valve ->
"Steam App 380"=Valve ->
"Steam App 4000"=Team Garry ->
"Steam App 420"=Valve ->
"Steam App 440"=Valve ->
"VLC media player"=VideoLAN -> 1.1.10
"WIC"= ->
"Winamp"= ->
"WinRAR archiver"=win.rar GmbH -> 4.01.0
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}"=Valve -> 1.0.0.0
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}"=Microsoft Corporation -> 3.0.8402.2
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}"=Microsoft Corporation -> 4.0.30319
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2162169"= ->
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2416472"= ->
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2468871"=Microsoft Corporation -> 1
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2478063"= ->
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2487367"=Microsoft Corporation -> 1
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2533523"=Microsoft Corporation -> 1
"{0DEA94ED-915A-4834-A87E-388D012C8E02}"= ->
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}"=Microsoft Corporation -> 4.0.30319
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663"=Microsoft Corporation -> 1
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870"=Microsoft Corporation -> 1
"{18455581-E099-4BA8-BC6B-F34B2F06600C}"=Google Inc. -> 1.0.0
"{18EF2DEE-DCB0-466A-ABA5-4C73E508530A}"= ->
"{19192A84-6172-4312-A661-D8F9A34585AB}"=Atomix Productions -> 7.0.4.1
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}"=Microsoft Corporation -> 10.0.30319
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=Google Inc. -> 7.1.2003.1856
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}"=Oracle -> 6.0.260
"{32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}"=Microsoft Corporation -> 3.0.8402.2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}"=Microsoft Corporation -> 4.0.30319
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2160841"= ->
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2162169"= ->
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708"=Microsoft Corporation -> 1
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708v2"= ->
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871"=Microsoft Corporation -> 1
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2473228"= ->
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478063"= ->
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663"=Microsoft Corporation -> 1
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2514805"= ->
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870"=Microsoft Corporation -> 1
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523"=Microsoft Corporation -> 1
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636"=Microsoft Corporation -> 1
"{4A03706F-666A-4037-7777-5F2748764D10}"=Sun Microsystems, Inc. -> 2.0.5.1
"{50779A29-834E-4E36-BBEB-B7CABC67A825}"=Microsoft Corporation -> 2.1.1116.0
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}"=Microsoft Corporation -> 2.1.1116.0
"{582876EC-A178-44D4-9823-C10D6C62EAFF}"= ->
"{5E97F3BD-CDDC-4188-9D98-532E14FABB5D}"=IncrediMail -> 6.2.9.5079
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}"=Adobe Systems, Inc -> 12.0.0.1
"{61AD15B2-50DB-4686-A739-14FE180D4429}"=Microsoft Corporation -> 7.250.4225.0
"{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}"= ->
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}"=Apple Inc. -> 2.0.1
"{6B7F28D4-160E-40C6-B7C8-5EC6B9734DA7}"=Nom de votre société -> 1.0.0.1009
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}"=Microsoft Corporation -> 8.0.61001
"{72604C30-CBD2-4917-9AB5-4274747F3269}_is1"=KevinsL -> 0.2
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}"=Apple Inc. -> 2.1.3.127
"{7914BE1E-F186-4790-B8F4-9F63C52A41C1}"= ->
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}"=NVIDIA Corporation -> 1.00.7325.0
"{823A68CC-3049-4A6B-8F63-7DC85E4BB1C9}"= ->
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}"=Microsoft Corporation -> 4.0.60531.0
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}"=Microsoft Corporation -> 9.0.30729
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}"=Microsoft Corporation -> 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}"=Google Inc. -> 1.3.21.69
"{AC76BA86-7AD7-1036-7B44-AA1000000001}"=Adobe Systems Incorporated -> 10.1.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision"=NVIDIA Corporation -> 266.71
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel"=NVIDIA Corporation -> 266.71
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver"=NVIDIA Corporation -> 266.71
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX"=NVIDIA Corporation -> 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver"=NVIDIA Corporation -> 1.1.13.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer"=NVIDIA Corporation -> 2.265.39.0
"{B91E4360-298A-4306-9E95-9AD91A0952A1}"= ->
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}"=NVIDIA Corporation -> 9.10.0514
"{BE699EDC-9E58-4671-A23E-9CDF7F6F42F2}"= ->
"{C9E14402-3631-4182-B377-6B0DFB1C0339}"=Apple Inc. -> 7.70.80.34
"{DF9046D6-5F1F-40B6-9782-3DC2D902D391}"= ->
"{E1019541-10A2-464F-A23E-A4F23DA65160}"=Thorvald Natvig -> 1.2.3
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}"=Realtek Semiconductor Corp. -> 6.0.1.6353
"{FDB3B167-F4FA-461D-976F-286304A57B2A}"=Adobe Systems Incorporated -> 2.7.0.19530
¤¤¤¤¤¤¤¤¤¤ Drivers | Services | R0 : Boot | R1 : System | R2 : Auto
R0 - ACPI (Pilote ACPI Microsoft) -> system32\drivers\ACPI.sys
R2 - AdobeARMservice (Adobe Acrobat Update Service) -> "C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe"
R1 - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys
R2 - Akamai (Akamai NetSession Interface) -> %SystemRoot%\System32\svchost.exe -k Akamai
R0 - amdxata () -> system32\drivers\amdxata.sys
R0 - atapi (Canal IDE) -> system32\drivers\atapi.sys
R2 - AudioEndpointBuilder (@%SystemRoot%\system32\audiosrv.dll,-204) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
R2 - Audiosrv (@%SystemRoot%\system32\audiosrv.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
R1 - Beep (Beep) -> (?)
R2 - BFE (@%SystemRoot%\system32\bfe.dll,-1001) -> %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
R2 - BITS (@%SystemRoot%\system32\qmgr.dll,-1000) -> %SystemRoot%\System32\svchost.exe -k netsvcs
R1 - blbdrive () -> system32\DRIVERS\blbdrive.sys
R1 - cdrom (Pilote de CD-ROM) -> \SystemRoot\system32\drivers\cdrom.sys
R0 - CLFS (@%SystemRoot%\system32\clfs.sys,-100) -> System32\CLFS.sys
R0 - CNG () -> System32\Drivers\cng.sys
R2 - CryptSvc (@%SystemRoot%\system32\cryptsvc.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k NetworkService
R2 - DcomLaunch (@oleres.dll,-5012) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch
R1 - DfsC (@%systemroot%\system32\drivers\dfsc.sys,-101) -> System32\Drivers\dfsc.sys
R2 - Dhcp (@%SystemRoot%\system32\dhcpcore.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted
R1 - discache (@%systemroot%\system32\drivers\discache.sys,-102) -> System32\drivers\discache.sys
R0 - Disk (Pilote de disque) -> system32\DRIVERS\disk.sys
R2 - Dnscache (@%SystemRoot%\System32\dnsapi.dll,-101) -> %SystemRoot%\system32\svchost.exe -k NetworkService
R2 - DPS (@%systemroot%\system32\dps.dll,-500) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork
R2 - eventlog (@%SystemRoot%\system32\wevtsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
R2 - EventSystem (@comres.dll,-2450) -> %SystemRoot%\system32\svchost.exe -k LocalService
R2 - FDResPub (@%systemroot%\system32\fdrespub.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation
R0 - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> system32\drivers\fileinfo.sys
R0 - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys
R2 - FontCache (@%systemroot%\system32\FntCache.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation
R2 - ForceWare Intelligent Application Manager (IAM) (ForceWare Intelligent Application Manager (IAM)) -> C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
R0 - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys
R2 - gpsvc (@gpapi.dll,-112) -> %systemroot%\system32\svchost.exe -k netsvcs
R0 - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys
R2 - iphlpsvc (@%SystemRoot%\system32\iphlpsvc.dll,-500) -> %SystemRoot%\System32\svchost.exe -k NetSvcs
R0 - KSecDD () -> System32\Drivers\ksecdd.sys
R0 - KSecPkg () -> System32\Drivers\ksecpkg.sys
R2 - LanmanServer (@%systemroot%\system32\srvsvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs
R2 - LanmanWorkstation (@%systemroot%\system32\wkssvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k NetworkService
R2 - lltdio (Link-Layer Topology Discovery Mapper I/O Driver) -> system32\DRIVERS\lltdio.sys
R2 - lmhosts (@%SystemRoot%\system32\lmhsvc.dll,-101) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted
R2 - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys
R2 - MMCSS (@%systemroot%\system32\mmcss.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs
R0 - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys
R1 - MpFilter (Microsoft Malware Protection Driver) -> system32\DRIVERS\MpFilter.sys
R1 - MpKsl4036eeef () -> \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{081FB6A2-E759-4F9D-AD70-1C0AF6F7D70F}\MpKsl4036eeef.sys
R2 - MpsSvc (@%SystemRoot%\system32\FirewallAPI.dll,-23090) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork
R1 - Msfs () -> (?)
R0 - msisadrv () -> system32\drivers\msisadrv.sys
R2 - MsMpSvc (Microsoft Antimalware Service) -> "c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
R1 - mssmbios (Pilote BIOS de gestion de systèmes Microsoft) -> \SystemRoot\system32\drivers\mssmbios.sys
R0 - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys
R0 - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys
R1 - NetBIOS (NetBIOS Interface) -> system32\DRIVERS\netbios.sys
R1 - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys
R2 - NlaSvc (@%SystemRoot%\System32\nlasvc.dll,-1) -> %SystemRoot%\System32\svchost.exe -k NetworkService
R1 - Npfs () -> (?)
R2 - nsi (@%SystemRoot%\system32\nsisvc.dll,-200) -> %systemroot%\system32\svchost.exe -k LocalService
R1 - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys
R2 - nSvcIp (ForceWare IP service) -> C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
R1 - Null () -> (?)
R0 - nvstor () -> system32\drivers\nvstor.sys
R0 - nvstor32 () -> system32\DRIVERS\nvstor32.sys
R2 - nvsvc (NVIDIA Display Driver Service) -> C:\Windows\system32\nvvsvc.exe
R0 - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys
R2 - Parvdm () -> system32\DRIVERS\parvdm.sys
R0 - pci (Pilote de bus PCI) -> system32\drivers\pci.sys
R0 - pciide () -> system32\drivers\pciide.sys
R0 - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys
R2 - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys
R2 - PlugPlay (@%SystemRoot%\system32\umpnpmgr.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch
R2 - Power (@%SystemRoot%\system32\umpo.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch
R2 - ProfSvc (@%systemroot%\system32\profsvc.dll,-300) -> %systemroot%\system32\svchost.exe -k netsvcs
R1 - Psched (@%SystemRoot%\System32\drivers\pacer.sys,-101) -> system32\DRIVERS\pacer.sys
R1 - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys
R1 - RDPCDD (@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100) -> System32\DRIVERS\RDPCDD.sys
R1 - RDPENCDD (@%systemroot%\system32\drivers\RDPENCDD.sys,-101) -> system32\drivers\rdpencdd.sys
R1 - RDPREFMP (@%systemroot%\system32\drivers\RdpRefMp.sys,-101) -> system32\drivers\rdprefmp.sys
R0 - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys
R2 - RpcEptMapper (@%windir%\system32\RpcEpMap.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k RPCSS
R2 - RpcSs (@oleres.dll,-5010) -> %SystemRoot%\system32\svchost.exe -k rpcss
R2 - rspndr (Link-Layer Topology Discovery Responder) -> system32\DRIVERS\rspndr.sys
R2 - SamSs (@%SystemRoot%\system32\samsrv.dll,-1) -> %SystemRoot%\system32\lsass.exe
R2 - Schedule (@%SystemRoot%\system32\schedsvc.dll,-100) -> %systemroot%\system32\svchost.exe -k netsvcs
R2 - secdrv (Security Driver) -> (?)
R2 - SENS (@%SystemRoot%\system32\Sens.dll,-200) -> %SystemRoot%\system32\svchost.exe -k netsvcs
R1 - Serial (Pilote de port série) -> system32\DRIVERS\serial.sys
R2 - ShellHWDetection (@%SystemRoot%\System32\shsvcs.dll,-12288) -> %SystemRoot%\System32\svchost.exe -k netsvcs
R0 - spldr (Security Processor Loader Driver) -> (?)
R2 - Spooler (@%systemroot%\system32\spoolsv.exe,-1) -> %SystemRoot%\System32\spoolsv.exe
R2 - SysMain (@%SystemRoot%\system32\sysmain.dll,-1000) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted
R0 - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys
R2 - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys
R1 - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> system32\DRIVERS\tdx.sys
R1 - TermDD (Pilote de périphérique terminal) -> \SystemRoot\system32\drivers\termdd.sys
R2 - Themes (@%SystemRoot%\System32\themeservice.dll,-8192) -> %SystemRoot%\System32\svchost.exe -k netsvcs
R2 - TrkWks (@%SystemRoot%\system32\trkwks.dll,-1) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
R2 - UxSms (@%SystemRoot%\system32\dwm.exe,-2000) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
R0 - vdrvroot (Pilote d'énumérateur de lecteur virtuel Microsoft) -> system32\drivers\vdrvroot.sys
R1 - VgaSave () -> \SystemRoot\System32\drivers\vga.sys
R0 - volmgr (Pilote du Gestionnaire de volume) -> system32\drivers\volmgr.sys
R0 - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys
R0 - volsnap (Volumes de stockage) -> system32\drivers\volsnap.sys
R1 - Wanarpv6 (@%systemroot%\system32\rascfg.dll,-32012) -> system32\DRIVERS\wanarp.sys
R0 - Wdf01000 (Kernel Mode Driver Frameworks service) -> system32\drivers\Wdf01000.sys
R1 - WfpLwf (WFP Lightweight Filter) -> system32\DRIVERS\wfplwf.sys
R2 - Winmgmt (@%Systemroot%\system32\wbem\wmisvc.dll,-205) -> %systemroot%\system32\svchost.exe -k netsvcs
R2 - wlidsvc (Windows Live ID Sign-in Assistant) -> "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
R2 - WMPNetworkSvc (@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101) -> "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe"
R2 - wscsvc (@%SystemRoot%\System32\wscsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
R2 - WSearch (@%systemroot%\system32\SearchIndexer.exe,-103) -> %systemroot%\system32\SearchIndexer.exe /Embedding
R2 - wuauserv (@%systemroot%\system32\wuaueng.dll,-105) -> %systemroot%\system32\svchost.exe -k netsvcs
R2 - wudfsvc (@%SystemRoot%\system32\wudfsvc.dll,-1000) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted
¤¤¤¤¤¤¤¤¤¤ MBR
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7601 Disk: SAMSUNG_ rev.1AJ1 -> Harddisk0\DR0 -> \Device\00000070
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll storport.sys nvstor32.sys nvlddmkm.sys dxgkrnl.sys dxgmms1.sys HDAudBus.sys USBPORT.SYS usbehci.sys ataport.SYS Wdf01000.sys watchdog.sys partmgr.sys volmgr.sys fvevol.sys rdyboost.sys volsnap.sys Ntfs.sys USBSTOR.SYS usbhub.sys ndis.sys nvmf6232.sys srv.sys fltmgr.sys fileinfo.sys MpFilter.sys usbohci.sys hidusb.sys HIDCLASS.SYS HIDPARSE.SYS mouhid.sys mouclass.sys
C:\Windows\system32\DRIVERS\nvstor32.sys NVIDIA Corporation NVIDIA nForce(TM) SATA Driver
C:\Windows\system32\DRIVERS\nvlddmkm.sys NVIDIA Corporation NVIDIA Windows Kernel Mode Driver, Version 266.71
C:\Windows\system32\DRIVERS\nvmf6232.sys NVIDIA Corporation NVIDIA Networking Driver
1 ntkrnlpa!IofCallDriver[0x8305652A] -> \Device\Harddisk0\DR0[0x85F3F1E0]
3 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A] -> [0x859C3348]
5 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A] -> \Device\00000070[0x859C3628]
7 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A] -> \Device\USBPDO-2[0x86F4D6A8]
9 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A] -> \Device\USBPDO-1[0x864F6028]
11 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A] -> \Device\USBPDO-2[0x86F4D6A8]
13 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A] -> \Device\USBPDO-1[0x864F6028]
15 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A] -> \Device\USBPDO-2[0x86F4D6A8]
17 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A] -> \Device\USBPDO-1[0x864F6028]
19 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A] -> \Device\USBPDO-2[0x86F4D6A8]
21 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
23 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
25 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
27 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
29 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
31 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
33 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
35 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
37 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
39 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
41 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
43 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
45 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
47 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
49 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
51 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
53 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
55 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
57 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
59 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
61 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
63 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
65 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
67 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
69 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
71 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
73 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
75 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
77 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
79 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
81 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
83 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
85 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
87 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
89 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
91 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
93 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
95 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
97 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
99 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
101 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
103 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
105 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
107 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
109 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
111 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
113 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
115 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
117 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
119 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
121 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
123 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
125 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
127 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
129 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
131 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
133 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
135 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
137 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
139 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
141 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
143 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
145 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
147 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
149 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
151 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
153 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
155 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
157 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
159 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
161 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
163 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
165 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
167 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
169 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
171 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
173 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
175 volsnap[0x893B9C85] -> ntkrnlpa!IofCallDriver[0x8305652A]
177 rdyboost[0x8920C774] -> ntkrnlpa!IofCallDriver[0x8305652A]
179 fvevol[0x891B746F] -> ntkrnlpa!IofCallDriver[0x8305652A]
181 volmgr[0x88C499A8] -> ntkrnlpa!IofCallDriver[0x8305652A]
183 partmgr[0x88C38111] -> ntkrnlpa!IofCallDriver[0x8305652A]
185 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A]
187 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A]
189 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
191 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
193 volsnap[0x893B9C85] -> ntkrnlpa!IofCallDriver[0x8305652A]
195 rdyboost[0x8920C774] -> ntkrnlpa!IofCallDriver[0x8305652A]
197 fvevol[0x891B746F] -> ntkrnlpa!IofCallDriver[0x8305652A]
199 volmgr[0x88C499A8] -> ntkrnlpa!IofCallDriver[0x8305652A]
201 partmgr[0x88C38111] -> ntkrnlpa!IofCallDriver[0x8305652A]
203 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A]
205 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A]
207 volsnap[0x893B9C85] -> ntkrnlpa!IofCallDriver[0x8305652A]
209 rdyboost[0x8920C774] -> ntkrnlpa!IofCallDriver[0x8305652A]
211 fvevol[0x891B746F] -> ntkrnlpa!IofCallDriver[0x8305652A]
213 volmgr[0x88C499A8] -> ntkrnlpa!IofCallDriver[0x8305652A]
215 partmgr[0x88C38111] -> ntkrnlpa!IofCallDriver[0x8305652A]
217 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A]
219 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A]
221 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
223 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
225 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
227 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
229 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
231 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
233 volsnap[0x893B9C85] -> ntkrnlpa!IofCallDriver[0x8305652A]
235 rdyboost[0x8920C774] -> ntkrnlpa!IofCallDriver[0x8305652A]
237 fvevol[0x891B746F] -> ntkrnlpa!IofCallDriver[0x8305652A]
239 volmgr[0x88C499A8] -> ntkrnlpa!IofCallDriver[0x8305652A]
241 partmgr[0x88C38111] -> ntkrnlpa!IofCallDriver[0x8305652A]
243 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A]
245 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A]
247 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
249 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
251 volsnap[0x893B9C85] -> ntkrnlpa!IofCallDriver[0x8305652A]
253 rdyboost[0x8920C774] -> ntkrnlpa!IofCallDriver[0x8305652A]
255 fvevol[0x891B746F] -> ntkrnlpa!IofCallDriver[0x8305652A]
257 volmgr[0x88C499A8] -> ntkrnlpa!IofCallDriver[0x8305652A]
259 partmgr[0x88C38111] -> ntkrnlpa!IofCallDriver[0x8305652A]
261 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A]
263 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A]
265 volsnap[0x893B9C85] -> ntkrnlpa!IofCallDriver[0x8305652A]
267 rdyboost[0x8920C774] -> ntkrnlpa!IofCallDriver[0x8305652A]
269 fvevol[0x891B746F] -> ntkrnlpa!IofCallDriver[0x8305652A]
271 volmgr[0x88C499A8] -> ntkrnlpa!IofCallDriver[0x8305652A]
273 partmgr[0x88C38111] -> ntkrnlpa!IofCallDriver[0x8305652A]
275 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A]
277 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A]
279 volsnap[0x893B9C85] -> ntkrnlpa!IofCallDriver[0x8305652A]
281 rdyboost[0x8920C774] -> ntkrnlpa!IofCallDriver[0x8305652A]
283 fvevol[0x891B746F] -> ntkrnlpa!IofCallDriver[0x8305652A]
285 volmgr[0x88C499A8] -> ntkrnlpa!IofCallDriver[0x8305652A]
287 partmgr[0x88C38111] -> ntkrnlpa!IofCallDriver[0x8305652A]
289 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A]
291 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A]
293 volsnap[0x893B9C85] -> ntkrnlpa!IofCallDriver[0x8305652A]
295 rdyboost[0x8920C774] -> ntkrnlpa!IofCallDriver[0x8305652A]
297 fvevol[0x891B746F] -> ntkrnlpa!IofCallDriver[0x8305652A]
299 volmgr[0x88C499A8] -> ntkrnlpa!IofCallDriver[0x8305652A]
301 partmgr[0x88C38111] -> ntkrnlpa!IofCallDriver[0x8305652A]
303 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A]
305 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A]
307 volsnap[0x893B9C85] -> ntkrnlpa!IofCallDriver[0x8305652A]
309 rdyboost[0x8920C774] -> ntkrnlpa!IofCallDriver[0x8305652A]
311 fvevol[0x891B746F] -> ntkrnlpa!IofCallDriver[0x8305652A]
313 volmgr[0x88C499A8] -> ntkrnlpa!IofCallDriver[0x8305652A]
315 partmgr[0x88C38111] -> ntkrnlpa!IofCallDriver[0x8305652A]
317 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A]
319 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A]
321 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
323 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
325 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
327 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
329 volsnap[0x893B9C85] -> ntkrnlpa!IofCallDriver[0x8305652A]
331 rdyboost[0x8920C774] -> ntkrnlpa!IofCallDriver[0x8305652A]
333 fvevol[0x891B746F] -> ntkrnlpa!IofCallDriver[0x8305652A]
335 volmgr[0x88C499A8] -> ntkrnlpa!IofCallDriver[0x8305652A]
337 partmgr[0x88C38111] -> ntkrnlpa!IofCallDriver[0x8305652A]
339 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A]
341 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A]
343 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
345 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
347 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
349 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
351 volsnap[0x893B9C85] -> ntkrnlpa!IofCallDriver[0x8305652A]
353 rdyboost[0x8920C774] -> ntkrnlpa!IofCallDriver[0x8305652A]
355 fvevol[0x891B746F] -> ntkrnlpa!IofCallDriver[0x8305652A]
357 volmgr[0x88C499A8] -> ntkrnlpa!IofCallDriver[0x8305652A]
359 partmgr[0x88C38111] -> ntkrnlpa!IofCallDriver[0x8305652A]
361 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A]
363 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A]
365 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
367 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
369 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
371 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
373 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
375 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
377 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
379 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
381 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
383 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
385 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
387 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
389 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
391 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
393 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
395 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
397 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
399 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
401 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
403 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
405 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
407 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
409 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
411 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
413 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
415 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
417 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
419 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
421 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
423 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
425 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
427 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
429 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
431 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
433 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
435 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
437 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
439 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
441 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
443 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
445 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
447 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
449 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
451 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
453 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
455 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
457 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
459 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
461 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
463 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
465 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
467 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
469 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
471 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
473 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
475 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
477 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
479 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
481 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
483 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
485 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
487 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
489 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
491 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
493 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
495 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
497 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
499 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
501 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
503 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
505 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
507 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
509 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
511 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
513 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
515 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
517 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
519 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
521 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
523 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
525 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
527 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
529 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
531 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
533 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
535 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
537 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
539 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
541 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
543 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
545 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
547 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
549 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
551 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
553 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
555 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
557 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
559 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
561 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
563 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
565 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
567 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
569 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
571 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
573 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
575 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
577 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
579 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
581 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
583 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
585 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
587 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
589 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
591 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
593 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
595 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
597 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
599 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
601 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
603 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
605 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
607 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
609 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
611 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
613 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
615 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
617 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
619 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
621 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
623 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
625 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
627 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
629 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
631 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
633 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
635 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
637 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
639 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
641 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
643 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
645 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
647 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
649 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
651 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
653 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
655 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
657 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
659 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
661 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305
toxic512008
Messages postés
140
Date d'inscription
samedi 25 juillet 2009
Statut
Membre
Dernière intervention
12 octobre 2011
23
9 oct. 2011 à 18:47
9 oct. 2011 à 18:47
663 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
665 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
667 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
669 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
671 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
673 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
675 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
677 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
679 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
681 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
683 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
685 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
687 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
689 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
691 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
693 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
695 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
697 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
699 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
701 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
703 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
705 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
707 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
709 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
711 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
713 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
715 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
717 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
719 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
721 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
723 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
725 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
727 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
729 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
731 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
733 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
735 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
737 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
739 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
741 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
743 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
745 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
747 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
749 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
751 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
753 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
755 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
757 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
759 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
761 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
763 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
765 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
767 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
769 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
771 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
773 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
775 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
777 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
779 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
781 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
783 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
785 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
787 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
789 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
791 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
793 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
795 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
797 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
799 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
801 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
803 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
805 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
807 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
809 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
811 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
813 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
815 volsnap[0x893B9C85] -> ntkrnlpa!IofCallDriver[0x8305652A]
817 rdyboost[0x8920C774] -> ntkrnlpa!IofCallDriver[0x8305652A]
819 fvevol[0x891B746F] -> ntkrnlpa!IofCallDriver[0x8305652A]
821 volmgr[0x88C499A8] -> ntkrnlpa!IofCallDriver[0x8305652A]
823 partmgr[0x88C38111] -> ntkrnlpa!IofCallDriver[0x8305652A]
825 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A]
827 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A]
829 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
831 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
833 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
835 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
837 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
839 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
841 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
843 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
845 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
847 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
849 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
851 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
853 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
855 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
857 volsnap[0x893B9C85] -> ntkrnlpa!IofCallDriver[0x8305652A]
859 rdyboost[0x8920C774] -> ntkrnlpa!IofCallDriver[0x8305652A]
861 fvevol[0x891B746F] -> ntkrnlpa!IofCallDriver[0x8305652A]
863 volmgr[0x88C499A8] -> ntkrnlpa!IofCallDriver[0x8305652A]
865 partmgr[0x88C38111] -> ntkrnlpa!IofCallDriver[0x8305652A]
867 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A]
869 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A]
871 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
873 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
875 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
877 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
879 volsnap[0x893B9C85] -> ntkrnlpa!IofCallDriver[0x8305652A]
881 rdyboost[0x8920C774] -> ntkrnlpa!IofCallDriver[0x8305652A]
883 fvevol[0x891B746F] -> ntkrnlpa!IofCallDriver[0x8305652A]
885 volmgr[0x88C499A8] -> ntkrnlpa!IofCallDriver[0x8305652A]
887 partmgr[0x88C38111] -> ntkrnlpa!IofCallDriver[0x8305652A]
889 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A]
891 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A]
kernel: MBR read successfully
user & kernel MBR OK
¤¤¤¤¤¤¤¤¤¤ Security Center
[HKLM | Security Center\Svc] | AntispywareOverride : 0
[HKLM | Security Center\Svc] | AntiVirusOverride : 0
[HKLM | Security Center\Svc] | FirewallOverride : 0
¤
[HKLM | FirewallPolicy\DomainProfile] | DisableNotifications : 0
[HKLM | FirewallPolicy\StandardProfile] | DisableNotifications : 0
¤¤¤¤¤¤¤¤¤¤ Ports
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
¤
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\domainprofile\GloballyOpenPorts\List]
¤¤¤¤¤¤¤¤¤¤ Recherche de Fichiers cachés
~ Disques externes : 0 Objets cachés
~ Disque Local : 0 Objets cachés
Utilisateurs : 1 Objets cachés (Modified)
ProgramFiles : 5 Objets cachés (Modified)
~ Music : 0 Objets cachés
~ Pictures : 0 Objets cachés
~ Videos : 0 Objets cachés
~ Downloads : 0 Objets cachés
~ Desktop : 0 Objets cachés
~ Links : 0 Objets cachés
Searches : 3 Objets cachés (Modified)
~ Contacts : 0 Objets cachés
~ Saved Games : 0 Objets cachés
~ Favorites : 0 Objets cachés
Documents : 32 Objets cachés (Modified)
Windows : 45 Objets cachés (Modified)
~ StartMenu : 0 Objets cachés
~ Librairies : 0 Objets cachés
Quick Launch : 2 Objets cachés (Modified)
%AppData% : 2 Objets cachés (Modified)
¤¤¤¤¤¤¤¤¤¤ Alternate Data Streams
Suspect :
¤¤¤¤¤¤
C:\Windows\explorer.exe -> Processus redémarré
Pre_Script.exe : Pour le faire apparaitre , glisser-déposer une icone sur Pre_scan
Fin : 18:17:33
¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤
665 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
667 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
669 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
671 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
673 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
675 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
677 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
679 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
681 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
683 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
685 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
687 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
689 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
691 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
693 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
695 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
697 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
699 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
701 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
703 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
705 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
707 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
709 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
711 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
713 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
715 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
717 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
719 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
721 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
723 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
725 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
727 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
729 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
731 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
733 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
735 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
737 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
739 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
741 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
743 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
745 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
747 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
749 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
751 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
753 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
755 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
757 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
759 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
761 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
763 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
765 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
767 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
769 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
771 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
773 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
775 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
777 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
779 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
781 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
783 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
785 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
787 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
789 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
791 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
793 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
795 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
797 mouhid[0x934C778B] -> ntkrnlpa!IofCallDriver[0x8305652A]
799 hidusb[0x934A9391] -> ntkrnlpa!IofCallDriver[0x8305652A]
801 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
803 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
805 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
807 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
809 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
811 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
813 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
815 volsnap[0x893B9C85] -> ntkrnlpa!IofCallDriver[0x8305652A]
817 rdyboost[0x8920C774] -> ntkrnlpa!IofCallDriver[0x8305652A]
819 fvevol[0x891B746F] -> ntkrnlpa!IofCallDriver[0x8305652A]
821 volmgr[0x88C499A8] -> ntkrnlpa!IofCallDriver[0x8305652A]
823 partmgr[0x88C38111] -> ntkrnlpa!IofCallDriver[0x8305652A]
825 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A]
827 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A]
829 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
831 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
833 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
835 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
837 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
839 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
841 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
843 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
845 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
847 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
849 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
851 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
853 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
855 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
857 volsnap[0x893B9C85] -> ntkrnlpa!IofCallDriver[0x8305652A]
859 rdyboost[0x8920C774] -> ntkrnlpa!IofCallDriver[0x8305652A]
861 fvevol[0x891B746F] -> ntkrnlpa!IofCallDriver[0x8305652A]
863 volmgr[0x88C499A8] -> ntkrnlpa!IofCallDriver[0x8305652A]
865 partmgr[0x88C38111] -> ntkrnlpa!IofCallDriver[0x8305652A]
867 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A]
869 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A]
871 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
873 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
875 USBSTOR[0x934D204A] -> ntkrnlpa!IofCallDriver[0x8305652A]
877 usbhub[0x9341BC88] -> ntkrnlpa!IofCallDriver[0x8305652A]
879 volsnap[0x893B9C85] -> ntkrnlpa!IofCallDriver[0x8305652A]
881 rdyboost[0x8920C774] -> ntkrnlpa!IofCallDriver[0x8305652A]
883 fvevol[0x891B746F] -> ntkrnlpa!IofCallDriver[0x8305652A]
885 volmgr[0x88C499A8] -> ntkrnlpa!IofCallDriver[0x8305652A]
887 partmgr[0x88C38111] -> ntkrnlpa!IofCallDriver[0x8305652A]
889 CLASSPNP[0x88FA859E] -> ntkrnlpa!IofCallDriver[0x8305652A]
891 ACPI[0x837C03D4] -> ntkrnlpa!IofCallDriver[0x8305652A]
kernel: MBR read successfully
user & kernel MBR OK
¤¤¤¤¤¤¤¤¤¤ Security Center
[HKLM | Security Center\Svc] | AntispywareOverride : 0
[HKLM | Security Center\Svc] | AntiVirusOverride : 0
[HKLM | Security Center\Svc] | FirewallOverride : 0
¤
[HKLM | FirewallPolicy\DomainProfile] | DisableNotifications : 0
[HKLM | FirewallPolicy\StandardProfile] | DisableNotifications : 0
¤¤¤¤¤¤¤¤¤¤ Ports
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
¤
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\domainprofile\GloballyOpenPorts\List]
¤¤¤¤¤¤¤¤¤¤ Recherche de Fichiers cachés
~ Disques externes : 0 Objets cachés
~ Disque Local : 0 Objets cachés
Utilisateurs : 1 Objets cachés (Modified)
ProgramFiles : 5 Objets cachés (Modified)
~ Music : 0 Objets cachés
~ Pictures : 0 Objets cachés
~ Videos : 0 Objets cachés
~ Downloads : 0 Objets cachés
~ Desktop : 0 Objets cachés
~ Links : 0 Objets cachés
Searches : 3 Objets cachés (Modified)
~ Contacts : 0 Objets cachés
~ Saved Games : 0 Objets cachés
~ Favorites : 0 Objets cachés
Documents : 32 Objets cachés (Modified)
Windows : 45 Objets cachés (Modified)
~ StartMenu : 0 Objets cachés
~ Librairies : 0 Objets cachés
Quick Launch : 2 Objets cachés (Modified)
%AppData% : 2 Objets cachés (Modified)
¤¤¤¤¤¤¤¤¤¤ Alternate Data Streams
Suspect :
¤¤¤¤¤¤
C:\Windows\explorer.exe -> Processus redémarré
Pre_Script.exe : Pour le faire apparaitre , glisser-déposer une icone sur Pre_scan
Fin : 18:17:33
¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
Modifié par g3n-h@ckm@n le 9/10/2011 à 18:49
Modifié par g3n-h@ckm@n le 9/10/2011 à 18:49
essaie ce site pour le rapport pre_scan
https://www.cjoint.com/
--
¤¤¤¤¤¤¤¤¤¤_g3n-h@ckm@n_developpement_¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤_Pre_scan_¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
https://www.cjoint.com/
--
¤¤¤¤¤¤¤¤¤¤_g3n-h@ckm@n_developpement_¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤_Pre_scan_¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
toxic512008
Messages postés
140
Date d'inscription
samedi 25 juillet 2009
Statut
Membre
Dernière intervention
12 octobre 2011
23
9 oct. 2011 à 18:53
9 oct. 2011 à 18:53
Même probléme, Impossible de cliquer sur Parcourire .... Le reste est aussi bloqué -__-
Utilisateur anonyme
9 oct. 2011 à 19:40
9 oct. 2011 à 19:40
ok colle moi tout le debut jusque là :
¤¤¤¤¤¤¤¤¤¤ %StartMenu%
¤¤¤¤¤¤¤¤¤¤ %StartMenu%
toxic512008
Messages postés
140
Date d'inscription
samedi 25 juillet 2009
Statut
Membre
Dernière intervention
12 octobre 2011
23
9 oct. 2011 à 20:25
9 oct. 2011 à 20:25
¤¤¤¤¤¤¤¤¤¤ DNS
[HKLM\CCS | Tcpip\Parameters] | DhcpNameServer -> 212.27.40.240 212.27.40.241
[HKLM\CCS | Interfaces\{B4D0BFCC-E92D-4CFE-A71E-460EAEC9BBD2}] | DhcpNameServer -> 212.27.40.240 212.27.40.241
[HKLM\CS001 | Interfaces\{B4D0BFCC-E92D-4CFE-A71E-460EAEC9BBD2}] | DhcpNameServer -> 212.27.40.240 212.27.40.241
[HKLM\CS002 | Interfaces\{B4D0BFCC-E92D-4CFE-A71E-460EAEC9BBD2}] | DhcpNameServer -> 212.27.40.240 212.27.40.241
[HKLM\CCS | Tcpip\Parameters] | NameServer ->
¤¤¤¤¤¤¤¤¤¤ Hosts
# 127.0.0.1 localhost
# ::1 localhost
¤¤¤¤¤¤¤¤¤¤ HKCU\Software
[HKEY_CURRENT_USER\Software\Adobe]
[HKEY_CURRENT_USER\Software\AppDataLow]
[HKEY_CURRENT_USER\Software\Apple Computer, Inc.]
[HKEY_CURRENT_USER\Software\Battlefield 1942]
[HKEY_CURRENT_USER\Software\Burda]
[HKEY_CURRENT_USER\Software\Clients]
[HKEY_CURRENT_USER\Software\EA Games]
[HKEY_CURRENT_USER\Software\FPSCreator]
[HKEY_CURRENT_USER\Software\g3n-h@ckm@n]
[HKEY_CURRENT_USER\Software\GameSpy]
[HKEY_CURRENT_USER\Software\Google]
[HKEY_CURRENT_USER\Software\IM]
[HKEY_CURRENT_USER\Software\ImInstaller]
[HKEY_CURRENT_USER\Software\IncrediMail]
[HKEY_CURRENT_USER\Software\JavaSoft]
[HKEY_CURRENT_USER\Software\Macromedia]
[HKEY_CURRENT_USER\Software\Maydje]
[HKEY_CURRENT_USER\Software\Microsoft]
[HKEY_CURRENT_USER\Software\MOHAA]
[HKEY_CURRENT_USER\Software\Mumble]
[HKEY_CURRENT_USER\Software\Netscape]
[HKEY_CURRENT_USER\Software\Nuclear Coffee]
[HKEY_CURRENT_USER\Software\NVIDIA Corporation]
[HKEY_CURRENT_USER\Software\Policies]
[HKEY_CURRENT_USER\Software\Realtek]
[HKEY_CURRENT_USER\Software\SecuROM]
[HKEY_CURRENT_USER\Software\Sysinternals]
[HKEY_CURRENT_USER\Software\TeamSpeak 3 Client]
[HKEY_CURRENT_USER\Software\Trolltech]
[HKEY_CURRENT_USER\Software\Valve]
[HKEY_CURRENT_USER\Software\VirtualDJ]
[HKEY_CURRENT_USER\Software\WinRAR]
[HKEY_CURRENT_USER\Software\WinRAR SFX]
[HKEY_CURRENT_USER\Software\YahooPartnerToolbar]
[HKEY_CURRENT_USER\Software\Classes]
¤¤¤¤¤¤¤¤¤¤ HKLM\Software
[HKEY_LOCAL_MACHINE\Software\Activision]
[HKEY_LOCAL_MACHINE\Software\Adobe]
[HKEY_LOCAL_MACHINE\Software\AGEIA Technologies]
[HKEY_LOCAL_MACHINE\Software\AppDataLow]
[HKEY_LOCAL_MACHINE\Software\Apple Computer, Inc.]
[HKEY_LOCAL_MACHINE\Software\Apple Inc.]
[HKEY_LOCAL_MACHINE\Software\ATI Technologies]
[HKEY_LOCAL_MACHINE\Software\BrowserChoice]
[HKEY_LOCAL_MACHINE\Software\C07ft5Y]
[HKEY_LOCAL_MACHINE\Software\CDDB]
[HKEY_LOCAL_MACHINE\Software\Classes]
[HKEY_LOCAL_MACHINE\Software\Clients]
[HKEY_LOCAL_MACHINE\Software\Conduit]
[HKEY_LOCAL_MACHINE\Software\Dark Basic]
[HKEY_LOCAL_MACHINE\Software\Dolby]
[HKEY_LOCAL_MACHINE\Software\DTS]
[HKEY_LOCAL_MACHINE\Software\EA GAMES]
[HKEY_LOCAL_MACHINE\Software\Electronic Arts]
[HKEY_LOCAL_MACHINE\Software\Fraps]
[HKEY_LOCAL_MACHINE\Software\Google]
[HKEY_LOCAL_MACHINE\Software\ImInstaller]
[HKEY_LOCAL_MACHINE\Software\IncrediMail]
[HKEY_LOCAL_MACHINE\Software\IncrediMail_MediaBar_Francais_2]
[HKEY_LOCAL_MACHINE\Software\InstallShield]
[HKEY_LOCAL_MACHINE\Software\Intel]
[HKEY_LOCAL_MACHINE\Software\JavaSoft]
[HKEY_LOCAL_MACHINE\Software\JreMetrics]
[HKEY_LOCAL_MACHINE\Software\Khronos]
[HKEY_LOCAL_MACHINE\Software\Linden Research, Inc.]
[HKEY_LOCAL_MACHINE\Software\Macromedia]
[HKEY_LOCAL_MACHINE\Software\Microsoft]
[HKEY_LOCAL_MACHINE\Software\Mozilla]
[HKEY_LOCAL_MACHINE\Software\MozillaPlugins]
[HKEY_LOCAL_MACHINE\Software\Nuclear Coffee]
[HKEY_LOCAL_MACHINE\Software\NVIDIA Corporation]
[HKEY_LOCAL_MACHINE\Software\ODBC]
[HKEY_LOCAL_MACHINE\Software\Photo Notifier and Animation Creator]
[HKEY_LOCAL_MACHINE\Software\Policies]
[HKEY_LOCAL_MACHINE\Software\Reakktor]
[HKEY_LOCAL_MACHINE\Software\Realtek]
[HKEY_LOCAL_MACHINE\Software\Realtek Semiconductor Corp.]
[HKEY_LOCAL_MACHINE\Software\RegisteredApplications]
[HKEY_LOCAL_MACHINE\Software\Sonic]
[HKEY_LOCAL_MACHINE\Software\SonicFocus]
[HKEY_LOCAL_MACHINE\Software\SRS Labs]
[HKEY_LOCAL_MACHINE\Software\The Game Creators]
[HKEY_LOCAL_MACHINE\Software\Valve]
[HKEY_LOCAL_MACHINE\Software\VideoLAN]
[HKEY_LOCAL_MACHINE\Software\VirtualDJ]
[HKEY_LOCAL_MACHINE\Software\Waves Audio]
[HKEY_LOCAL_MACHINE\Software\WinRAR]
¤¤¤¤¤¤¤¤¤¤ Processus
¤¤¤¤¤¤¤¤¤¤ Traitement Fichiers | Dossiers | Registre
Mise en quarantaine : C:\$Recycle.bin\S-1-5-21-1913976771-3513930833-1953101718-1001\desktop.ini
Erreur de suppression : C:\Users\roro\AppData\Local\http_www.flickr.com_0
Erreur de suppression : C:\Users\roro\AppData\Roaming\chrtmp
Mise en quarantaine : C:\Windows\Temp\RGI27EB.tmp
Mise en quarantaine : C:\Windows\Temp\RGI27EB.tmp-tmp
Mise en quarantaine : C:\Windows\Temp\RGI47AB.tmp
Mise en quarantaine : C:\Windows\Temp\RGI47AB.tmp-tmp
Mise en quarantaine : C:\Windows\Temp\RGI8A93.tmp
Mise en quarantaine : C:\Windows\Temp\RGI8A93.tmp-tmp
Mise en quarantaine : C:\Windows\Temp\RGI8D38.tmp
Mise en quarantaine : C:\Windows\Temp\RGI8D38.tmp-tmp
Mise en quarantaine : C:\Windows\Temp\RGIB377.tmp
Mise en quarantaine : C:\Windows\Temp\RGIB377.tmp-tmp
Mise en quarantaine : C:\Windows\Temp\RGIB60D.tmp
Mise en quarantaine : C:\Windows\Temp\RGIB60D.tmp-tmp
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\7D98.tmp
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\8890.tmp
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\IECA32C.tmp
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\IECC0F9.tmp
Erreur de suppression : C:\Users\roro\AppData\Local\Temp\IM_56E5.tmp
Supprimé : C:\Users\roro\AppData\Local\Temp\IM_56E5.tmp
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\nsb5D5D.tmp
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\RGI1FE3.tmp
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\RGI1FE3.tmp-tmp
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\RGI4D49.tmp
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\RGI4D49.tmp-tmp
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\RGI69B3.tmp
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\RGI69B3.tmp-tmp
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\~DF15BD0A87B4FAF1EB.TMP
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\~DF9AB37B0482A8F07E.TMP
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\~DFA5C2318ECED375B8.TMP
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\~DFAA6D7E177A6FC988.TMP
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\~DFD519B7FE2021565F.TMP
Erreur de suppression : C:\Users\roro\AppData\Local\Temp\8890.dir\InstallFlashPlayer.exe
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\IncrediMail\CMDCF40.tmp
Supprimé : C:\Users\roro\AppData\Local\temporary internet files\Content.IE5\55O4LMOV\install_virtualdj_home_v7.0.4b.exe
Supprimé : C:\Users\roro\AppData\Local\temporary internet files\Content.IE5\567UKXHI\mediacenter.exe
Supprimé : C:\Users\roro\AppData\Local\temporary internet files\Content.IE5\KIYVZH2O\QuickTimeInstaller.exe
Supprimé : C:\Users\roro\AppData\Local\temporary internet files\Content.IE5\P228RSZ0\Re-Enable v2.exe
Supprimé : C:\Users\roro\AppData\Local\temporary internet files\Content.IE5\P228RSZ0\winamp5621_full_emusic-7plus_fr-fr.exe
Supprimé : C:\Users\roro\AppData\Local\temporary internet files\Content.IE5\VA1WKUX9\AdobeAIRInstaller.exe
Supprimé : C:\Users\roro\AppData\Local\temporary internet files\Content.IE5\VA1WKUX9\QuickTimeInstaller.exe
Supprimé : C:\Users\roro\AppData\Local\temporary internet files\Content.IE5\VA1WKUX9\Second_Life_2-8-0-236429_Setup.exe
¤¤¤¤¤¤¤¤¤¤ IFEO
¤¤¤¤¤¤¤¤¤¤ Mountpoints2
¤¤¤¤¤¤¤¤¤¤ %Homedrive%
[14/07/2009|04:36:15] | C:\$Recycle.Bin
[14/07/2009|04:04:04] | C:\autoexec.bat
[14/07/2009|04:04:04] | C:\config.sys
[22/07/2011|21:07:36] | C:\CreeperTools
[14/07/2009|06:53:55] | C:\Documents and Settings
[30/05/2011|17:23:08] | C:\hiberfil.sys
[09/10/2011|18:10:38] | C:\Kill'em
[30/05/2011|17:23:15] | C:\pagefile.sys
[14/07/2009|04:37:05] | C:\PerfLogs
[09/10/2011|18:10:58] | C:\Pre_Scan.txt
[14/07/2009|04:37:05] | C:\Program Files
[14/07/2009|04:37:05] | C:\ProgramData
[30/05/2011|17:33:04] | C:\Recovery
[30/05/2011|17:23:08] | C:\System Volume Information
[14/07/2009|04:37:05] | C:\Users
[05/08/2011|12:02:57] | C:\Valve
[14/07/2009|04:37:05] | C:\Windows
¤¤¤¤¤¤¤¤¤¤ %Systemroot%
[14/07/2009|06:52:30] | C:\Windows\addins
[14/07/2009|04:37:05] | C:\Windows\AppCompat
[14/07/2009|04:37:05] | C:\Windows\AppPatch
[14/07/2009|04:37:05] | C:\Windows\assembly
[21/06/2011|17:14:03] | C:\Windows\bfsvc.exe
[14/07/2009|04:37:06] | C:\Windows\Boot
[14/07/2009|06:57:37] | C:\Windows\bootstat.dat
[14/07/2009|04:37:06] | C:\Windows\Branding
[11/08/2011|21:59:50] | C:\Windows\CheckSur
[28/07/2011|19:28:43] | C:\Windows\CoD.INI
[14/07/2009|04:37:06] | C:\Windows\Cursors
[14/07/2009|06:34:21] | C:\Windows\debug
[14/07/2009|06:52:30] | C:\Windows\diagnostics
[14/07/2009|10:39:39] | C:\Windows\DigitalLocker
[20/06/2011|18:52:29] | C:\Windows\DirectX.log
[14/07/2009|06:52:30] | C:\Windows\Downloaded Program Files
[14/07/2009|06:34:31] | C:\Windows\DtcInstall.log
[14/07/2009|11:00:40] | C:\Windows\ehome
[30/05/2011|17:46:48] | C:\Windows\epplauncher.mif
[28/07/2011|19:14:11] | C:\Windows\eReg.dat
[20/06/2011|17:56:21] | C:\Windows\explorer.exe
[14/07/2009|04:37:06] | C:\Windows\Fonts
[14/07/2009|10:39:39] | C:\Windows\fr-FR
[14/07/2009|01:12:58] | C:\Windows\fveupdate.exe
[14/07/2009|04:37:06] | C:\Windows\Globalization
[14/07/2009|04:37:06] | C:\Windows\Help
[14/07/2009|02:12:58] | C:\Windows\HelpPane.exe
[14/07/2009|02:12:22] | C:\Windows\hh.exe
[14/07/2009|11:02:25] | C:\Windows\HomePremium.xml
[20/06/2011|18:13:04] | C:\Windows\IE9_main.log
[14/07/2009|04:37:06] | C:\Windows\IME
[14/07/2009|04:37:06] | C:\Windows\inf
[30/05/2011|17:43:33] | C:\Windows\Installer
[14/07/2009|04:37:06] | C:\Windows\L2Schemas
[14/07/2009|04:37:06] | C:\Windows\LiveKernelReports
[14/07/2009|04:37:06] | C:\Windows\Logs
[14/07/2009|04:37:06] | C:\Windows\Media
[14/07/2009|01:55:01] | C:\Windows\mib.bin
[14/07/2009|04:37:07] | C:\Windows\Microsoft.NET
[14/07/2009|04:37:07] | C:\Windows\ModemLogs
[14/07/2009|04:04:57] | C:\Windows\msdfmap.ini
[02/08/2011|14:38:58] | C:\Windows\MSWINSCK.OCX
[14/07/2009|01:41:04] | C:\Windows\notepad.exe
[14/07/2009|06:52:30] | C:\Windows\Offline Web Pages
[30/05/2011|18:22:25] | C:\Windows\Panther
[07/09/2011|13:16:23] | C:\Windows\PCHEALTH
[14/07/2009|06:52:30] | C:\Windows\Performance
[30/05/2011|17:47:20] | C:\Windows\PFRO.log
[14/07/2009|04:37:07] | C:\Windows\PLA
[14/07/2009|04:37:07] | C:\Windows\PolicyDefinitions
[30/05/2011|17:23:21] | C:\Windows\Prefetch
[14/07/2009|01:17:08] | C:\Windows\regedit.exe
[14/07/2009|04:37:07] | C:\Windows\registration
[14/07/2009|04:37:07] | C:\Windows\rescache
[14/07/2009|04:37:07] | C:\Windows\Resources
[30/05/2011|18:09:35] | C:\Windows\RtlExUpd.dll
[14/07/2009|04:37:07] | C:\Windows\SchCache
[14/07/2009|04:37:07] | C:\Windows\schemas
[14/07/2009|04:37:07] | C:\Windows\security
[14/07/2009|06:34:13] | C:\Windows\ServiceProfiles
[14/07/2009|04:37:07] | C:\Windows\servicing
[14/07/2009|06:34:16] | C:\Windows\Setup
[14/07/2009|06:39:09] | C:\Windows\setupact.log
[14/07/2009|06:39:09] | C:\Windows\setuperr.log
[14/07/2009|11:00:40] | C:\Windows\ShellNew
[30/05/2011|17:26:04] | C:\Windows\SoftwareDistribution
[14/07/2009|04:37:07] | C:\Windows\Speech
[14/07/2009|06:48:09] | C:\Windows\Starter.xml
[14/07/2009|04:37:07] | C:\Windows\system
[14/07/2009|04:04:23] | C:\Windows\system.ini
[14/07/2009|04:37:07] | C:\Windows\System32
[14/07/2009|04:37:09] | C:\Windows\TAPI
[14/07/2009|04:37:09] | C:\Windows\Tasks
[14/07/2009|04:37:09] | C:\Windows\Temp
[14/07/2009|04:37:09] | C:\Windows\tracing
[30/05/2011|17:23:38] | C:\Windows\TSSysprep.log
[10/06/2009|23:41:17] | C:\Windows\twain.dll
[14/07/2009|06:52:30] | C:\Windows\twain_32
[21/06/2011|17:14:10] | C:\Windows\twain_32.dll
[14/07/2009|00:47:26] | C:\Windows\twunk_16.exe
[14/07/2009|02:14:40] | C:\Windows\twunk_32.exe
[14/07/2009|04:37:09] | C:\Windows\Vss
[14/07/2009|04:37:09] | C:\Windows\Web
[14/07/2009|04:04:23] | C:\Windows\win.ini
[14/07/2009|06:41:57] | C:\Windows\WindowsShell.Manifest
[30/05/2011|17:26:02] | C:\Windows\WindowsUpdate.log
[13/07/2009|22:29:46] | C:\Windows\winhelp.exe
[14/07/2009|02:12:29] | C:\Windows\winhlp32.exe
[14/07/2009|04:37:09] | C:\Windows\winsxs
[10/06/2009|23:34:23] | C:\Windows\WMSysPr9.prx
[14/07/2009|01:41:00] | C:\Windows\write.exe
[13/07/2009|23:30:30] | C:\Windows\_default.pif
¤¤¤¤¤¤¤¤¤¤ %Userprofile%
[30/05/2011|17:33:17] | C:\Users\roro\AppData
[30/05/2011|17:33:17] | C:\Users\roro\Application Data
[30/05/2011|17:33:22] | C:\Users\roro\Contacts
[30/05/2011|17:33:17] | C:\Users\roro\Cookies
[30/05/2011|17:33:17] | C:\Users\roro\Desktop
[30/05/2011|17:33:17] | C:\Users\roro\Documents
[30/05/2011|17:33:17] | C:\Users\roro\Downloads
[30/05/2011|17:33:17] | C:\Users\roro\Favorites
[30/05/2011|17:33:17] | C:\Users\roro\Links
[30/05/2011|17:33:17] | C:\Users\roro\Local Settings
[30/05/2011|17:33:17] | C:\Users\roro\Menu Démarrer
[30/05/2011|17:33:17] | C:\Users\roro\Mes documents
[30/05/2011|17:33:17] | C:\Users\roro\Modèles
[30/05/2011|17:33:17] | C:\Users\roro\Music
[30/05/2011|17:33:17] | C:\Users\roro\ntuser.dat
[30/05/2011|17:33:17] | C:\Users\roro\ntuser.dat.LOG1
[30/05/2011|17:33:17] | C:\Users\roro\ntuser.dat.LOG2
[09/09/2011|09:17:58] | C:\Users\roro\ntuser.dat{1f226844-daae-11e0-af85-001d92292217}.TM.blf
[09/09/2011|09:17:58] | C:\Users\roro\ntuser.dat{1f226844-daae-11e0-af85-001d92292217}.TMContainer00000000000000000001.regtrans-ms
[09/09/2011|09:17:58] | C:\Users\roro\ntuser.dat{1f226844-daae-11e0-af85-001d92292217}.TMContainer00000000000000000002.regtrans-ms
[11/08/2011|13:33:47] | C:\Users\roro\ntuser.dat{3a74544e-c40d-11e0-a23a-b3bd523ef58b}.TM.blf
[11/08/2011|13:33:47] | C:\Users\roro\ntuser.dat{3a74544e-c40d-11e0-a23a-b3bd523ef58b}.TMContainer00000000000000000001.regtrans-ms
[11/08/2011|13:33:47] | C:\Users\roro\ntuser.dat{3a74544e-c40d-11e0-a23a-b3bd523ef58b}.TMContainer00000000000000000002.regtrans-ms
[30/05/2011|17:33:17] | C:\Users\roro\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[30/05/2011|17:33:17] | C:\Users\roro\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[30/05/2011|17:33:17] | C:\Users\roro\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[30/08/2011|12:57:20] | C:\Users\roro\ntuser.dat{7626e3a3-d2e3-11e0-90f0-001d92292217}.TM.blf
[30/08/2011|12:57:20] | C:\Users\roro\ntuser.dat{7626e3a3-d2e3-11e0-90f0-001d92292217}.TMContainer00000000000000000001.regtrans-ms
[30/08/2011|12:57:20] | C:\Users\roro\ntuser.dat{7626e3a3-d2e3-11e0-90f0-001d92292217}.TMContainer00000000000000000002.regtrans-ms
[05/10/2011|14:10:41] | C:\Users\roro\ntuser.dat{ddbc5b47-ef47-11e0-b7e6-001d92292217}.TM.blf
[05/10/2011|14:10:42] | C:\Users\roro\ntuser.dat{ddbc5b47-ef47-11e0-b7e6-001d92292217}.TMContainer00000000000000000001.regtrans-ms
[05/10/2011|14:10:42] | C:\Users\roro\ntuser.dat{ddbc5b47-ef47-11e0-b7e6-001d92292217}.TMContainer00000000000000000002.regtrans-ms
[25/08/2011|13:01:18] | C:\Users\roro\ntuser.dat{e8ee82df-cf08-11e0-8ab5-f3355ddd880d}.TM.blf
[25/08/2011|13:01:18] | C:\Users\roro\ntuser.dat{e8ee82df-cf08-11e0-8ab5-f3355ddd880d}.TMContainer00000000000000000001.regtrans-ms
[25/08/2011|13:01:18] | C:\Users\roro\ntuser.dat{e8ee82df-cf08-11e0-8ab5-f3355ddd880d}.TMContainer00000000000000000002.regtrans-ms
[30/05/2011|17:33:17] | C:\Users\roro\ntuser.ini
[30/05/2011|17:33:17] | C:\Users\roro\Pictures
[30/05/2011|17:33:17] | C:\Users\roro\Recent
[30/05/2011|17:33:17] | C:\Users\roro\Saved Games
[30/05/2011|17:33:31] | C:\Users\roro\Searches
[30/05/2011|17:33:17] | C:\Users\roro\SendTo
[07/09/2011|13:50:46] | C:\Users\roro\Tracing
[30/05/2011|17:33:17] | C:\Users\roro\Videos
[30/05/2011|17:33:17] | C:\Users\roro\Voisinage d'impression
[30/05/2011|17:33:17] | C:\Users\roro\Voisinage réseau
¤¤¤¤¤¤¤¤¤¤ %StartMenu%
[14/07/2009|06:46:35] | C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
[14/07/2009|06:37:43] | C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini
[30/05/2011|17:33:04] | C:\ProgramData\Microsoft\Windows\Start Menu\Programmes
[14/07/2009|04:37:05] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs
[14/07/2009|06:37:43] | C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
[HKLM\CCS | Tcpip\Parameters] | DhcpNameServer -> 212.27.40.240 212.27.40.241
[HKLM\CCS | Interfaces\{B4D0BFCC-E92D-4CFE-A71E-460EAEC9BBD2}] | DhcpNameServer -> 212.27.40.240 212.27.40.241
[HKLM\CS001 | Interfaces\{B4D0BFCC-E92D-4CFE-A71E-460EAEC9BBD2}] | DhcpNameServer -> 212.27.40.240 212.27.40.241
[HKLM\CS002 | Interfaces\{B4D0BFCC-E92D-4CFE-A71E-460EAEC9BBD2}] | DhcpNameServer -> 212.27.40.240 212.27.40.241
[HKLM\CCS | Tcpip\Parameters] | NameServer ->
¤¤¤¤¤¤¤¤¤¤ Hosts
# 127.0.0.1 localhost
# ::1 localhost
¤¤¤¤¤¤¤¤¤¤ HKCU\Software
[HKEY_CURRENT_USER\Software\Adobe]
[HKEY_CURRENT_USER\Software\AppDataLow]
[HKEY_CURRENT_USER\Software\Apple Computer, Inc.]
[HKEY_CURRENT_USER\Software\Battlefield 1942]
[HKEY_CURRENT_USER\Software\Burda]
[HKEY_CURRENT_USER\Software\Clients]
[HKEY_CURRENT_USER\Software\EA Games]
[HKEY_CURRENT_USER\Software\FPSCreator]
[HKEY_CURRENT_USER\Software\g3n-h@ckm@n]
[HKEY_CURRENT_USER\Software\GameSpy]
[HKEY_CURRENT_USER\Software\Google]
[HKEY_CURRENT_USER\Software\IM]
[HKEY_CURRENT_USER\Software\ImInstaller]
[HKEY_CURRENT_USER\Software\IncrediMail]
[HKEY_CURRENT_USER\Software\JavaSoft]
[HKEY_CURRENT_USER\Software\Macromedia]
[HKEY_CURRENT_USER\Software\Maydje]
[HKEY_CURRENT_USER\Software\Microsoft]
[HKEY_CURRENT_USER\Software\MOHAA]
[HKEY_CURRENT_USER\Software\Mumble]
[HKEY_CURRENT_USER\Software\Netscape]
[HKEY_CURRENT_USER\Software\Nuclear Coffee]
[HKEY_CURRENT_USER\Software\NVIDIA Corporation]
[HKEY_CURRENT_USER\Software\Policies]
[HKEY_CURRENT_USER\Software\Realtek]
[HKEY_CURRENT_USER\Software\SecuROM]
[HKEY_CURRENT_USER\Software\Sysinternals]
[HKEY_CURRENT_USER\Software\TeamSpeak 3 Client]
[HKEY_CURRENT_USER\Software\Trolltech]
[HKEY_CURRENT_USER\Software\Valve]
[HKEY_CURRENT_USER\Software\VirtualDJ]
[HKEY_CURRENT_USER\Software\WinRAR]
[HKEY_CURRENT_USER\Software\WinRAR SFX]
[HKEY_CURRENT_USER\Software\YahooPartnerToolbar]
[HKEY_CURRENT_USER\Software\Classes]
¤¤¤¤¤¤¤¤¤¤ HKLM\Software
[HKEY_LOCAL_MACHINE\Software\Activision]
[HKEY_LOCAL_MACHINE\Software\Adobe]
[HKEY_LOCAL_MACHINE\Software\AGEIA Technologies]
[HKEY_LOCAL_MACHINE\Software\AppDataLow]
[HKEY_LOCAL_MACHINE\Software\Apple Computer, Inc.]
[HKEY_LOCAL_MACHINE\Software\Apple Inc.]
[HKEY_LOCAL_MACHINE\Software\ATI Technologies]
[HKEY_LOCAL_MACHINE\Software\BrowserChoice]
[HKEY_LOCAL_MACHINE\Software\C07ft5Y]
[HKEY_LOCAL_MACHINE\Software\CDDB]
[HKEY_LOCAL_MACHINE\Software\Classes]
[HKEY_LOCAL_MACHINE\Software\Clients]
[HKEY_LOCAL_MACHINE\Software\Conduit]
[HKEY_LOCAL_MACHINE\Software\Dark Basic]
[HKEY_LOCAL_MACHINE\Software\Dolby]
[HKEY_LOCAL_MACHINE\Software\DTS]
[HKEY_LOCAL_MACHINE\Software\EA GAMES]
[HKEY_LOCAL_MACHINE\Software\Electronic Arts]
[HKEY_LOCAL_MACHINE\Software\Fraps]
[HKEY_LOCAL_MACHINE\Software\Google]
[HKEY_LOCAL_MACHINE\Software\ImInstaller]
[HKEY_LOCAL_MACHINE\Software\IncrediMail]
[HKEY_LOCAL_MACHINE\Software\IncrediMail_MediaBar_Francais_2]
[HKEY_LOCAL_MACHINE\Software\InstallShield]
[HKEY_LOCAL_MACHINE\Software\Intel]
[HKEY_LOCAL_MACHINE\Software\JavaSoft]
[HKEY_LOCAL_MACHINE\Software\JreMetrics]
[HKEY_LOCAL_MACHINE\Software\Khronos]
[HKEY_LOCAL_MACHINE\Software\Linden Research, Inc.]
[HKEY_LOCAL_MACHINE\Software\Macromedia]
[HKEY_LOCAL_MACHINE\Software\Microsoft]
[HKEY_LOCAL_MACHINE\Software\Mozilla]
[HKEY_LOCAL_MACHINE\Software\MozillaPlugins]
[HKEY_LOCAL_MACHINE\Software\Nuclear Coffee]
[HKEY_LOCAL_MACHINE\Software\NVIDIA Corporation]
[HKEY_LOCAL_MACHINE\Software\ODBC]
[HKEY_LOCAL_MACHINE\Software\Photo Notifier and Animation Creator]
[HKEY_LOCAL_MACHINE\Software\Policies]
[HKEY_LOCAL_MACHINE\Software\Reakktor]
[HKEY_LOCAL_MACHINE\Software\Realtek]
[HKEY_LOCAL_MACHINE\Software\Realtek Semiconductor Corp.]
[HKEY_LOCAL_MACHINE\Software\RegisteredApplications]
[HKEY_LOCAL_MACHINE\Software\Sonic]
[HKEY_LOCAL_MACHINE\Software\SonicFocus]
[HKEY_LOCAL_MACHINE\Software\SRS Labs]
[HKEY_LOCAL_MACHINE\Software\The Game Creators]
[HKEY_LOCAL_MACHINE\Software\Valve]
[HKEY_LOCAL_MACHINE\Software\VideoLAN]
[HKEY_LOCAL_MACHINE\Software\VirtualDJ]
[HKEY_LOCAL_MACHINE\Software\Waves Audio]
[HKEY_LOCAL_MACHINE\Software\WinRAR]
¤¤¤¤¤¤¤¤¤¤ Processus
¤¤¤¤¤¤¤¤¤¤ Traitement Fichiers | Dossiers | Registre
Mise en quarantaine : C:\$Recycle.bin\S-1-5-21-1913976771-3513930833-1953101718-1001\desktop.ini
Erreur de suppression : C:\Users\roro\AppData\Local\http_www.flickr.com_0
Erreur de suppression : C:\Users\roro\AppData\Roaming\chrtmp
Mise en quarantaine : C:\Windows\Temp\RGI27EB.tmp
Mise en quarantaine : C:\Windows\Temp\RGI27EB.tmp-tmp
Mise en quarantaine : C:\Windows\Temp\RGI47AB.tmp
Mise en quarantaine : C:\Windows\Temp\RGI47AB.tmp-tmp
Mise en quarantaine : C:\Windows\Temp\RGI8A93.tmp
Mise en quarantaine : C:\Windows\Temp\RGI8A93.tmp-tmp
Mise en quarantaine : C:\Windows\Temp\RGI8D38.tmp
Mise en quarantaine : C:\Windows\Temp\RGI8D38.tmp-tmp
Mise en quarantaine : C:\Windows\Temp\RGIB377.tmp
Mise en quarantaine : C:\Windows\Temp\RGIB377.tmp-tmp
Mise en quarantaine : C:\Windows\Temp\RGIB60D.tmp
Mise en quarantaine : C:\Windows\Temp\RGIB60D.tmp-tmp
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\7D98.tmp
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\8890.tmp
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\IECA32C.tmp
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\IECC0F9.tmp
Erreur de suppression : C:\Users\roro\AppData\Local\Temp\IM_56E5.tmp
Supprimé : C:\Users\roro\AppData\Local\Temp\IM_56E5.tmp
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\nsb5D5D.tmp
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\RGI1FE3.tmp
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\RGI1FE3.tmp-tmp
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\RGI4D49.tmp
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\RGI4D49.tmp-tmp
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\RGI69B3.tmp
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\RGI69B3.tmp-tmp
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\~DF15BD0A87B4FAF1EB.TMP
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\~DF9AB37B0482A8F07E.TMP
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\~DFA5C2318ECED375B8.TMP
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\~DFAA6D7E177A6FC988.TMP
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\~DFD519B7FE2021565F.TMP
Erreur de suppression : C:\Users\roro\AppData\Local\Temp\8890.dir\InstallFlashPlayer.exe
Mise en quarantaine : C:\Users\roro\AppData\Local\Temp\IncrediMail\CMDCF40.tmp
Supprimé : C:\Users\roro\AppData\Local\temporary internet files\Content.IE5\55O4LMOV\install_virtualdj_home_v7.0.4b.exe
Supprimé : C:\Users\roro\AppData\Local\temporary internet files\Content.IE5\567UKXHI\mediacenter.exe
Supprimé : C:\Users\roro\AppData\Local\temporary internet files\Content.IE5\KIYVZH2O\QuickTimeInstaller.exe
Supprimé : C:\Users\roro\AppData\Local\temporary internet files\Content.IE5\P228RSZ0\Re-Enable v2.exe
Supprimé : C:\Users\roro\AppData\Local\temporary internet files\Content.IE5\P228RSZ0\winamp5621_full_emusic-7plus_fr-fr.exe
Supprimé : C:\Users\roro\AppData\Local\temporary internet files\Content.IE5\VA1WKUX9\AdobeAIRInstaller.exe
Supprimé : C:\Users\roro\AppData\Local\temporary internet files\Content.IE5\VA1WKUX9\QuickTimeInstaller.exe
Supprimé : C:\Users\roro\AppData\Local\temporary internet files\Content.IE5\VA1WKUX9\Second_Life_2-8-0-236429_Setup.exe
¤¤¤¤¤¤¤¤¤¤ IFEO
¤¤¤¤¤¤¤¤¤¤ Mountpoints2
¤¤¤¤¤¤¤¤¤¤ %Homedrive%
[14/07/2009|04:36:15] | C:\$Recycle.Bin
[14/07/2009|04:04:04] | C:\autoexec.bat
[14/07/2009|04:04:04] | C:\config.sys
[22/07/2011|21:07:36] | C:\CreeperTools
[14/07/2009|06:53:55] | C:\Documents and Settings
[30/05/2011|17:23:08] | C:\hiberfil.sys
[09/10/2011|18:10:38] | C:\Kill'em
[30/05/2011|17:23:15] | C:\pagefile.sys
[14/07/2009|04:37:05] | C:\PerfLogs
[09/10/2011|18:10:58] | C:\Pre_Scan.txt
[14/07/2009|04:37:05] | C:\Program Files
[14/07/2009|04:37:05] | C:\ProgramData
[30/05/2011|17:33:04] | C:\Recovery
[30/05/2011|17:23:08] | C:\System Volume Information
[14/07/2009|04:37:05] | C:\Users
[05/08/2011|12:02:57] | C:\Valve
[14/07/2009|04:37:05] | C:\Windows
¤¤¤¤¤¤¤¤¤¤ %Systemroot%
[14/07/2009|06:52:30] | C:\Windows\addins
[14/07/2009|04:37:05] | C:\Windows\AppCompat
[14/07/2009|04:37:05] | C:\Windows\AppPatch
[14/07/2009|04:37:05] | C:\Windows\assembly
[21/06/2011|17:14:03] | C:\Windows\bfsvc.exe
[14/07/2009|04:37:06] | C:\Windows\Boot
[14/07/2009|06:57:37] | C:\Windows\bootstat.dat
[14/07/2009|04:37:06] | C:\Windows\Branding
[11/08/2011|21:59:50] | C:\Windows\CheckSur
[28/07/2011|19:28:43] | C:\Windows\CoD.INI
[14/07/2009|04:37:06] | C:\Windows\Cursors
[14/07/2009|06:34:21] | C:\Windows\debug
[14/07/2009|06:52:30] | C:\Windows\diagnostics
[14/07/2009|10:39:39] | C:\Windows\DigitalLocker
[20/06/2011|18:52:29] | C:\Windows\DirectX.log
[14/07/2009|06:52:30] | C:\Windows\Downloaded Program Files
[14/07/2009|06:34:31] | C:\Windows\DtcInstall.log
[14/07/2009|11:00:40] | C:\Windows\ehome
[30/05/2011|17:46:48] | C:\Windows\epplauncher.mif
[28/07/2011|19:14:11] | C:\Windows\eReg.dat
[20/06/2011|17:56:21] | C:\Windows\explorer.exe
[14/07/2009|04:37:06] | C:\Windows\Fonts
[14/07/2009|10:39:39] | C:\Windows\fr-FR
[14/07/2009|01:12:58] | C:\Windows\fveupdate.exe
[14/07/2009|04:37:06] | C:\Windows\Globalization
[14/07/2009|04:37:06] | C:\Windows\Help
[14/07/2009|02:12:58] | C:\Windows\HelpPane.exe
[14/07/2009|02:12:22] | C:\Windows\hh.exe
[14/07/2009|11:02:25] | C:\Windows\HomePremium.xml
[20/06/2011|18:13:04] | C:\Windows\IE9_main.log
[14/07/2009|04:37:06] | C:\Windows\IME
[14/07/2009|04:37:06] | C:\Windows\inf
[30/05/2011|17:43:33] | C:\Windows\Installer
[14/07/2009|04:37:06] | C:\Windows\L2Schemas
[14/07/2009|04:37:06] | C:\Windows\LiveKernelReports
[14/07/2009|04:37:06] | C:\Windows\Logs
[14/07/2009|04:37:06] | C:\Windows\Media
[14/07/2009|01:55:01] | C:\Windows\mib.bin
[14/07/2009|04:37:07] | C:\Windows\Microsoft.NET
[14/07/2009|04:37:07] | C:\Windows\ModemLogs
[14/07/2009|04:04:57] | C:\Windows\msdfmap.ini
[02/08/2011|14:38:58] | C:\Windows\MSWINSCK.OCX
[14/07/2009|01:41:04] | C:\Windows\notepad.exe
[14/07/2009|06:52:30] | C:\Windows\Offline Web Pages
[30/05/2011|18:22:25] | C:\Windows\Panther
[07/09/2011|13:16:23] | C:\Windows\PCHEALTH
[14/07/2009|06:52:30] | C:\Windows\Performance
[30/05/2011|17:47:20] | C:\Windows\PFRO.log
[14/07/2009|04:37:07] | C:\Windows\PLA
[14/07/2009|04:37:07] | C:\Windows\PolicyDefinitions
[30/05/2011|17:23:21] | C:\Windows\Prefetch
[14/07/2009|01:17:08] | C:\Windows\regedit.exe
[14/07/2009|04:37:07] | C:\Windows\registration
[14/07/2009|04:37:07] | C:\Windows\rescache
[14/07/2009|04:37:07] | C:\Windows\Resources
[30/05/2011|18:09:35] | C:\Windows\RtlExUpd.dll
[14/07/2009|04:37:07] | C:\Windows\SchCache
[14/07/2009|04:37:07] | C:\Windows\schemas
[14/07/2009|04:37:07] | C:\Windows\security
[14/07/2009|06:34:13] | C:\Windows\ServiceProfiles
[14/07/2009|04:37:07] | C:\Windows\servicing
[14/07/2009|06:34:16] | C:\Windows\Setup
[14/07/2009|06:39:09] | C:\Windows\setupact.log
[14/07/2009|06:39:09] | C:\Windows\setuperr.log
[14/07/2009|11:00:40] | C:\Windows\ShellNew
[30/05/2011|17:26:04] | C:\Windows\SoftwareDistribution
[14/07/2009|04:37:07] | C:\Windows\Speech
[14/07/2009|06:48:09] | C:\Windows\Starter.xml
[14/07/2009|04:37:07] | C:\Windows\system
[14/07/2009|04:04:23] | C:\Windows\system.ini
[14/07/2009|04:37:07] | C:\Windows\System32
[14/07/2009|04:37:09] | C:\Windows\TAPI
[14/07/2009|04:37:09] | C:\Windows\Tasks
[14/07/2009|04:37:09] | C:\Windows\Temp
[14/07/2009|04:37:09] | C:\Windows\tracing
[30/05/2011|17:23:38] | C:\Windows\TSSysprep.log
[10/06/2009|23:41:17] | C:\Windows\twain.dll
[14/07/2009|06:52:30] | C:\Windows\twain_32
[21/06/2011|17:14:10] | C:\Windows\twain_32.dll
[14/07/2009|00:47:26] | C:\Windows\twunk_16.exe
[14/07/2009|02:14:40] | C:\Windows\twunk_32.exe
[14/07/2009|04:37:09] | C:\Windows\Vss
[14/07/2009|04:37:09] | C:\Windows\Web
[14/07/2009|04:04:23] | C:\Windows\win.ini
[14/07/2009|06:41:57] | C:\Windows\WindowsShell.Manifest
[30/05/2011|17:26:02] | C:\Windows\WindowsUpdate.log
[13/07/2009|22:29:46] | C:\Windows\winhelp.exe
[14/07/2009|02:12:29] | C:\Windows\winhlp32.exe
[14/07/2009|04:37:09] | C:\Windows\winsxs
[10/06/2009|23:34:23] | C:\Windows\WMSysPr9.prx
[14/07/2009|01:41:00] | C:\Windows\write.exe
[13/07/2009|23:30:30] | C:\Windows\_default.pif
¤¤¤¤¤¤¤¤¤¤ %Userprofile%
[30/05/2011|17:33:17] | C:\Users\roro\AppData
[30/05/2011|17:33:17] | C:\Users\roro\Application Data
[30/05/2011|17:33:22] | C:\Users\roro\Contacts
[30/05/2011|17:33:17] | C:\Users\roro\Cookies
[30/05/2011|17:33:17] | C:\Users\roro\Desktop
[30/05/2011|17:33:17] | C:\Users\roro\Documents
[30/05/2011|17:33:17] | C:\Users\roro\Downloads
[30/05/2011|17:33:17] | C:\Users\roro\Favorites
[30/05/2011|17:33:17] | C:\Users\roro\Links
[30/05/2011|17:33:17] | C:\Users\roro\Local Settings
[30/05/2011|17:33:17] | C:\Users\roro\Menu Démarrer
[30/05/2011|17:33:17] | C:\Users\roro\Mes documents
[30/05/2011|17:33:17] | C:\Users\roro\Modèles
[30/05/2011|17:33:17] | C:\Users\roro\Music
[30/05/2011|17:33:17] | C:\Users\roro\ntuser.dat
[30/05/2011|17:33:17] | C:\Users\roro\ntuser.dat.LOG1
[30/05/2011|17:33:17] | C:\Users\roro\ntuser.dat.LOG2
[09/09/2011|09:17:58] | C:\Users\roro\ntuser.dat{1f226844-daae-11e0-af85-001d92292217}.TM.blf
[09/09/2011|09:17:58] | C:\Users\roro\ntuser.dat{1f226844-daae-11e0-af85-001d92292217}.TMContainer00000000000000000001.regtrans-ms
[09/09/2011|09:17:58] | C:\Users\roro\ntuser.dat{1f226844-daae-11e0-af85-001d92292217}.TMContainer00000000000000000002.regtrans-ms
[11/08/2011|13:33:47] | C:\Users\roro\ntuser.dat{3a74544e-c40d-11e0-a23a-b3bd523ef58b}.TM.blf
[11/08/2011|13:33:47] | C:\Users\roro\ntuser.dat{3a74544e-c40d-11e0-a23a-b3bd523ef58b}.TMContainer00000000000000000001.regtrans-ms
[11/08/2011|13:33:47] | C:\Users\roro\ntuser.dat{3a74544e-c40d-11e0-a23a-b3bd523ef58b}.TMContainer00000000000000000002.regtrans-ms
[30/05/2011|17:33:17] | C:\Users\roro\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[30/05/2011|17:33:17] | C:\Users\roro\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[30/05/2011|17:33:17] | C:\Users\roro\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[30/08/2011|12:57:20] | C:\Users\roro\ntuser.dat{7626e3a3-d2e3-11e0-90f0-001d92292217}.TM.blf
[30/08/2011|12:57:20] | C:\Users\roro\ntuser.dat{7626e3a3-d2e3-11e0-90f0-001d92292217}.TMContainer00000000000000000001.regtrans-ms
[30/08/2011|12:57:20] | C:\Users\roro\ntuser.dat{7626e3a3-d2e3-11e0-90f0-001d92292217}.TMContainer00000000000000000002.regtrans-ms
[05/10/2011|14:10:41] | C:\Users\roro\ntuser.dat{ddbc5b47-ef47-11e0-b7e6-001d92292217}.TM.blf
[05/10/2011|14:10:42] | C:\Users\roro\ntuser.dat{ddbc5b47-ef47-11e0-b7e6-001d92292217}.TMContainer00000000000000000001.regtrans-ms
[05/10/2011|14:10:42] | C:\Users\roro\ntuser.dat{ddbc5b47-ef47-11e0-b7e6-001d92292217}.TMContainer00000000000000000002.regtrans-ms
[25/08/2011|13:01:18] | C:\Users\roro\ntuser.dat{e8ee82df-cf08-11e0-8ab5-f3355ddd880d}.TM.blf
[25/08/2011|13:01:18] | C:\Users\roro\ntuser.dat{e8ee82df-cf08-11e0-8ab5-f3355ddd880d}.TMContainer00000000000000000001.regtrans-ms
[25/08/2011|13:01:18] | C:\Users\roro\ntuser.dat{e8ee82df-cf08-11e0-8ab5-f3355ddd880d}.TMContainer00000000000000000002.regtrans-ms
[30/05/2011|17:33:17] | C:\Users\roro\ntuser.ini
[30/05/2011|17:33:17] | C:\Users\roro\Pictures
[30/05/2011|17:33:17] | C:\Users\roro\Recent
[30/05/2011|17:33:17] | C:\Users\roro\Saved Games
[30/05/2011|17:33:31] | C:\Users\roro\Searches
[30/05/2011|17:33:17] | C:\Users\roro\SendTo
[07/09/2011|13:50:46] | C:\Users\roro\Tracing
[30/05/2011|17:33:17] | C:\Users\roro\Videos
[30/05/2011|17:33:17] | C:\Users\roro\Voisinage d'impression
[30/05/2011|17:33:17] | C:\Users\roro\Voisinage réseau
¤¤¤¤¤¤¤¤¤¤ %StartMenu%
[14/07/2009|06:46:35] | C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
[14/07/2009|06:37:43] | C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini
[30/05/2011|17:33:04] | C:\ProgramData\Microsoft\Windows\Start Menu\Programmes
[14/07/2009|04:37:05] | C:\ProgramData\Microsoft\Windows\Start Menu\Programs
[14/07/2009|06:37:43] | C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
Utilisateur anonyme
9 oct. 2011 à 20:38
9 oct. 2011 à 20:38
il manque le debut... !!
toxic512008
Messages postés
140
Date d'inscription
samedi 25 juillet 2009
Statut
Membre
Dernière intervention
12 octobre 2011
23
9 oct. 2011 à 20:48
9 oct. 2011 à 20:48
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | 1.0.2.92 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤ XP | Vista | Seven - 32/64 bits ¤¤¤¤¤
~ Mis à jour le 08/10/2011 | 13.00 par g3n-h@ckm@n
~ Informations : http://www.forum-fec.net/t1444-pre_scan-versions
~ : http://www.gen-hackman.net
~ Remontées : http://www.forum-fec.net/t1445-feedback-pre_scan
~ Utilisateur : roro (Administrateurs)
~ Ordinateur : RORO-PC
~ Système d'exploitation : Windows 7 Home Premium (32 bits) HomePremium Service Pack 1
~ Type d'installation : Client
~ Enregistré sous : roro
~ Processeur : AMD Athlon(tm) 64 X2 Dual Core Processor 4200+
~ Identification : x86 Family 15 Model 75 Stepping 2
Internet Explorer : 9.0.8112.16421
Mozilla Firefox :
Pare-feu windows : Actif
Windows Defender : Inactif
a:\ -> [Removable] | []
c:\ -> [Fixed] | [] | Total : 238370 Mo | Free : 159340 Mo -> NTFS
d:\ -> [CDROM] | []
e:\ -> [Removable] | []
Scan : 18:11:08 | 09/10/2011
¤¤¤¤¤¤¤¤¤¤ Sessions
~ [HKLM | ProfileList] | S-1-5-21-1913976771-3513930833-1953101718-1001 : ProfileImagePath -> C:\Users\roro
~ [HKLM | ProfileList] | S-1-5-21-1913976771-3513930833-1953101718-1001 : RefCount -> 2
~ [HKLM | ProfileList] | S-1-5-21-1913976771-3513930833-1953101718-1001 : State -> 0
¤¤¤¤¤¤¤¤¤¤ Processus en cours
Demarrage : Normal
268 | C:\Windows\System32\smss.exe - Système - Normal - \SystemRoot\System32\smss.exe - 4
424 | C:\Windows\system32\csrss.exe - Système - Normal - %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 - 412
476 | C:\Windows\system32\wininit.exe - Système - High - wininit.exe - 412
492 | C:\Windows\system32\csrss.exe - Système - Normal - %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 - 484
532 | C:\Windows\system32\services.exe - Système - Normal - C:\Windows\system32\services.exe - 476
548 | C:\Windows\system32\lsass.exe - Système - Normal - C:\Windows\system32\lsass.exe - 476
556 | C:\Windows\system32\lsm.exe - Système - Normal - C:\Windows\system32\lsm.exe - 476
624 | C:\Windows\system32\winlogon.exe - Système - High - winlogon.exe - 484
708 | C:\Windows\system32\svchost.exe - Système - Normal - C:\Windows\system32\svchost.exe -k DcomLaunch - 532
772 | C:\Windows\system32\nvvsvc.exe - Système - Normal - C:\Windows\system32\nvvsvc.exe - 532
812 | C:\Windows\system32\svchost.exe - SERVICE RÉSEAU - Normal - C:\Windows\system32\svchost.exe -k RPCSS - 532
860 | c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe - Système - Normal - "c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe" - 532
1024 | C:\Windows\System32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted - 532
1060 | C:\Windows\System32\svchost.exe - Système - Normal - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted - 532
1112 | C:\Windows\system32\svchost.exe - Système - Normal - C:\Windows\system32\svchost.exe -k netsvcs - 532
1208 | C:\Windows\system32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\system32\svchost.exe -k LocalService - 532
1276 | C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe - Système - Normal - "C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe" - 772
1288 | C:\Windows\system32\nvvsvc.exe - Système - Normal - C:\Windows\system32\nvvsvc.exe -session -first - 772
1376 | C:\Windows\system32\svchost.exe - SERVICE RÉSEAU - Normal - C:\Windows\system32\svchost.exe -k NetworkService - 532
1652 | C:\Windows\System32\spoolsv.exe - Système - Normal - C:\Windows\System32\spoolsv.exe - 532
1684 | C:\Windows\system32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork - 532
1764 | C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe - Système - Normal - "C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe" - 532
1796 | C:\Windows\System32\svchost.exe - Système - Normal - C:\Windows\System32\svchost.exe -k Akamai - 532
1828 | C:\Windows\system32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation - 532
1896 | C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - Système - Normal - "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" - 532
1996 | C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe - Système - Normal - "C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe" - 532
2028 | C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe - Système - Normal - "C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe" - 532
328 | C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe - Système - Normal - WLIDSvcM.exe 1896 - 1896
2120 | C:\Windows\system32\WUDFHost.exe - SERVICE LOCAL - Normal - "C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e52d151f-8b01-454f-b3bb-d7641f41831b -SystemEventPortName:HostProcess-94890e24-37c4-4ba8-b762-4720c551c848 -IoCancelEventPortName:HostProcess-799bf959-0c5e-4212-8e1b-751739610050 -NonStateChangingEventPortName:HostProcess-dd3ab813-60ea-436f-86a1-27e9f633aad1 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a6135f2a-94de-4b77-84f9-fe65b1554640 - 1060
2336 | C:\Windows\system32\taskhost.exe - roro - Normal - "taskhost.exe" - 532
2596 | C:\Windows\system32\Dwm.exe - roro - High - "C:\Windows\system32\Dwm.exe" - 1060
2844 | C:\Program Files\Microsoft Security Client\msseces.exe - roro - Normal - "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey - 2672
2864 | C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe - roro - Normal - "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s - 2672
2876 | C:\Program Files\Common Files\Java\Java Update\jusched.exe - roro - Normal - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" - 2672
2912 | C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - roro - Normal - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" - 2672
2056 | C:\Windows\system32\svchost.exe - SERVICE RÉSEAU - Normal - C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted - 532
2364 | C:\Windows\system32\SearchIndexer.exe - Système - Normal - C:\Windows\system32\SearchIndexer.exe /Embedding - 532
2712 | C:\Program Files\Windows Media Player\wmpnetwk.exe - SERVICE RÉSEAU - Normal - "C:\Program Files\Windows Media Player\wmpnetwk.exe" - 532
4020 | C:\Windows\System32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\System32\svchost.exe -k LocalServicePeerNet - 532
1480 | C:\Windows\system32\Macromed\Flash\FlashUtil10x_ActiveX.exe - roro - Normal - C:\Windows\system32\Macromed\Flash\FlashUtil10x_ActiveX.exe -Embedding - 708
904 | C:\Program Files\Java\jre6\bin\javaw.exe - roro - Normal - javaw -Xmx1024m -Dsun.java2d.noddraw=true -Dsun.java2d.d3d=false -Dsun.java2d.opengl=false -Dsun.java2d.pmoffscreen=false -classpath /C:/Users/roro/Desktop/minecraft.jar net.minecraft.LauncherFrame - 2644
2428 | C:\Users\roro\Downloads\Pre_Scan.exe - roro - High - "C:\Users\roro\Downloads\Pre_Scan.exe" - 2672
676 | C:\Windows\System32\rundll32.exe - roro - Normal - C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {3eef301f-b596-4c0b-bd92-013beafce793} -Embedding - 708
4256 | C:\Windows\system32\cmd.exe - roro - Normal - cmd /c ""C:\Kill'em\Pv.bat" " - 2428
5788 | C:\Windows\system32\conhost.exe - roro - Normal - \??\C:\Windows\system32\conhost.exe "2191158371818189802-1355157755430114271-1762945211-961685061175364448-1031713606 - 492
1944 | C:\Kill'em\Pv.exe - roro - Normal - C:\Kill'em\pv.exe -o"%i | %f - %u - %p - %l - %r" - 4256
¤¤¤¤¤¤¤¤¤¤ Démarrage principaux avant suppression
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Steam"="C:\Program Files\Steam\Steam.exe" -silent
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe /c
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
¤¤¤¤¤¤¤¤¤¤ Autres Démarrages Silencieux
¤
¤
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar]
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=0x00
"{249d74a3-bd19-4657-b6ce-e62f480a20de}"=IncrediMail MediaBar Francais 2 Toolbar
¤
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00C6D95F-329C-409a-81D7-C46C66EA7F33}"=
"{80009818-f38f-4af1-87b5-eadab9433e58}"=MF ADTS Property Handler
"{09A47860-11B0-4DA5-AFA5-26D86198A780}"=EPP
"{A70C977A-BF00-412C-90B7-034C51DA2439}"=NvCpl DesktopContext Class
"{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9}"=NVIDIA Play On My TV Context Menu Extension
"{08165EA0-E946-11CF-9C87-00AA005127ED}"=WebCheckWebCrawler
"{F5175861-2688-11d0-9C5E-00AA00A45957}"=Subscription Folder
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"=WebCheck
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"=Code Download Agent
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"=Subscription Mgr
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"=WebCheck SyncMgr Handler
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}"=WinRAR shell extension
¤¤¤¤¤¤¤¤¤¤ BHO
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] | (Adobe PDF Link Helper) -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [05/09/2011|19:04:56]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{249d74a3-bd19-4657-b6ce-e62f480a20de}] | (IncrediMail MediaBar Francais 2 Toolbar) -> C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll [09/05/2011|11:49:38]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] | (Windows Live ID Sign-in Helper) -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [21/09/2010|14:08:38]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] | (Google Toolbar Helper) -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [30/05/2011|17:43:41]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] | (Java(tm) Plug-In 2 SSV Helper) -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [20/06/2011|20:22:27]
¤¤¤¤¤¤¤¤¤¤ ActiveX
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] | WMPACCESS -> Microsoft Windows Media Player
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] | IEACCESS -> Internet Explorer
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] | BRANDING.CAB -> Browser Customizations
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}] | JAVAVM -> Java (Sun)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] | -> Microsoft Windows Media Player 12.0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] | Theme Component -> Themes Setup
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] | MobilePk -> Offline Browsing Pack
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{3C3901C5-3455-3E0A-A214-0B093A5070A6}] | .NETFramework -> .NET Framework
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] | MailNews -> Microsoft Windows
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] | DirectDrawEx -> DirectDrawEx
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] | HelpCont -> Internet Explorer Help
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] | MSVBScript -> Microsoft Windows Script 5.6
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] | GenSetup -> Internet Explorer Setup Tools
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] | ExtraPack -> Browsing Enhancements
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] | Microsoft Windows Media Player -> Microsoft Windows Media Player
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] | MSN_Auth -> MSN Site Access
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] | -> Address Book 7
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7C028AF8-F614-47B3-82DA-BA94E41B1089}] | .NETFramework -> .NET Framework
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] | IE4_SHELLID -> Windows Desktop Update
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] | BASEIE40_W2K -> Web Platform Customizations
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] | DOTNETFRAMEWORKS ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] | Tridata -> Dynamic HTML Data Binding
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD}] | .NETFramework -> .NET Framework
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] | Fontcore -> Internet Explorer Core Fonts
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] | HTMLHelp -> HTML Help
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] | ADSI -> Active Directory Service Interface
¤¤¤¤¤¤¤¤¤¤ AppPaths
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AcroRd32.exe] -> C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe [05/09/2011|19:04:56]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\BF1942.exe] -> C:\Program Files\EA GAMES\Battlefield 1942\bf1942.exe [28/07/2011|19:04:18]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\cmmgr32.exe] ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\dvdmaker.exe] -> %ProgramFiles%\DVD Maker\dvdmaker.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\FPSCreator.exe] -> C:\Program Files\The Game Creators\FPS Creator\FPSCreator.exe [24/07/2011|11:49:08]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\fsquirt.exe] ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IEDIAGCMD.EXE] -> C:\Program Files\Internet Explorer\IEDIAGCMD.EXE [20/06/2011|18:22:36]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IEXPLORE.EXE] -> C:\Program Files\Internet Explorer\IEXPLORE.EXE [20/06/2011|18:22:36]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ImBpp.exe] -> C:\Program Files\IncrediMail\Bin\ImBpp.exe [29/09/2011|14:31:26]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ImLc.exe] -> C:\Program Files\IncrediMail\Bin\ImLc.exe [29/09/2011|14:31:26]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ImLcU.exe] -> C:\Program Files\IncrediMail\Bin\ImLc.exe [29/09/2011|14:31:26]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ImLpp.exe] -> C:\Program Files\IncrediMail\Bin\ImLpp.exe [29/09/2011|14:31:26]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ImPackr.exe] -> C:\Program Files\IncrediMail\Bin\impackr.exe [29/09/2011|14:31:26]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\impackrU.exe] -> C:\Program Files\IncrediMail\Bin\impackr.exe [29/09/2011|14:31:26]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ImpCnt.exe] -> C:\Program Files\IncrediMail\Bin\ImpCnt.exe [29/09/2011|14:31:26]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ImpCntU.exe] -> C:\Program Files\IncrediMail\Bin\ImpCnt.exe [29/09/2011|14:31:26]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ImpContent.exe] -> C:\Program Files\IncrediMail\Bin\ImpCnt.exe [29/09/2011|14:31:26]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ImSetup.exe] -> C:\Program Files\IncrediMail\Bin\ImSetup.exe [29/09/2011|14:31:26]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IncMail.exe] -> C:\Program Files\IncrediMail\Bin\IncMail.exe [29/09/2011|14:31:26]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IncMailU.exe] -> C:\Program Files\IncrediMail\Bin\IncMail.exe [29/09/2011|14:31:26]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IncrediMail.exe] -> C:\Program Files\IncrediMail\Bin\IncMail.exe [29/09/2011|14:31:26]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\install.exe] ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\javaws.exe] -> C:\Program Files\Java\jre6\bin\javaws.exe [20/06/2011|20:22:26]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Journal.exe] -> %ProgramFiles%\Windows Journal\Journal.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\migwiz.exe] ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mip.exe] -> %CommonProgramFiles%\Microsoft Shared\Ink\mip.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MOHAA.exe] -> C:\Program Files\EA GAMES\MOHDA\MOHAA.exe [22/06/2011|18:18:45]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\moh_breakthrough.exe] -> C:\Program Files\EA GAMES\MOHDA\moh_breakthrough.exe [22/06/2011|18:37:09]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\moh_spearhead.exe] -> C:\Program Files\EA GAMES\MOHDA\moh_spearhead.exe [22/06/2011|18:30:52]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mplayer2.exe] -> %ProgramFiles%\Windows Media Player\wmplayer.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\pbrush.exe] -> %SystemRoot%\System32\mspaint.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\PictureViewer.exe] -> C:\Program Files\QuickTime\PictureViewer.exe [05/07/2011|18:36:36]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\pnac.exe] -> C:\Program Files\Photo Notifier and Animation Creator\Application\Bin\pnac.exe [23/12/2010|09:02:18]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\PowerShell.exe] -> %SystemRoot%\system32\WindowsPowerShell\v1.0\PowerShell.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\QuickTimePlayer.exe] -> C:\Program Files\QuickTime\QuickTimePlayer.exe [05/07/2011|19:13:08]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\setup.exe] ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\sidebar.exe] -> "%ProgramFiles%\Windows Sidebar\sidebar.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SnippingTool.exe] -> %SystemRoot%\system32\SnippingTool.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\table30.exe] ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\TabTip.exe] -> %CommonProgramFiles%\microsoft shared\ink\TabTip.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\wab.exe] -> %ProgramFiles%\Windows Mail\wab.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\wabmig.exe] -> %ProgramFiles%\Windows Mail\wabmig.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WinRAR.exe] -> C:\Program Files\WinRAR\WinRAR.exe [20/06/2011|21:02:59]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\wmplayer.exe] -> %ProgramFiles%\Windows Media Player\wmplayer.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WORDPAD.EXE] -> "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WRITE.EXE] -> "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"
¤¤¤¤¤¤¤¤¤¤ Windows
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=
"LoadAppInit_DLLs"=0
¤¤¤¤¤¤¤¤¤¤ Winlogon
¤
[HKLM | Winlogon] | Shell : explorer.exe
[HKLM | Winlogon] | AutoRestartShell : 1
[HKLM | Winlogon] | userinit : C:\Windows\system32\userinit.exe,
[HKLM | Winlogon] | PowerDownAfterShutdown : 0 -> 1
[HKLM | Winlogon] | System :
¤¤¤¤¤¤¤¤¤¤ Winlogon\Notify
[.exe] : exefile
[exefile | command] : "%1" %*
[.com] : comfile
[comfile | command] : "%1" %*
[.reg] : regfile
[regfile | command] : regedit.exe "%1"
[.scr] : scrfile
[scrfile | command] : "%1" /S
[.bat] : batfile
[batfile | command] : "%1" %*
[.cmd] : cmdfile
[cmdfile | command] : "%1" %*
[.pif] : piffile
[piffile | command] : "%1" %*
[.url] : InternetShortcut
[InternetShortcut | command] : "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l
[Application.Manifest | command] : rundll32.exe dfshim.dll,ShOpenVerbApplication %1
[Application.Reference | command] : rundll32.exe dfshim.dll,ShOpenVerbShortcut %1|%2
[Folder | command] : %SystemRoot%\Explorer.exe -> C:\Windows\explorer.exe
¤
[IE | Command] | @ : C:\Program Files\Internet Explorer\iexplore.exe -> "C:\Program Files\Internet Explorer\iexplore.exe"
[Applications | IE | Command] | @ : "C:\Program Files\Internet Explorer\iexplore.exe" %1
[Assoc | Applications] | @ : http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s -> http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s
¤¤¤¤¤¤¤¤¤¤ Divers
[HKLM | HideDesktopIcons\ClassicStartMenu] | {9343812e-1c37-4a49-a12e-4b2d810d956b} : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel] | {F02C1A0D-BE21-4350-88B0-7367FC96EF3C} : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel] | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel] | {208D2C60-3AEA-1069-A2D7-08002B30309D} : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel] | {871C5380-42A0-1069-A2EA-08002B30309D} : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel] | {5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0} : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel] | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel] | {9343812e-1c37-4a49-a12e-4b2d810d956b} : 1 -> 0
[HKCU | Desktop] | Wallpaper : C:\Users\roro\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
Supprimé : [HKCU | policies\system] | DisableTaskMgr -> 0
¤¤¤¤¤¤¤¤¤¤ Services
[Ndisuio] | Start : 3 : Inactif
[Power] | Start : 2 : Actif
[Profsvc] | Start : 2 : Actif
[PlugPlay] | Start : 2 : Actif
[PEAUTH] | Start : 2 : Actif
[Parvdm] | Start : 2 : Actif
[NVSvc] | Start : 2 : Actif
[nsi] | Start : 2 : Actif
[NLASvc] | Start : 2 : Actif
[MPSsvc] | Start : 2 : Actif
[MMCSS] | Start : 2 : Actif
[luafv] | Start : 2 : Actif
[lltdio] | Start : 2 : Actif
[Iphlpsvc] | Start : 2 : Actif
[IKEEXT] | Start : 3 -> 2 : Inactif
[gpsvc] | Start : 2 : Actif
[lmhosts] | Start : 2 : Actif
[LanmanWorkstation] | Start : 2 : Actif
[LanmanServer] | Start : 2 : Actif
[agp440] | Start : 3 -> 2 : Inactif
[AudioEndpointBuilder] | Start : 2 : Actif
[Audiosrv] | Start : 2 : Actif
[BFE] | Start : 2 : Actif
[Bits] | Start : 2 : Actif
[CryptSvc] | Start : 2 : Actif
[EapHost] | Start : 3 -> 2 : Inactif
[Wlansvc] | Start : 3 -> 2 : Inactif
[SharedAccess] | Start : 3 -> 2 : Inactif
[windefend] | Start : 3 -> 2 : Inactif
[wuauserv] | Start : 2 : Actif
[WerSvc] | Start : 3 -> 2 : Inactif
[wscsvc] | Start : 2 : Actif
¤¤¤¤¤¤¤¤¤¤ Internet Explorer
Supprimé : Proxyserver -> :80
¤
[HKCU | Main] | Start Page : https://www.free.fr/freebox/index.html -> https://www.google.com/?gws_rd=ssl
[HKCU | Main] | Local Page : C:\Windows\system32\blank.htm
[HKCU | Main] | Search Page : -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
[HKCU | Main] | Use Custom Search URL : -> 0
[HKLM | Search] | SearchAssistant : -> http://www.google.com/toolbar/ie8/sidebar.html
[HKLM | Main] | Start Page : http://ww1.bigseekpro.com{B573F638-2CC2-4849-AC7C-F2F1A276AC18} -> https://www.msn.com/fr-fr/?ocid=iehp
[HKLM | Main] | Local Page : C:\Windows\System32\blank.htm
[HKLM | Main] | Default_Search_URL : https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
[HKLM | Main] | Default_Page_URL : https://www.msn.com/fr-fr/?ocid=iehp
[HKLM | Main] | Search Page : https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
¤
[HKCU | PhishingFilter] | Enabled : -> 2
[HKCU | PhishingFilter] | EnabledV8 : -> 1
[HKCU | Internet settings] | ProxyOverride : 0
[HKCU | Internet settings] | EnableHttp1_1 : 1
[HKCU | Internet Settings] | MigrateProxy : 1
[HKCU | Internet Settings] | WarnonBadCertRecving : -> 1
[HKCU | Internet Settings] | WarnOnHTTPSToHTTPRedirect : -> 1
[HKCU | Internet Settings] | WarnonZoneCrossing : 0 -> 1
[HKCU | Internet Settings] | AutoConfigProxy : 0
[HKLM | AboutURLs] | Tabs : res://ieframe.dll/tabswelcome.htm
¤
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] | (Bing) -> https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src=IE-SearchBox&FORM=IE8SRC
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] | (Google) -> https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGHP_frFR434
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}] | (Search) -> http://ww1.bigseekpro.com{B573F638-2CC2-4849-AC7C-F2F1A276AC18}?q={searchTerms}
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}] | (MyStart Search) -> http://mystart.incredimail.com/?search={searchTerms}&loc=search_box&a=1eynZgUUuSX
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}] | (AOL Web Search) -> http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20110811110554205&tb_oid=11-08-2011&tb_mrud=11-08-2011
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] | (@ieframe.dll,-12512) -> https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] | (Google) -> https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}] | (AOL Web Search) -> http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20110811110554205&tb_oid=11-08-2011&tb_mrud=11-08-2011
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0002df01-0000-0000-c000-000000000046}] | (iexplore.exe) -> C:\Program Files\Internet Explorer
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{003B91A6-61E3-4591-891D-01E94C8CB11E}] | (Silverlight.Configuration.exe) -> c:\Program Files\Microsoft Silverlight\4.0.60531.0\
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] | (tabtip.exe) -> C:\Program Files\Common Files\Microsoft Shared\Ink
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] | (wpcer.exe) -> C:\Windows\System32
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08f24d68-9087-4b24-81ad-7b34af3e3ed5}] | (Acrobat Elements.exe) -> C:\Program Files\adobe\acrobat 6.0\Acrobat Elements
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695}] | (winfxdocobj.exe) -> C:\Windows\System32
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] | (wuapp.exe) -> C:\Windows\System32
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{130c40f0-1bcb-4852-8b63-291cf90a600b}] | (msdt.exe) -> C:\Windows\System32
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15B3FB63-66F4-4EFC-B717-BB283B85E79B}] | (AcroBroker.exe) -> C:\Program Files\Adobe\Reader 10.0\Reader\
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] | (dfsvc.exe) -> C:\Windows\microsoft.net\framework\v2.0.50727
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A972DAF-A7EC-4ce3-B6C9-7B523CD6685F}] | (GoogleToolbarUser_32.exe) -> C:\Program Files\Google\Google Toolbar
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1ec76a37-1762-46ff-9b14-765b3e6793be}] | (agcp.exe) -> c:\Program Files\Microsoft Silverlight\4.0.60531.0\
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] | () ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2391d819-9d17-44ec-9ac1-f6aa07549469}] | (wermgr.exe) -> %systemroot%\system32
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] | (ieinstal.exe) -> C:\Program Files\Internet Explorer
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{358E6F10-DE8A-4602-8424-179CA217F8EE}] | (AcroRd32Info.exe) -> C:\Program Files\Adobe\Reader 10.0\Reader
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39A895E9-93DD-4ffa-A4A3-2C14608B5B61}] | (SwHelper_1161629.exe) -> C:\Windows\system32\Adobe\Shockwave 11
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B9A6E32-36C9-4946-B78C-3F58E3785EC1}] | (unpack200.exe) -> C:\Program Files\Java\jre6\bin
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7}] | (jp2launcher.exe) -> C:\Program Files\Java\jre6\bin
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4becf16c-74f0-429b-8d3e-4fba507ac661}] | (acrord32.exe) -> C:\Program Files\adobe\acrobat 7.0\reader
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284}] | (javaws.exe) -> C:\Program Files\Java\jre6\bin
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] | (TbHelper2.exe) -> C:\Program Files\Cheat Engine DB Toolbar
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68934FDE-CDB1-42CC-A38B-A44B43B0785C}] | (SWDNLD.EXE) -> C:\Windows\system32\Adobe\Director
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] | (wmplayer.exe) -> %ProgramFiles%\Windows Media Player
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] | (iedw.exe) -> C:\Program Files\Internet Explorer
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76E2369A-75BA-41F9-8B9E-16059E5CF9A6}] | (AdobeARM.exe) -> C:\Program Files\Common Files\Adobe\ARM\1.0\
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] | (CertEnrollCtrl.exe) -> C:\Windows\system32\
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] | () ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] | (verclsid.exe) -> C:\Windows\System32
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80B84A0A-EDA4-47fd-8BE1-6B49F4197EE5}] | (GoogleToolbarNotifier.exe) -> C:\Program Files\Google\GoogleToolbarNotifier
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] | (ctfmon.exe) -> C:\Windows\System32
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{872DF9A8-E905-428A-9027-ACAEB6C53292}] | (IncrediMail_MediaBar_Francais_2ToolbarHelper.exe) -> C:\Program Files\IncrediMail_MediaBar_Francais_2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] | (helppane.exe) -> C:\Windows
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E1F80F4-953F-41E7-8460-E64AE5BE4ED3}] | (AdobeCollabSync.exe) -> C:\Program Files\Adobe\Reader 10.0\Reader
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95a4104c-1c49-4c2a-9830-1be0f47e926c}] | (acrobat.exe) -> C:\Program Files\adobe\acrobat 7.0\Acrobat
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C6A861C-B233-4994-AFB1-C158EE4FC578}] | (AcroRd32.exe) -> C:\Program Files\Adobe\Reader 10.0\Reader
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9da1d2cb-796d-4bec-bbaa-0aa9ccd80e15}] | (Acrobat Elements.exe) -> C:\Program Files\adobe\acrobat 7.0\Acrobat Elements
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] | (xpsviewer.exe) -> C:\Windows\System32\xpsviewer
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5B020FD-E04B-4e67-B65A-E7DEED25B2CF}] | (wisptis.exe) -> %SystemRoot%\System32
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AAD4AE2E-D834-46D4-8B09-490FAC9C722B}] | () ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ADDBD923-1733-4C10-B5B9-41083916CCDB}] | (IncrediMail_MediaBar_Francais_2AutoUpdateHelper.exe) -> C:\Users\roro\AppData\Local\Conduit\CT2724431
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] | (cmd.exe) -> C:\Windows\System32
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] | (TSWbPrxy.exe) -> %systemroot%\system32
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD18A03F-31CC-4CC0-B52D-9E199122923D}] | () ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}] | (GoogleUpdateBroker.exe) -> C:\Program Files\Google\Update\1.3.21.69
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C442AC41-9200-4770-8CC0-7CDB4F245C55}] | (GoogleUpdate.exe) -> C:\Program Files\Google\Update
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] | (dfsvc.exe) -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AED-AECE-4E27-9BCB-5358B13F9FF9}] | (dfsvc.exe) ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A}] | (ssvagent.exe) -> C:\Program Files\Java\jre6\bin
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] | (notepad.exe) -> C:\Windows\System32
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e5f90a07-7db7-4dcb-bd6d-d3fecd376ca3}] | (acrord32.exe) -> C:\Program Files\adobe\acrobat 6.0\reader
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EE0B94B9-335F-4d2c-8B43-DACCD1EA6FF1}] | (GoogleToolbarUser_64.exe) -> C:\Program Files\Google\Google Toolbar
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] | (presentationhost.exe) -> C:\Windows\System32
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] | (FlashUtil10x_ActiveX.exe) -> C:\Windows\system32\Macromed\Flash
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb9e068b-c612-4fa8-bdb9-d728a716a420}] | (acrobat.exe) -> C:\Program Files\adobe\acrobat 6.0\Acrobat
¤¤¤¤¤¤¤¤¤¤ Extensions Firefox
¤
¤¤¤¤¤¤¤¤¤¤ DNS
Excuse
¤¤¤¤¤ XP | Vista | Seven - 32/64 bits ¤¤¤¤¤
~ Mis à jour le 08/10/2011 | 13.00 par g3n-h@ckm@n
~ Informations : http://www.forum-fec.net/t1444-pre_scan-versions
~ : http://www.gen-hackman.net
~ Remontées : http://www.forum-fec.net/t1445-feedback-pre_scan
~ Utilisateur : roro (Administrateurs)
~ Ordinateur : RORO-PC
~ Système d'exploitation : Windows 7 Home Premium (32 bits) HomePremium Service Pack 1
~ Type d'installation : Client
~ Enregistré sous : roro
~ Processeur : AMD Athlon(tm) 64 X2 Dual Core Processor 4200+
~ Identification : x86 Family 15 Model 75 Stepping 2
Internet Explorer : 9.0.8112.16421
Mozilla Firefox :
Pare-feu windows : Actif
Windows Defender : Inactif
a:\ -> [Removable] | []
c:\ -> [Fixed] | [] | Total : 238370 Mo | Free : 159340 Mo -> NTFS
d:\ -> [CDROM] | []
e:\ -> [Removable] | []
Scan : 18:11:08 | 09/10/2011
¤¤¤¤¤¤¤¤¤¤ Sessions
~ [HKLM | ProfileList] | S-1-5-21-1913976771-3513930833-1953101718-1001 : ProfileImagePath -> C:\Users\roro
~ [HKLM | ProfileList] | S-1-5-21-1913976771-3513930833-1953101718-1001 : RefCount -> 2
~ [HKLM | ProfileList] | S-1-5-21-1913976771-3513930833-1953101718-1001 : State -> 0
¤¤¤¤¤¤¤¤¤¤ Processus en cours
Demarrage : Normal
268 | C:\Windows\System32\smss.exe - Système - Normal - \SystemRoot\System32\smss.exe - 4
424 | C:\Windows\system32\csrss.exe - Système - Normal - %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 - 412
476 | C:\Windows\system32\wininit.exe - Système - High - wininit.exe - 412
492 | C:\Windows\system32\csrss.exe - Système - Normal - %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 - 484
532 | C:\Windows\system32\services.exe - Système - Normal - C:\Windows\system32\services.exe - 476
548 | C:\Windows\system32\lsass.exe - Système - Normal - C:\Windows\system32\lsass.exe - 476
556 | C:\Windows\system32\lsm.exe - Système - Normal - C:\Windows\system32\lsm.exe - 476
624 | C:\Windows\system32\winlogon.exe - Système - High - winlogon.exe - 484
708 | C:\Windows\system32\svchost.exe - Système - Normal - C:\Windows\system32\svchost.exe -k DcomLaunch - 532
772 | C:\Windows\system32\nvvsvc.exe - Système - Normal - C:\Windows\system32\nvvsvc.exe - 532
812 | C:\Windows\system32\svchost.exe - SERVICE RÉSEAU - Normal - C:\Windows\system32\svchost.exe -k RPCSS - 532
860 | c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe - Système - Normal - "c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe" - 532
1024 | C:\Windows\System32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted - 532
1060 | C:\Windows\System32\svchost.exe - Système - Normal - C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted - 532
1112 | C:\Windows\system32\svchost.exe - Système - Normal - C:\Windows\system32\svchost.exe -k netsvcs - 532
1208 | C:\Windows\system32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\system32\svchost.exe -k LocalService - 532
1276 | C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe - Système - Normal - "C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe" - 772
1288 | C:\Windows\system32\nvvsvc.exe - Système - Normal - C:\Windows\system32\nvvsvc.exe -session -first - 772
1376 | C:\Windows\system32\svchost.exe - SERVICE RÉSEAU - Normal - C:\Windows\system32\svchost.exe -k NetworkService - 532
1652 | C:\Windows\System32\spoolsv.exe - Système - Normal - C:\Windows\System32\spoolsv.exe - 532
1684 | C:\Windows\system32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork - 532
1764 | C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe - Système - Normal - "C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe" - 532
1796 | C:\Windows\System32\svchost.exe - Système - Normal - C:\Windows\System32\svchost.exe -k Akamai - 532
1828 | C:\Windows\system32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation - 532
1896 | C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - Système - Normal - "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" - 532
1996 | C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe - Système - Normal - "C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe" - 532
2028 | C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe - Système - Normal - "C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe" - 532
328 | C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe - Système - Normal - WLIDSvcM.exe 1896 - 1896
2120 | C:\Windows\system32\WUDFHost.exe - SERVICE LOCAL - Normal - "C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e52d151f-8b01-454f-b3bb-d7641f41831b -SystemEventPortName:HostProcess-94890e24-37c4-4ba8-b762-4720c551c848 -IoCancelEventPortName:HostProcess-799bf959-0c5e-4212-8e1b-751739610050 -NonStateChangingEventPortName:HostProcess-dd3ab813-60ea-436f-86a1-27e9f633aad1 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a6135f2a-94de-4b77-84f9-fe65b1554640 - 1060
2336 | C:\Windows\system32\taskhost.exe - roro - Normal - "taskhost.exe" - 532
2596 | C:\Windows\system32\Dwm.exe - roro - High - "C:\Windows\system32\Dwm.exe" - 1060
2844 | C:\Program Files\Microsoft Security Client\msseces.exe - roro - Normal - "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey - 2672
2864 | C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe - roro - Normal - "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s - 2672
2876 | C:\Program Files\Common Files\Java\Java Update\jusched.exe - roro - Normal - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" - 2672
2912 | C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - roro - Normal - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" - 2672
2056 | C:\Windows\system32\svchost.exe - SERVICE RÉSEAU - Normal - C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted - 532
2364 | C:\Windows\system32\SearchIndexer.exe - Système - Normal - C:\Windows\system32\SearchIndexer.exe /Embedding - 532
2712 | C:\Program Files\Windows Media Player\wmpnetwk.exe - SERVICE RÉSEAU - Normal - "C:\Program Files\Windows Media Player\wmpnetwk.exe" - 532
4020 | C:\Windows\System32\svchost.exe - SERVICE LOCAL - Normal - C:\Windows\System32\svchost.exe -k LocalServicePeerNet - 532
1480 | C:\Windows\system32\Macromed\Flash\FlashUtil10x_ActiveX.exe - roro - Normal - C:\Windows\system32\Macromed\Flash\FlashUtil10x_ActiveX.exe -Embedding - 708
904 | C:\Program Files\Java\jre6\bin\javaw.exe - roro - Normal - javaw -Xmx1024m -Dsun.java2d.noddraw=true -Dsun.java2d.d3d=false -Dsun.java2d.opengl=false -Dsun.java2d.pmoffscreen=false -classpath /C:/Users/roro/Desktop/minecraft.jar net.minecraft.LauncherFrame - 2644
2428 | C:\Users\roro\Downloads\Pre_Scan.exe - roro - High - "C:\Users\roro\Downloads\Pre_Scan.exe" - 2672
676 | C:\Windows\System32\rundll32.exe - roro - Normal - C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {3eef301f-b596-4c0b-bd92-013beafce793} -Embedding - 708
4256 | C:\Windows\system32\cmd.exe - roro - Normal - cmd /c ""C:\Kill'em\Pv.bat" " - 2428
5788 | C:\Windows\system32\conhost.exe - roro - Normal - \??\C:\Windows\system32\conhost.exe "2191158371818189802-1355157755430114271-1762945211-961685061175364448-1031713606 - 492
1944 | C:\Kill'em\Pv.exe - roro - Normal - C:\Kill'em\pv.exe -o"%i | %f - %u - %p - %l - %r" - 4256
¤¤¤¤¤¤¤¤¤¤ Démarrage principaux avant suppression
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Steam"="C:\Program Files\Steam\Steam.exe" -silent
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe /c
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
¤¤¤¤¤¤¤¤¤¤ Autres Démarrages Silencieux
¤
¤
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar]
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=0x00
"{249d74a3-bd19-4657-b6ce-e62f480a20de}"=IncrediMail MediaBar Francais 2 Toolbar
¤
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00C6D95F-329C-409a-81D7-C46C66EA7F33}"=
"{80009818-f38f-4af1-87b5-eadab9433e58}"=MF ADTS Property Handler
"{09A47860-11B0-4DA5-AFA5-26D86198A780}"=EPP
"{A70C977A-BF00-412C-90B7-034C51DA2439}"=NvCpl DesktopContext Class
"{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9}"=NVIDIA Play On My TV Context Menu Extension
"{08165EA0-E946-11CF-9C87-00AA005127ED}"=WebCheckWebCrawler
"{F5175861-2688-11d0-9C5E-00AA00A45957}"=Subscription Folder
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"=WebCheck
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"=Code Download Agent
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"=Subscription Mgr
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"=WebCheck SyncMgr Handler
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}"=WinRAR shell extension
¤¤¤¤¤¤¤¤¤¤ BHO
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] | (Adobe PDF Link Helper) -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [05/09/2011|19:04:56]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{249d74a3-bd19-4657-b6ce-e62f480a20de}] | (IncrediMail MediaBar Francais 2 Toolbar) -> C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll [09/05/2011|11:49:38]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] | (Windows Live ID Sign-in Helper) -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [21/09/2010|14:08:38]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] | (Google Toolbar Helper) -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [30/05/2011|17:43:41]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] | (Java(tm) Plug-In 2 SSV Helper) -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [20/06/2011|20:22:27]
¤¤¤¤¤¤¤¤¤¤ ActiveX
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] | WMPACCESS -> Microsoft Windows Media Player
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] | IEACCESS -> Internet Explorer
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] | BRANDING.CAB -> Browser Customizations
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}] | JAVAVM -> Java (Sun)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] | -> Microsoft Windows Media Player 12.0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] | Theme Component -> Themes Setup
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] | MobilePk -> Offline Browsing Pack
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{3C3901C5-3455-3E0A-A214-0B093A5070A6}] | .NETFramework -> .NET Framework
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] | MailNews -> Microsoft Windows
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] | DirectDrawEx -> DirectDrawEx
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] | HelpCont -> Internet Explorer Help
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] | MSVBScript -> Microsoft Windows Script 5.6
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] | GenSetup -> Internet Explorer Setup Tools
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] | ExtraPack -> Browsing Enhancements
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] | Microsoft Windows Media Player -> Microsoft Windows Media Player
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] | MSN_Auth -> MSN Site Access
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] | -> Address Book 7
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7C028AF8-F614-47B3-82DA-BA94E41B1089}] | .NETFramework -> .NET Framework
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] | IE4_SHELLID -> Windows Desktop Update
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] | BASEIE40_W2K -> Web Platform Customizations
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] | DOTNETFRAMEWORKS ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] | Tridata -> Dynamic HTML Data Binding
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD}] | .NETFramework -> .NET Framework
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] | Fontcore -> Internet Explorer Core Fonts
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] | HTMLHelp -> HTML Help
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] | ADSI -> Active Directory Service Interface
¤¤¤¤¤¤¤¤¤¤ AppPaths
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AcroRd32.exe] -> C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe [05/09/2011|19:04:56]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\BF1942.exe] -> C:\Program Files\EA GAMES\Battlefield 1942\bf1942.exe [28/07/2011|19:04:18]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\cmmgr32.exe] ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\dvdmaker.exe] -> %ProgramFiles%\DVD Maker\dvdmaker.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\FPSCreator.exe] -> C:\Program Files\The Game Creators\FPS Creator\FPSCreator.exe [24/07/2011|11:49:08]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\fsquirt.exe] ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IEDIAGCMD.EXE] -> C:\Program Files\Internet Explorer\IEDIAGCMD.EXE [20/06/2011|18:22:36]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IEXPLORE.EXE] -> C:\Program Files\Internet Explorer\IEXPLORE.EXE [20/06/2011|18:22:36]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ImBpp.exe] -> C:\Program Files\IncrediMail\Bin\ImBpp.exe [29/09/2011|14:31:26]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ImLc.exe] -> C:\Program Files\IncrediMail\Bin\ImLc.exe [29/09/2011|14:31:26]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ImLcU.exe] -> C:\Program Files\IncrediMail\Bin\ImLc.exe [29/09/2011|14:31:26]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ImLpp.exe] -> C:\Program Files\IncrediMail\Bin\ImLpp.exe [29/09/2011|14:31:26]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ImPackr.exe] -> C:\Program Files\IncrediMail\Bin\impackr.exe [29/09/2011|14:31:26]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\impackrU.exe] -> C:\Program Files\IncrediMail\Bin\impackr.exe [29/09/2011|14:31:26]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ImpCnt.exe] -> C:\Program Files\IncrediMail\Bin\ImpCnt.exe [29/09/2011|14:31:26]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ImpCntU.exe] -> C:\Program Files\IncrediMail\Bin\ImpCnt.exe [29/09/2011|14:31:26]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ImpContent.exe] -> C:\Program Files\IncrediMail\Bin\ImpCnt.exe [29/09/2011|14:31:26]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ImSetup.exe] -> C:\Program Files\IncrediMail\Bin\ImSetup.exe [29/09/2011|14:31:26]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IncMail.exe] -> C:\Program Files\IncrediMail\Bin\IncMail.exe [29/09/2011|14:31:26]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IncMailU.exe] -> C:\Program Files\IncrediMail\Bin\IncMail.exe [29/09/2011|14:31:26]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IncrediMail.exe] -> C:\Program Files\IncrediMail\Bin\IncMail.exe [29/09/2011|14:31:26]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\install.exe] ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\javaws.exe] -> C:\Program Files\Java\jre6\bin\javaws.exe [20/06/2011|20:22:26]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Journal.exe] -> %ProgramFiles%\Windows Journal\Journal.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\migwiz.exe] ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mip.exe] -> %CommonProgramFiles%\Microsoft Shared\Ink\mip.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MOHAA.exe] -> C:\Program Files\EA GAMES\MOHDA\MOHAA.exe [22/06/2011|18:18:45]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\moh_breakthrough.exe] -> C:\Program Files\EA GAMES\MOHDA\moh_breakthrough.exe [22/06/2011|18:37:09]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\moh_spearhead.exe] -> C:\Program Files\EA GAMES\MOHDA\moh_spearhead.exe [22/06/2011|18:30:52]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mplayer2.exe] -> %ProgramFiles%\Windows Media Player\wmplayer.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\pbrush.exe] -> %SystemRoot%\System32\mspaint.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\PictureViewer.exe] -> C:\Program Files\QuickTime\PictureViewer.exe [05/07/2011|18:36:36]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\pnac.exe] -> C:\Program Files\Photo Notifier and Animation Creator\Application\Bin\pnac.exe [23/12/2010|09:02:18]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\PowerShell.exe] -> %SystemRoot%\system32\WindowsPowerShell\v1.0\PowerShell.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\QuickTimePlayer.exe] -> C:\Program Files\QuickTime\QuickTimePlayer.exe [05/07/2011|19:13:08]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\setup.exe] ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\sidebar.exe] -> "%ProgramFiles%\Windows Sidebar\sidebar.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SnippingTool.exe] -> %SystemRoot%\system32\SnippingTool.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\table30.exe] ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\TabTip.exe] -> %CommonProgramFiles%\microsoft shared\ink\TabTip.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\wab.exe] -> %ProgramFiles%\Windows Mail\wab.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\wabmig.exe] -> %ProgramFiles%\Windows Mail\wabmig.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WinRAR.exe] -> C:\Program Files\WinRAR\WinRAR.exe [20/06/2011|21:02:59]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\wmplayer.exe] -> %ProgramFiles%\Windows Media Player\wmplayer.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WORDPAD.EXE] -> "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WRITE.EXE] -> "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"
¤¤¤¤¤¤¤¤¤¤ Windows
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=
"LoadAppInit_DLLs"=0
¤¤¤¤¤¤¤¤¤¤ Winlogon
¤
[HKLM | Winlogon] | Shell : explorer.exe
[HKLM | Winlogon] | AutoRestartShell : 1
[HKLM | Winlogon] | userinit : C:\Windows\system32\userinit.exe,
[HKLM | Winlogon] | PowerDownAfterShutdown : 0 -> 1
[HKLM | Winlogon] | System :
¤¤¤¤¤¤¤¤¤¤ Winlogon\Notify
[.exe] : exefile
[exefile | command] : "%1" %*
[.com] : comfile
[comfile | command] : "%1" %*
[.reg] : regfile
[regfile | command] : regedit.exe "%1"
[.scr] : scrfile
[scrfile | command] : "%1" /S
[.bat] : batfile
[batfile | command] : "%1" %*
[.cmd] : cmdfile
[cmdfile | command] : "%1" %*
[.pif] : piffile
[piffile | command] : "%1" %*
[.url] : InternetShortcut
[InternetShortcut | command] : "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l
[Application.Manifest | command] : rundll32.exe dfshim.dll,ShOpenVerbApplication %1
[Application.Reference | command] : rundll32.exe dfshim.dll,ShOpenVerbShortcut %1|%2
[Folder | command] : %SystemRoot%\Explorer.exe -> C:\Windows\explorer.exe
¤
[IE | Command] | @ : C:\Program Files\Internet Explorer\iexplore.exe -> "C:\Program Files\Internet Explorer\iexplore.exe"
[Applications | IE | Command] | @ : "C:\Program Files\Internet Explorer\iexplore.exe" %1
[Assoc | Applications] | @ : http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s -> http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s
¤¤¤¤¤¤¤¤¤¤ Divers
[HKLM | HideDesktopIcons\ClassicStartMenu] | {9343812e-1c37-4a49-a12e-4b2d810d956b} : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel] | {F02C1A0D-BE21-4350-88B0-7367FC96EF3C} : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel] | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel] | {208D2C60-3AEA-1069-A2D7-08002B30309D} : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel] | {871C5380-42A0-1069-A2EA-08002B30309D} : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel] | {5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0} : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel] | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> 0
[HKLM | HideDesktopIcons\NewStartPanel] | {9343812e-1c37-4a49-a12e-4b2d810d956b} : 1 -> 0
[HKCU | Desktop] | Wallpaper : C:\Users\roro\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
Supprimé : [HKCU | policies\system] | DisableTaskMgr -> 0
¤¤¤¤¤¤¤¤¤¤ Services
[Ndisuio] | Start : 3 : Inactif
[Power] | Start : 2 : Actif
[Profsvc] | Start : 2 : Actif
[PlugPlay] | Start : 2 : Actif
[PEAUTH] | Start : 2 : Actif
[Parvdm] | Start : 2 : Actif
[NVSvc] | Start : 2 : Actif
[nsi] | Start : 2 : Actif
[NLASvc] | Start : 2 : Actif
[MPSsvc] | Start : 2 : Actif
[MMCSS] | Start : 2 : Actif
[luafv] | Start : 2 : Actif
[lltdio] | Start : 2 : Actif
[Iphlpsvc] | Start : 2 : Actif
[IKEEXT] | Start : 3 -> 2 : Inactif
[gpsvc] | Start : 2 : Actif
[lmhosts] | Start : 2 : Actif
[LanmanWorkstation] | Start : 2 : Actif
[LanmanServer] | Start : 2 : Actif
[agp440] | Start : 3 -> 2 : Inactif
[AudioEndpointBuilder] | Start : 2 : Actif
[Audiosrv] | Start : 2 : Actif
[BFE] | Start : 2 : Actif
[Bits] | Start : 2 : Actif
[CryptSvc] | Start : 2 : Actif
[EapHost] | Start : 3 -> 2 : Inactif
[Wlansvc] | Start : 3 -> 2 : Inactif
[SharedAccess] | Start : 3 -> 2 : Inactif
[windefend] | Start : 3 -> 2 : Inactif
[wuauserv] | Start : 2 : Actif
[WerSvc] | Start : 3 -> 2 : Inactif
[wscsvc] | Start : 2 : Actif
¤¤¤¤¤¤¤¤¤¤ Internet Explorer
Supprimé : Proxyserver -> :80
¤
[HKCU | Main] | Start Page : https://www.free.fr/freebox/index.html -> https://www.google.com/?gws_rd=ssl
[HKCU | Main] | Local Page : C:\Windows\system32\blank.htm
[HKCU | Main] | Search Page : -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
[HKCU | Main] | Use Custom Search URL : -> 0
[HKLM | Search] | SearchAssistant : -> http://www.google.com/toolbar/ie8/sidebar.html
[HKLM | Main] | Start Page : http://ww1.bigseekpro.com{B573F638-2CC2-4849-AC7C-F2F1A276AC18} -> https://www.msn.com/fr-fr/?ocid=iehp
[HKLM | Main] | Local Page : C:\Windows\System32\blank.htm
[HKLM | Main] | Default_Search_URL : https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
[HKLM | Main] | Default_Page_URL : https://www.msn.com/fr-fr/?ocid=iehp
[HKLM | Main] | Search Page : https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
¤
[HKCU | PhishingFilter] | Enabled : -> 2
[HKCU | PhishingFilter] | EnabledV8 : -> 1
[HKCU | Internet settings] | ProxyOverride : 0
[HKCU | Internet settings] | EnableHttp1_1 : 1
[HKCU | Internet Settings] | MigrateProxy : 1
[HKCU | Internet Settings] | WarnonBadCertRecving : -> 1
[HKCU | Internet Settings] | WarnOnHTTPSToHTTPRedirect : -> 1
[HKCU | Internet Settings] | WarnonZoneCrossing : 0 -> 1
[HKCU | Internet Settings] | AutoConfigProxy : 0
[HKLM | AboutURLs] | Tabs : res://ieframe.dll/tabswelcome.htm
¤
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] | (Bing) -> https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src=IE-SearchBox&FORM=IE8SRC
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] | (Google) -> https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGHP_frFR434
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}] | (Search) -> http://ww1.bigseekpro.com{B573F638-2CC2-4849-AC7C-F2F1A276AC18}?q={searchTerms}
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}] | (MyStart Search) -> http://mystart.incredimail.com/?search={searchTerms}&loc=search_box&a=1eynZgUUuSX
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}] | (AOL Web Search) -> http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20110811110554205&tb_oid=11-08-2011&tb_mrud=11-08-2011
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] | (@ieframe.dll,-12512) -> https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] | (Google) -> https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}] | (AOL Web Search) -> http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20110811110554205&tb_oid=11-08-2011&tb_mrud=11-08-2011
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0002df01-0000-0000-c000-000000000046}] | (iexplore.exe) -> C:\Program Files\Internet Explorer
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{003B91A6-61E3-4591-891D-01E94C8CB11E}] | (Silverlight.Configuration.exe) -> c:\Program Files\Microsoft Silverlight\4.0.60531.0\
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] | (tabtip.exe) -> C:\Program Files\Common Files\Microsoft Shared\Ink
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] | (wpcer.exe) -> C:\Windows\System32
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08f24d68-9087-4b24-81ad-7b34af3e3ed5}] | (Acrobat Elements.exe) -> C:\Program Files\adobe\acrobat 6.0\Acrobat Elements
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695}] | (winfxdocobj.exe) -> C:\Windows\System32
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] | (wuapp.exe) -> C:\Windows\System32
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{130c40f0-1bcb-4852-8b63-291cf90a600b}] | (msdt.exe) -> C:\Windows\System32
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15B3FB63-66F4-4EFC-B717-BB283B85E79B}] | (AcroBroker.exe) -> C:\Program Files\Adobe\Reader 10.0\Reader\
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] | (dfsvc.exe) -> C:\Windows\microsoft.net\framework\v2.0.50727
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A972DAF-A7EC-4ce3-B6C9-7B523CD6685F}] | (GoogleToolbarUser_32.exe) -> C:\Program Files\Google\Google Toolbar
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1ec76a37-1762-46ff-9b14-765b3e6793be}] | (agcp.exe) -> c:\Program Files\Microsoft Silverlight\4.0.60531.0\
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] | () ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2391d819-9d17-44ec-9ac1-f6aa07549469}] | (wermgr.exe) -> %systemroot%\system32
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] | (ieinstal.exe) -> C:\Program Files\Internet Explorer
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{358E6F10-DE8A-4602-8424-179CA217F8EE}] | (AcroRd32Info.exe) -> C:\Program Files\Adobe\Reader 10.0\Reader
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39A895E9-93DD-4ffa-A4A3-2C14608B5B61}] | (SwHelper_1161629.exe) -> C:\Windows\system32\Adobe\Shockwave 11
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B9A6E32-36C9-4946-B78C-3F58E3785EC1}] | (unpack200.exe) -> C:\Program Files\Java\jre6\bin
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7}] | (jp2launcher.exe) -> C:\Program Files\Java\jre6\bin
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4becf16c-74f0-429b-8d3e-4fba507ac661}] | (acrord32.exe) -> C:\Program Files\adobe\acrobat 7.0\reader
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284}] | (javaws.exe) -> C:\Program Files\Java\jre6\bin
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] | (TbHelper2.exe) -> C:\Program Files\Cheat Engine DB Toolbar
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68934FDE-CDB1-42CC-A38B-A44B43B0785C}] | (SWDNLD.EXE) -> C:\Windows\system32\Adobe\Director
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] | (wmplayer.exe) -> %ProgramFiles%\Windows Media Player
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] | (iedw.exe) -> C:\Program Files\Internet Explorer
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76E2369A-75BA-41F9-8B9E-16059E5CF9A6}] | (AdobeARM.exe) -> C:\Program Files\Common Files\Adobe\ARM\1.0\
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] | (CertEnrollCtrl.exe) -> C:\Windows\system32\
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] | () ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] | (verclsid.exe) -> C:\Windows\System32
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80B84A0A-EDA4-47fd-8BE1-6B49F4197EE5}] | (GoogleToolbarNotifier.exe) -> C:\Program Files\Google\GoogleToolbarNotifier
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] | (ctfmon.exe) -> C:\Windows\System32
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{872DF9A8-E905-428A-9027-ACAEB6C53292}] | (IncrediMail_MediaBar_Francais_2ToolbarHelper.exe) -> C:\Program Files\IncrediMail_MediaBar_Francais_2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] | (helppane.exe) -> C:\Windows
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E1F80F4-953F-41E7-8460-E64AE5BE4ED3}] | (AdobeCollabSync.exe) -> C:\Program Files\Adobe\Reader 10.0\Reader
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95a4104c-1c49-4c2a-9830-1be0f47e926c}] | (acrobat.exe) -> C:\Program Files\adobe\acrobat 7.0\Acrobat
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C6A861C-B233-4994-AFB1-C158EE4FC578}] | (AcroRd32.exe) -> C:\Program Files\Adobe\Reader 10.0\Reader
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9da1d2cb-796d-4bec-bbaa-0aa9ccd80e15}] | (Acrobat Elements.exe) -> C:\Program Files\adobe\acrobat 7.0\Acrobat Elements
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] | (xpsviewer.exe) -> C:\Windows\System32\xpsviewer
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5B020FD-E04B-4e67-B65A-E7DEED25B2CF}] | (wisptis.exe) -> %SystemRoot%\System32
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AAD4AE2E-D834-46D4-8B09-490FAC9C722B}] | () ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ADDBD923-1733-4C10-B5B9-41083916CCDB}] | (IncrediMail_MediaBar_Francais_2AutoUpdateHelper.exe) -> C:\Users\roro\AppData\Local\Conduit\CT2724431
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] | (cmd.exe) -> C:\Windows\System32
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] | (TSWbPrxy.exe) -> %systemroot%\system32
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD18A03F-31CC-4CC0-B52D-9E199122923D}] | () ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}] | (GoogleUpdateBroker.exe) -> C:\Program Files\Google\Update\1.3.21.69
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C442AC41-9200-4770-8CC0-7CDB4F245C55}] | (GoogleUpdate.exe) -> C:\Program Files\Google\Update
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] | (dfsvc.exe) -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AED-AECE-4E27-9BCB-5358B13F9FF9}] | (dfsvc.exe) ->
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A}] | (ssvagent.exe) -> C:\Program Files\Java\jre6\bin
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] | (notepad.exe) -> C:\Windows\System32
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e5f90a07-7db7-4dcb-bd6d-d3fecd376ca3}] | (acrord32.exe) -> C:\Program Files\adobe\acrobat 6.0\reader
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EE0B94B9-335F-4d2c-8B43-DACCD1EA6FF1}] | (GoogleToolbarUser_64.exe) -> C:\Program Files\Google\Google Toolbar
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] | (presentationhost.exe) -> C:\Windows\System32
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] | (FlashUtil10x_ActiveX.exe) -> C:\Windows\system32\Macromed\Flash
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb9e068b-c612-4fa8-bdb9-d728a716a420}] | (acrobat.exe) -> C:\Program Files\adobe\acrobat 6.0\Acrobat
¤¤¤¤¤¤¤¤¤¤ Extensions Firefox
¤
¤¤¤¤¤¤¤¤¤¤ DNS
Excuse
Utilisateur anonyme
9 oct. 2011 à 21:54
9 oct. 2011 à 21:54
desinstalle ca :
IncrediMail_MediaBar_Francais_2
windows search qu toolbar si present
fais glisser une icone n'importe quel fichier sur Pre_scan , pre_script va apparaitre
Lance Pre_script , une page vierge va s'ouvrir.
selectionne tout le texte en gras ci-dessous, puis (clic droit/copier ou ctrl+c) :
___________________________________________________
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=-
[-HKEY_LOCAL_MACHINE\Software\BrowserChoice]
[-HKEY_LOCAL_MACHINE\Software\IncrediMail_MediaBar_Francais_2]
file::
C:\Users\roro\AppData\Roaming\chrtmp
C:\Users\roro\AppData\Local\http_www.flickr.com_0
C:\Users\roro\AppData\Local\Databases.db
folder::
C:\Users\roro\AppData\Local\http_www.flickr.com_0
C:\ProgramData\Spybot - Search & Destroy
C:\Program Files\Conduit
C:\Program Files\Spybot - Search & Destroy
C:\Program Files\Windows Searchqu Toolbar
attrib::
___________________________________________________
colle-le ensuite (clic droit/coller ou ctrl+V) dans la page vierge.
puis onglet fichier => enregistrer (pas enregistrer sous...) , puis ferme le texte
des fenetres noires risquent de clignoter , c'est normal , c'est le programme qui travaille
poste Pre_Script.txt qui apparaitra sur le bureau en fin de travail
si ton bureau ne reapparait pas => ctrl+alt+supp , gestionnaire des taches => onglet fichier => nouvelle tache puis tape explorer
IncrediMail_MediaBar_Francais_2
windows search qu toolbar si present
fais glisser une icone n'importe quel fichier sur Pre_scan , pre_script va apparaitre
Lance Pre_script , une page vierge va s'ouvrir.
selectionne tout le texte en gras ci-dessous, puis (clic droit/copier ou ctrl+c) :
___________________________________________________
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=-
[-HKEY_LOCAL_MACHINE\Software\BrowserChoice]
[-HKEY_LOCAL_MACHINE\Software\IncrediMail_MediaBar_Francais_2]
file::
C:\Users\roro\AppData\Roaming\chrtmp
C:\Users\roro\AppData\Local\http_www.flickr.com_0
C:\Users\roro\AppData\Local\Databases.db
folder::
C:\Users\roro\AppData\Local\http_www.flickr.com_0
C:\ProgramData\Spybot - Search & Destroy
C:\Program Files\Conduit
C:\Program Files\Spybot - Search & Destroy
C:\Program Files\Windows Searchqu Toolbar
attrib::
___________________________________________________
colle-le ensuite (clic droit/coller ou ctrl+V) dans la page vierge.
puis onglet fichier => enregistrer (pas enregistrer sous...) , puis ferme le texte
des fenetres noires risquent de clignoter , c'est normal , c'est le programme qui travaille
poste Pre_Script.txt qui apparaitra sur le bureau en fin de travail
si ton bureau ne reapparait pas => ctrl+alt+supp , gestionnaire des taches => onglet fichier => nouvelle tache puis tape explorer
toxic512008
Messages postés
140
Date d'inscription
samedi 25 juillet 2009
Statut
Membre
Dernière intervention
12 octobre 2011
23
10 oct. 2011 à 17:49
10 oct. 2011 à 17:49
Je n'ai pas compris comment avoir pré-script tu peux réexpliquer s'il te plait ?
toxic512008
Messages postés
140
Date d'inscription
samedi 25 juillet 2009
Statut
Membre
Dernière intervention
12 octobre 2011
23
10 oct. 2011 à 18:35
10 oct. 2011 à 18:35
Pré-script trouver UPDATE
toxic512008
Messages postés
140
Date d'inscription
samedi 25 juillet 2009
Statut
Membre
Dernière intervention
12 octobre 2011
23
10 oct. 2011 à 18:37
10 oct. 2011 à 18:37
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Script | 1.0.2.92 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤ XP | Vista | Seven - 32/64 bits ¤¤¤¤¤
Mise à jour : 08/10/2011 | 14.00 Par g3n-h@ckm@n
Utilisateur : roro (Administrateurs)
Ordinateur : RORO-PC
Système d'exploitation : Windows 7 Home Premium (32 bits)
Internet Explorer : 9.0.8112.16421
Mozilla Firefox :
Switchs possibles :
processes:: | file:: | folder:: | Registry::
Driver:: | replace:: | DNS:: | Command::
attrib:: | txt:: | Host:: | NsLook::
list:: | IP:: | ADS:: | Kill::
Script : 18:36:19
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Modification du registre effectuée
¤
Supprimé : C:\Users\roro\AppData\Roaming\chrtmp
Non Supprimé : C:\Users\roro\AppData\Local\http_www.flickr.com_0
Supprimé : C:\Users\roro\AppData\Local\Databases.db
¤
Supprimé : C:\Users\roro\AppData\Local\http_www.flickr.com_0
Supprimé : C:\ProgramData\Spybot - Search & Destroy
Supprimé : C:\Program Files\Conduit
Supprimé : C:\Program Files\Spybot - Search & Destroy
Supprimé : C:\Program Files\Windows Searchqu Toolbar
¤
Fin : 18:36:22
¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤ XP | Vista | Seven - 32/64 bits ¤¤¤¤¤
Mise à jour : 08/10/2011 | 14.00 Par g3n-h@ckm@n
Utilisateur : roro (Administrateurs)
Ordinateur : RORO-PC
Système d'exploitation : Windows 7 Home Premium (32 bits)
Internet Explorer : 9.0.8112.16421
Mozilla Firefox :
Switchs possibles :
processes:: | file:: | folder:: | Registry::
Driver:: | replace:: | DNS:: | Command::
attrib:: | txt:: | Host:: | NsLook::
list:: | IP:: | ADS:: | Kill::
Script : 18:36:19
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Modification du registre effectuée
¤
Supprimé : C:\Users\roro\AppData\Roaming\chrtmp
Non Supprimé : C:\Users\roro\AppData\Local\http_www.flickr.com_0
Supprimé : C:\Users\roro\AppData\Local\Databases.db
¤
Supprimé : C:\Users\roro\AppData\Local\http_www.flickr.com_0
Supprimé : C:\ProgramData\Spybot - Search & Destroy
Supprimé : C:\Program Files\Conduit
Supprimé : C:\Program Files\Spybot - Search & Destroy
Supprimé : C:\Program Files\Windows Searchqu Toolbar
¤
Fin : 18:36:22
¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤
Utilisateur anonyme
11 oct. 2011 à 11:06
11 oct. 2011 à 11:06
▶ Télécharge ici : USBFIX sur ton bureau
branche tous tes periphériques USB sans les ouvrir
/!\ Désactive provisoirement et seulement le temps de l'utilisation d'USBFIX, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur l'icône Usbfix située sur ton Bureau.
Sur la page, clique sur le bouton :
▶ choisi l option Suppression
▶ UsbFix scannera ton pc , laisse travailler l outil.
▶ Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .
▶ Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
branche tous tes periphériques USB sans les ouvrir
/!\ Désactive provisoirement et seulement le temps de l'utilisation d'USBFIX, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur l'icône Usbfix située sur ton Bureau.
Sur la page, clique sur le bouton :
▶ choisi l option Suppression
▶ UsbFix scannera ton pc , laisse travailler l outil.
▶ Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .
▶ Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
toxic512008
Messages postés
140
Date d'inscription
samedi 25 juillet 2009
Statut
Membre
Dernière intervention
12 octobre 2011
23
11 oct. 2011 à 17:57
11 oct. 2011 à 17:57
############################## | UsbFix V 7.061 | [Suppression]
Utilisateur: roro (Administrateur) # RORO-PC
Mis à jour le 05/10/2011 par El Desaparecido
Lancé à 17:53:19 | 11/10/2011
Site Web: https://www.sosvirus.net/
Fichier suspect ? : http://eldesaparecido.com/support.php
Contact: contact@eldesaparecido.com
PC: MSI (MS-7309) (X86-based PC) # Desktop Computer
CPU: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ (2210)
RAM -> [ Total : 2047 | Free : 1193 ]
BIOS: Default System BIOS
BOOT: Normal boot
OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 32-Bit) # Service Pack 1
WB: Windows Internet Explorer 9.0.8112.16421
SC: Security Center Service [ Enabled ]
WU: Windows Update Service [ Enabled ]
AV: Microsoft Security Essentials [ (!) Disabled | Updated ]
FW: Windows FireWall Service [ Enabled ]
C:\ (%systemdrive%) -> Disque fixe # 233 Go (155 Go libre(s) - 67%) [] # NTFS
D:\ -> CD-ROM
################## | Processus Actif |
C:\Windows\system32\csrss.exe (420)
C:\Windows\system32\wininit.exe (472)
C:\Windows\system32\csrss.exe (488)
C:\Windows\system32\services.exe (528)
C:\Windows\system32\lsass.exe (552)
C:\Windows\system32\lsm.exe (560)
C:\Windows\system32\winlogon.exe (620)
C:\Windows\system32\svchost.exe (704)
C:\Windows\system32\svchost.exe (804)
C:\Windows\System32\svchost.exe (980)
C:\Windows\System32\svchost.exe (1016)
C:\Windows\system32\svchost.exe (1048)
C:\Windows\system32\svchost.exe (1200)
C:\Windows\system32\svchost.exe (1360)
C:\Windows\system32\svchost.exe (1660)
C:\Windows\System32\svchost.exe (1776)
C:\Windows\system32\svchost.exe (1816)
C:\Windows\System32\svchost.exe (1912)
C:\Windows\system32\svchost.exe (2576)
C:\Windows\system32\Dwm.exe (1248)
C:\Windows\System32\svchost.exe (896)
C:\Windows\system32\wbem\wmiprvse.exe (4676)
C:\Windows\system32\WUDFHost.exe (2416)
C:\Windows\System32\rundll32.exe (3852)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (5016)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (5884)
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (484)
C:\Windows\system32\SearchIndexer.exe (5708)
C:\Windows\System32\spoolsv.exe (3680)
C:\Program Files\Internet Explorer\iexplore.exe (5124)
C:\Windows\Explorer.exe (5736)
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe (4544)
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (4604)
C:\Program Files\Internet Explorer\iexplore.exe (2848)
C:\UsbFix\Go.exe (6096)
C:\Windows\system32\wbem\wmiprvse.exe (2268)
################## | Processus Stoppés |
Stoppé! C:\Windows\system32\WUDFHost.exe (2416)
Stoppé! C:\Windows\System32\rundll32.exe (3852)
Stoppé! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (5016)
Stoppé! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (5884)
Stoppé! c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (484)
Stoppé! C:\Windows\system32\SearchIndexer.exe (5708)
Stoppé! C:\Windows\System32\spoolsv.exe (3680)
Stoppé! C:\Program Files\Internet Explorer\iexplore.exe (5124)
Stoppé! C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe (4544)
Stoppé! C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (4604)
Stoppé! C:\Program Files\Internet Explorer\iexplore.exe (2848)
################## | Éléments infectieux |
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-1913976771-3513930833-1953101718-1001
(!) Fichiers temporaires supprimés.
################## | Registre |
################## | Mountpoints2 |
################## | Listing |
[11/10/2011 - 17:53:46 | SHD ] C:\$Recycle.Bin
[10/06/2009 - 23:42:20 | N | 24] C:\autoexec.bat
[11/10/2011 - 17:48:46 | RASHD ] C:\Autorun.inf
[10/06/2009 - 23:42:20 | N | 10] C:\config.sys
[17/09/2011 - 14:04:38 | D ] C:\CreeperTools
[14/07/2009 - 06:53:55 | SHD ] C:\Documents and Settings
[11/10/2011 - 16:51:21 | ASH | 1610162176] C:\hiberfil.sys
[10/10/2011 - 18:57:45 | D ] C:\Kill'em
[11/10/2011 - 16:51:23 | ASH | 2146885632] C:\pagefile.sys
[14/07/2009 - 04:37:05 | D ] C:\PerfLogs
[10/10/2011 - 18:36:22 | D ] C:\Program Files
[10/10/2011 - 18:36:21 | HD ] C:\ProgramData
[07/09/2011 - 12:54:27 | SHD ] C:\Recovery
[08/10/2011 - 20:26:39 | SHD ] C:\System Volume Information
[11/10/2011 - 17:53:46 | D ] C:\UsbFix
[11/10/2011 - 17:53:32 | A | 4451] C:\UsbFix.txt
[11/10/2011 - 17:48:49 | N | 3796] C:\UsbFix_Upload_Me_RORO-PC.zip
[30/05/2011 - 17:33:14 | D ] C:\Users
[05/08/2011 - 12:02:57 | D ] C:\Valve
[05/10/2011 - 14:10:27 | D ] C:\Windows
################## | Vaccin |
C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
################## | Upload |
Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_RORO-PC.zip
http://eldesaparecido.com/support.php
Merci de votre contribution.
################## | E.O.F |
Utilisateur: roro (Administrateur) # RORO-PC
Mis à jour le 05/10/2011 par El Desaparecido
Lancé à 17:53:19 | 11/10/2011
Site Web: https://www.sosvirus.net/
Fichier suspect ? : http://eldesaparecido.com/support.php
Contact: contact@eldesaparecido.com
PC: MSI (MS-7309) (X86-based PC) # Desktop Computer
CPU: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ (2210)
RAM -> [ Total : 2047 | Free : 1193 ]
BIOS: Default System BIOS
BOOT: Normal boot
OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 32-Bit) # Service Pack 1
WB: Windows Internet Explorer 9.0.8112.16421
SC: Security Center Service [ Enabled ]
WU: Windows Update Service [ Enabled ]
AV: Microsoft Security Essentials [ (!) Disabled | Updated ]
FW: Windows FireWall Service [ Enabled ]
C:\ (%systemdrive%) -> Disque fixe # 233 Go (155 Go libre(s) - 67%) [] # NTFS
D:\ -> CD-ROM
################## | Processus Actif |
C:\Windows\system32\csrss.exe (420)
C:\Windows\system32\wininit.exe (472)
C:\Windows\system32\csrss.exe (488)
C:\Windows\system32\services.exe (528)
C:\Windows\system32\lsass.exe (552)
C:\Windows\system32\lsm.exe (560)
C:\Windows\system32\winlogon.exe (620)
C:\Windows\system32\svchost.exe (704)
C:\Windows\system32\svchost.exe (804)
C:\Windows\System32\svchost.exe (980)
C:\Windows\System32\svchost.exe (1016)
C:\Windows\system32\svchost.exe (1048)
C:\Windows\system32\svchost.exe (1200)
C:\Windows\system32\svchost.exe (1360)
C:\Windows\system32\svchost.exe (1660)
C:\Windows\System32\svchost.exe (1776)
C:\Windows\system32\svchost.exe (1816)
C:\Windows\System32\svchost.exe (1912)
C:\Windows\system32\svchost.exe (2576)
C:\Windows\system32\Dwm.exe (1248)
C:\Windows\System32\svchost.exe (896)
C:\Windows\system32\wbem\wmiprvse.exe (4676)
C:\Windows\system32\WUDFHost.exe (2416)
C:\Windows\System32\rundll32.exe (3852)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (5016)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (5884)
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (484)
C:\Windows\system32\SearchIndexer.exe (5708)
C:\Windows\System32\spoolsv.exe (3680)
C:\Program Files\Internet Explorer\iexplore.exe (5124)
C:\Windows\Explorer.exe (5736)
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe (4544)
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (4604)
C:\Program Files\Internet Explorer\iexplore.exe (2848)
C:\UsbFix\Go.exe (6096)
C:\Windows\system32\wbem\wmiprvse.exe (2268)
################## | Processus Stoppés |
Stoppé! C:\Windows\system32\WUDFHost.exe (2416)
Stoppé! C:\Windows\System32\rundll32.exe (3852)
Stoppé! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (5016)
Stoppé! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (5884)
Stoppé! c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (484)
Stoppé! C:\Windows\system32\SearchIndexer.exe (5708)
Stoppé! C:\Windows\System32\spoolsv.exe (3680)
Stoppé! C:\Program Files\Internet Explorer\iexplore.exe (5124)
Stoppé! C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe (4544)
Stoppé! C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (4604)
Stoppé! C:\Program Files\Internet Explorer\iexplore.exe (2848)
################## | Éléments infectieux |
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-1913976771-3513930833-1953101718-1001
(!) Fichiers temporaires supprimés.
################## | Registre |
################## | Mountpoints2 |
################## | Listing |
[11/10/2011 - 17:53:46 | SHD ] C:\$Recycle.Bin
[10/06/2009 - 23:42:20 | N | 24] C:\autoexec.bat
[11/10/2011 - 17:48:46 | RASHD ] C:\Autorun.inf
[10/06/2009 - 23:42:20 | N | 10] C:\config.sys
[17/09/2011 - 14:04:38 | D ] C:\CreeperTools
[14/07/2009 - 06:53:55 | SHD ] C:\Documents and Settings
[11/10/2011 - 16:51:21 | ASH | 1610162176] C:\hiberfil.sys
[10/10/2011 - 18:57:45 | D ] C:\Kill'em
[11/10/2011 - 16:51:23 | ASH | 2146885632] C:\pagefile.sys
[14/07/2009 - 04:37:05 | D ] C:\PerfLogs
[10/10/2011 - 18:36:22 | D ] C:\Program Files
[10/10/2011 - 18:36:21 | HD ] C:\ProgramData
[07/09/2011 - 12:54:27 | SHD ] C:\Recovery
[08/10/2011 - 20:26:39 | SHD ] C:\System Volume Information
[11/10/2011 - 17:53:46 | D ] C:\UsbFix
[11/10/2011 - 17:53:32 | A | 4451] C:\UsbFix.txt
[11/10/2011 - 17:48:49 | N | 3796] C:\UsbFix_Upload_Me_RORO-PC.zip
[30/05/2011 - 17:33:14 | D ] C:\Users
[05/08/2011 - 12:02:57 | D ] C:\Valve
[05/10/2011 - 14:10:27 | D ] C:\Windows
################## | Vaccin |
C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
################## | Upload |
Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_RORO-PC.zip
http://eldesaparecido.com/support.php
Merci de votre contribution.
################## | E.O.F |
Utilisateur anonyme
11 oct. 2011 à 18:22
11 oct. 2011 à 18:22
Télécharge ici :OTL
▶ enregistre le sur ton Bureau.
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶ => Clique ici pour voir la Configuration
▶ Copie et colle le contenu de ce qui suit en gras dans la partie inférieure d'OTL "Personnalisation"
netsvcs
safebootminimal
safebootnetwork
%systemroot%\system32\config\*.exe /s
%systemroot%\system32\*.sys
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa /s
▶ Clic sur Analyse.
A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).
Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)
▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)
Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/
▶ Clique sur Parcourir et cherche le fichier ci-dessus.
▶ Clique sur Ouvrir.
▶ Clique sur "Cliquez ici pour déposer le fichier".
juste au niveau du bouton , en fin de chargement du fichier , Un lien de cette forme apparaitra :
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt
▶ Copie ce lien dans ta réponse.
▶▶ Tu feras la meme chose avec le "Extra.txt" qui logiquement sera aussi sur ton bureau.
▶ enregistre le sur ton Bureau.
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶ => Clique ici pour voir la Configuration
▶ Copie et colle le contenu de ce qui suit en gras dans la partie inférieure d'OTL "Personnalisation"
netsvcs
safebootminimal
safebootnetwork
%systemroot%\system32\config\*.exe /s
%systemroot%\system32\*.sys
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa /s
▶ Clic sur Analyse.
A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).
Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)
▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)
Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/
▶ Clique sur Parcourir et cherche le fichier ci-dessus.
▶ Clique sur Ouvrir.
▶ Clique sur "Cliquez ici pour déposer le fichier".
juste au niveau du bouton , en fin de chargement du fichier , Un lien de cette forme apparaitra :
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt
▶ Copie ce lien dans ta réponse.
▶▶ Tu feras la meme chose avec le "Extra.txt" qui logiquement sera aussi sur ton bureau.
toxic512008
Messages postés
140
Date d'inscription
samedi 25 juillet 2009
Statut
Membre
Dernière intervention
12 octobre 2011
23
12 oct. 2011 à 13:56
12 oct. 2011 à 13:56
OTL Extras logfile created on: 12/10/2011 13:46:41 - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\roro\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 62,50% Memory free
4,00 Gb Paging File | 3,02 Gb Available in Paging File | 75,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,79 Gb Total Space | 155,09 Gb Free Space | 66,62% Space Free | Partition Type: NTFS
Computer Name: RORO-PC | User Name: roro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========/color
[color=#E56717]========== File Associations ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[color=#E56717]========== Shell Spawning ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- C:\Windows\explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[color=#E56717]========== Firewall Settings ==========/color
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[color=#E56717]========== Authorized Applications List ==========/color
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0DEA94ED-915A-4834-A87E-388D012C8E02}" = Medal of Honor débarquement allié
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18EF2DEE-DCB0-466A-ABA5-4C73E508530A}" = MOH Débarquement allié En Formation Patch 2.15
"{19192A84-6172-4312-A661-D8F9A34585AB}" = VirtualDJ Home FREE
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}" = Microsoft Antimalware Service FR-FR Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client FR-FR Language Pack
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{5E97F3BD-CDDC-4188-9D98-532E14FABB5D}" = IncrediMail
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}" = Battlefield 1942
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\roro\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 62,50% Memory free
4,00 Gb Paging File | 3,02 Gb Available in Paging File | 75,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,79 Gb Total Space | 155,09 Gb Free Space | 66,62% Space Free | Partition Type: NTFS
Computer Name: RORO-PC | User Name: roro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========/color
[color=#E56717]========== File Associations ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[color=#E56717]========== Shell Spawning ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- C:\Windows\explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[color=#E56717]========== Firewall Settings ==========/color
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[color=#E56717]========== Authorized Applications List ==========/color
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0DEA94ED-915A-4834-A87E-388D012C8E02}" = Medal of Honor débarquement allié
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18EF2DEE-DCB0-466A-ABA5-4C73E508530A}" = MOH Débarquement allié En Formation Patch 2.15
"{19192A84-6172-4312-A661-D8F9A34585AB}" = VirtualDJ Home FREE
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}" = Microsoft Antimalware Service FR-FR Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client FR-FR Language Pack
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{5E97F3BD-CDDC-4188-9D98-532E14FABB5D}" = IncrediMail
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}" = Battlefield 1942
toxic512008
Messages postés
140
Date d'inscription
samedi 25 juillet 2009
Statut
Membre
Dernière intervention
12 octobre 2011
23
12 oct. 2011 à 13:56
12 oct. 2011 à 13:56
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{6B7F28D4-160E-40C6-B7C8-5EC6B9734DA7}" = Photo Notifier and Animation Creator
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72604C30-CBD2-4917-9AB5-4274747F3269}_is1" = CreeperTools version 0.2
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7914BE1E-F186-4790-B8F4-9F63C52A41C1}" = Medal of Honor Débarquement allié(tm) En Formation
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{823A68CC-3049-4A6B-8F63-7DC85E4BB1C9}" = Medal of Honor Débarquement Allié(tm) l'Offensive
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Français
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Pilote 3D Vision 266.71
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 266.71
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 266.71
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Logiciel système PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Pilote audio HD : 1.1.13.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B91E4360-298A-4306-9E95-9AD91A0952A1}" = FPS Creator
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BE699EDC-9E58-4671-A23E-9CDF7F6F42F2}" = Medal of Honor Débarquement allié En Formation
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{DF9046D6-5F1F-40B6-9782-3DC2D902D391}" = Medal of Honor Débarquement Allié(tm) l'Offensive v2.40 Patch
"{E1019541-10A2-464F-A23E-A4F23DA65160}" = Mumble 1.2.3
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Akamai" = Akamai NetSession Interface
"Black Prophecy_is1" = Black Prophecy
"Call of Duty Game of the Year Edition" = Call of Duty Game of the Year Edition
"Counter-Strike: Condition Zero" = Counter-Strike: Condition Zero
"GameSpy Arcade" = GameSpy Arcade
"IncrediMail" = IncrediMail 2.0
"IncrediMail_MediaBar_Francais_2 Toolbar" = IncrediMail MediaBar Francais 2 Toolbar
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Drivers" = NVIDIA Drivers
"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator
"SecondLifeViewer2" = SecondLifeViewer2 (remove only)
"Steam App 1200" = Red Orchestra: Ostfront 41-45
"Steam App 1220" = RedOrchestra SDK Beta
"Steam App 1230" = Mare Nostrum
"Steam App 1280" = Darkest Hour: Europe '44-'45
"Steam App 1290" = Darkest Hour Server
"Steam App 220" = Half-Life 2
"Steam App 380" = Half-Life 2: Episode One
"Steam App 4000" = Garry's Mod
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 440" = Team Fortress 2
"Usbfix" = UsbFix By El Desaparecido
"VLC media player" = VLC media player 1.1.10
"WinRAR archiver" = WinRAR 4.01 (32-bit)
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========/color
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Winamp Detect" = Détection de l'application Winamp
[color=#E56717]========== Last 10 Event Log Errors ==========/color
[ Application Events ]
Error - 06/10/2011 15:12:30 | Computer Name = roro-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 07/10/2011 07:18:50 | Computer Name = roro-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 07/10/2011 07:20:31 | Computer Name = roro-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 07/10/2011 07:22:13 | Computer Name = roro-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 07/10/2011 07:23:38 | Computer Name = roro-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 07/10/2011 07:25:20 | Computer Name = roro-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 07/10/2011 07:27:24 | Computer Name = roro-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 07/10/2011 14:26:05 | Computer Name = roro-PC | Source = SideBySide | ID = 16842824
Description = La création du contexte d'activation a échoué pour « c:\program files\microsoft
security client\MSESysprep.dll ». Erreur dans le fichier de manifeste ou de stratégie
« c:\program files\microsoft security client\MSESysprep.dll » à la ligne 10. L'élément
imaging apparaît comme un enfant de l'élément urn:schemas-microsoft-com:asm.v1^assembly ;
cette situation n'est pas prise en charge par cette version de Windows.
Error - 09/10/2011 07:36:47 | Computer Name = roro-PC | Source = SideBySide | ID = 16842824
Description = La création du contexte d'activation a échoué pour « c:\program files\microsoft
security client\MSESysprep.dll ». Erreur dans le fichier de manifeste ou de stratégie
« c:\program files\microsoft security client\MSESysprep.dll » à la ligne 10. L'élément
imaging apparaît comme un enfant de l'élément urn:schemas-microsoft-com:asm.v1^assembly ;
cette situation n'est pas prise en charge par cette version de Windows.
Error - 10/10/2011 11:20:26 | Computer Name = roro-PC | Source = Application Error | ID = 1000
Description = Nom de l'application défaillante ImApp.exe, version : 6.2.9.5079,
horodatage : 0x4e5d1935 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage
: 0x00000000 Code d'exception : 0xc0000005 Décalage d'erreur : 0x005c0061 ID du processus
défaillant : 0xd38 Heure de début de l'application défaillante : 0x01cc8760100da690
Chemin
d'accès de l'application défaillante : C:\Program Files\IncrediMail\Bin\ImApp.exe
Chemin
d'accès du module défaillant: unknown ID de rapport : 60aa2790-f353-11e0-90f7-001d92292217
[ System Events ]
Error - 10/10/2011 14:52:28 | Computer Name = roro-PC | Source = Service Control Manager | ID = 7024
Description = Le service Écouteur HomeGroup s'est arrêté avec l'erreur service particulière
%%-2147467262.
Error - 10/10/2011 14:52:41 | Computer Name = roro-PC | Source = WMPNetworkSvc | ID = 866292
Description =
Error - 10/10/2011 15:02:46 | Computer Name = roro-PC | Source = Microsoft Antimalware | ID = 3002
Description = La fonctionnalité de protection en temps réel %%860 a rencontré une
erreur et s'est arrêtée. Fonctionnalité : %%886 Code d'erreur : 0x800705b4 Description
de l'erreur : Cette opération s'est terminée car le délai d'attente a expiré. Raison :
%%858
Error - 11/10/2011 01:08:33 | Computer Name = roro-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Certaines fonctionnalités de gestion de l'alimentation relatives aux
performances du processeur ont été désactivées en raison d'un problème connu avec
le microprogramme. Contactez le fabricant de l'ordinateur pour obtenir la mise
à jour du microprogramme.
Error - 11/10/2011 01:08:47 | Computer Name = roro-PC | Source = Service Control Manager | ID = 7000
Description = Le service Filtre de bus AGP Intel n'a pas pu démarrer en raison de
l'erreur : %%1058
Error - 11/10/2011 01:08:54 | Computer Name = roro-PC | Source = Microsoft Antimalware | ID = 3002
Description = La fonctionnalité de protection en temps réel %%860 a rencontré une
erreur et s'est arrêtée. Fonctionnalité : %%886 Code d'erreur : 0x800705b4 Description
de l'erreur : Cette opération s'est terminée car le délai d'attente a expiré. Raison :
%%892
Error - 11/10/2011 01:09:11 | Computer Name = roro-PC | Source = WMPNetworkSvc | ID = 866292
Description =
Error - 11/10/2011 01:09:12 | Computer Name = roro-PC | Source = Service Control Manager | ID = 7024
Description = Le service Écouteur HomeGroup s'est arrêté avec l'erreur service particulière
%%-2147467262.
Error - 11/10/2011 01:10:51 | Computer Name = roro-PC | Source = WMPNetworkSvc | ID = 866292
Description =
Error - 11/10/2011 10:51:20 | Computer Name = roro-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Certaines fonctionnalités de gestion de l'alimentation relatives aux
performances du processeur ont été désactivées en raison d'un problème connu avec
le microprogramme. Contactez le fabricant de l'ordinateur pour obtenir la mise
à jour du microprogramme.
< End of report >
"{6B7F28D4-160E-40C6-B7C8-5EC6B9734DA7}" = Photo Notifier and Animation Creator
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72604C30-CBD2-4917-9AB5-4274747F3269}_is1" = CreeperTools version 0.2
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7914BE1E-F186-4790-B8F4-9F63C52A41C1}" = Medal of Honor Débarquement allié(tm) En Formation
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{823A68CC-3049-4A6B-8F63-7DC85E4BB1C9}" = Medal of Honor Débarquement Allié(tm) l'Offensive
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Français
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Pilote 3D Vision 266.71
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 266.71
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 266.71
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Logiciel système PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Pilote audio HD : 1.1.13.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B91E4360-298A-4306-9E95-9AD91A0952A1}" = FPS Creator
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BE699EDC-9E58-4671-A23E-9CDF7F6F42F2}" = Medal of Honor Débarquement allié En Formation
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{DF9046D6-5F1F-40B6-9782-3DC2D902D391}" = Medal of Honor Débarquement Allié(tm) l'Offensive v2.40 Patch
"{E1019541-10A2-464F-A23E-A4F23DA65160}" = Mumble 1.2.3
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Akamai" = Akamai NetSession Interface
"Black Prophecy_is1" = Black Prophecy
"Call of Duty Game of the Year Edition" = Call of Duty Game of the Year Edition
"Counter-Strike: Condition Zero" = Counter-Strike: Condition Zero
"GameSpy Arcade" = GameSpy Arcade
"IncrediMail" = IncrediMail 2.0
"IncrediMail_MediaBar_Francais_2 Toolbar" = IncrediMail MediaBar Francais 2 Toolbar
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Drivers" = NVIDIA Drivers
"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator
"SecondLifeViewer2" = SecondLifeViewer2 (remove only)
"Steam App 1200" = Red Orchestra: Ostfront 41-45
"Steam App 1220" = RedOrchestra SDK Beta
"Steam App 1230" = Mare Nostrum
"Steam App 1280" = Darkest Hour: Europe '44-'45
"Steam App 1290" = Darkest Hour Server
"Steam App 220" = Half-Life 2
"Steam App 380" = Half-Life 2: Episode One
"Steam App 4000" = Garry's Mod
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 440" = Team Fortress 2
"Usbfix" = UsbFix By El Desaparecido
"VLC media player" = VLC media player 1.1.10
"WinRAR archiver" = WinRAR 4.01 (32-bit)
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========/color
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Winamp Detect" = Détection de l'application Winamp
[color=#E56717]========== Last 10 Event Log Errors ==========/color
[ Application Events ]
Error - 06/10/2011 15:12:30 | Computer Name = roro-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 07/10/2011 07:18:50 | Computer Name = roro-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 07/10/2011 07:20:31 | Computer Name = roro-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 07/10/2011 07:22:13 | Computer Name = roro-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 07/10/2011 07:23:38 | Computer Name = roro-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 07/10/2011 07:25:20 | Computer Name = roro-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 07/10/2011 07:27:24 | Computer Name = roro-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 07/10/2011 14:26:05 | Computer Name = roro-PC | Source = SideBySide | ID = 16842824
Description = La création du contexte d'activation a échoué pour « c:\program files\microsoft
security client\MSESysprep.dll ». Erreur dans le fichier de manifeste ou de stratégie
« c:\program files\microsoft security client\MSESysprep.dll » à la ligne 10. L'élément
imaging apparaît comme un enfant de l'élément urn:schemas-microsoft-com:asm.v1^assembly ;
cette situation n'est pas prise en charge par cette version de Windows.
Error - 09/10/2011 07:36:47 | Computer Name = roro-PC | Source = SideBySide | ID = 16842824
Description = La création du contexte d'activation a échoué pour « c:\program files\microsoft
security client\MSESysprep.dll ». Erreur dans le fichier de manifeste ou de stratégie
« c:\program files\microsoft security client\MSESysprep.dll » à la ligne 10. L'élément
imaging apparaît comme un enfant de l'élément urn:schemas-microsoft-com:asm.v1^assembly ;
cette situation n'est pas prise en charge par cette version de Windows.
Error - 10/10/2011 11:20:26 | Computer Name = roro-PC | Source = Application Error | ID = 1000
Description = Nom de l'application défaillante ImApp.exe, version : 6.2.9.5079,
horodatage : 0x4e5d1935 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage
: 0x00000000 Code d'exception : 0xc0000005 Décalage d'erreur : 0x005c0061 ID du processus
défaillant : 0xd38 Heure de début de l'application défaillante : 0x01cc8760100da690
Chemin
d'accès de l'application défaillante : C:\Program Files\IncrediMail\Bin\ImApp.exe
Chemin
d'accès du module défaillant: unknown ID de rapport : 60aa2790-f353-11e0-90f7-001d92292217
[ System Events ]
Error - 10/10/2011 14:52:28 | Computer Name = roro-PC | Source = Service Control Manager | ID = 7024
Description = Le service Écouteur HomeGroup s'est arrêté avec l'erreur service particulière
%%-2147467262.
Error - 10/10/2011 14:52:41 | Computer Name = roro-PC | Source = WMPNetworkSvc | ID = 866292
Description =
Error - 10/10/2011 15:02:46 | Computer Name = roro-PC | Source = Microsoft Antimalware | ID = 3002
Description = La fonctionnalité de protection en temps réel %%860 a rencontré une
erreur et s'est arrêtée. Fonctionnalité : %%886 Code d'erreur : 0x800705b4 Description
de l'erreur : Cette opération s'est terminée car le délai d'attente a expiré. Raison :
%%858
Error - 11/10/2011 01:08:33 | Computer Name = roro-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Certaines fonctionnalités de gestion de l'alimentation relatives aux
performances du processeur ont été désactivées en raison d'un problème connu avec
le microprogramme. Contactez le fabricant de l'ordinateur pour obtenir la mise
à jour du microprogramme.
Error - 11/10/2011 01:08:47 | Computer Name = roro-PC | Source = Service Control Manager | ID = 7000
Description = Le service Filtre de bus AGP Intel n'a pas pu démarrer en raison de
l'erreur : %%1058
Error - 11/10/2011 01:08:54 | Computer Name = roro-PC | Source = Microsoft Antimalware | ID = 3002
Description = La fonctionnalité de protection en temps réel %%860 a rencontré une
erreur et s'est arrêtée. Fonctionnalité : %%886 Code d'erreur : 0x800705b4 Description
de l'erreur : Cette opération s'est terminée car le délai d'attente a expiré. Raison :
%%892
Error - 11/10/2011 01:09:11 | Computer Name = roro-PC | Source = WMPNetworkSvc | ID = 866292
Description =
Error - 11/10/2011 01:09:12 | Computer Name = roro-PC | Source = Service Control Manager | ID = 7024
Description = Le service Écouteur HomeGroup s'est arrêté avec l'erreur service particulière
%%-2147467262.
Error - 11/10/2011 01:10:51 | Computer Name = roro-PC | Source = WMPNetworkSvc | ID = 866292
Description =
Error - 11/10/2011 10:51:20 | Computer Name = roro-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Certaines fonctionnalités de gestion de l'alimentation relatives aux
performances du processeur ont été désactivées en raison d'un problème connu avec
le microprogramme. Contactez le fabricant de l'ordinateur pour obtenir la mise
à jour du microprogramme.
< End of report >
toxic512008
Messages postés
140
Date d'inscription
samedi 25 juillet 2009
Statut
Membre
Dernière intervention
12 octobre 2011
23
12 oct. 2011 à 13:57
12 oct. 2011 à 13:57
OTL logfile created on: 12/10/2011 13:46:41 - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\roro\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 62,50% Memory free
4,00 Gb Paging File | 3,02 Gb Available in Paging File | 75,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,79 Gb Total Space | 155,09 Gb Free Space | 66,62% Space Free | Partition Type: NTFS
Computer Name: RORO-PC | User Name: roro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========/color
PRC - [2011/10/12 13:46:08 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\roro\Downloads\OTL.exe
PRC - [2011/07/26 15:53:06 | 000,307,376 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011/06/15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/01/16 17:04:04 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2010/11/20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/01/21 01:52:14 | 000,167,528 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
PRC - [2010/01/21 01:52:12 | 000,370,792 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
[color=#E56717]========== Modules (No Company Name) ==========/color
[color=#E56717]========== Win32 Services (SafeList) ==========/color
SRV - [2011/09/29 14:30:14 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/09/23 13:04:10 | 003,542,616 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_b31de1e.dll -- (Akamai)
SRV - [2011/06/20 17:58:47 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/01/21 01:52:14 | 000,167,528 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2010/01/21 01:52:12 | 000,370,792 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
[color=#E56717]========== Driver Services (SafeList) ==========/color
DRV - [2011/10/12 13:43:52 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0CC7FFBD-4931-476A-A12B-9600DED6ED50}\MpKsl4fcea588.sys -- (MpKsl4fcea588)
DRV - [2011/04/27 15:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/04/18 13:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2011/01/17 01:53:00 | 010,480,296 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/12 09:10:52 | 000,122,984 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2010/08/12 12:07:48 | 000,298,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2010/04/09 02:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2009/07/14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009/03/18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
[color=#E56717]========== Standard Registry (SafeList) ==========/color
[color=#E56717]========== Internet Explorer ==========/color
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://www.bing.com/spresults.aspx
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKLM\..\URLSearchHook: {249d74a3-bd19-4657-b6ce-e62f480a20de} - C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = https://www.msn.com/fr-fr?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 90 68 47 1B E0 1E CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {249d74a3-bd19-4657-b6ce-e62f480a20de} - C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IncrediMail MediaBar Francais 2 Toolbar) - {249d74a3-bd19-4657-b6ce-e62f480a20de} - C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (IncrediMail MediaBar Francais 2 Toolbar) - {249d74a3-bd19-4657-b6ce-e62f480a20de} - C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll (Conduit Ltd.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKCU..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\roro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2E4A92AB-F2C0-456A-9935-B715439790D7} https://fr.permissionresearch.com/Config/packages/pr/prsetup.cab (Setup Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4D0BFCC-E92D-4CFE-A71E-460EAEC9BBD2}: DhcpNameServer = 212.27.40.240 212.27.40.241
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\Userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/10/11 17:54:48 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MsMpSvc - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MsMpSvc - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\roro\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 62,50% Memory free
4,00 Gb Paging File | 3,02 Gb Available in Paging File | 75,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,79 Gb Total Space | 155,09 Gb Free Space | 66,62% Space Free | Partition Type: NTFS
Computer Name: RORO-PC | User Name: roro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========/color
PRC - [2011/10/12 13:46:08 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\roro\Downloads\OTL.exe
PRC - [2011/07/26 15:53:06 | 000,307,376 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011/06/15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/01/16 17:04:04 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2010/11/20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/01/21 01:52:14 | 000,167,528 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
PRC - [2010/01/21 01:52:12 | 000,370,792 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
[color=#E56717]========== Modules (No Company Name) ==========/color
[color=#E56717]========== Win32 Services (SafeList) ==========/color
SRV - [2011/09/29 14:30:14 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/09/23 13:04:10 | 003,542,616 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_b31de1e.dll -- (Akamai)
SRV - [2011/06/20 17:58:47 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/01/21 01:52:14 | 000,167,528 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2010/01/21 01:52:12 | 000,370,792 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
[color=#E56717]========== Driver Services (SafeList) ==========/color
DRV - [2011/10/12 13:43:52 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0CC7FFBD-4931-476A-A12B-9600DED6ED50}\MpKsl4fcea588.sys -- (MpKsl4fcea588)
DRV - [2011/04/27 15:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/04/18 13:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2011/01/17 01:53:00 | 010,480,296 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/12 09:10:52 | 000,122,984 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2010/08/12 12:07:48 | 000,298,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2010/04/09 02:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2009/07/14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009/03/18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
[color=#E56717]========== Standard Registry (SafeList) ==========/color
[color=#E56717]========== Internet Explorer ==========/color
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://www.bing.com/spresults.aspx
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKLM\..\URLSearchHook: {249d74a3-bd19-4657-b6ce-e62f480a20de} - C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = https://www.msn.com/fr-fr?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 90 68 47 1B E0 1E CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {249d74a3-bd19-4657-b6ce-e62f480a20de} - C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IncrediMail MediaBar Francais 2 Toolbar) - {249d74a3-bd19-4657-b6ce-e62f480a20de} - C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (IncrediMail MediaBar Francais 2 Toolbar) - {249d74a3-bd19-4657-b6ce-e62f480a20de} - C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll (Conduit Ltd.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKCU..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\roro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2E4A92AB-F2C0-456A-9935-B715439790D7} https://fr.permissionresearch.com/Config/packages/pr/prsetup.cab (Setup Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4D0BFCC-E92D-4CFE-A71E-460EAEC9BBD2}: DhcpNameServer = 212.27.40.240 212.27.40.241
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\Userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/10/11 17:54:48 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MsMpSvc - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MsMpSvc - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard
toxic512008
Messages postés
140
Date d'inscription
samedi 25 juillet 2009
Statut
Membre
Dernière intervention
12 octobre 2011
23
12 oct. 2011 à 13:57
12 oct. 2011 à 13:57
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2011/10/11 17:54:48 | 000,000,000 | RHSD | C] -- C:\Autorun.inf
[2011/10/11 17:45:23 | 000,000,000 | ---D | C] -- C:\UsbFix
[2011/10/09 18:10:38 | 000,000,000 | ---D | C] -- C:\Kill'em
[2011/10/03 08:17:21 | 000,000,000 | ---D | C] -- C:\Program Files\mirware with FreeAngel
[2011/10/02 16:00:30 | 000,000,000 | ---D | C] -- C:\Users\roro\AppData\Roaming\Mozilla
[2011/10/02 14:46:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gamigo
[2011/10/02 14:29:53 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2011/10/02 14:29:53 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2011/10/02 14:29:53 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2011/10/02 14:29:52 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2011/10/02 14:29:52 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2011/10/02 14:29:52 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2011/10/02 14:29:52 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2011/10/02 14:29:52 | 000,069,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2011/10/02 14:29:52 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2011/10/02 14:29:51 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2011/10/02 14:29:51 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2011/10/02 14:29:51 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2011/10/02 14:29:50 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2011/10/02 14:29:50 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2011/10/02 14:29:50 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2011/10/02 14:29:50 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2011/10/02 14:29:50 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2011/10/02 14:29:49 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2011/10/02 14:29:49 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2011/10/02 14:29:49 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2011/10/02 14:29:49 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2011/10/02 14:29:49 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2011/10/02 14:29:48 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2011/10/02 14:29:48 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2011/10/02 14:29:48 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2011/10/02 14:29:48 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2011/10/02 14:29:48 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2011/10/02 14:29:47 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2011/10/02 14:29:47 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2011/10/02 14:29:47 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2011/10/02 14:29:46 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2011/10/02 14:29:46 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2011/10/02 14:29:46 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2011/10/02 14:29:46 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2011/10/02 14:29:45 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2011/10/02 14:29:45 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2011/10/02 14:29:45 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2011/10/02 14:29:44 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2011/10/02 14:29:44 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2011/10/02 14:29:44 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2011/10/02 14:29:44 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2011/10/02 14:29:43 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2011/10/02 14:29:43 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2011/10/02 14:29:43 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2011/10/02 14:29:43 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2011/10/02 14:29:43 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2011/10/02 14:29:43 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2011/10/02 14:29:42 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2011/10/02 14:29:42 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2011/10/02 14:29:42 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2011/10/02 14:29:42 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2011/10/02 14:29:41 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2011/10/02 14:29:41 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2011/10/02 14:29:40 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2011/10/02 14:29:40 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2011/10/02 14:29:40 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2011/10/02 14:29:40 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2011/10/02 14:29:40 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2011/10/02 14:29:39 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2011/10/02 14:29:39 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2011/10/02 14:29:39 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2011/10/02 14:29:38 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2011/10/02 14:29:38 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2011/10/02 14:29:33 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2011/10/02 14:29:33 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2011/10/02 14:29:33 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2011/10/02 14:29:33 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2011/10/02 14:29:32 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2011/10/02 14:29:32 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2011/10/02 14:29:31 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2011/10/02 14:29:31 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2011/10/02 14:29:31 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2011/10/02 14:16:41 | 000,000,000 | ---D | C] -- C:\Users\roro\AppData\Local\reakktor
[2011/10/02 14:11:29 | 000,000,000 | ---D | C] -- C:\Users\roro\Documents\Reakktor Media
[2011/10/02 13:56:58 | 000,000,000 | ---D | C] -- C:\Program Files\Gamigo
[2011/09/29 14:32:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Photo Notifier and Animation Creator
[2011/09/29 14:32:37 | 000,000,000 | ---D | C] -- C:\Program Files\Photo Notifier and Animation Creator
[2011/09/29 14:32:32 | 000,000,000 | ---D | C] -- C:\Users\roro\AppData\Local\Conduit
[2011/09/29 14:32:31 | 000,000,000 | ---D | C] -- C:\Program Files\IncrediMail_MediaBar_Francais_2
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2011/10/12 13:50:56 | 000,015,008 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/12 13:50:56 | 000,015,008 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/12 13:50:42 | 000,747,368 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2011/10/12 13:50:42 | 000,654,250 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/10/12 13:50:42 | 000,149,786 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2011/10/12 13:50:42 | 000,122,082 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/10/12 13:44:01 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/12 13:43:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/12 13:43:40 | 1610,162,176 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/11 21:01:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/11 17:54:49 | 000,003,383 | ---- | M] () -- C:\UsbFix_Upload_Me_RORO-PC.zip
[2011/10/09 18:17:33 | 000,000,922 | ---- | M] () -- C:\Users\roro\Desktop\Internet Explorer.lnk
[2011/10/08 14:13:34 | 000,360,811 | ---- | M] () -- C:\Users\roro\Desktop\Pre_Script.exe
[2011/10/02 14:46:26 | 000,002,194 | ---- | M] () -- C:\Users\Public\Desktop\Launch Black Prophecy .lnk
[2011/10/02 14:46:26 | 000,000,142 | ---- | M] () -- C:\Users\Public\Desktop\Register for Black Prophecy .url
[2011/10/01 10:00:31 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/09/29 14:31:48 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Wallpapers by IncrediMail.lnk
[2011/09/29 14:31:48 | 000,002,013 | ---- | M] () -- C:\Users\Public\Desktop\Augmentez la vitesse de votre ordinateur !.lnk
[2011/09/29 14:31:48 | 000,001,983 | ---- | M] () -- C:\Users\Public\Desktop\IncrediMail.lnk
[2011/09/29 14:31:48 | 000,001,975 | ---- | M] () -- C:\Users\roro\Application Data\Microsoft\Internet Explorer\Quick Launch\IncrediMail 2.0.lnk
[2011/09/24 16:17:03 | 000,001,094 | ---- | M] () -- C:\Users\Public\Desktop\Second Life Viewer 2.lnk
[2011/09/21 15:49:20 | 000,000,840 | ---- | M] () -- C:\Users\roro\Desktop\Poême
[2011/09/14 15:08:40 | 000,006,877 | ---- | M] () -- C:\Users\roro\AppData\Roaming\TMIUtils.class
[2011/09/14 15:08:40 | 000,005,762 | ---- | M] () -- C:\Users\roro\AppData\Roaming\em.class
[2011/09/14 15:08:40 | 000,005,737 | ---- | M] () -- C:\Users\roro\AppData\Roaming\TMIConfig.class
[2011/09/14 15:08:40 | 000,004,712 | ---- | M] () -- C:\Users\roro\AppData\Roaming\TMIController.class
[2011/09/14 15:08:40 | 000,003,974 | ---- | M] () -- C:\Users\roro\AppData\Roaming\TMIView.class
[2011/09/14 15:08:40 | 000,003,031 | ---- | M] () -- C:\Users\roro\AppData\Roaming\_tmi_MgCanvas.class
[2011/09/14 15:08:40 | 000,002,876 | ---- | M] () -- C:\Users\roro\AppData\Roaming\TMICompatibility.class
[2011/09/14 15:08:40 | 000,002,262 | ---- | M] () -- C:\Users\roro\AppData\Roaming\_tmi_MgItemPanel.class
[2011/09/14 15:08:40 | 000,001,093 | ---- | M] () -- C:\Users\roro\AppData\Roaming\_tmi_MgButton.class
[2011/09/14 15:08:40 | 000,001,059 | ---- | M] () -- C:\Users\roro\AppData\Roaming\_tmi_MgWidget.class
[2011/09/14 15:08:40 | 000,000,812 | ---- | M] () -- C:\Users\roro\AppData\Roaming\mod_TooManyItems.class
[2011/09/14 15:08:40 | 000,000,564 | ---- | M] () -- C:\Users\roro\AppData\Roaming\_tmi_MgZOrder.class
[2011/09/14 15:08:40 | 000,000,371 | ---- | M] () -- C:\Users\roro\AppData\Roaming\TMIStateButtonData.class
[2011/09/14 15:08:40 | 000,000,169 | ---- | M] () -- C:\Users\roro\AppData\Roaming\_tmi_MgButtonHandler.class
[2011/09/14 15:08:40 | 000,000,150 | ---- | M] () -- C:\Users\roro\AppData\Roaming\_tmi_MgItemHandler.class
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2011/10/11 17:48:49 | 000,003,383 | ---- | C] () -- C:\UsbFix_Upload_Me_RORO-PC.zip
[2011/10/02 14:46:26 | 000,002,194 | ---- | C] () -- C:\Users\Public\Desktop\Launch Black Prophecy .lnk
[2011/10/02 14:46:26 | 000,000,142 | ---- | C] () -- C:\Users\Public\Desktop\Register for Black Prophecy .url
[2011/09/21 15:49:20 | 000,000,840 | ---- | C] () -- C:\Users\roro\Desktop\Poême
[2011/09/17 14:30:18 | 000,006,877 | ---- | C] () -- C:\Users\roro\AppData\Roaming\TMIUtils.class
[2011/09/17 14:30:18 | 000,005,762 | ---- | C] () -- C:\Users\roro\AppData\Roaming\em.class
[2011/09/17 14:30:18 | 000,005,737 | ---- | C] () -- C:\Users\roro\AppData\Roaming\TMIConfig.class
[2011/09/17 14:30:18 | 000,004,712 | ---- | C] () -- C:\Users\roro\AppData\Roaming\TMIController.class
[2011/09/17 14:30:18 | 000,003,974 | ---- | C] () -- C:\Users\roro\AppData\Roaming\TMIView.class
[2011/09/17 14:30:18 | 000,003,031 | ---- | C] () -- C:\Users\roro\AppData\Roaming\_tmi_MgCanvas.class
[2011/09/17 14:30:18 | 000,002,876 | ---- | C] () -- C:\Users\roro\AppData\Roaming\TMICompatibility.class
[2011/09/17 14:30:18 | 000,002,262 | ---- | C] () -- C:\Users\roro\AppData\Roaming\_tmi_MgItemPanel.class
[2011/09/17 14:30:18 | 000,001,093 | ---- | C] () -- C:\Users\roro\AppData\Roaming\_tmi_MgButton.class
[2011/09/17 14:30:18 | 000,001,059 | ---- | C] () -- C:\Users\roro\AppData\Roaming\_tmi_MgWidget.class
[2011/09/17 14:30:18 | 000,000,812 | ---- | C] () -- C:\Users\roro\AppData\Roaming\mod_TooManyItems.class
[2011/09/17 14:30:18 | 000,000,564 | ---- | C] () -- C:\Users\roro\AppData\Roaming\_tmi_MgZOrder.class
[2011/09/17 14:30:18 | 000,000,371 | ---- | C] () -- C:\Users\roro\AppData\Roaming\TMIStateButtonData.class
[2011/09/17 14:30:18 | 000,000,169 | ---- | C] () -- C:\Users\roro\AppData\Roaming\_tmi_MgButtonHandler.class
[2011/09/17 14:30:18 | 000,000,150 | ---- | C] () -- C:\Users\roro\AppData\Roaming\_tmi_MgItemHandler.class
[2011/08/05 12:13:57 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2011/07/28 19:28:43 | 000,000,766 | ---- | C] () -- C:\Windows\CoD.INI
[2011/07/28 19:14:11 | 000,000,531 | ---- | C] () -- C:\Windows\eReg.dat
[2011/06/21 17:15:16 | 000,000,000 | ---- | C] () -- C:\Windows\System32\DShowRdpFilter.dll
[2011/06/21 17:14:57 | 000,000,000 | ---- | C] () -- C:\Windows\System32\aitagent.exe
[2011/06/21 17:14:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\aaclient.dll
[2011/06/21 17:14:28 | 000,000,000 | ---- | C] () -- C:\Windows\System32\VAN.dll
[2011/06/21 17:14:23 | 000,266,752 | ---- | C] () -- C:\Windows\System32\MediaMetadataHandler.dll
[2011/06/21 17:14:15 | 000,093,696 | ---- | C] () -- C:\Windows\System32\fms.dll
[2011/06/21 17:14:15 | 000,000,000 | ---- | C] () -- C:\Windows\System32\NAPHLPR.DLL
[2011/06/21 17:13:47 | 000,000,000 | ---- | C] () -- C:\Windows\System32\CertPolEng.dll
[2011/05/30 18:03:39 | 000,010,084 | R--- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2009/07/14 10:39:49 | 000,747,200 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
[2009/07/14 10:39:49 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
[2009/07/14 10:39:49 | 000,149,618 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
[2009/07/14 10:39:49 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
[2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 06:33:53 | 000,268,312 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 04:05:48 | 000,654,082 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 04:05:48 | 000,121,914 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 02:10:11 | 000,007,168 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2009/07/14 02:09:37 | 000,087,552 | ---- | C] () -- C:\Windows\System32\mcsrchPH.dll
[2009/07/14 02:05:45 | 000,049,152 | ---- | C] () -- C:\Windows\System32\MsPbdaCoInst.dll
[2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[color=#E56717]========== Custom Scans ==========[/color]
[color=#A23BEC]< %systemroot%\system32\config\*.exe /s >[/color]
[color=#A23BEC]< %systemroot%\system32\*.sys >[/color]
[2009/07/13 23:40:41 | 000,009,029 | ---- | M] () -- C:\Windows\system32\ANSI.SYS
[2009/07/14 03:26:21 | 000,249,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\clfs.sys
[2009/07/13 23:40:44 | 000,027,097 | ---- | M] () -- C:\Windows\system32\country.sys
[2009/03/18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) -- C:\Windows\system32\hamachi.sys
[2009/07/13 23:40:40 | 000,004,768 | ---- | M] () -- C:\Windows\system32\HIMEM.SYS
[2009/07/13 23:40:43 | 000,042,809 | ---- | M] () -- C:\Windows\system32\KEY01.SYS
[2009/07/13 23:40:43 | 000,042,537 | ---- | M] () -- C:\Windows\system32\KEYBOARD.SYS
[2009/07/13 23:40:23 | 000,027,866 | ---- | M] () -- C:\Windows\system32\NTDOS.SYS
[2009/07/13 23:40:31 | 000,029,146 | ---- | M] () -- C:\Windows\system32\NTDOS404.SYS
[2009/07/13 23:40:35 | 000,029,370 | ---- | M] () -- C:\Windows\system32\NTDOS411.SYS
[2009/07/13 23:40:39 | 000,029,274 | ---- | M] () -- C:\Windows\system32\NTDOS412.SYS
[2009/07/13 23:40:27 | 000,029,146 | ---- | M] () -- C:\Windows\system32\NTDOS804.SYS
[2009/07/13 23:40:11 | 000,033,952 | ---- | M] () -- C:\Windows\system32\NTIO.SYS
[2009/07/13 23:40:15 | 000,034,672 | ---- | M] () -- C:\Windows\system32\NTIO404.SYS
[2009/07/13 23:40:17 | 000,035,776 | ---- | M] () -- C:\Windows\system32\NTIO411.SYS
[2009/07/13 23:40:19 | 000,035,536 | ---- | M] () -- C:\Windows\system32\NTIO412.SYS
[2009/07/13 23:40:13 | 000,034,672 | ---- | M] () -- C:\Windows\system32\NTIO804.SYS
[2011/06/11 04:29:25 | 002,334,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\win32k.sys
[color=#A23BEC]< HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa /s >[/color]
"auditbaseobjects" = 0
"auditbasedirectories" = 0
"crashonauditfail" = 0
"fullprivilegeauditing" = [binary data]
"Bounds" = 0 [binary data]
"LimitBlankPasswordUse" = 1
"NoLmHash" = 1
"Notification Packages" = scecli [binary data] -- [2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation)
"Security Packages" = [Binary data over 100 bytes]
"Authentication Packages" = msv1_0 [binary data] -- [2010/11/20 14:19:54 | 000,257,024 | ---- | M] (Microsoft Corporation)
"LsaPid" = 548
"SecureBoot" = 1
"ProductType" = 3
"disabledomaincreds" = 0
"everyoneincludesanonymous" = 0
"forceguest" = 0
"restrictanonymous" = 0
"restrictanonymoussam" = 1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\AccessProviders]
"MartaExtension" = ntmarta.dll -- [2009/07/14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation)
"ProviderOrder" = Windows NT Access Provider [binary data]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\AccessProviders\Windows NT Access Provider]
"ProviderPath" = %SystemRoot%\system32\ntmarta.dll -- [2009/07/14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Audit]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Audit\AuditPolicy]
"AuditPolicySD" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Audit\PerUserAuditing]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Audit\PerUserAuditing\System]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp]
"DebugLogLevel" = 0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\AllowDefaultCredentials]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\AllowDefaultCredentialsDomain]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\AllowDefaultCredentialsWhenNTLMOnly]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\AllowDefaultCredentialsWhenNTLMOnlyDomain]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\AllowFreshCredentials]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\AllowFreshCredentialsDomain]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\AllowFreshCredentialsWhenNTLMOnly]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\AllowFreshCredentialsWhenNTLMOnlyDomain]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\AllowSavedCredentials]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\AllowSavedCredentialsDomain]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\AllowSavedCredentialsWhenNTLMOnly]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\AllowSavedCredentialsWhenNTLMOnlyDomain]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\DenyDefaultCredentials]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\DenyDefaultCredentialsDomain]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\DenyFreshCredentials]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\DenyFreshCredentialsDomain]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\DenySavedCredentials]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\DenySavedCredentialsDomain]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Data]
"Pattern" = BF 22 96 A4 C6 59 B7 C9 42 54 D4 95 FE 7A 14 6F [binary data]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\FipsAlgorithmPolicy]
"Enabled" = 0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\GBG]
"GrafBlumGroup" = 78 80 33 26 0C 10 B9 72 54 [binary data]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\JD]
"Lookup" = 6A 1C C7 82 D8 89 [binary data]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Kerberos]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Kerberos\Domains]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Kerberos\HostToRealm]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Kerberos\Parameters]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\MSV1_0]
"Auth132" = IISSUBA
"NtlmMinClientSec" = 536870912
"NtlmMinServerSec" = 536870912
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Skew1]
"SkewMatrix" = 68 9C 71 6A 2A 54 10 2C 94 F4 DF A5 81 40 EC 6C [binary data]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\SSO]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\SSO\Passport1.4]
"SSOURL" = http://www.passport.com
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\SspiCache]
"Time" = 40 D5 E2 17 12 42 CC 01 [binary data]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\SspiCache\credssp.dll]
"Name" = CREDSSP
"Comment" = Microsoft CredSSP Security Provider
"Capabilities" = 67379
"RpcId" = 65535
"Version" = 1
"TokenSize" = 37032
"Time" = 50 1B 8F 07 AD 88 CB 01 [binary data]
"Type" = 33
< End of report >
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2011/10/11 17:54:48 | 000,000,000 | RHSD | C] -- C:\Autorun.inf
[2011/10/11 17:45:23 | 000,000,000 | ---D | C] -- C:\UsbFix
[2011/10/09 18:10:38 | 000,000,000 | ---D | C] -- C:\Kill'em
[2011/10/03 08:17:21 | 000,000,000 | ---D | C] -- C:\Program Files\mirware with FreeAngel
[2011/10/02 16:00:30 | 000,000,000 | ---D | C] -- C:\Users\roro\AppData\Roaming\Mozilla
[2011/10/02 14:46:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gamigo
[2011/10/02 14:29:53 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2011/10/02 14:29:53 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2011/10/02 14:29:53 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2011/10/02 14:29:52 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2011/10/02 14:29:52 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2011/10/02 14:29:52 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2011/10/02 14:29:52 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2011/10/02 14:29:52 | 000,069,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2011/10/02 14:29:52 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2011/10/02 14:29:51 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2011/10/02 14:29:51 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2011/10/02 14:29:51 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2011/10/02 14:29:50 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2011/10/02 14:29:50 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2011/10/02 14:29:50 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2011/10/02 14:29:50 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2011/10/02 14:29:50 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2011/10/02 14:29:49 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2011/10/02 14:29:49 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2011/10/02 14:29:49 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2011/10/02 14:29:49 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2011/10/02 14:29:49 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2011/10/02 14:29:48 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2011/10/02 14:29:48 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2011/10/02 14:29:48 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2011/10/02 14:29:48 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2011/10/02 14:29:48 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2011/10/02 14:29:47 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2011/10/02 14:29:47 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2011/10/02 14:29:47 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2011/10/02 14:29:46 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2011/10/02 14:29:46 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2011/10/02 14:29:46 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2011/10/02 14:29:46 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2011/10/02 14:29:45 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2011/10/02 14:29:45 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2011/10/02 14:29:45 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2011/10/02 14:29:44 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2011/10/02 14:29:44 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2011/10/02 14:29:44 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2011/10/02 14:29:44 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2011/10/02 14:29:43 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2011/10/02 14:29:43 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2011/10/02 14:29:43 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2011/10/02 14:29:43 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2011/10/02 14:29:43 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2011/10/02 14:29:43 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2011/10/02 14:29:42 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2011/10/02 14:29:42 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2011/10/02 14:29:42 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2011/10/02 14:29:42 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2011/10/02 14:29:41 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2011/10/02 14:29:41 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2011/10/02 14:29:40 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2011/10/02 14:29:40 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2011/10/02 14:29:40 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2011/10/02 14:29:40 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2011/10/02 14:29:40 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2011/10/02 14:29:39 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2011/10/02 14:29:39 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2011/10/02 14:29:39 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2011/10/02 14:29:38 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2011/10/02 14:29:38 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2011/10/02 14:29:33 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2011/10/02 14:29:33 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2011/10/02 14:29:33 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2011/10/02 14:29:33 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2011/10/02 14:29:32 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2011/10/02 14:29:32 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2011/10/02 14:29:31 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2011/10/02 14:29:31 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2011/10/02 14:29:31 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2011/10/02 14:16:41 | 000,000,000 | ---D | C] -- C:\Users\roro\AppData\Local\reakktor
[2011/10/02 14:11:29 | 000,000,000 | ---D | C] -- C:\Users\roro\Documents\Reakktor Media
[2011/10/02 13:56:58 | 000,000,000 | ---D | C] -- C:\Program Files\Gamigo
[2011/09/29 14:32:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Photo Notifier and Animation Creator
[2011/09/29 14:32:37 | 000,000,000 | ---D | C] -- C:\Program Files\Photo Notifier and Animation Creator
[2011/09/29 14:32:32 | 000,000,000 | ---D | C] -- C:\Users\roro\AppData\Local\Conduit
[2011/09/29 14:32:31 | 000,000,000 | ---D | C] -- C:\Program Files\IncrediMail_MediaBar_Francais_2
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2011/10/12 13:50:56 | 000,015,008 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/12 13:50:56 | 000,015,008 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/12 13:50:42 | 000,747,368 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2011/10/12 13:50:42 | 000,654,250 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/10/12 13:50:42 | 000,149,786 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2011/10/12 13:50:42 | 000,122,082 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/10/12 13:44:01 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/12 13:43:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/12 13:43:40 | 1610,162,176 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/11 21:01:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/11 17:54:49 | 000,003,383 | ---- | M] () -- C:\UsbFix_Upload_Me_RORO-PC.zip
[2011/10/09 18:17:33 | 000,000,922 | ---- | M] () -- C:\Users\roro\Desktop\Internet Explorer.lnk
[2011/10/08 14:13:34 | 000,360,811 | ---- | M] () -- C:\Users\roro\Desktop\Pre_Script.exe
[2011/10/02 14:46:26 | 000,002,194 | ---- | M] () -- C:\Users\Public\Desktop\Launch Black Prophecy .lnk
[2011/10/02 14:46:26 | 000,000,142 | ---- | M] () -- C:\Users\Public\Desktop\Register for Black Prophecy .url
[2011/10/01 10:00:31 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/09/29 14:31:48 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Wallpapers by IncrediMail.lnk
[2011/09/29 14:31:48 | 000,002,013 | ---- | M] () -- C:\Users\Public\Desktop\Augmentez la vitesse de votre ordinateur !.lnk
[2011/09/29 14:31:48 | 000,001,983 | ---- | M] () -- C:\Users\Public\Desktop\IncrediMail.lnk
[2011/09/29 14:31:48 | 000,001,975 | ---- | M] () -- C:\Users\roro\Application Data\Microsoft\Internet Explorer\Quick Launch\IncrediMail 2.0.lnk
[2011/09/24 16:17:03 | 000,001,094 | ---- | M] () -- C:\Users\Public\Desktop\Second Life Viewer 2.lnk
[2011/09/21 15:49:20 | 000,000,840 | ---- | M] () -- C:\Users\roro\Desktop\Poême
[2011/09/14 15:08:40 | 000,006,877 | ---- | M] () -- C:\Users\roro\AppData\Roaming\TMIUtils.class
[2011/09/14 15:08:40 | 000,005,762 | ---- | M] () -- C:\Users\roro\AppData\Roaming\em.class
[2011/09/14 15:08:40 | 000,005,737 | ---- | M] () -- C:\Users\roro\AppData\Roaming\TMIConfig.class
[2011/09/14 15:08:40 | 000,004,712 | ---- | M] () -- C:\Users\roro\AppData\Roaming\TMIController.class
[2011/09/14 15:08:40 | 000,003,974 | ---- | M] () -- C:\Users\roro\AppData\Roaming\TMIView.class
[2011/09/14 15:08:40 | 000,003,031 | ---- | M] () -- C:\Users\roro\AppData\Roaming\_tmi_MgCanvas.class
[2011/09/14 15:08:40 | 000,002,876 | ---- | M] () -- C:\Users\roro\AppData\Roaming\TMICompatibility.class
[2011/09/14 15:08:40 | 000,002,262 | ---- | M] () -- C:\Users\roro\AppData\Roaming\_tmi_MgItemPanel.class
[2011/09/14 15:08:40 | 000,001,093 | ---- | M] () -- C:\Users\roro\AppData\Roaming\_tmi_MgButton.class
[2011/09/14 15:08:40 | 000,001,059 | ---- | M] () -- C:\Users\roro\AppData\Roaming\_tmi_MgWidget.class
[2011/09/14 15:08:40 | 000,000,812 | ---- | M] () -- C:\Users\roro\AppData\Roaming\mod_TooManyItems.class
[2011/09/14 15:08:40 | 000,000,564 | ---- | M] () -- C:\Users\roro\AppData\Roaming\_tmi_MgZOrder.class
[2011/09/14 15:08:40 | 000,000,371 | ---- | M] () -- C:\Users\roro\AppData\Roaming\TMIStateButtonData.class
[2011/09/14 15:08:40 | 000,000,169 | ---- | M] () -- C:\Users\roro\AppData\Roaming\_tmi_MgButtonHandler.class
[2011/09/14 15:08:40 | 000,000,150 | ---- | M] () -- C:\Users\roro\AppData\Roaming\_tmi_MgItemHandler.class
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2011/10/11 17:48:49 | 000,003,383 | ---- | C] () -- C:\UsbFix_Upload_Me_RORO-PC.zip
[2011/10/02 14:46:26 | 000,002,194 | ---- | C] () -- C:\Users\Public\Desktop\Launch Black Prophecy .lnk
[2011/10/02 14:46:26 | 000,000,142 | ---- | C] () -- C:\Users\Public\Desktop\Register for Black Prophecy .url
[2011/09/21 15:49:20 | 000,000,840 | ---- | C] () -- C:\Users\roro\Desktop\Poême
[2011/09/17 14:30:18 | 000,006,877 | ---- | C] () -- C:\Users\roro\AppData\Roaming\TMIUtils.class
[2011/09/17 14:30:18 | 000,005,762 | ---- | C] () -- C:\Users\roro\AppData\Roaming\em.class
[2011/09/17 14:30:18 | 000,005,737 | ---- | C] () -- C:\Users\roro\AppData\Roaming\TMIConfig.class
[2011/09/17 14:30:18 | 000,004,712 | ---- | C] () -- C:\Users\roro\AppData\Roaming\TMIController.class
[2011/09/17 14:30:18 | 000,003,974 | ---- | C] () -- C:\Users\roro\AppData\Roaming\TMIView.class
[2011/09/17 14:30:18 | 000,003,031 | ---- | C] () -- C:\Users\roro\AppData\Roaming\_tmi_MgCanvas.class
[2011/09/17 14:30:18 | 000,002,876 | ---- | C] () -- C:\Users\roro\AppData\Roaming\TMICompatibility.class
[2011/09/17 14:30:18 | 000,002,262 | ---- | C] () -- C:\Users\roro\AppData\Roaming\_tmi_MgItemPanel.class
[2011/09/17 14:30:18 | 000,001,093 | ---- | C] () -- C:\Users\roro\AppData\Roaming\_tmi_MgButton.class
[2011/09/17 14:30:18 | 000,001,059 | ---- | C] () -- C:\Users\roro\AppData\Roaming\_tmi_MgWidget.class
[2011/09/17 14:30:18 | 000,000,812 | ---- | C] () -- C:\Users\roro\AppData\Roaming\mod_TooManyItems.class
[2011/09/17 14:30:18 | 000,000,564 | ---- | C] () -- C:\Users\roro\AppData\Roaming\_tmi_MgZOrder.class
[2011/09/17 14:30:18 | 000,000,371 | ---- | C] () -- C:\Users\roro\AppData\Roaming\TMIStateButtonData.class
[2011/09/17 14:30:18 | 000,000,169 | ---- | C] () -- C:\Users\roro\AppData\Roaming\_tmi_MgButtonHandler.class
[2011/09/17 14:30:18 | 000,000,150 | ---- | C] () -- C:\Users\roro\AppData\Roaming\_tmi_MgItemHandler.class
[2011/08/05 12:13:57 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2011/07/28 19:28:43 | 000,000,766 | ---- | C] () -- C:\Windows\CoD.INI
[2011/07/28 19:14:11 | 000,000,531 | ---- | C] () -- C:\Windows\eReg.dat
[2011/06/21 17:15:16 | 000,000,000 | ---- | C] () -- C:\Windows\System32\DShowRdpFilter.dll
[2011/06/21 17:14:57 | 000,000,000 | ---- | C] () -- C:\Windows\System32\aitagent.exe
[2011/06/21 17:14:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\aaclient.dll
[2011/06/21 17:14:28 | 000,000,000 | ---- | C] () -- C:\Windows\System32\VAN.dll
[2011/06/21 17:14:23 | 000,266,752 | ---- | C] () -- C:\Windows\System32\MediaMetadataHandler.dll
[2011/06/21 17:14:15 | 000,093,696 | ---- | C] () -- C:\Windows\System32\fms.dll
[2011/06/21 17:14:15 | 000,000,000 | ---- | C] () -- C:\Windows\System32\NAPHLPR.DLL
[2011/06/21 17:13:47 | 000,000,000 | ---- | C] () -- C:\Windows\System32\CertPolEng.dll
[2011/05/30 18:03:39 | 000,010,084 | R--- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2009/07/14 10:39:49 | 000,747,200 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
[2009/07/14 10:39:49 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
[2009/07/14 10:39:49 | 000,149,618 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
[2009/07/14 10:39:49 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
[2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 06:33:53 | 000,268,312 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 04:05:48 | 000,654,082 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 04:05:48 | 000,121,914 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 02:10:11 | 000,007,168 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2009/07/14 02:09:37 | 000,087,552 | ---- | C] () -- C:\Windows\System32\mcsrchPH.dll
[2009/07/14 02:05:45 | 000,049,152 | ---- | C] () -- C:\Windows\System32\MsPbdaCoInst.dll
[2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[color=#E56717]========== Custom Scans ==========[/color]
[color=#A23BEC]< %systemroot%\system32\config\*.exe /s >[/color]
[color=#A23BEC]< %systemroot%\system32\*.sys >[/color]
[2009/07/13 23:40:41 | 000,009,029 | ---- | M] () -- C:\Windows\system32\ANSI.SYS
[2009/07/14 03:26:21 | 000,249,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\clfs.sys
[2009/07/13 23:40:44 | 000,027,097 | ---- | M] () -- C:\Windows\system32\country.sys
[2009/03/18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) -- C:\Windows\system32\hamachi.sys
[2009/07/13 23:40:40 | 000,004,768 | ---- | M] () -- C:\Windows\system32\HIMEM.SYS
[2009/07/13 23:40:43 | 000,042,809 | ---- | M] () -- C:\Windows\system32\KEY01.SYS
[2009/07/13 23:40:43 | 000,042,537 | ---- | M] () -- C:\Windows\system32\KEYBOARD.SYS
[2009/07/13 23:40:23 | 000,027,866 | ---- | M] () -- C:\Windows\system32\NTDOS.SYS
[2009/07/13 23:40:31 | 000,029,146 | ---- | M] () -- C:\Windows\system32\NTDOS404.SYS
[2009/07/13 23:40:35 | 000,029,370 | ---- | M] () -- C:\Windows\system32\NTDOS411.SYS
[2009/07/13 23:40:39 | 000,029,274 | ---- | M] () -- C:\Windows\system32\NTDOS412.SYS
[2009/07/13 23:40:27 | 000,029,146 | ---- | M] () -- C:\Windows\system32\NTDOS804.SYS
[2009/07/13 23:40:11 | 000,033,952 | ---- | M] () -- C:\Windows\system32\NTIO.SYS
[2009/07/13 23:40:15 | 000,034,672 | ---- | M] () -- C:\Windows\system32\NTIO404.SYS
[2009/07/13 23:40:17 | 000,035,776 | ---- | M] () -- C:\Windows\system32\NTIO411.SYS
[2009/07/13 23:40:19 | 000,035,536 | ---- | M] () -- C:\Windows\system32\NTIO412.SYS
[2009/07/13 23:40:13 | 000,034,672 | ---- | M] () -- C:\Windows\system32\NTIO804.SYS
[2011/06/11 04:29:25 | 002,334,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\win32k.sys
[color=#A23BEC]< HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa /s >[/color]
"auditbaseobjects" = 0
"auditbasedirectories" = 0
"crashonauditfail" = 0
"fullprivilegeauditing" = [binary data]
"Bounds" = 0 [binary data]
"LimitBlankPasswordUse" = 1
"NoLmHash" = 1
"Notification Packages" = scecli [binary data] -- [2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation)
"Security Packages" = [Binary data over 100 bytes]
"Authentication Packages" = msv1_0 [binary data] -- [2010/11/20 14:19:54 | 000,257,024 | ---- | M] (Microsoft Corporation)
"LsaPid" = 548
"SecureBoot" = 1
"ProductType" = 3
"disabledomaincreds" = 0
"everyoneincludesanonymous" = 0
"forceguest" = 0
"restrictanonymous" = 0
"restrictanonymoussam" = 1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\AccessProviders]
"MartaExtension" = ntmarta.dll -- [2009/07/14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation)
"ProviderOrder" = Windows NT Access Provider [binary data]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\AccessProviders\Windows NT Access Provider]
"ProviderPath" = %SystemRoot%\system32\ntmarta.dll -- [2009/07/14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Audit]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Audit\AuditPolicy]
"AuditPolicySD" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Audit\PerUserAuditing]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Audit\PerUserAuditing\System]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp]
"DebugLogLevel" = 0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\AllowDefaultCredentials]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\AllowDefaultCredentialsDomain]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\AllowDefaultCredentialsWhenNTLMOnly]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\AllowDefaultCredentialsWhenNTLMOnlyDomain]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\AllowFreshCredentials]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\AllowFreshCredentialsDomain]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\AllowFreshCredentialsWhenNTLMOnly]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\AllowFreshCredentialsWhenNTLMOnlyDomain]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\AllowSavedCredentials]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\AllowSavedCredentialsDomain]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\AllowSavedCredentialsWhenNTLMOnly]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\AllowSavedCredentialsWhenNTLMOnlyDomain]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\DenyDefaultCredentials]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\DenyDefaultCredentialsDomain]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\DenyFreshCredentials]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\DenyFreshCredentialsDomain]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\DenySavedCredentials]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp\PolicyDefaults\DenySavedCredentialsDomain]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Data]
"Pattern" = BF 22 96 A4 C6 59 B7 C9 42 54 D4 95 FE 7A 14 6F [binary data]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\FipsAlgorithmPolicy]
"Enabled" = 0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\GBG]
"GrafBlumGroup" = 78 80 33 26 0C 10 B9 72 54 [binary data]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\JD]
"Lookup" = 6A 1C C7 82 D8 89 [binary data]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Kerberos]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Kerberos\Domains]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Kerberos\HostToRealm]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Kerberos\Parameters]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\MSV1_0]
"Auth132" = IISSUBA
"NtlmMinClientSec" = 536870912
"NtlmMinServerSec" = 536870912
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Skew1]
"SkewMatrix" = 68 9C 71 6A 2A 54 10 2C 94 F4 DF A5 81 40 EC 6C [binary data]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\SSO]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\SSO\Passport1.4]
"SSOURL" = http://www.passport.com
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\SspiCache]
"Time" = 40 D5 E2 17 12 42 CC 01 [binary data]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\SspiCache\credssp.dll]
"Name" = CREDSSP
"Comment" = Microsoft CredSSP Security Provider
"Capabilities" = 67379
"RpcId" = 65535
"Version" = 1
"TokenSize" = 37032
"Time" = 50 1B 8F 07 AD 88 CB 01 [binary data]
"Type" = 33
< End of report >
Utilisateur anonyme
12 oct. 2011 à 14:07
12 oct. 2011 à 14:07
ca serait bien que tu lises mes indications jusqu'au bout ! ^^
toxic512008
Messages postés
140
Date d'inscription
samedi 25 juillet 2009
Statut
Membre
Dernière intervention
12 octobre 2011
23
12 oct. 2011 à 15:06
12 oct. 2011 à 15:06
:) je t'ai dit : Je peux pas faire "parcourire" et même pas le faire manuellement en l'écrivant , donc je suis obligé de le poster même si ces long.....
toxic512008
Messages postés
140
Date d'inscription
samedi 25 juillet 2009
Statut
Membre
Dernière intervention
12 octobre 2011
23
12 oct. 2011 à 15:14
12 oct. 2011 à 15:14
Pas grave :P
toxic512008
Messages postés
140
Date d'inscription
samedi 25 juillet 2009
Statut
Membre
Dernière intervention
12 octobre 2011
23
12 oct. 2011 à 15:15
12 oct. 2011 à 15:15
(je re vers 18h00 , si je repond pas c'est normal)
Utilisateur anonyme
12 oct. 2011 à 15:18
12 oct. 2011 à 15:18
ATTENTION !!! : Script personnalisé pour cette machine uniquement , ne pas reproduire !!
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶Copie la liste qui se trouve en gras ci-dessous,
▶ colle-la dans la zone sous "Personnalisation" :
:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe
:OTL
IE - HKLM\..\URLSearchHook: {249d74a3-bd19-4657-b6ce-e62f480a20de} - C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {249d74a3-bd19-4657-b6ce-e62f480a20de} - C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll (Conduit Ltd.)
O16 - DPF: {2E4A92AB-F2C0-456A-9935-B715439790D7} https://fr.permissionresearch.com/Config/packages/pr/prsetup.cab (Setup Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
:commands
[CLEARALLRESTOREPOINTS]
[emptytemp]
[start explorer]
[reboot]
▶ Clique sur "Correction" pour lancer la suppression.
▶ Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail appres le redemarrage.
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶Copie la liste qui se trouve en gras ci-dessous,
▶ colle-la dans la zone sous "Personnalisation" :
:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe
:OTL
IE - HKLM\..\URLSearchHook: {249d74a3-bd19-4657-b6ce-e62f480a20de} - C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {249d74a3-bd19-4657-b6ce-e62f480a20de} - C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll (Conduit Ltd.)
O16 - DPF: {2E4A92AB-F2C0-456A-9935-B715439790D7} https://fr.permissionresearch.com/Config/packages/pr/prsetup.cab (Setup Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
:commands
[CLEARALLRESTOREPOINTS]
[emptytemp]
[start explorer]
[reboot]
▶ Clique sur "Correction" pour lancer la suppression.
▶ Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail appres le redemarrage.
toxic512008
Messages postés
140
Date d'inscription
samedi 25 juillet 2009
Statut
Membre
Dernière intervention
12 octobre 2011
23
12 oct. 2011 à 18:37
12 oct. 2011 à 18:37
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
Process iexplore.exe killed successfully!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{249d74a3-bd19-4657-b6ce-e62f480a20de} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{249d74a3-bd19-4657-b6ce-e62f480a20de}\ deleted successfully.
C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll moved successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{249d74a3-bd19-4657-b6ce-e62f480a20de} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{249d74a3-bd19-4657-b6ce-e62f480a20de}\ not found.
File C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll not found.
Starting removal of ActiveX control {2E4A92AB-F2C0-456A-9935-B715439790D7}
C:\Windows\Downloaded Program Files\prsetup.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{2E4A92AB-F2C0-456A-9935-B715439790D7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2E4A92AB-F2C0-456A-9935-B715439790D7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2E4A92AB-F2C0-456A-9935-B715439790D7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2E4A92AB-F2C0-456A-9935-B715439790D7}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 53632 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: roro
->Temp folder emptied: 27638863 bytes
->Temporary Internet Files folder emptied: 1573936099 bytes
->Java cache emptied: 300053 bytes
->Flash cache emptied: 54354 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 40644 bytes
RecycleBin emptied: 156 bytes
Total Files Cleaned = 1 528,00 mb
OTL by OldTimer - Version 3.2.29.1 log created on 10122011_183401
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
========== PROCESSES ==========
No active process named explorer.exe was found!
Process iexplore.exe killed successfully!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{249d74a3-bd19-4657-b6ce-e62f480a20de} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{249d74a3-bd19-4657-b6ce-e62f480a20de}\ deleted successfully.
C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll moved successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{249d74a3-bd19-4657-b6ce-e62f480a20de} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{249d74a3-bd19-4657-b6ce-e62f480a20de}\ not found.
File C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll not found.
Starting removal of ActiveX control {2E4A92AB-F2C0-456A-9935-B715439790D7}
C:\Windows\Downloaded Program Files\prsetup.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{2E4A92AB-F2C0-456A-9935-B715439790D7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2E4A92AB-F2C0-456A-9935-B715439790D7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2E4A92AB-F2C0-456A-9935-B715439790D7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2E4A92AB-F2C0-456A-9935-B715439790D7}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 53632 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: roro
->Temp folder emptied: 27638863 bytes
->Temporary Internet Files folder emptied: 1573936099 bytes
->Java cache emptied: 300053 bytes
->Flash cache emptied: 54354 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 40644 bytes
RecycleBin emptied: 156 bytes
Total Files Cleaned = 1 528,00 mb
OTL by OldTimer - Version 3.2.29.1 log created on 10122011_183401
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
Utilisateur anonyme
12 oct. 2011 à 18:39
12 oct. 2011 à 18:39
c'est toujours en anglais dans ton menu demarrer ?
toxic512008
Messages postés
140
Date d'inscription
samedi 25 juillet 2009
Statut
Membre
Dernière intervention
12 octobre 2011
23
12 oct. 2011 à 18:46
12 oct. 2011 à 18:46
Oui certaine chose "Calculator" , "Computer" , "Run" , "narrator" , "magnify" Sinon la plupart à été corriger.
Utilisateur anonyme
12 oct. 2011 à 18:53
12 oct. 2011 à 18:53
ca se trouve où ca exactement ?
dans le premier menu demarrer quand tu l'ouvres ?
dans le premier menu demarrer quand tu l'ouvres ?
toxic512008
Messages postés
140
Date d'inscription
samedi 25 juillet 2009
Statut
Membre
Dernière intervention
12 octobre 2011
23
12 oct. 2011 à 18:54
12 oct. 2011 à 18:54
Menue démarrer => Accesories => System tools et accesibility
toxic512008
Messages postés
140
Date d'inscription
samedi 25 juillet 2009
Statut
Membre
Dernière intervention
12 octobre 2011
23
12 oct. 2011 à 19:12
12 oct. 2011 à 19:12
O_o oula je ne sais pas..
Utilisateur anonyme
12 oct. 2011 à 19:15
12 oct. 2011 à 19:15
clic droit sur calculator => propriétés puis copie colle son chemin dans ta reponse
ex:
C:\users\..etc...
ex:
C:\users\..etc...
toxic512008
Messages postés
140
Date d'inscription
samedi 25 juillet 2009
Statut
Membre
Dernière intervention
12 octobre 2011
23
12 oct. 2011 à 19:22
12 oct. 2011 à 19:22
Je n'est pas accés Ni au clic droit , Ni au bouton propriété :( je l'ai dit plus haut
Utilisateur anonyme
12 oct. 2011 à 19:24
12 oct. 2011 à 19:24
grrrrrr!!!!!!!!
▶ Télécharge Dr Web CureIt sur ton Bureau :
▶ redemarre en mode sans échec
▶- Double clique (clic droit "en tant qu'admin" sous Vista) <drweb-cureit.exe> et ensuite clique sur <Analyse>;
▶- Clique <Ok> à l'invite de l'analyse rapide. S'il trouve des processus infectés alors clique le bouton <Oui>.
Note : une fenêtre s'ouvrira avec options pour "Commander" ou "50% de réduction" : Quitte en cliquant le "X".
▶- Lorsque le scan rapide est terminé, clique sur le menu <Options> puis <Changer la configuration> ; Choisis l'onglet <Scanner>, et décoche <Analyse heuristique>. Clique ensuite sur <Ok>.
▶- De retour à la fenêtre principale : clique pour activer <Analyse complète>
selectionne tous les disques
▶- Clique le bouton avec flèche verte sur la droite, et le scan débutera.
▶- Clique <Oui> pour tout à l'invite "Désinfecter ?" lorsqu'un fichier est détecté, et ensuite clique "Désinfecter".
▶- Lorsque le scan sera complété, regarde si tu peux cliquer sur l' icône, adjacente aux fichiers détectés (plusieurs feuilles l'une sur l'autre). Si oui, alors clique dessus et ensuite clique sur l'icône <Suivant>, au dessous, et choisis <Déplacer en quarantaine l'objet indésirable>.
▶- Du menu principal de l'outil, au haut à gauche, clique sur le menu <Fichier> et choisis <Enregistrer le rapport>. Sauvegarde le rapport sur ton Bureau. Ce dernier se nommera DrWeb.csv
▶-pour le rapport tu l enregistres sur ton bureau , tu clic droit dessus /envoyer vers / dossiers compresses
ensuite :
tu m'envoies l'archive comme ceci :
clique sur ce lien : http://www.cijoint.fr/
▶ Clique sur Parcourir et cherche le fichier ci-dessus.
▶ Clique sur Ouvrir.
▶ Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt
est ajouté dans la page.
▶ Copie ce lien dans ta réponse.
▶- Ferme Dr.Web Cureit
▶- Redémarre ton ordi (important car certains fichiers peuvent être déplacés/réparés au redémarrage).
▶ Télécharge Dr Web CureIt sur ton Bureau :
▶ redemarre en mode sans échec
▶- Double clique (clic droit "en tant qu'admin" sous Vista) <drweb-cureit.exe> et ensuite clique sur <Analyse>;
▶- Clique <Ok> à l'invite de l'analyse rapide. S'il trouve des processus infectés alors clique le bouton <Oui>.
Note : une fenêtre s'ouvrira avec options pour "Commander" ou "50% de réduction" : Quitte en cliquant le "X".
▶- Lorsque le scan rapide est terminé, clique sur le menu <Options> puis <Changer la configuration> ; Choisis l'onglet <Scanner>, et décoche <Analyse heuristique>. Clique ensuite sur <Ok>.
▶- De retour à la fenêtre principale : clique pour activer <Analyse complète>
selectionne tous les disques
▶- Clique le bouton avec flèche verte sur la droite, et le scan débutera.
▶- Clique <Oui> pour tout à l'invite "Désinfecter ?" lorsqu'un fichier est détecté, et ensuite clique "Désinfecter".
▶- Lorsque le scan sera complété, regarde si tu peux cliquer sur l' icône, adjacente aux fichiers détectés (plusieurs feuilles l'une sur l'autre). Si oui, alors clique dessus et ensuite clique sur l'icône <Suivant>, au dessous, et choisis <Déplacer en quarantaine l'objet indésirable>.
▶- Du menu principal de l'outil, au haut à gauche, clique sur le menu <Fichier> et choisis <Enregistrer le rapport>. Sauvegarde le rapport sur ton Bureau. Ce dernier se nommera DrWeb.csv
▶-pour le rapport tu l enregistres sur ton bureau , tu clic droit dessus /envoyer vers / dossiers compresses
ensuite :
tu m'envoies l'archive comme ceci :
clique sur ce lien : http://www.cijoint.fr/
▶ Clique sur Parcourir et cherche le fichier ci-dessus.
▶ Clique sur Ouvrir.
▶ Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt
est ajouté dans la page.
▶ Copie ce lien dans ta réponse.
▶- Ferme Dr.Web Cureit
▶- Redémarre ton ordi (important car certains fichiers peuvent être déplacés/réparés au redémarrage).
toxic512008
Messages postés
140
Date d'inscription
samedi 25 juillet 2009
Statut
Membre
Dernière intervention
12 octobre 2011
23
12 oct. 2011 à 19:33
12 oct. 2011 à 19:33
Je fais sa demain, là je n'ai plus le temp.
9 oct. 2011 à 18:19